(file) Return to SocketzOS_inline.h CVS log (file) (dir) Up to [Pegasus] / pegasus / src / Pegasus / Common

Diff for /pegasus/src/Pegasus/Common/SocketzOS_inline.h between version 1.3 and 1.9

version 1.3, 2004/10/17 20:39:17 version 1.9, 2006/08/15 08:01:57
Line 1 
Line 1 
 //%2004////////////////////////////////////////////////////////////////////////  //%2006////////////////////////////////////////////////////////////////////////
 // //
 // Copyright (c) 2000, 2001, 2002 BMC Software; Hewlett-Packard Development // Copyright (c) 2000, 2001, 2002 BMC Software; Hewlett-Packard Development
 // Company, L.P.; IBM Corp.; The Open Group; Tivoli Systems. // Company, L.P.; IBM Corp.; The Open Group; Tivoli Systems.
Line 6 
Line 6 
 // IBM Corp.; EMC Corporation, The Open Group. // IBM Corp.; EMC Corporation, The Open Group.
 // Copyright (c) 2004 BMC Software; Hewlett-Packard Development Company, L.P.; // Copyright (c) 2004 BMC Software; Hewlett-Packard Development Company, L.P.;
 // IBM Corp.; EMC Corporation; VERITAS Software Corporation; The Open Group. // IBM Corp.; EMC Corporation; VERITAS Software Corporation; The Open Group.
   // Copyright (c) 2005 Hewlett-Packard Development Company, L.P.; IBM Corp.;
   // EMC Corporation; VERITAS Software Corporation; The Open Group.
   // Copyright (c) 2006 Hewlett-Packard Development Company, L.P.; IBM Corp.;
   // EMC Corporation; Symantec Corporation; The Open Group.
 // //
 // Permission is hereby granted, free of charge, to any person obtaining a copy // Permission is hereby granted, free of charge, to any person obtaining a copy
 // of this software and associated documentation files (the "Software"), to // of this software and associated documentation files (the "Software"), to
Line 23 
Line 27 
 // ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION // ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
 // WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. // WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
 // //
 //==============================================================================  
 //  
 // Author: Marek Szermutzky (MSzermutzky@de.ibm.com)  
 //  
 // Modified By:  
 //  
 //%///////////////////////////////////////////////////////////////////////////// //%/////////////////////////////////////////////////////////////////////////////
 #ifndef SocketzOS_inline_h #ifndef SocketzOS_inline_h
 #define SocketzOS_inline_h #define SocketzOS_inline_h
  
 // this inline method is needed as zOS does not support an ASCII enabled version  #include <Pegasus/Common/Logger.h>
 // of inet_addr() at the current time (16th Sep. 2003)  #include <sys/ioctl.h>
 inline in_addr_t inet_addr_ebcdic(char * ip_inptr)  #include <net/rtrouteh.h>
 {  #include <net/if.h>
     int array_size = 0;  #include "//'SYS1.SEZANMAC(EZBZTLSC)'"
     in_addr_t return_addr;  
     while (ip_inptr[array_size] != 0) array_size++;  
     char * ip_ptr2 = (char *)malloc(array_size);  PEGASUS_NAMESPACE_BEGIN
     memcpy(ip_ptr2,ip_inptr,array_size);  
     __atoe_l(ip_ptr2,array_size);  
     return_addr = inet_addr(ip_ptr2);  MP_Socket::MP_Socket(SocketHandle socket)
     free(ip_ptr2);   : _socket(socket), _isSecure(false),
     return return_addr;     _userAuthenticated(false)
   {
     _username[0]=0;
   }
   
   MP_Socket::MP_Socket(
       SocketHandle socket,
       SSLContext * sslcontext,
       ReadWriteSem * sslContextObjectLock,
       Boolean exportConnection)
       : _socket(socket),
         _userAuthenticated(false)
   {
       PEG_METHOD_ENTER(TRC_SSL, "MP_Socket::MP_Socket()");
       _username[0]=0;
       if (sslcontext != NULL)
       {
           _isSecure = true;
       }
       else
       {
           _isSecure = false;
       }
       PEG_METHOD_EXIT();
   }
   
   int MP_Socket::ATTLS_zOS_query()
   {
      struct TTLS_IOCTL ioc;                     // ioctl data structure
      int rcIoctl;
      int errnoIoctl;
      int errno2Ioctl;
   
      PEG_METHOD_ENTER(TRC_SSL, "ATTLS_zOS_query()");
   
      memset(&ioc,0,sizeof(ioc));                // clean the structure
      ioc.TTLSi_Ver = TTLS_VERSION1;             // set used version of structure
      ioc.TTLSi_Req_Type = TTLS_QUERY_ONLY;      // initialize for query only
      ioc.TTLSi_BufferPtr = NULL;                // no buffer for the certificate
      ioc.TTLSi_BufferLen = 0;                   // will not use it
   
      rcIoctl = ioctl(_socket,SIOCTTLSCTL,(char *)&ioc);
      errnoIoctl = errno;
      errno2Ioctl =__errno2();
   
      if(rcIoctl < 0)
      {
         switch(errnoIoctl)
         {
             case(EINPROGRESS):
             case(EWOULDBLOCK):
             {
                 PEG_TRACE_STRING(TRC_SSL, Tracer::LEVEL4, "---> Accept pending (EWB).");
                 return 0; // accept pending
             }
             case(ECONNRESET):
             {
                 Logger::put_l(Logger::ERROR_LOG, System::CIMSERVER, Logger::SEVERE,
                        "Pegasus.Common.SocketzOS_inline.CONNECTION_RESET_ERROR",
                        "ATTLS reset the connection due to handshake failure. \
                               Connection closed.");
                 PEG_METHOD_EXIT();
                 return -1;
             }
             default:
             {
                 char str_errno2[10];
                 sprintf(str_errno2,"%08X",errno2Ioctl);
                 Logger::put_l(Logger::ERROR_LOG, System::CIMSERVER, Logger::SEVERE,
                        "Pegasus.Common.SocketzOS_inline.UNEXPECTED_ERROR",
                        "An unexpected error occurs: $0 ( errno $1, reason code 0x$2 ). \
                               Connection closed."
                               ,strerror(errnoIoctl),errnoIoctl,str_errno2);
                 PEG_METHOD_EXIT();
                 return -1;
   
 } }
         } // end switch(errnoIoctl)
      } // -1 ioctl()
   
      // this should be a secured connection so
      // check the configuration of ATTLS policy.
      switch(ioc.TTLSi_Stat_Policy)
      {
          case(TTLS_POL_OFF):
          case(TTLS_POL_NO_POLICY):
          case(TTLS_POL_NOT_ENABLED):
          {
              Logger::put_l(Logger::ERROR_LOG, System::CIMSERVER, Logger::SEVERE,
                     "Pegasus.Common.SocketzOS_inline.POLICY_NOT_ENABLED",
                     "ATTLS policy is not aktive for the CIM Server HTTPS port. \
                            Communication not secured. Connection closed.");
              PEG_METHOD_EXIT();
              return -1;
          }
          case(TTLS_POL_ENABLED):
          {
              break;  // a policy exists so it is ensured that a secured connectio will be established
          }
          case(TTLS_POL_APPLCNTRL):
          {
              Logger::put_l(Logger::ERROR_LOG, System::CIMSERVER, Logger::SEVERE,
                     "Pegasus.Common.SocketzOS_inline.APPLCNTRL",
                     "ATTLS policy not valid for CIM Server. \
                            Set ApplicationControlled to OFF. Connection closed.");
              PEG_METHOD_EXIT();
              return -1;
   
          }
   
      } // end switch(ioc.TTLSi_Stat_Policy)
   
      // check status of connection, configuration is ok for the CIM Server
      switch(ioc.TTLSi_Stat_Conn)
      {
          case(TTLS_CONN_NOTSECURE):
          case(TTLS_CONN_HS_INPROGRESS):
          {
              // the SSL handshake has not been finished yet, try late again.
              PEG_TRACE_STRING(TRC_SSL, Tracer::LEVEL4, "---> Accept pending.");
              return 0;
          }
          case(TTLS_CONN_SECURE):
          {
              break; // the connection is secure
          }
   
   
      } // end switch(ioc.TTLSi_Stat_Conn)
   
      //
      switch(ioc.TTLSi_Sec_Type)
      {
          case(TTLS_SEC_UNKNOWN):
          case(TTLS_SEC_CLIENT):
          {
              Logger::put_l(Logger::ERROR_LOG, System::CIMSERVER, Logger::SEVERE,
                     "Pegasus.Common.SocketzOS_inline.WRONG_ROLE",
                     "ATTLS policy specifies the wrong HandshakeRole for the CIM Server HTTPS port. \
                            Communication not secured. Connection closed.");
              PEG_METHOD_EXIT();
              return -1;
   
          }
   
          case(TTLS_SEC_SERVER):
          case(TTLS_SEC_SRV_CA_PASS):
          case(TTLS_SEC_SRV_CA_FULL):
          case(TTLS_SEC_SRV_CA_REQD):
          {
              PEG_TRACE_STRING(TRC_SSL, Tracer::LEVEL4,
                               "---> ATTLS Securtiy Type is valid but no SAFCHK.");
              PEG_METHOD_EXIT();
              return 1;
          }
   
          case(TTLS_SEC_SRV_CA_SAFCHK):
          {
              _userAuthenticated=true;
              memcpy(_username,ioc.TTLSi_UserID,ioc.TTLSi_UserID_Len);
              _username[ioc.TTLSi_UserID_Len]=0;      // null terminated string
              __etoa(_username);                        // the user name is in EBCDIC !
              PEG_TRACE((TRC_SSL, Tracer::LEVEL2,
                       "---> ATTLS Securtiy Type is SAFCHK. Resolved user ID \'%s\'",_username));
              PEG_METHOD_EXIT();
              return 1;
   
          }
      } // end switch(ioc.TTLSi_Sec_Type)
      // This should never be reached
      PEG_TRACE_STRING(TRC_SSL, Tracer::LEVEL4,
                       "---> Never reach this! New/wrong return value of ioctl().");
      PEG_METHOD_EXIT();
      return -1;
   } // end ATTLS_zOS_Query
   
   
   PEGASUS_NAMESPACE_END
 #endif #endif
  

Legend:
Removed from v.1.3  
changed lines
  Added in v.1.9
No CVS admin address has been configured
 Powered by
ViewCVS 0.9.2