[Pvfs2-cvs] commit by nlmills in pvfs2/src/common/security: pint-security.c

CVS commit program cvs at parl.clemson.edu
Wed May 21 11:53:40 EDT 2008


Update of /anoncvs/pvfs2/src/common/security
In directory parlweb1:/tmp/cvs-serv28390/src/common/security

Modified Files:
      Tag: cu-security-branch
	pint-security.c 
Log Message:
added timeout checks to sign and verify


Index: pint-security.c
===================================================================
RCS file: /anoncvs/pvfs2/src/common/security/Attic/pint-security.c,v
diff -p -u -r1.1.2.16 -r1.1.2.17
--- pint-security.c	20 May 2008 20:40:10 -0000	1.1.2.16
+++ pint-security.c	21 May 2008 15:53:40 -0000	1.1.2.17
@@ -24,6 +24,7 @@
 #include "gen-locks.h"
 #include "server-config.h"
 #include "pint-cached-config.h"
+#include "pint-util.h"
 
 #include "pint-security.h"
 #include "security-hash.h"
@@ -32,6 +33,7 @@
 /* TODO: move to global configuration */
 #define SECURITY_DEFAULT_KEYSTORE "/tmp/keystore"
 #define SECURITY_DEFAULT_PRIVKEYFILE  "/tmp/privkey.pem"
+#define SECURITY_DEFAULT_TIMEOUT 0
 
 
 /* the private key used for signing */
@@ -137,6 +139,9 @@ int PINT_sign_capability(PVFS_capability
 
     assert(security_privkey);
 
+    cap->timeout = PINT_util_get_current_time();
+    cap->timeout += SECURITY_DEFAULT_TIMEOUT;
+
     EVP_MD_CTX_init(&mdctx);
 
     ret = EVP_SignInit_ex(&mdctx, EVP_sha1(), NULL);
@@ -173,7 +178,7 @@ int PINT_sign_capability(PVFS_capability
         return -1;
     }
 
-    EVP_MD_CTX_cleanup(&mdctx);        
+    EVP_MD_CTX_cleanup(&mdctx);
 
     return 0;
 }
@@ -193,6 +198,11 @@ int PINT_verify_capability(PVFS_capabili
     int ret;
     char *buf;
     EVP_PKEY *pubkey;
+
+    if (PINT_util_get_current_time() > data->timeout)
+    {
+        return 0;
+    }
     
     buf = (char *)malloc(sizeof(char) * 1024);
     



More information about the Pvfs2-cvs mailing list