version 1.11, 2006/11/10 18:14:58
|
version 1.11.4.3, 2007/06/11 09:20:13
|
|
|
#define SocketzOS_inline_h | #define SocketzOS_inline_h |
| |
#include <Pegasus/Common/Logger.h> | #include <Pegasus/Common/Logger.h> |
|
#ifdef PEGASUS_ZOS_SECURITY |
|
// This include file will not be provided in the OpenGroup CVS for now. |
|
// Do NOT try to include it in your compile |
|
#include <Pegasus/Common/safCheckzOS_inline.h> |
|
#endif |
#include <sys/ioctl.h> | #include <sys/ioctl.h> |
#include <net/rtrouteh.h> | #include <net/rtrouteh.h> |
#include <net/if.h> | #include <net/if.h> |
|
|
case(EINPROGRESS): | case(EINPROGRESS): |
case(EWOULDBLOCK): | case(EWOULDBLOCK): |
{ | { |
PEG_TRACE_STRING(TRC_SSL, Tracer::LEVEL4, |
PEG_TRACE_CSTRING(TRC_SSL, Tracer::LEVEL4, |
"---> Accept pending (EWB)."); | "---> Accept pending (EWB)."); |
return 0; // accept pending | return 0; // accept pending |
} | } |
case(ECONNRESET): | case(ECONNRESET): |
{ | { |
Logger::put_l( | Logger::put_l( |
Logger::ERROR_LOG, System::CIMSERVER, Logger::SEVERE, |
Logger::STANDARD_LOG, System::CIMSERVER, Logger::INFORMATION, |
"Pegasus.Common.SocketzOS_inline.CONNECTION_RESET_ERROR", | "Pegasus.Common.SocketzOS_inline.CONNECTION_RESET_ERROR", |
"ATTLS reset the connection due to handshake failure. " | "ATTLS reset the connection due to handshake failure. " |
"Connection closed."); | "Connection closed."); |
|
|
case(TTLS_CONN_HS_INPROGRESS): | case(TTLS_CONN_HS_INPROGRESS): |
{ | { |
// the SSL handshake has not been finished yet, try late again. | // the SSL handshake has not been finished yet, try late again. |
PEG_TRACE_STRING(TRC_SSL, Tracer::LEVEL4, "---> Accept pending."); |
PEG_TRACE_CSTRING(TRC_SSL, Tracer::LEVEL4, "---> Accept pending."); |
return 0; | return 0; |
} | } |
case(TTLS_CONN_SECURE): | case(TTLS_CONN_SECURE): |
|
|
case(TTLS_SEC_SRV_CA_FULL): | case(TTLS_SEC_SRV_CA_FULL): |
case(TTLS_SEC_SRV_CA_REQD): | case(TTLS_SEC_SRV_CA_REQD): |
{ | { |
PEG_TRACE_STRING(TRC_SSL, Tracer::LEVEL4, |
PEG_TRACE_CSTRING(TRC_SSL, Tracer::LEVEL4, |
"---> ATTLS Securtiy Type is valid but no SAFCHK."); |
"---> ATTLS Security Type is valid but no SAFCHK."); |
PEG_METHOD_EXIT(); | PEG_METHOD_EXIT(); |
return 1; | return 1; |
} | } |
|
|
_username[ioc.TTLSi_UserID_Len]=0; // null terminated string | _username[ioc.TTLSi_UserID_Len]=0; // null terminated string |
__etoa(_username); // the user name is in EBCDIC ! | __etoa(_username); // the user name is in EBCDIC ! |
PEG_TRACE((TRC_SSL, Tracer::LEVEL2, | PEG_TRACE((TRC_SSL, Tracer::LEVEL2, |
"---> ATTLS Securtiy Type is SAFCHK. Resolved user ID \'%s\'", |
"---> ATTLS Security Type is SAFCHK. Resolved user ID \'%s\'", |
_username)); | _username)); |
|
|
|
// Check if the user is authorized to CIMSERV |
|
#ifdef PEGASUS_ZOS_SECURITY |
|
if ( !CheckProfileCIMSERVclassWBEM(_username, __READ_RESOURCE) ) |
|
{ |
|
Logger::put_l(Logger::STANDARD_LOG, ZOS_SECURITY_NAME, |
|
Logger::WARNING, |
|
"Pegasus.Common.SocketzOS_inline.NOREAD_CIMSERV_ACCESS", |
|
"Request UserID $0 doesn't have READ permission" |
|
" to profile CIMSERV CL(WBEM).", |
|
_username); |
|
return -1; |
|
} |
|
#endif |
PEG_METHOD_EXIT(); | PEG_METHOD_EXIT(); |
return 1; | return 1; |
| |
} | } |
} // end switch(ioc.TTLSi_Sec_Type) | } // end switch(ioc.TTLSi_Sec_Type) |
// This should never be reached | // This should never be reached |
PEG_TRACE_STRING(TRC_SSL, Tracer::LEVEL4, |
PEG_TRACE_CSTRING(TRC_SSL, Tracer::LEVEL4, |
"---> Never reach this! New/wrong return value of ioctl()."); | "---> Never reach this! New/wrong return value of ioctl()."); |
PEG_METHOD_EXIT(); | PEG_METHOD_EXIT(); |
return -1; | return -1; |