pegasus/src/Pegasus/Common/Executor.cpp - diff

Return to Executor.cpp CVS log

Up to [Pegasus] / pegasus / src / Pegasus / Common

Diff for /pegasus/src/Pegasus/Common/Executor.cpp between version 1.1.4.4 and 1.3

version 1.1.4.4, 2007/03/30 00:35:02

version 1.3, 2007/05/30 20:41:28

Line 33

#include <cstdio>

#include <cstdlib>

#include <cstring>

#include <Pegasus/Common/Config.h>

#if defined(PEGASUS_OS_TYPE_WINDOWS)

# include <windows.h>

#else

# include <Executor/Socket.h>

# include <sys/types.h>

# include <sys/socket.h>

# include <unistd.h>

# include <fcntl.h>

# include <sys/wait.h>

# include <unistd.h>

# include <sys/types.h>

# include <sys/time.h>

# include <sys/resource.h>

#endif

#include "Constants.h"

#if defined(PEGASUS_HAS_SIGNALS)

#include "Executor.h"

# include <sys/wait.h>

#include "Mutex.h"

#endif

#include "FileSystem.h"

#include "String.h"

#include <Pegasus/Common/Constants.h>

#include <Pegasus/Common/Mutex.h>

#include <Pegasus/Common/FileSystem.h>

#include <Pegasus/Common/String.h>

#include <Pegasus/Common/Tracer.h>

#include <Pegasus/Common/System.h>

#include <Pegasus/Common/Executor.h>

#include <Executor/Strlcpy.h>

#include <Executor/Strlcat.h>

#if defined(PEGASUS_ENABLE_PRIVILEGE_SEPARATION)

# include <Executor/Socket.h>

# include <Executor/Messages.h>

#endif

Line 101

Line 104

virtual int startProviderAgent(

const char* module,

int uid,

const String& pegasusHome,

int gid,

const String& userName,

int& pid,

AnonymousPipe*& readPipe,

AnonymousPipe*& writePipe) = 0;

Line 121

Line 124

virtual int challengeLocal(

const char* username,

char challenge[EXECUTOR_BUFFER_SIZE]) = 0;

char challengeFilePath[EXECUTOR_BUFFER_SIZE]) = 0;

virtual int authenticateLocal(

const char* challenge,

const char* challengeFilePath,

const char* response) = 0;

};

Line 191

Line 194

virtual int startProviderAgent(

const char* module,

int uid,

const String& pegasusHome,

int gid,

const String& userName,

int& pid,

AnonymousPipe*& readPipe,

AnonymousPipe*& writePipe)

{

// Add logging here.

#if defined(PEGASUS_OS_TYPE_WINDOWS)

AutoMutex autoMutex(_mutex);

Line 209

Line 214

// Create pipes. Export handles to string.

AnonymousPipe* pipeFromAgent = new AnonymousPipe();

AutoPtr<AnonymousPipe> pipeFromAgent(new AnonymousPipe());

AnonymousPipe* pipeToAgent = new AnonymousPipe();

AutoPtr<AnonymousPipe> pipeToAgent(new AnonymousPipe());

char readHandle[32];

char writeHandle[32];

Line 230

Line 235

// Build full path of "cimprovagt" program.

String path;

String path = FileSystem::getAbsolutePath(

pegasusHome.getCString(), PEGASUS_PROVIDER_AGENT_PROC_NAME);

if (_getProviderAgentPath(path) != 0)

{

delete pipeToAgent;

delete pipeFromAgent;

return -1;

}

// Format command line.

Line 263

Line 262

&siStartInfo, // STARTUPINFO

&piProcInfo)) // PROCESS_INFORMATION

{

delete pipeToAgent;

delete pipeFromAgent;

return -1;

}

Line 276

Line 273

pipeToAgent->closeReadHandle();

pipeFromAgent->closeWriteHandle();

readPipe = pipeFromAgent;

readPipe = pipeFromAgent.release();

writePipe = pipeToAgent;

writePipe = pipeToAgent.release();

return 0;

Line 305

Line 302

{

// Resolve full path of "cimprovagt".

String path;

String path = FileSystem::getAbsolutePath(

pegasusHome.getCString(), PEGASUS_PROVIDER_AGENT_PROC_NAME);

if (_getProviderAgentPath(path) != 0)

# if !defined(PEGASUS_DISABLE_PROV_USERCTXT)

PEGASUS_UID_T newUid = (PEGASUS_UID_T)-1;

PEGASUS_GID_T newGid = (PEGASUS_GID_T)-1;

if (userName != System::getEffectiveUserName())

{

if (!System::lookupUserId(

userName.getCString(), newUid, newGid))

{

PEG_TRACE((TRC_DISCARDED_DATA, Tracer::LEVEL2,

"System::lookupUserId(%s) failed.",

(const char*)userName.getCString()));

return -1;

}

# endif /* !defined(PEGASUS_DISABLE_PROV_USERCTXT) */

// Create "to-agent" pipe:

Line 335

Line 349

if (pid == 0)

{

# if !defined(PEGASUS_OS_VMS)

// Close unused pipe descriptors:

close(to[1]);

close(from[0]);

#if !defined(PEGASUS_OS_VMS)

// Close unused descriptors. Leave stdin, stdout, stderr,

// and the child's pipe descriptors open.

Line 358

Line 372

#endif /* !defined(PEGASUS_OS_VMS) */

// Set uid and gid for the new provider agent process.

# if !defined(PEGASUS_DISABLE_PROV_USERCTXT)

if (uid != -1 && gid != -1)

// Set uid and gid for the new provider agent process.

{

if ((int)getgid() != gid)

{

// ATTN: log failure!

setgid(gid);

}

if ((int)getuid() != uid)

if (newUid != (PEGASUS_UID_T)-1 && newGid != (PEGASUS_GID_T)-1)

{

if (!System::changeUserContext_SingleThreaded(

userName.getCString(), newUid, newGid))

{

// ATTN: log failure!

return -1;

setuid(uid);

}

Line 388

Line 396

{

CString cstr = path.getCString();

execl(cstr, cstr, arg1, arg2, module, (char*)0);

if (execl(cstr, cstr, arg1, arg2, module, (char*)0) == -1)

{

PEG_TRACE((TRC_DISCARDED_DATA, Tracer::LEVEL2,

"execl() failed. errno = %d.", errno));

_exit(1);

}

// ATTN: log failure!

}

while (0);

Line 431

Line 441

virtual int reapProviderAgent(

int pid)

{

int status;

int status = 0;

#if defined(PEGASUS_HAS_SIGNALS)

while ((status = waitpid(pid, 0, 0)) == -1 && errno == EINTR)

;

#endif

return status;

}

Line 464

Line 476

virtual int challengeLocal(

const char* username,

char challenge[EXECUTOR_BUFFER_SIZE])

char challengeFilePath[EXECUTOR_BUFFER_SIZE])

{

// ATTN: not handled so don't call in this case.

return -1;

}

virtual int authenticateLocal(

const char* challenge,

const char* challengeFilePath,

const char* response)

{

// ATTN: not handled so don't call in this case.

Line 480

Line 492

private:

static int _getProviderAgentPath(String& path)

{

path = PEGASUS_PROVIDER_AGENT_PROC_NAME;

if (path[0] != '/')

{

const char* env = getenv("PEGASUS_HOME");

if (!env)

return -1;

path = String(env) + String("/") + path;

}

return 0;

}

Mutex _mutex;

};

Line 675

Line 670

virtual int startProviderAgent(

const char* module,

int uid,

const String& pegasusHome,

int gid,

const String& userName,

int& pid,

AnonymousPipe*& readPipe,

AnonymousPipe*& writePipe)

Line 688

Line 683

// Reject strings longer than EXECUTOR_BUFFER_SIZE.

size_t n = strlen(module);

size_t moduleNameLength = strlen(module);

if (moduleNameLength >= EXECUTOR_BUFFER_SIZE)

return -1;

CString userNameCString = userName.getCString();

size_t userNameLength = strlen(userNameCString);

if (n >= EXECUTOR_BUFFER_SIZE)

if (userNameLength >= EXECUTOR_BUFFER_SIZE)

return -1;

// _send request header:

Line 705

Line 706

ExecutorStartProviderAgentRequest request;

memset(&request, 0, sizeof(request));

memcpy(request.module, module, n);

memcpy(request.module, module, moduleNameLength);

request.uid = uid;

memcpy(request.userName, userNameCString, userNameLength);

request.gid = gid;

if (_send(_sock, &request, sizeof(request)) != sizeof(request))

return -1;

Line 875

virtual int challengeLocal(

const char* username,

char challenge[EXECUTOR_BUFFER_SIZE])

char challengeFilePath[EXECUTOR_BUFFER_SIZE])

{

AutoMutex autoMutex(_mutex);

Line 903

if (_recv(_sock, &response, sizeof(response)) != sizeof(response))

return -1;

Strlcpy(challenge, response.challenge, EXECUTOR_BUFFER_SIZE);

Strlcpy(challengeFilePath, response.challenge, EXECUTOR_BUFFER_SIZE);

return response.status;

}

virtual int authenticateLocal(

const char* challenge,

const char* challengeFilePath,

const char* response)

{

AutoMutex autoMutex(_mutex);

Line 926

ExecutorAuthenticateLocalRequest request;

memset(&request, 0, sizeof(request));

Strlcpy(request.challenge, challenge, EXECUTOR_BUFFER_SIZE);

Strlcpy(request.challenge, challengeFilePath, EXECUTOR_BUFFER_SIZE);

Strlcpy(request.response, response, EXECUTOR_BUFFER_SIZE);

if (_send(_sock, &request, sizeof(request)) != sizeof(request))

Line 1006

////////////////////////////////////////////////////////////////////////////////

static int _sock = -1;

static int _executorSock = -1;

static ExecutorImpl* _impl = 0;

static ExecutorImpl* _executorImpl = 0;

static Mutex _mutex;

static Mutex _executorMutex;

static ExecutorImpl* _getImpl()

{

// Use the double-checked locking technique to avoid the overhead of a lock

// on every call.

if (_impl == 0)

if (_executorImpl == 0)

{

_mutex.lock();

AutoMutex autoMutex(_executorMutex);

if (_impl == 0)

if (_executorImpl == 0)

{

#if defined(PEGASUS_ENABLE_PRIVILEGE_SEPARATION)

if (_sock == -1)

if (_executorSock == -1)

_impl = new ExecutorLoopbackImpl();

_executorImpl = new ExecutorLoopbackImpl();

else

_impl = new ExecutorSocketImpl(_sock);

_executorImpl = new ExecutorSocketImpl(_executorSock);

#else

_impl = new ExecutorLoopbackImpl();

_executorImpl = new ExecutorLoopbackImpl();

#endif

}

_mutex.unlock();

}

return _impl;

return _executorImpl;

}

void Executor::setSock(int sock)

{

_mutex.lock();

AutoMutex autoMutex(_executorMutex);

_sock = sock;

_executorSock = sock;

_mutex.unlock();

}

int Executor::detectExecutor()

Line 1076

Line 1073

int Executor::startProviderAgent(

const char* module,

int uid,

const String& pegasusHome,

int gid,

const String& userName,

int& pid,

AnonymousPipe*& readPipe,

AnonymousPipe*& writePipe)

{

return _getImpl()->startProviderAgent(module,

return _getImpl()->startProviderAgent(

uid, gid, pid, readPipe, writePipe);

module, pegasusHome, userName, pid, readPipe, writePipe);

}

int Executor::daemonizeExecutor()

Line 1112

Line 1109

int Executor::challengeLocal(

const char* user,

char challenge[EXECUTOR_BUFFER_SIZE])

char challengeFilePath[EXECUTOR_BUFFER_SIZE])

{

return _getImpl()->challengeLocal(user, challenge);

return _getImpl()->challengeLocal(user, challengeFilePath);

}

int Executor::authenticateLocal(

const char* challenge,

const char* challengeFilePath,

const char* response)

{

return _getImpl()->authenticateLocal(challenge, response);

return _getImpl()->authenticateLocal(challengeFilePath, response);

}

PEGASUS_NAMESPACE_END

Legend:

Removed from v.1.1.4.4
changed lines
	Added in v.1.3

No CVS admin address has been configured