version 1.1.2.1, 2007/01/02 06:17:19
|
version 1.1.2.9, 2007/01/07 21:39:01
|
|
|
#include "Mutex.h" | #include "Mutex.h" |
#include "FileSystem.h" | #include "FileSystem.h" |
#include "String.h" | #include "String.h" |
#include <Pegasus/Security/Cimservera/Strlcpy.h> |
#include <Executor/Strlcpy.h> |
#include <Pegasus/Security/Cimservera/Strlcat.h> |
#include <Executor/Strlcat.h> |
| |
#if defined(PEGASUS_ENABLE_PRIVILEGE_SEPARATION) | #if defined(PEGASUS_ENABLE_PRIVILEGE_SEPARATION) |
# include <Executor/Executor.h> |
# include <Executor/Messages.h> |
#endif | #endif |
| |
#if defined(PEGASUS_PAM_AUTHENTICATION) | #if defined(PEGASUS_PAM_AUTHENTICATION) |
# include <Pegasus/Security/Cimservera/cimservera.h> |
# include <Executor/PAMAuth.h> |
#endif | #endif |
| |
PEGASUS_NAMESPACE_BEGIN | PEGASUS_NAMESPACE_BEGIN |
|
|
static int _sock = -1; | static int _sock = -1; |
static Mutex _mutex; | static Mutex _mutex; |
| |
|
static int _getSock() |
|
{ |
|
int sock; |
|
_mutex.lock(); |
|
sock = _sock; |
|
_mutex.unlock(); |
|
return sock; |
|
} |
|
|
//////////////////////////////////////////////////////////////////////////////// | //////////////////////////////////////////////////////////////////////////////// |
//////////////////////////////////////////////////////////////////////////////// | //////////////////////////////////////////////////////////////////////////////// |
//// | //// |
|
|
case 'w': | case 'w': |
return fopen(path, "wb"); | return fopen(path, "wb"); |
| |
|
case 'a': |
|
return fopen(path, "a+"); |
|
|
default: | default: |
return NULL; | return NULL; |
} | } |
|
|
#else /* POSIX CASE FOLLOWS */ | #else /* POSIX CASE FOLLOWS */ |
| |
static int InProcess_startProviderAgent( | static int InProcess_startProviderAgent( |
|
const SessionKey& sessionKey, |
const char* module, | const char* module, |
int uid, | int uid, |
int gid, | int gid, |
|
|
return status; | return status; |
} | } |
| |
static int InProcess_pamAuthenticate( |
static int InProcess_authenticatePassword( |
const char* username, | const char* username, |
const char* password) |
const char* password, |
|
SessionKey& sessionKey) |
{ | { |
|
sessionKey.clear(); |
|
|
#if defined(PEGASUS_PAM_AUTHENTICATION) | #if defined(PEGASUS_PAM_AUTHENTICATION) |
return PAMAuthenticate(username, password); | return PAMAuthenticate(username, password); |
#else | #else |
|
|
#endif | #endif |
} | } |
| |
static int InProcess_pamValidateUser( |
static int InProcess_validateUser( |
const char* username) | const char* username) |
{ | { |
#if defined(PEGASUS_PAM_AUTHENTICATION) | #if defined(PEGASUS_PAM_AUTHENTICATION) |
|
|
| |
#if defined(PEGASUS_ENABLE_PRIVILEGE_SEPARATION) | #if defined(PEGASUS_ENABLE_PRIVILEGE_SEPARATION) |
| |
|
//============================================================================== |
|
// |
|
// _recv() |
|
// |
|
// Receives *size* bytes from the given socket. |
|
// |
|
//============================================================================== |
|
|
|
static ssize_t _recv(int sock, void* buffer, size_t size) |
|
{ |
|
size_t r = size; |
|
char* p = (char*)buffer; |
|
|
|
if (size == 0) |
|
return -1; |
|
|
|
while (r) |
|
{ |
|
ssize_t n; |
|
|
|
EXECUTOR_RESTART(read(sock, p, r), n); |
|
|
|
if (n == -1) |
|
return -1; |
|
else if (n == 0) |
|
return size - r; |
|
|
|
r -= n; |
|
p += n; |
|
} |
|
|
|
return size - r; |
|
} |
|
|
|
//============================================================================== |
|
// |
|
// _send() |
|
// |
|
// Sends *size* bytes on the given socket. |
|
// |
|
//============================================================================== |
|
|
|
static ssize_t _send(int sock, void* buffer, size_t size) |
|
{ |
|
size_t r = size; |
|
char* p = (char*)buffer; |
|
|
|
while (r) |
|
{ |
|
ssize_t n; |
|
EXECUTOR_RESTART(write(sock, p, r), n); |
|
|
|
if (n == -1) |
|
return -1; |
|
else if (n == 0) |
|
return size - r; |
|
|
|
r -= n; |
|
p += n; |
|
} |
|
|
|
return size - r; |
|
} |
|
|
static int _receiveDescriptorArray(int sock, int descriptors[], size_t count) | static int _receiveDescriptorArray(int sock, int descriptors[], size_t count) |
{ | { |
// This control data begins with a cmsghdr struct followed by the data | // This control data begins with a cmsghdr struct followed by the data |
|
|
{ | { |
AutoMutex autoMutex(_mutex); | AutoMutex autoMutex(_mutex); |
| |
// Send request header: |
// _send request header: |
| |
ExecutorRequestHeader header; | ExecutorRequestHeader header; |
header.code = EXECUTOR_PING_REQUEST; |
header.code = EXECUTOR_PING_MESSAGE; |
| |
if (Send(_sock, &header, sizeof(header)) != sizeof(header)) |
if (_send(_getSock(), &header, sizeof(header)) != sizeof(header)) |
return -1; | return -1; |
| |
ExecutorPingResponse response; | ExecutorPingResponse response; |
| |
if (Recv(_sock, &response, sizeof(response)) != sizeof(response)) |
if (_recv(_getSock(), &response, sizeof(response)) != sizeof(response)) |
return -1; | return -1; |
| |
if (response.magic == EXECUTOR_PING_MAGIC) | if (response.magic == EXECUTOR_PING_MAGIC) |
|
|
{ | { |
AutoMutex autoMutex(_mutex); | AutoMutex autoMutex(_mutex); |
| |
if (mode != 'r' && mode != 'w') |
if (mode != 'r' && mode != 'w' && mode != 'a') |
return NULL; | return NULL; |
| |
// Send request header: |
// _send request header: |
| |
ExecutorRequestHeader header; | ExecutorRequestHeader header; |
header.code = EXECUTOR_OPEN_FILE_REQUEST; |
header.code = EXECUTOR_OPEN_FILE_MESSAGE; |
| |
if (Send(_sock, &header, sizeof(header)) != sizeof(header)) |
if (_send(_getSock(), &header, sizeof(header)) != sizeof(header)) |
return NULL; | return NULL; |
| |
// Send request body. |
// _send request body. |
| |
ExecutorOpenFileRequest request; | ExecutorOpenFileRequest request; |
memset(&request, 0, sizeof(request)); | memset(&request, 0, sizeof(request)); |
Strlcpy(request.path, path, EXECUTOR_BUFFER_SIZE); | Strlcpy(request.path, path, EXECUTOR_BUFFER_SIZE); |
request.mode = mode; | request.mode = mode; |
| |
if (Send(_sock, &request, sizeof(request)) != sizeof(request)) |
if (_send(_getSock(), &request, sizeof(request)) != sizeof(request)) |
return NULL; | return NULL; |
| |
// Receive the response | // Receive the response |
| |
ExecutorOpenFileResponse response; | ExecutorOpenFileResponse response; |
| |
if (Recv(_sock, &response, sizeof(response)) != sizeof(response)) |
if (_recv(_getSock(), &response, sizeof(response)) != sizeof(response)) |
return NULL; | return NULL; |
| |
// Receive descriptor (if response successful). | // Receive descriptor (if response successful). |
|
|
{ | { |
int fds[1]; | int fds[1]; |
| |
if (_receiveDescriptorArray(_sock, fds, 1) != 0) |
if (_receiveDescriptorArray(_getSock(), fds, 1) != 0) |
return NULL; | return NULL; |
| |
if (fds[0] == -1) | if (fds[0] == -1) |
|
|
{ | { |
AutoMutex autoMutex(_mutex); | AutoMutex autoMutex(_mutex); |
| |
// Send request header: |
// _send request header: |
| |
ExecutorRequestHeader header; | ExecutorRequestHeader header; |
header.code = EXECUTOR_RENAME_FILE_REQUEST; |
header.code = EXECUTOR_RENAME_FILE_MESSAGE; |
| |
if (Send(_sock, &header, sizeof(header)) != sizeof(header)) |
if (_send(_getSock(), &header, sizeof(header)) != sizeof(header)) |
return -1; | return -1; |
| |
// Send request body. |
// _send request body. |
| |
ExecutorRenameFileRequest request; | ExecutorRenameFileRequest request; |
memset(&request, 0, sizeof(request)); | memset(&request, 0, sizeof(request)); |
Strlcpy(request.oldPath, oldPath, EXECUTOR_BUFFER_SIZE); | Strlcpy(request.oldPath, oldPath, EXECUTOR_BUFFER_SIZE); |
Strlcpy(request.newPath, newPath, EXECUTOR_BUFFER_SIZE); | Strlcpy(request.newPath, newPath, EXECUTOR_BUFFER_SIZE); |
| |
if (Send(_sock, &request, sizeof(request)) != sizeof(request)) |
if (_send(_getSock(), &request, sizeof(request)) != sizeof(request)) |
return -1; | return -1; |
| |
// Receive the response | // Receive the response |
| |
ExecutorRenameFileResponse response; | ExecutorRenameFileResponse response; |
| |
if (Recv(_sock, &response, sizeof(response)) != sizeof(response)) |
if (_recv(_getSock(), &response, sizeof(response)) != sizeof(response)) |
return -1; | return -1; |
| |
return response.status; | return response.status; |
|
|
{ | { |
AutoMutex autoMutex(_mutex); | AutoMutex autoMutex(_mutex); |
| |
// Send request header: |
// _send request header: |
| |
ExecutorRequestHeader header; | ExecutorRequestHeader header; |
header.code = EXECUTOR_REMOVE_FILE_REQUEST; |
header.code = EXECUTOR_REMOVE_FILE_MESSAGE; |
| |
if (Send(_sock, &header, sizeof(header)) != sizeof(header)) |
if (_send(_getSock(), &header, sizeof(header)) != sizeof(header)) |
return -1; | return -1; |
| |
// Send request body. |
// _send request body. |
| |
ExecutorRemoveFileRequest request; | ExecutorRemoveFileRequest request; |
memset(&request, 0, sizeof(request)); | memset(&request, 0, sizeof(request)); |
Strlcpy(request.path, path, EXECUTOR_BUFFER_SIZE); | Strlcpy(request.path, path, EXECUTOR_BUFFER_SIZE); |
| |
if (Send(_sock, &request, sizeof(request)) != sizeof(request)) |
if (_send(_getSock(), &request, sizeof(request)) != sizeof(request)) |
return -1; | return -1; |
| |
// Receive the response | // Receive the response |
| |
ExecutorRemoveFileResponse response; | ExecutorRemoveFileResponse response; |
| |
if (Recv(_sock, &response, sizeof(response)) != sizeof(response)) |
if (_recv(_getSock(), &response, sizeof(response)) != sizeof(response)) |
return -1; | return -1; |
| |
return response.status; | return response.status; |
} | } |
| |
static int OutOfProcess_startProviderAgent( | static int OutOfProcess_startProviderAgent( |
|
const SessionKey& sessionKey, |
const char* module, | const char* module, |
int uid, | int uid, |
int gid, | int gid, |
|
|
if (n >= EXECUTOR_BUFFER_SIZE) | if (n >= EXECUTOR_BUFFER_SIZE) |
return -1; | return -1; |
| |
// Send request header: |
// _send request header: |
| |
ExecutorRequestHeader header; | ExecutorRequestHeader header; |
header.code = EXECUTOR_START_PROVIDER_AGENT_REQUEST; |
header.code = EXECUTOR_START_PROVIDER_AGENT_MESSAGE; |
| |
if (Send(_sock, &header, sizeof(header)) != sizeof(header)) |
if (_send(_getSock(), &header, sizeof(header)) != sizeof(header)) |
return -1; | return -1; |
| |
// Send request body. |
// _send request body. |
| |
ExecutorStartProviderAgentRequest request; | ExecutorStartProviderAgentRequest request; |
memset(&request, 0, sizeof(request)); | memset(&request, 0, sizeof(request)); |
|
Strlcpy(request.key, sessionKey.data(), sizeof(request.key)); |
memcpy(request.module, module, n); | memcpy(request.module, module, n); |
request.uid = uid; | request.uid = uid; |
request.gid = gid; | request.gid = gid; |
| |
if (Send(_sock, &request, sizeof(request)) != sizeof(request)) |
if (_send(_getSock(), &request, sizeof(request)) != sizeof(request)) |
return -1; | return -1; |
| |
// Receive the response | // Receive the response |
| |
ExecutorStartProviderAgentResponse response; | ExecutorStartProviderAgentResponse response; |
| |
if (Recv(_sock, &response, sizeof(response)) != sizeof(response)) |
if (_recv(_getSock(), &response, sizeof(response)) != sizeof(response)) |
return -1; | return -1; |
| |
// Check response status and pid. | // Check response status and pid. |
|
|
// Receive descriptors. | // Receive descriptors. |
| |
int descriptors[2]; | int descriptors[2]; |
int result = _receiveDescriptorArray(_sock, descriptors, 2); |
int result = _receiveDescriptorArray(_getSock(), descriptors, 2); |
| |
if (result == 0) | if (result == 0) |
{ | { |
|
|
{ | { |
AutoMutex autoMutex(_mutex); | AutoMutex autoMutex(_mutex); |
| |
// Send request header: |
// _send request header: |
| |
ExecutorRequestHeader header; | ExecutorRequestHeader header; |
header.code = EXECUTOR_DAEMONIZE_EXECUTOR_REQUEST; |
header.code = EXECUTOR_DAEMONIZE_EXECUTOR_MESSAGE; |
| |
if (Send(_sock, &header, sizeof(header)) != sizeof(header)) |
if (_send(_getSock(), &header, sizeof(header)) != sizeof(header)) |
return -1; | return -1; |
| |
// Receive the response | // Receive the response |
| |
ExecutorDaemonizeExecutorResponse response; | ExecutorDaemonizeExecutorResponse response; |
| |
if (Recv(_sock, &response, sizeof(response)) != sizeof(response)) |
if (_recv(_getSock(), &response, sizeof(response)) != sizeof(response)) |
return -1; | return -1; |
| |
return response.status; | return response.status; |
} | } |
| |
static int OutOfProcess_changeOwner( |
static int OutOfProcess_waitPid( |
const char* path, |
int pid) |
const char* owner) |
|
{ | { |
AutoMutex autoMutex(_mutex); | AutoMutex autoMutex(_mutex); |
| |
// Send request header: |
// _send request header: |
| |
ExecutorRequestHeader header; | ExecutorRequestHeader header; |
header.code = EXECUTOR_CHANGE_OWNER_REQUEST; |
header.code = EXECUTOR_WAIT_PID_MESSAGE; |
| |
if (Send(_sock, &header, sizeof(header)) != sizeof(header)) |
if (_send(_getSock(), &header, sizeof(header)) != sizeof(header)) |
return -1; | return -1; |
| |
// Send request body: |
// _send request body: |
| |
ExecutorChangeOwnerRequest request; |
ExecutorWaitPidRequest request; |
Strlcpy(request.path, path, sizeof(request.path)); |
request.pid = pid; |
Strlcpy(request.owner, owner, sizeof(request.owner)); |
|
| |
if (Send(_sock, &request, sizeof(request)) != sizeof(request)) |
if (_send(_getSock(), &request, sizeof(request)) != sizeof(request)) |
return -1; | return -1; |
| |
// Receive the response | // Receive the response |
| |
ExecutorChangeOwnerResponse response; |
ExecutorWaitPidResponse response; |
| |
if (Recv(_sock, &response, sizeof(response)) != sizeof(response)) |
if (_recv(_getSock(), &response, sizeof(response)) != sizeof(response)) |
return -1; | return -1; |
| |
return response.status; | return response.status; |
} | } |
| |
static int OutOfProcess_waitPid( |
static int OutOfProcess_authenticatePassword( |
int pid) |
const char* username, |
|
const char* password, |
|
SessionKey& sessionKey) |
{ | { |
AutoMutex autoMutex(_mutex); | AutoMutex autoMutex(_mutex); |
| |
// Send request header: |
sessionKey.clear(); |
|
|
|
// _send request header: |
| |
ExecutorRequestHeader header; | ExecutorRequestHeader header; |
header.code = EXECUTOR_WAIT_PID_REQUEST; |
header.code = EXECUTOR_AUTHENTICATE_PASSWORD_MESSAGE; |
| |
if (Send(_sock, &header, sizeof(header)) != sizeof(header)) |
if (_send(_getSock(), &header, sizeof(header)) != sizeof(header)) |
return -1; | return -1; |
| |
// Send request body: |
// _send request body. |
| |
ExecutorWaitPidRequest request; |
ExecutorAuthenticatePasswordRequest request; |
request.pid = pid; |
memset(&request, 0, sizeof(request)); |
|
Strlcpy(request.username, username, EXECUTOR_BUFFER_SIZE); |
|
Strlcpy(request.password, password, EXECUTOR_BUFFER_SIZE); |
| |
if (Send(_sock, &request, sizeof(request)) != sizeof(request)) |
if (_send(_getSock(), &request, sizeof(request)) != sizeof(request)) |
return -1; | return -1; |
| |
// Receive the response | // Receive the response |
| |
ExecutorWaitPidResponse response; |
ExecutorAuthenticatePasswordResponse response; |
| |
if (Recv(_sock, &response, sizeof(response)) != sizeof(response)) |
if (_recv(_getSock(), &response, sizeof(response)) != sizeof(response)) |
return -1; | return -1; |
| |
|
Strlcpy((char*)sessionKey.data(), response.key, sessionKey.size()); |
|
|
return response.status; | return response.status; |
} | } |
| |
static int OutOfProcess_pamAuthenticate( |
static int OutOfProcess_validateUser( |
const char* username, |
const char* username) |
const char* password) |
|
{ | { |
AutoMutex autoMutex(_mutex); | AutoMutex autoMutex(_mutex); |
| |
// Send request header: |
// _send request header: |
| |
ExecutorRequestHeader header; | ExecutorRequestHeader header; |
header.code = EXECUTOR_PAM_AUTHENTICATE_REQUEST; |
header.code = EXECUTOR_VALIDATE_USER_MESSAGE; |
| |
if (Send(_sock, &header, sizeof(header)) != sizeof(header)) |
if (_send(_getSock(), &header, sizeof(header)) != sizeof(header)) |
return -1; | return -1; |
| |
// Send request body. |
// _send request body. |
| |
ExecutorPAMAuthenticateRequest request; |
ExecutorValidateUserRequest request; |
memset(&request, 0, sizeof(request)); | memset(&request, 0, sizeof(request)); |
Strlcpy(request.username, username, EXECUTOR_BUFFER_SIZE); | Strlcpy(request.username, username, EXECUTOR_BUFFER_SIZE); |
Strlcpy(request.password, password, EXECUTOR_BUFFER_SIZE); |
|
| |
if (Send(_sock, &request, sizeof(request)) != sizeof(request)) |
if (_send(_getSock(), &request, sizeof(request)) != sizeof(request)) |
return -1; | return -1; |
| |
// Receive the response | // Receive the response |
| |
ExecutorPAMAuthenticateResponse response; |
ExecutorValidateUserResponse response; |
| |
if (Recv(_sock, &response, sizeof(response)) != sizeof(response)) |
if (_recv(_getSock(), &response, sizeof(response)) != sizeof(response)) |
return -1; | return -1; |
| |
return response.status; | return response.status; |
} | } |
| |
static int OutOfProcess_pamValidateUser( |
int OutOfProcess_challengeLocal( |
const char* username) |
const char* user, |
|
char challenge[EXECUTOR_BUFFER_SIZE], |
|
SessionKey& sessionKey) |
{ | { |
AutoMutex autoMutex(_mutex); | AutoMutex autoMutex(_mutex); |
| |
// Send request header: |
// _send request header: |
| |
ExecutorRequestHeader header; | ExecutorRequestHeader header; |
header.code = EXECUTOR_PAM_VALIDATE_USER_REQUEST; |
header.code = EXECUTOR_CHALLENGE_LOCAL_MESSAGE; |
| |
if (Send(_sock, &header, sizeof(header)) != sizeof(header)) |
if (_send(_getSock(), &header, sizeof(header)) != sizeof(header)) |
return -1; | return -1; |
| |
// Send request body. |
// _send request body. |
| |
ExecutorPAMValidateUserRequest request; |
ExecutorChallengeLocalRequest request; |
memset(&request, 0, sizeof(request)); | memset(&request, 0, sizeof(request)); |
Strlcpy(request.username, username, EXECUTOR_BUFFER_SIZE); |
Strlcpy(request.user, user, EXECUTOR_BUFFER_SIZE); |
|
|
|
if (_send(_getSock(), &request, sizeof(request)) != sizeof(request)) |
|
return -1; |
|
|
|
// Receive the response |
|
|
|
ExecutorChallengeLocalResponse response; |
|
|
|
if (_recv(_getSock(), &response, sizeof(response)) != sizeof(response)) |
|
return -1; |
|
|
|
Strlcpy((char*)sessionKey.data(), response.key, sessionKey.size()); |
|
Strlcpy(challenge, response.challenge, EXECUTOR_BUFFER_SIZE); |
|
|
|
return response.status; |
|
} |
|
|
|
int OutOfProcess_authenticateLocal( |
|
const SessionKey& sessionKey, |
|
const char* token) |
|
{ |
|
AutoMutex autoMutex(_mutex); |
|
|
|
// _send request header: |
|
|
|
ExecutorRequestHeader header; |
|
header.code = EXECUTOR_AUTHENTICATE_LOCAL_MESSAGE; |
|
|
|
if (_send(_getSock(), &header, sizeof(header)) != sizeof(header)) |
|
return -1; |
| |
if (Send(_sock, &request, sizeof(request)) != sizeof(request)) |
// _send request body. |
|
|
|
ExecutorAuthenticateLocalRequest request; |
|
memset(&request, 0, sizeof(request)); |
|
Strlcpy(request.key, (char*)sessionKey.data(), EXECUTOR_BUFFER_SIZE); |
|
Strlcpy(request.token, token, EXECUTOR_BUFFER_SIZE); |
|
|
|
if (_send(_getSock(), &request, sizeof(request)) != sizeof(request)) |
return -1; | return -1; |
| |
// Receive the response | // Receive the response |
| |
ExecutorPAMValidateUserResponse response; |
ExecutorAuthenticateLocalResponse response; |
| |
if (Recv(_sock, &response, sizeof(response)) != sizeof(response)) |
if (_recv(_getSock(), &response, sizeof(response)) != sizeof(response)) |
return -1; | return -1; |
| |
return response.status; | return response.status; |
|
|
//////////////////////////////////////////////////////////////////////////////// | //////////////////////////////////////////////////////////////////////////////// |
//////////////////////////////////////////////////////////////////////////////// | //////////////////////////////////////////////////////////////////////////////// |
| |
void Executor::setExecutorSocket(int sock) |
void Executor::setSock(int sock) |
{ | { |
|
_mutex.lock(); |
_sock = sock; | _sock = sock; |
|
_mutex.unlock(); |
|
} |
|
|
|
int Executor::detectExecutor() |
|
{ |
|
if (_getSock() == -1) |
|
return -1; |
|
else |
|
return 0; |
} | } |
| |
int Executor::ping() | int Executor::ping() |
{ | { |
if (_sock == -1) |
if (_getSock() == -1) |
return InProcess_ping(); | return InProcess_ping(); |
| |
#if defined(PEGASUS_ENABLE_PRIVILEGE_SEPARATION) | #if defined(PEGASUS_ENABLE_PRIVILEGE_SEPARATION) |
|
|
const char* path, | const char* path, |
int mode) | int mode) |
{ | { |
if (_sock == -1) |
if (_getSock() == -1) |
return InProcess_openFile(path, mode); | return InProcess_openFile(path, mode); |
| |
#if defined(PEGASUS_ENABLE_PRIVILEGE_SEPARATION) | #if defined(PEGASUS_ENABLE_PRIVILEGE_SEPARATION) |
return OutOfProcess_openFile(path, mode); | return OutOfProcess_openFile(path, mode); |
#else | #else |
return -1; |
return NULL; |
#endif /* defined(PEGASUS_ENABLE_PRIVILEGE_SEPARATION) */ | #endif /* defined(PEGASUS_ENABLE_PRIVILEGE_SEPARATION) */ |
} | } |
| |
|
|
const char* oldPath, | const char* oldPath, |
const char* newPath) | const char* newPath) |
{ | { |
if (_sock == -1) |
if (_getSock() == -1) |
return InProcess_renameFile(oldPath, newPath); | return InProcess_renameFile(oldPath, newPath); |
| |
#if defined(PEGASUS_ENABLE_PRIVILEGE_SEPARATION) | #if defined(PEGASUS_ENABLE_PRIVILEGE_SEPARATION) |
|
|
int Executor::removeFile( | int Executor::removeFile( |
const char* path) | const char* path) |
{ | { |
if (_sock == -1) |
if (_getSock() == -1) |
return InProcess_removeFile(path); | return InProcess_removeFile(path); |
| |
#if defined(PEGASUS_ENABLE_PRIVILEGE_SEPARATION) | #if defined(PEGASUS_ENABLE_PRIVILEGE_SEPARATION) |
|
|
} | } |
| |
int Executor::startProviderAgent( | int Executor::startProviderAgent( |
|
const SessionKey& sessionKey, |
const char* module, | const char* module, |
int uid, | int uid, |
int gid, | int gid, |
|
|
AnonymousPipe*& readPipe, | AnonymousPipe*& readPipe, |
AnonymousPipe*& writePipe) | AnonymousPipe*& writePipe) |
{ | { |
if (_sock == -1) |
if (_getSock() == -1) |
return InProcess_startProviderAgent( | return InProcess_startProviderAgent( |
module, uid, gid, pid, readPipe, writePipe); |
sessionKey, module, uid, gid, pid, readPipe, writePipe); |
| |
#if defined(PEGASUS_ENABLE_PRIVILEGE_SEPARATION) | #if defined(PEGASUS_ENABLE_PRIVILEGE_SEPARATION) |
return OutOfProcess_startProviderAgent( | return OutOfProcess_startProviderAgent( |
module, uid, gid, pid, readPipe, writePipe); |
sessionKey, module, uid, gid, pid, readPipe, writePipe); |
#else | #else |
return -1; | return -1; |
#endif /* defined(PEGASUS_ENABLE_PRIVILEGE_SEPARATION) */ | #endif /* defined(PEGASUS_ENABLE_PRIVILEGE_SEPARATION) */ |
|
|
| |
int Executor::daemonizeExecutor() | int Executor::daemonizeExecutor() |
{ | { |
if (_sock == -1) |
if (_getSock() == -1) |
return InProcess_daemonizeExecutor(); | return InProcess_daemonizeExecutor(); |
| |
#if defined(PEGASUS_ENABLE_PRIVILEGE_SEPARATION) | #if defined(PEGASUS_ENABLE_PRIVILEGE_SEPARATION) |
|
|
#endif /* defined(PEGASUS_ENABLE_PRIVILEGE_SEPARATION) */ | #endif /* defined(PEGASUS_ENABLE_PRIVILEGE_SEPARATION) */ |
} | } |
| |
int Executor::changeOwner( |
int Executor::waitPid( |
const char* path, |
int pid) |
const char* owner) |
|
{ | { |
if (_sock == -1) |
if (_getSock() == -1) |
return InProcess_changeOwner(path, owner); |
return InProcess_waitPid(pid); |
| |
#if defined(PEGASUS_ENABLE_PRIVILEGE_SEPARATION) | #if defined(PEGASUS_ENABLE_PRIVILEGE_SEPARATION) |
return OutOfProcess_changeOwner(path, owner); |
return OutOfProcess_waitPid(pid); |
#else | #else |
return -1; | return -1; |
#endif /* defined(PEGASUS_ENABLE_PRIVILEGE_SEPARATION) */ | #endif /* defined(PEGASUS_ENABLE_PRIVILEGE_SEPARATION) */ |
} | } |
| |
int Executor::waitPid( |
int Executor::authenticatePassword( |
int pid) |
const char* username, |
|
const char* password, |
|
SessionKey& sessionKey) |
{ | { |
if (_sock == -1) |
if (_getSock() == -1) |
return InProcess_waitPid(pid); |
return InProcess_authenticatePassword(username, password, sessionKey); |
| |
#if defined(PEGASUS_ENABLE_PRIVILEGE_SEPARATION) | #if defined(PEGASUS_ENABLE_PRIVILEGE_SEPARATION) |
return OutOfProcess_waitPid(pid); |
return OutOfProcess_authenticatePassword(username, password, sessionKey); |
#else | #else |
return -1; | return -1; |
#endif /* defined(PEGASUS_ENABLE_PRIVILEGE_SEPARATION) */ | #endif /* defined(PEGASUS_ENABLE_PRIVILEGE_SEPARATION) */ |
} | } |
| |
int Executor::pamAuthenticate( |
int Executor::validateUser( |
const char* username, |
const char* username) |
const char* password) |
|
{ | { |
if (_sock == -1) |
if (_getSock() == -1) |
return InProcess_pamAuthenticate(username, password); |
return InProcess_validateUser(username); |
| |
#if defined(PEGASUS_ENABLE_PRIVILEGE_SEPARATION) | #if defined(PEGASUS_ENABLE_PRIVILEGE_SEPARATION) |
return OutOfProcess_pamAuthenticate(username, password); |
return OutOfProcess_validateUser(username); |
#else | #else |
return -1; | return -1; |
#endif /* defined(PEGASUS_ENABLE_PRIVILEGE_SEPARATION) */ | #endif /* defined(PEGASUS_ENABLE_PRIVILEGE_SEPARATION) */ |
} | } |
| |
int Executor::pamValidateUser( |
int Executor::challengeLocal( |
const char* username) |
const char* user, |
|
char path[EXECUTOR_BUFFER_SIZE], |
|
SessionKey& sessionKey) |
|
{ |
|
if (_getSock() == -1) |
|
return -1; |
|
|
|
#if defined(PEGASUS_ENABLE_PRIVILEGE_SEPARATION) |
|
return OutOfProcess_challengeLocal(user, path, sessionKey); |
|
#else |
|
return -1; |
|
#endif /* defined(PEGASUS_ENABLE_PRIVILEGE_SEPARATION) */ |
|
} |
|
|
|
int Executor::authenticateLocal( |
|
const SessionKey& sessionKey, |
|
const char* challengeResponse) |
{ | { |
if (_sock == -1) |
if (_getSock() == -1) |
return InProcess_pamValidateUser(username); |
return -1; |
| |
#if defined(PEGASUS_ENABLE_PRIVILEGE_SEPARATION) | #if defined(PEGASUS_ENABLE_PRIVILEGE_SEPARATION) |
return OutOfProcess_pamValidateUser(username); |
return OutOfProcess_authenticateLocal(sessionKey, challengeResponse); |
#else | #else |
return -1; | return -1; |
#endif /* defined(PEGASUS_ENABLE_PRIVILEGE_SEPARATION) */ | #endif /* defined(PEGASUS_ENABLE_PRIVILEGE_SEPARATION) */ |