[Pvfs2-cvs] commit by nlmills in pvfs2/src/common/security:
pint-security.c pint-security.h rsa_security.h
CVS commit program
cvs at parl.clemson.edu
Wed May 14 17:40:40 EDT 2008
Update of /anoncvs/pvfs2/src/common/security
In directory parlweb1:/tmp/cvs-serv10794/src/common/security
Modified Files:
Tag: cu-security-branch
pint-security.c pint-security.h rsa_security.h
Log Message:
security initialize and finalize
Index: pint-security.c
===================================================================
RCS file: /anoncvs/pvfs2/src/common/security/Attic/pint-security.c,v
diff -p -u -r1.1.2.1 -r1.1.2.2
--- pint-security.c 12 May 2008 15:57:35 -0000 1.1.2.1
+++ pint-security.c 14 May 2008 21:40:40 -0000 1.1.2.2
@@ -7,14 +7,133 @@
#include <stdlib.h>
#include <stdio.h>
#include <string.h>
+#include <ctype.h>
#include <assert.h>
+#include <openssl/err.h>
+#include <openssl/evp.h>
+#include <openssl/pem.h>
+
#include "pvfs2.h"
#include "pint-eattr.h"
#include "pvfs2-req-proto.h"
#include "pvfs2-internal.h"
+#include "gossip.h"
+#include "gen-locks.h"
+#include "pint-security.h"
+
+
+/* TODO: move to global configuration */
+#define SECURITY_DEFAULT_KEYSTORE "/tmp/keystore"
+
+
+static gen_mutex_t security_init_mutex = GEN_MUTEX_INITIALIZER;
+static int security_init_status = 0;
+
+static gen_mutex_t pubkey_mutex = GEN_MUTEX_INITIALIZER;
+
+
+static int load_public_keys(char*);
+
+
+int PINT_security_initialize(void)
+{
+ gen_mutex_lock(&security_init_mutex);
+ if (security_init_status)
+ {
+ gen_mutex_unlock(&security_init_mutex);
+ return -1;
+ }
+
+ ERR_load_crypto_strings();
+ OpenSSL_add_all_algorithms();
+
+ /* TODO: return value */
+ load_public_keys(SECURITY_DEFAULT_KEYSTORE);
+
+ security_init_status = 1;
+ gen_mutex_unlock(&security_init_mutex);
+
+ return 1;
+}
+
+int PINT_security_finalize(void)
+{
+ gen_mutex_lock(&security_init_mutex);
+ if (!security_init_status)
+ {
+ gen_mutex_unlock(&security_init_mutex);
+ return -1;
+ }
+
+ EVP_cleanup();
+ ERR_free_strings();
+
+ security_init_status = 0;
+ gen_mutex_unlock(&security_init_mutex);
+
+ return 1;
+}
+
+static int load_public_keys(char *path)
+{
+ FILE *keyfile;
+ int ch, ptr;
+ static char buf[1024];
+ EVP_PKEY *key;
+
+ keyfile = fopen(path, "r");
+ if (keyfile == NULL)
+ {
+ return -1;
+ }
+
+ while (!feof(keyfile))
+ {
+ do
+ {
+ ch = fgetc(keyfile);
+ } while(isspace(ch));
+
+ if ((ch == EOF) || !isalnum(ch))
+ {
+ fclose(keyfile);
+ return -1;
+ }
+
+ for (ptr = 0; (ptr < 1023) && isalnum(ch); ptr++)
+ {
+ buf[ptr] = (char)ch;
+ ch = fgetc(keyfile);
+ if (ch == EOF)
+ {
+ fclose(keyfile);
+ return -1;
+ }
+ }
+ buf[ptr] = '\0';
+
+ do
+ {
+ ch = fgetc(keyfile);
+ } while(isspace(ch));
+
+ ungetc(ch, keyfile);
+
+ key = PEM_read_PUBKEY(keyfile, NULL, NULL, NULL);
+ if (key == NULL)
+ {
+ fclose(keyfile);
+ return -1;
+ }
+
+ /* lookup */
+ /* add to hash */
+ }
+ return 0;
+}
/*
* Local variables:
@@ -23,4 +142,4 @@
* End:
*
* vim: ts=8 sts=4 sw=4 expandtab
- */
\ No newline at end of file
+ */
Index: pint-security.h
===================================================================
RCS file: /anoncvs/pvfs2/src/common/security/Attic/pint-security.h,v
diff -p -u -r1.1.2.2 -r1.1.2.3
--- pint-security.h 14 May 2008 15:16:07 -0000 1.1.2.2
+++ pint-security.h 14 May 2008 21:40:40 -0000 1.1.2.3
@@ -16,38 +16,38 @@
typedef struct PVFS_capability PVFS_capability;
struct PVFS_capability {
- PVFS_sig signature;
+ PVFS_handle owner;
+ PVFS_sig signature;
PVFS_time timeout; /* seconds after epoch to time out */
uint32_t op_mask;
uint32_t num_handles;
PVFS_handle *handle_array;
};
-endecode_fields_3a (
+/*endecode_fields_3a (
PVFS_capability,
PVFS_sig, signature,
PVFS_time, timeout,
uint32_t, op_mask,
uint32_t, num_handles,
- PVFS_handle, handle_array)
+ PVFS_handle, handle_array)*/
-typedef struct PVFS_credentials PVFS_credentials;
+/*typedef struct PVFS_credentials PVFS_credentials;
struct PVFS_credentials {
PVFS_sig signature;
- PVFS_time timeout; /* seconds after epoch to time out */
+ PVFS_time timeout;
PVFS_uid userid;
uint32_t num_groups;
PVFS_gid *group_array;
-};
+};*/
-endecode_fields_3a (
+/*endecode_fields_3a (
PVFS_credentials,
PVFS_sig, signature,
PVFS_time, timeout,
PVFS_uid, userid,
uint32_t, num_groups,
- PVFS_gid, group_array,
-};
+ PVFS_gid, group_array)*/
/* top-level security functions */
Index: rsa_security.h
===================================================================
RCS file: /anoncvs/pvfs2/src/common/security/Attic/rsa_security.h,v
diff -p -u -r1.1.2.1 -r1.1.2.2
--- rsa_security.h 21 Apr 2008 19:47:39 -0000 1.1.2.1
+++ rsa_security.h 14 May 2008 21:40:40 -0000 1.1.2.2
@@ -3,26 +3,27 @@
*
* See COPYING in top-level directory.
*/
-#ifndef PINT_SECURITY_H
-#define PINT_SECURITY_H
+#ifndef RSA_SECURITY_H
+#define RSA_SECURITY_H
+#include <string.h>
#include "pvfs2-types.h"
/* The PVFS_sig struct should be a multiple of 64 bits - 8 bytes) */
#define PVFS_RSA_SIG_SIZE 128
#define PVFS_MSG_DIG_SIZE 96
-typedef uchar PVFS_sig[PVFS_RSA_SIG_SIZE];
+typedef unsigned char PVFS_sig[PVFS_RSA_SIG_SIZE];
-#define encode_PVFS_sig (pptr,pbuf) do { \
+/*#define encode_PVFS_sig (pptr,pbuf) do { \
memcpy(*(pptr), *(pbuf), PVFS_RSA_SIG_SIZE);
- *(pptr) += PVFS_RSA_SIG_SIZE;
+ *(pptr) += PVFS_RSA_SIG_SIZE;
} while (0)
#define decode_PVFS_sig (pptr,pbuf) do { \
memcpy(*(pptr), *(pbuf), PVFS_RSA_SIG_SIZE);
- *(pptr) += PVFS_RSA_SIG_SIZE;
-} while (0)
+ *(pptr) += PVFS_RSA_SIG_SIZE;
+} while (0)*/
#endif
@@ -33,4 +34,4 @@ typedef uchar PVFS_sig[PVFS_RSA_SIG_SIZE
* End:
*
* vim: ts=8 sts=4 sw=4 expandtab
- */
\ No newline at end of file
+ */
More information about the Pvfs2-cvs
mailing list