libmyproxy-dev 6.1.16-1 / usr / include / globus / myproxy_protocol.h

This file is indexed.

/usr/include/globus/myproxy_protocol.h is in libmyproxy-dev 6.1.16-1.

This file is owned by root:root, with mode 0o644.

The actual contents of the file can be viewed below. 

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
/*
 *
 * MyProxy protocol API
 *
 */
#ifndef __MYPROXY_PROTOCOL_H
#define __MYPROXY_PROTOCOL_H

/* Protocol commands */
typedef enum
{
    MYPROXY_GET_PROXY,
    MYPROXY_PUT_PROXY,
    MYPROXY_INFO_PROXY,
    MYPROXY_DESTROY_PROXY,
    MYPROXY_CHANGE_CRED_PASSPHRASE,
    MYPROXY_STORE_CERT,
    MYPROXY_RETRIEVE_CERT,
    MYPROXY_GET_TRUSTROOTS
} myproxy_proto_request_type_t;

/* server response codes */
typedef enum
{
    MYPROXY_OK_RESPONSE,
    MYPROXY_ERROR_RESPONSE,
    MYPROXY_AUTHORIZATION_RESPONSE
} myproxy_proto_response_type_t;

/* client/server socket attributes */
typedef struct myproxy_socket_attrs_s
{
  char *pshost;	
  int psport;
  int socket_fd;
  struct _gsi_socket *gsi_socket; 
} myproxy_socket_attrs_t;

/* A client request object */
#define REGULAR_EXP 1
#define MATCH_CN_ONLY 0

typedef struct
{
    char                         *version;
    char                         *username;
    char                         passphrase[MAX_PASS_LEN+1];
    char                         new_passphrase[MAX_PASS_LEN+1];
    myproxy_proto_request_type_t command_type;
    int                          proxy_lifetime;
    char                         *retrievers;
    char                         *renewers;
    char			 *credname;
    char			 *creddesc;
    char			 *authzcreds;
    char 		         *keyretrieve;
    char                         *trusted_retrievers;
    int                          want_trusted_certs; /* 1=yes, 0=no */
    char                         *voname;
    char                         *vomses;
    char                         *certreq;
} myproxy_request_t;

/* A server response object */
typedef struct
{
  char                          *version;
  myproxy_proto_response_type_t response_type;
  authorization_data_t		**authorization_data;
  char				*error_string;
  myproxy_creds_t		*info_creds;
  myproxy_certs_t               *trusted_certs;
} myproxy_response_t;

  
/*
 * myproxy_init_client()
 *
 * Create a generic client by creating a GSI socket and connecting to a a host 
 *
 * returns the file descriptor of the connected socket or
 *   -1 if an error occurred
 */
int myproxy_init_client(myproxy_socket_attrs_t *attrs);

/*
 * myproxy_authenticate_init()
 * 
 * Perform client-side authentication
 *
 * returns -1 if unable to authenticate, 0 if authentication successful
 */ 
int myproxy_authenticate_init(myproxy_socket_attrs_t *attr,
			      const char *proxyfile);

/*
 * myproxy_authenticate_accept()
 * 
 * Perform server-side authentication and retrieve the client's DN
 *
 * returns -1 if unable to authenticate, 0 if authentication successful
 */ 
int myproxy_authenticate_accept(myproxy_socket_attrs_t *attr, 
                                char *client_name, const int namelen);

/*
 * myproxy_authenticate_accept_fqans()
 *
 * The same as myproxy_authenticate_accept() but also returns a list of FQANs
 * if suggested by the peer.
 *
 */
int myproxy_authenticate_accept_fqans(myproxy_socket_attrs_t *attr,
                                      char *client_name, const int namelen,
				      char ***fqans); 

/*
 * myproxy_serialize_request()
 * 
 * Serialize a request object into a buffer to be sent over the network.
 * Use myproxy_serialize_request_ex() instead.
 *
 * Returns the serialized data length or -1 on error.
 */
int myproxy_serialize_request(const myproxy_request_t *request, 
			      char *data, const int datalen);

/*
 * myproxy_serialize_request_ex()
 * 
 * Serialize a request object into a newly allocated buffer of correct size.
 * The caller should free() the buffer after use.
 *
 * Returns the serialized data length or -1 on error.
 */
int myproxy_serialize_request_ex(const myproxy_request_t *request, 
				 char **data);


/*
 * myproxy_deserialize_request()
 * 
 * Deserialize a buffer into a request object.
 *
 * returns 0 if succesful, otherwise -1
 */
int myproxy_deserialize_request(const char *data, const int datalen, 
				myproxy_request_t *request);

/*
 * myproxy_serialize_response()
 * 
 * Serialize a response object into a buffer to be sent over the network.
 * Use myproxy_serialize_response_ex() instead.
 *
 * returns the number of characters put into the buffer 
 * (not including the trailing NULL)
 */
int
myproxy_serialize_response(const myproxy_response_t *response, 
                           char *data, const int datalen); 

/*
 * myproxy_serialize_response_ex()
 * 
 * Serialize a response object into a newly allocated buffer of correct size.
 * The caller should free() the buffer after use.
 *
 * returns the number of characters put into the buffer 
 * (not including the trailing NULL)
 */
int
myproxy_serialize_response_ex(const myproxy_response_t *response, 
			      char **data); 

/*
 * myproxy_deserialize_response()
 *
 * Serialize a a buffer into a response object.
 *
 * returns the number of characters put into the buffer 
 * (not including the trailing NULL)
 */
int myproxy_deserialize_response(myproxy_response_t *response, 
				 const char *data, const int datalen);

/*
 * myproxy_send()
 * 
 * Sends a buffer
 *
 * returns 0 on success, -1 on error
 */
int myproxy_send(myproxy_socket_attrs_t *attrs,
                 const char *data, const int datalen);

/*
 * myproxy_recv()
 *
 * Receives a message into the buffer.
 * Use myproxy_recv_ex() instead.
 *
 * returns bytes read on success, -1 on error, -2 on truncated response
 * 
 */
int myproxy_recv(myproxy_socket_attrs_t *attrs,
		 char *data, const int datalen);

/*
 * myproxy_recv_ex()
 *
 * Receives a message into a newly allocated buffer of correct size.
 * The caller must deallocate the buffer.
 *
 * returns bytes read on success, -1 on error
 * 
 */
int myproxy_recv_ex(myproxy_socket_attrs_t *attrs, char **data);

/*
 * myproxy_init_delegation()
 *
 * Delegates a proxy based on the credentials found in file 
 * location delegfile good for lifetime_seconds
 *
 * returns 0 on success, -1 on error 
 */
int myproxy_init_delegation(myproxy_socket_attrs_t *attrs,
			    const char *delegfile,
			    const int lifetime_seconds,
			    char *passphrase);

/*
 * myproxy_accept_delegation()
 *
 * Accepts delegated credentials into a file, and sets
 * path in provided buffer.
 *
 * returns 0 on success, -1 on error 
 */
int myproxy_accept_delegation(myproxy_socket_attrs_t *attrs, char *delegfile,
			      const int delegfile_len, char *passphrase);

/*
 * myproxy_accept_delegation_ex()
 *
 * Accepts delegated credentials into a newly allocated buffer.
 * The caller must deallocate the buffer.
 * Private key is encrypted with passphrase, if provided (may be NULL).
 *
 * returns 0 on success, -1 on error 
 */
int myproxy_accept_delegation_ex(myproxy_socket_attrs_t *attrs,
				 char **credentials,
				 int *credential_len, char *passphrase);

/*
 * myproxy_request_cert()
 *
 * An alternative to myproxy_accept_delegation_ex() that takes the
 * location of a file containing a PEM-formatted certificate request
 * (certreq) as input.
 * Accepts delegated credentials into a newly allocated buffer.
 * The caller must deallocate the buffer.
 *
 * return 0 on success, -1 on error
 */
int
myproxy_request_cert(myproxy_socket_attrs_t *attrs, char *certreq,
                     char **credentials, int *credential_len);

/*
 * myproxy_accept_credentials()
 *
 * Accepts credentials into file location data
 *
 * returns 0 on success, -1 on error
 */
int
myproxy_accept_credentials(myproxy_socket_attrs_t *attrs,
                           char                   *delegfile,
                           int                     delegfile_len);

/*
 * myproxy_init_credentials()
 *
 * returns 0 on success, -1 on error 
 */
int
myproxy_init_credentials(myproxy_socket_attrs_t *attrs,
                         const char             *delegfile);

int
myproxy_get_credentials(myproxy_socket_attrs_t *attrs,
                         const char             *delegfile);

/*
 * myproxy_free()
 * 
 * Frees up memory used for creating request, response and socket objects 
 */
void myproxy_free(myproxy_socket_attrs_t *attrs, myproxy_request_t *request,
		  myproxy_response_t *response);

/*
 * myproxy_recv_response()
 *
 * Helper function that combines myproxy_recv() and
 * myproxy_deserialize_response() with some error checking.
 *
 */
int myproxy_recv_response(myproxy_socket_attrs_t *attrs,
			  myproxy_response_t *response); 

/*
 * myproxy_handle_response()
 *
 * Helper function that combines 
 * myproxy_deserialize_response() with some error checking.
 *
 */
int myproxy_handle_response(const char *response_buffer,
                            int responselen,
                            myproxy_response_t *response); 

/*
 * myproxy_recv_response_ex()
 *
 * Helper function that combines myproxy_recv(),
 * myproxy_deserialize_response(), and myproxy_handle_authorization()
 * with some error checking.
 *
 */
int myproxy_recv_response_ex(myproxy_socket_attrs_t *attrs,
			     myproxy_response_t *response,
			     myproxy_request_t *client_request);

/*
 * myproxy_handle_authorization()
 *
 * If MYPROXY_AUTHORIZATION_RESPONSE is received, pass it to this
 * function to be processed.
 *
 */
int myproxy_handle_authorization(myproxy_socket_attrs_t *attrs,
				 myproxy_response_t *server_response,
				 myproxy_request_t *client_request);

/*
 * myproxy_bootstrap_trust()
 *
 * Get server's CA certificate(s) via the SSL handshake and install
 * them in the trusted certificates directory.
 * 
 */
int myproxy_bootstrap_trust(myproxy_socket_attrs_t *attrs);

/*
 * myproxy_bootstrap_client()
 *
 * Connect to server and authenticate.
 * Bootstrap trust roots as needed/requested.
 * Allows anonymous authentication.
 * Called by myproxy-logon and myproxy-get-trustroots.
 *
 */
int myproxy_bootstrap_client(myproxy_socket_attrs_t *attrs,
                             int bootstrap_if_no_cert_dir,
                             int bootstrap_even_if_cert_dir_exists);

/*
 * myproxy_request_add_voname()
 *
 * Adds VONAME parameter to client request.
 * returns 0 if succesful, otherwise -1
 *
 */
int myproxy_request_add_voname(myproxy_request_t *client_request, 
                               const char *voname);

/*
 * myproxy_request_add_vomses()
 *
 * Adds VOMSES parameter to client request.
 * returns 0 if succesful, otherwise -1
 *
 */
int myproxy_request_add_vomses(myproxy_request_t *client_request, 
                               const char *vomses);

#endif /* __MYPROXY_PROTOCOL_H */

APT Browse - Built by Thomas Orozco.