pegasus/src/Pegasus/Common/Executor.cpp - diff

Return to Executor.cpp CVS log

Up to [Pegasus] / pegasus / src / Pegasus / Common

Diff for /pegasus/src/Pegasus/Common/Executor.cpp between version 1.1.4.9 and 1.7

version 1.1.4.9, 2007/05/10 17:46:19

version 1.7, 2007/06/13 21:21:53

Line 40

#if defined(PEGASUS_OS_TYPE_WINDOWS)

# include <windows.h>

#else

# include <sys/types.h>

# include <sys/socket.h>

# include <unistd.h>

# include <fcntl.h>

# include <sys/types.h>

# include <sys/wait.h>

# include <sys/time.h>

# include <sys/resource.h>

#endif

#if defined(PEGASUS_HAS_SIGNALS)

# include <sys/wait.h>

#endif

#include <Pegasus/Common/Constants.h>

#include <Pegasus/Common/Mutex.h>

#include <Pegasus/Common/Once.h>

#include <Pegasus/Common/FileSystem.h>

#include <Pegasus/Common/String.h>

#include <Pegasus/Common/Tracer.h>

#include <Pegasus/Common/System.h>

#include <Pegasus/Common/Executor.h>

#include <Executor/Strlcpy.h>

Line 102

Line 105

virtual int startProviderAgent(

const char* module,

const String& pegasusHome,

const String& userName,

int uid,

int gid,

int& pid,

AnonymousPipe*& readPipe,

AnonymousPipe*& writePipe) = 0;

Line 193

Line 195

virtual int startProviderAgent(

const char* module,

const String& pegasusHome,

const String& userName,

int uid,

int gid,

int& pid,

AnonymousPipe*& readPipe,

AnonymousPipe*& writePipe)

{

// Add logging here.

#if !defined(PEGASUS_ENABLE_PRIVILEGE_SEPARATION)

#if defined(PEGASUS_OS_TYPE_WINDOWS)

Line 214

Line 215

// Create pipes. Export handles to string.

AnonymousPipe* pipeFromAgent = new AnonymousPipe();

AutoPtr<AnonymousPipe> pipeFromAgent(new AnonymousPipe());

AnonymousPipe* pipeToAgent = new AnonymousPipe();

AutoPtr<AnonymousPipe> pipeToAgent(new AnonymousPipe());

char readHandle[32];

char writeHandle[32];

Line 235

Line 236

// Build full path of "cimprovagt" program.

String path;

String path = FileSystem::getAbsolutePath(

pegasusHome.getCString(), PEGASUS_PROVIDER_AGENT_PROC_NAME);

if (_getProviderAgentPath(path) != 0)

{

delete pipeToAgent;

delete pipeFromAgent;

return -1;

}

// Format command line.

Line 268

Line 263

&siStartInfo, // STARTUPINFO

&piProcInfo)) // PROCESS_INFORMATION

{

delete pipeToAgent;

delete pipeFromAgent;

return -1;

}

Line 281

Line 274

pipeToAgent->closeReadHandle();

pipeFromAgent->closeWriteHandle();

readPipe = pipeFromAgent;

readPipe = pipeFromAgent.release();

writePipe = pipeToAgent;

writePipe = pipeToAgent.release();

return 0;

#elif defined(PEGASUS_OS_OS400)

// ATTN: no implementation for OS400.

return -1;

#else /* POSIX CASE FOLLOWS */

AutoMutex autoMutex(_mutex);

Line 310

Line 298

{

// Resolve full path of "cimprovagt".

String path;

String path = FileSystem::getAbsolutePath(

pegasusHome.getCString(), PEGASUS_PROVIDER_AGENT_PROC_NAME);

# if !defined(PEGASUS_DISABLE_PROV_USERCTXT)

PEGASUS_UID_T newUid = (PEGASUS_UID_T)-1;

PEGASUS_GID_T newGid = (PEGASUS_GID_T)-1;

if (_getProviderAgentPath(path) != 0)

if (userName != System::getEffectiveUserName())

{

if (!System::lookupUserId(

userName.getCString(), newUid, newGid))

{

PEG_TRACE((TRC_DISCARDED_DATA, Tracer::LEVEL2,

"System::lookupUserId(%s) failed.",

(const char*)userName.getCString()));

return -1;

}

# endif /* !defined(PEGASUS_DISABLE_PROV_USERCTXT) */

// Create "to-agent" pipe:

Line 363

Line 368

#endif /* !defined(PEGASUS_OS_VMS) */

// Set uid and gid for the new provider agent process.

# if !defined(PEGASUS_DISABLE_PROV_USERCTXT)

if (uid != -1 && gid != -1)

// Set uid and gid for the new provider agent process.

{

PEG_TRACE((TRC_OS_ABSTRACTION, Tracer::LEVEL4,

"Changing user context to: userName=%s uid=%d, gid=%d",

(const char*)userName.getCString(), uid, gid));

if (setgid(gid) != 0)

if (newUid != (PEGASUS_UID_T)-1 && newGid != (PEGASUS_GID_T)-1)

{

PEG_TRACE_STRING(TRC_OS_ABSTRACTION, Tracer::LEVEL2,

if (!System::changeUserContext_SingleThreaded(

String("setgid failed: ") + String(strerror(errno)));

userName.getCString(), newUid, newGid))

return false;

}

if (setuid(uid) != 0)

{

PEG_TRACE_STRING(TRC_OS_ABSTRACTION, Tracer::LEVEL2,

return -1;

String("setuid failed: ") + String(strerror(errno)));

return false;

}

Line 433

Line 426

return 0;

#endif /* !defined(START_PROVIDER_AGENT) */

# endif /* POSIX CASE */

#else /* PEGASUS_ENABLE_PRIVILEGE_SEPARATION is defined */

// Out-of-Process providers are never started by the cimserver process

// when Privilege Separation is enabled.

return -1;

#endif

}

virtual int daemonizeExecutor()

Line 444

Line 445

virtual int reapProviderAgent(

int pid)

{

#if !defined(PEGASUS_ENABLE_PRIVILEGE_SEPARATION)

int status = 0;

#if defined(PEGASUS_HAS_SIGNALS)

Line 452

Line 455

#endif

return status;

#else /* PEGASUS_ENABLE_PRIVILEGE_SEPARATION is defined */

// Out-of-Process providers are never started by the cimserver process

// when Privilege Separation is enabled.

return -1;

#endif

}

virtual int authenticatePassword(

Line 495

Line 506

private:

static int _getProviderAgentPath(String& path)

{

path = PEGASUS_PROVIDER_AGENT_PROC_NAME;

if (path[0] != '/')

{

const char* env = getenv("PEGASUS_HOME");

if (!env)

return -1;

path = String(env) + String("/") + path;

}

return 0;

}

Mutex _mutex;

};

Line 690

Line 684

virtual int startProviderAgent(

const char* module,

const String& pegasusHome,

const String& userName,

int uid,

int gid,

int& pid,

AnonymousPipe*& readPipe,

AnonymousPipe*& writePipe)

Line 704

Line 697

// Reject strings longer than EXECUTOR_BUFFER_SIZE.

size_t n = strlen(module);

size_t moduleNameLength = strlen(module);

if (moduleNameLength >= EXECUTOR_BUFFER_SIZE)

return -1;

CString userNameCString = userName.getCString();

size_t userNameLength = strlen(userNameCString);

if (n >= EXECUTOR_BUFFER_SIZE)

if (userNameLength >= EXECUTOR_BUFFER_SIZE)

return -1;

// _send request header:

Line 721

Line 720

ExecutorStartProviderAgentRequest request;

memset(&request, 0, sizeof(request));

memcpy(request.module, module, n);

memcpy(request.module, module, moduleNameLength);

request.uid = uid;

memcpy(request.userName, userNameCString, userNameLength);

request.gid = gid;

if (_send(_sock, &request, sizeof(request)) != sizeof(request))

return -1;

Line 1022

Line 1020

////////////////////////////////////////////////////////////////////////////////

static int _sock = -1;

static int _executorSock = -1;

static ExecutorImpl* _impl = 0;

static AutoPtr<ExecutorImpl> _executorImpl;

static Mutex _mutex;

static Once _executorImplOnce = PEGASUS_ONCE_INITIALIZER;

static ExecutorImpl* _getImpl()

static void _initExecutorImpl()

{

// Use the double-checked locking technique to avoid the overhead of a lock

// on every call.

if (_impl == 0)

{

_mutex.lock();

if (_impl == 0)

{

#if defined(PEGASUS_ENABLE_PRIVILEGE_SEPARATION)

if (_sock == -1)

if (_executorSock == -1)

_impl = new ExecutorLoopbackImpl();

_executorImpl.reset(new ExecutorLoopbackImpl());

else

_impl = new ExecutorSocketImpl(_sock);

_executorImpl.reset(new ExecutorSocketImpl(_executorSock));

#else

_impl = new ExecutorLoopbackImpl();

_executorImpl.reset(new ExecutorLoopbackImpl());

#endif

}

_mutex.unlock();

}

return _impl;

}

void Executor::setSock(int sock)

{

_mutex.lock();

_executorSock = sock;

_sock = sock;

_mutex.unlock();

}

int Executor::detectExecutor()

{

return _getImpl()->detectExecutor();

once(&_executorImplOnce, _initExecutorImpl);

return _executorImpl->detectExecutor();

}

int Executor::ping()

{

return _getImpl()->ping();

once(&_executorImplOnce, _initExecutorImpl);

return _executorImpl->ping();

}

FILE* Executor::openFile(

const char* path,

int mode)

{

return _getImpl()->openFile(path, mode);

once(&_executorImplOnce, _initExecutorImpl);

return _executorImpl->openFile(path, mode);

}

int Executor::renameFile(

const char* oldPath,

const char* newPath)

{

return _getImpl()->renameFile(oldPath, newPath);

once(&_executorImplOnce, _initExecutorImpl);

return _executorImpl->renameFile(oldPath, newPath);

}

int Executor::removeFile(

const char* path)

{

return _getImpl()->removeFile(path);

once(&_executorImplOnce, _initExecutorImpl);

return _executorImpl->removeFile(path);

}

int Executor::startProviderAgent(

const char* module,

const String& pegasusHome,

const String& userName,

int uid,

int gid,

int& pid,

AnonymousPipe*& readPipe,

AnonymousPipe*& writePipe)

{

return _getImpl()->startProviderAgent(module,

once(&_executorImplOnce, _initExecutorImpl);

userName, uid, gid, pid, readPipe, writePipe);

return _executorImpl->startProviderAgent(

module, pegasusHome, userName, pid, readPipe, writePipe);

}

int Executor::daemonizeExecutor()

{

return _getImpl()->daemonizeExecutor();

once(&_executorImplOnce, _initExecutorImpl);

return _executorImpl->daemonizeExecutor();

}

int Executor::reapProviderAgent(

int pid)

{

return _getImpl()->reapProviderAgent(pid);

once(&_executorImplOnce, _initExecutorImpl);

return _executorImpl->reapProviderAgent(pid);

}

int Executor::authenticatePassword(

const char* username,

const char* password)

{

return _getImpl()->authenticatePassword(username, password);

once(&_executorImplOnce, _initExecutorImpl);

return _executorImpl->authenticatePassword(username, password);

}

int Executor::validateUser(

const char* username)

{

return _getImpl()->validateUser(username);

once(&_executorImplOnce, _initExecutorImpl);

return _executorImpl->validateUser(username);

}

int Executor::challengeLocal(

const char* user,

char challengeFilePath[EXECUTOR_BUFFER_SIZE])

{

return _getImpl()->challengeLocal(user, challengeFilePath);

once(&_executorImplOnce, _initExecutorImpl);

return _executorImpl->challengeLocal(user, challengeFilePath);

}

int Executor::authenticateLocal(

const char* challengeFilePath,

const char* response)

{

return _getImpl()->authenticateLocal(challengeFilePath, response);

once(&_executorImplOnce, _initExecutorImpl);

return _executorImpl->authenticateLocal(challengeFilePath, response);

}

PEGASUS_NAMESPACE_END

Legend:

Removed from v.1.1.4.9
changed lines
	Added in v.1.7

No CVS admin address has been configured