Google Git
Sign in
eclipse / ptp / org.eclipse.ptp / refs/tags/PTP_9_0_1 / . / tools / sci / org.eclipse.ptp.sci / secmod / psec.c
blob: 3c57f6dc68712564d9be960d0a64865e8ca58b60 [file] [log] [blame]
#ifndef _PRAGMA_COPYRIGHT_
#define _PRAGMA_COPYRIGHT_
#pragma comment(copyright, "%Z% %I% %W% %D% %T%\0")
#endif /* _PRAGMA_COPYRIGHT_ */
/****************************************************************************
* Copyright (c) 2008, 2010 IBM Corporation.
* All rights reserved. This program and the accompanying materials
* are made available under the terms of the Eclipse Public License v1.0s
* which accompanies this distribution, and is available at
* http://www.eclipse.org/legal/epl-v10.html
Description: psec functions from poe
Author: Serban Maerean
History:
Date Who ID Description
-------- --- --- -----------
10/06/08 serban Initial code (D153875)
****************************************************************************/
#include <pthread.h>
#include <stdlib.h>
#include <stdio.h>
#include <errno.h>
#include <string.h>
#include <dlfcn.h>
#include <fcntl.h>
#include <sys/stat.h>
#include "psec.h"
#include "psec_lib.h"
#include "psec_mod.h"
char *_psec_rtne_list[PSM_SYMTBLE_SIZE] = {
#define PSM__INIT 0
"psm__init",
#define PSM__CLEANUP 1
"psm__cleanup",
#define PSM__GET_ID_TOKEN 2
"psm__get_id_token",
#define PSM__VERIFY_ID_TOKEN 3
"psm__verify_id_token",
#define PSM__GET_ID_FROM_TOKEN 4
"psm__get_id_from_token",
#define PSM__FREE_ID_TOKEN 5
"psm__free_id_token",
#define PSM__GET_KEY_FROM_TOKEN 6
"psm__get_key_from_token",
#define PSM__SIGN_DATA 7
"psm__sign_data",
#define PSM__VERIFY_DATA 8
"psm__verify_data",
#define PSM__FREE_SIGNATURE 9
"psm__free_signature"};
_psec_state_desc _PSEC_STATE = {0, PTHREAD_MUTEX_INITIALIZER, 0, NULL, NULL};
int
_psec_load_auth_module(
_psec_module_t psmp)
{
int rc = 0;
do {
if (!psmp) {
// printf("Error [%s:d]: internal error: invalid auth module_pinter\n", __FILE__, __LINE__);
rc = PSEC_MODULE_PTR_ERR; break;
}
pthread_mutex_lock(&psmp->psm_mutex);
pthread_cleanup_push((void(*)(void *))pthread_mutex_unlock, (void *)&psmp->psm_mutex);
do {
if (PSM_STATE_INITED&psmp->psm_stindex) break; // already init'ed
do {
if (PSM_STATE_LOADED&psmp->psm_stindex) break; // already loaded
if (!psmp->psm_fpath) {
// printf("Error [%s:%d]: internal error: invalid module file path (%s)\n", __FILE__, __LINE__, psmp->psm_fpath);
rc = PSEC_MODULE_PATH_ERR; break;
}
if (!(psmp->psm_object = dlopen(psmp->psm_fpath, RTLD_NOW))) {
// char *errmsg = dlerror();
// printf("Error [%s:%d]: dlopen() failed: %s\n", __FILE__, __LINE__, errmsg?errmsg:"<no error message>");
rc = PSEC_DLOPEN_ERR; break;
}
do {
// resolve all the symbols
int i; for (i=0; i<PSM_SYMTBLE_SIZE; i++) {
if (!(psmp->psm_symtble[i] = dlsym(psmp->psm_object, _psec_rtne_list[i]))) {
// char *errmsg = dlerror();
// printf("Error [%s:%d]: dlsym() failed: %s\n", __FILE__, __LINE__, errmsg?errmsg:"<no error message>");
if (i<6) rc = PSEC_DLSYM_ERR+i;
break;
}
}
if (rc) {
memset(psmp->psm_symtble, 0, sizeof(psmp->psm_symtble));
break;
}
} while (0);
if (rc) {
dlclose(psmp->psm_object); psmp->psm_object = NULL;
break;
}
psmp->psm_stindex |= PSM_STATE_LOADED;
} while (0);
if (rc) break;
pthread_cleanup_push((void (*)(void *))(psmp->psm_symtble[PSM__CLEANUP]), NULL);
do {
// call the module's initialization routine
if (rc = ((int(*)())psmp->psm_symtble[PSM__INIT])(psmp->psm_opts)) {
((void (*)())psmp->psm_symtble[PSM__CLEANUP])();
// printf("Error [%s:%d]: init failed w/rc = %d for module %s\n", __FILE__, __LINE__, rc, psmp->psm_fpath);
rc = PSEC_MODULE_INIT_ERR; break;
}
psmp->psm_stindex |= PSM_STATE_INITED;
} while (0);
pthread_cleanup_pop(0);
} while (0);
pthread_cleanup_pop(1);
} while (0);
return rc;
}
int
psec_set_auth_module(
char *name,
char *fpath,
char *opts,
unsigned int *mdlhndl)
{
int rc = 0, tmdlhndl;
do {
// check arguments
if (!fpath) { rc = PSEC_ARGS_ERR; break; }
if ('/'!=fpath[0]) { rc = PSEC_MODULE_PATH_ERR; break; }
{
struct stat amsbuf = {0};
if (0>stat(fpath, &amsbuf)) {
// printf("Error [%s:%d]: stat() failed w/errno = %d for %s\n", __FILE__, __LINE__, errno, fpath);
rc = PSEC_MODULE_FILE_ERR; break;
}
if (!S_ISREG(amsbuf.st_mode)) { rc = PSEC_MODULE_IREG_ERR; break; }
if (0==amsbuf.st_size) { rc = PSEC_MODULE_SIZE_ERR; break; }
}
{ // get the mutex lock and load the authentication module
_psec_module_t psmp = NULL;
pthread_mutex_lock(&_PSEC_STATE.pss_mutex);
pthread_cleanup_push((void(*)(void *))pthread_mutex_unlock, &_PSEC_STATE.pss_mutex);
do {
// search for an existing entry
psmp = _PSEC_STATE.pss_modules;
while (psmp) {
if (!strcmp(psmp->psm_fpath, fpath)) break;
psmp = psmp->next;
}
if (psmp) break; // module data already allocated
// allocate memory for the module's internal data structure
psmp = malloc(sizeof(_psec_module_sec));
if (!psmp) {
// printf("Error [%s:%d]: malloc() failed w/errno = %d\n", __FILE__, __LINE__, errno);
rc = PSEC_MEMORY_ERR; break;
}
do {
memset(psmp, 0, sizeof(*psmp));
if (rc = pthread_mutex_init(&psmp->psm_mutex, NULL)) {
// printf("Error [%s:%d]: pthread_mutex_init() failed w/rc = %d\n", __FILE__, __LINE__, rc);
rc = PSEC_MUTEX_INIT_ERR; break;
}
do {
if (!(psmp->psm_fpath = strdup(fpath))) {
// printf("Error [%s:%d]: strdup() failed w/errno = %d\n", __FILE__, __LINE__, errno);
rc = PSEC_MEMORY2_ERR; break;
}
do {
if (name&&!(psmp->psm_name = strdup(name))) {
// printf("Error [%s:%d] strdup() failed w/errno = %d\n", __FILE__, __LINE__, errno);
rc = PSEC_MEMORY3_ERR; break;
}
do {
do { // translate options
// options are a list of comma separated characters (no spaces allowed);
// options can have values within square brackets, immediately
// following the character identifying the option.
// one important optiom is 'm' and it defines the options that the
// shared library will pass to the auth module's init function
// if there is no value to this option, the auth module's init function
// will get a NULL pointer
char *cp = opts;
if (!cp||('\0'==*cp)) break;
do {
switch (*cp) {
case 'm': case 'M':
if (psmp->psm_opts) {
// printf("Error [%s:%d]: module options can be specified only once\n", __FILE__, __LINE__);
rc = PSEC_MODULE_OPTS_ERR; break;
}
if (('\0'==*++cp)||('['!=*cp)) break; // no value
{ // find the end of module options string
char *endcp = cp++;
while (*++endcp) {
int noofbkslshs = 0;
if (!(endcp = strchr(endcp, ']'))) {
// printf("Error [%s:%d]: no closing bracket in module options\n", __FILE__, __LINE__);
rc = PSEC_MODULE_OPTS2_ERR; break;
}
{ // check whether quote is back-slashed
char *tcp = endcp;
while ('\\' == *--tcp) noofbkslshs++;
}
if (0==noofbkslshs%2) break; // non-back-slashed quote
}
if (0<endcp-cp) {
if (!(psmp->psm_opts = calloc(endcp-cp+1, sizeof(char)))) {
// printf("Error [%s:%d]: malloc() failed w/errno = %d\n", __FILE__, __LINE__, errno);
rc = PSEC_MEMORY4_ERR; break;
}
strncpy(psmp->psm_opts, cp, endcp-cp);
}
cp = endcp;
}
break;
default:
// ignore unknown options
break;
}
if (rc) break;
} while (*++cp);
} while (0);
if (rc) break;
{ // add the module's data structure to the list
_psec_module_t *tmdlslist = NULL;
if (!(tmdlslist = realloc(_PSEC_STATE.pss_mdlslist, (_PSEC_STATE.pss_modcnt+1)*sizeof(_psec_module_t)))) {
// printf("Error [%s:%d]: realloc() failed w/errno = %d\n", __FILE__, __LINE__, errno);
rc = PSEC_MEMORY5_ERR; break;
}
_PSEC_STATE.pss_mdlslist = tmdlslist;
}
_PSEC_STATE.pss_mdlslist[_PSEC_STATE.pss_modcnt++] = psmp;
psmp->psm_stindex = (0xffff&_PSEC_STATE.pss_modcnt)<<16;
__add_elem_to_dllist((__dlink_elem_t)psmp, (__dlink_elem_t *)&_PSEC_STATE.pss_modules);
} while (0);
if (rc&&psmp->psm_opts) free(psmp->psm_opts);
if (rc&&psmp->psm_name) free(psmp->psm_name);
} while (0);
if (rc) free(psmp->psm_fpath);
} while (0);
if (rc) pthread_mutex_destroy(&psmp->psm_mutex);
} while (0);
if (rc) free(psmp);
} while (0);
pthread_cleanup_pop(1);
if (rc) break;
tmdlhndl = (0xffff0000&psmp->psm_stindex)>>16;
if (!(PSM_STATE_INITED&psmp->psm_stindex)) {
if (rc = _psec_load_auth_module(psmp)) {
// printf("Error [%s:%d]: failed to load and init auth module (%s)\n", __FILE__, __LINE__, psmp->psm_fpath);
break;
}
}
}
*mdlhndl = tmdlhndl;
} while (0);
return rc;
}
int
psec_get_id_token(
unsigned int mdlhndl,
char *tname,
char *thost,
psec_idbuf_t idtok)
{
int rc = 0;
do {
// check arguments
if (!idtok) {
// printf("Error [%s:%d]: invalid id token argument\n", __FILE__, __LINE__);
rc = PSEC_ARGS_ERR; break;
}
// find the authentication module by handle
if ((1>mdlhndl)||(_PSEC_STATE.pss_modcnt<mdlhndl)) {
// printf("Error [%s:%d]: invalid module handle\n", __FILE__, __LINE__);
rc = PSEC_MODULE_HNDL_ERR; break;
}
{
_psec_module_t psmp = _PSEC_STATE.pss_mdlslist[mdlhndl-1];
if (!psmp||(mdlhndl!=((0xfff000&psmp->psm_stindex)>>16))) {
// this should not happen, something went very wrong
// printf("Error [%s:%d]: internal failure: no auth module\n", __FILE__, __LINE__);
rc = PSEC_MODULE_HNDL2_ERR; break;
}
// check the module's state
if (!(PSM_STATE_INITED&psmp->psm_stindex)) {
if (rc = _psec_load_auth_module(psmp)) {
// printf("Error [%s:%d]: failed to load and init auth module (%s)\n", __FILE__, __LINE__, psmp->psm_fpath);
break;
}
}
// call the module's routine
if (rc = ((int(*)(char*, char *, psec_idbuf_t))psmp->psm_symtble[PSM__GET_ID_TOKEN])(tname, thost, idtok)) {
// printf("Error [%s:%d]: auth module's get_id_token() failed w/rc = %d\n", __FILE__, __LINE__, rc);
rc = PSEC_MODULE_INTERNAL_ERR; break;
}
}
} while (0);
return rc;
}
int
psec_verify_id_token(
unsigned int mdlhndl,
char *uname,
psec_idbuf_t idtok)
{
int rc = 0;
do {
// check arguments
if (!idtok) {
// printf("Error [%s:%d]: invalid id token argument\n", __FILE__, __LINE__);
rc = PSEC_ARGS_ERR; break;
}
// find the authentication module by handle
if ((1>mdlhndl)||(_PSEC_STATE.pss_modcnt<mdlhndl)) {
// printf("Error [%s:%d]: invalid module handle\n", __FILE__, __LINE__);
rc = PSEC_MODULE_HNDL_ERR; break;
}
{
_psec_module_t psmp = _PSEC_STATE.pss_mdlslist[mdlhndl-1];
if (!psmp||(mdlhndl!=((0xfff000&psmp->psm_stindex)>>16))) {
// this should not happen, something went very wrong
// printf("Error [%s:%d]: internal failure: no auth module\n", __FILE__, __LINE__);
rc = PSEC_MODULE_HNDL2_ERR; break;
}
// check the module's state
if (!(PSM_STATE_INITED&psmp->psm_stindex)) {
if (rc = _psec_load_auth_module(psmp)) {
// printf("Error [%s:%d]: failed to load and init auth module (%s)\n", __FILE__, __LINE__, psmp->psm_fpath);
break;
}
}
// call the module's routine
if (rc = ((int(*)(char *, psec_idbuf_t))psmp->psm_symtble[PSM__VERIFY_ID_TOKEN])(uname, idtok)) {
// printf("Error [%s:%d]: auth module's verify_id_token() failed w/rc = %d\n", __FILE__, __LINE__, rc);
rc = PSEC_MODULE_INTERNAL_ERR; break;
}
}
} while (0);
return rc;
}
int
psec_get_id_from_token(
unsigned int mdlhndl,
psec_idbuf_t idtok,
char *usrid,
size_t *usridlen)
{
int rc = 0;
do {
// check arguments
if (!idtok) {
// printf("Error [%s:%d]: invalid id token argument\n", __FILE__, __LINE__);
rc = PSEC_ARGS_ERR; break;
}
if (!usridlen) {
// printf("Error [%s:%d]: invalid id length argument\n", __FILE__, __LINE__);
rc = PSEC_ARGS3_ERR; break;
}
if ((0!=*usridlen)&&(!usrid)) {
// printf("Error [%s:%d]: invalid id argument\n", __FILE__, __LINE__);
rc = PSEC_ARGS2_ERR; break;
}
// find the authentication module by handle
if ((1>mdlhndl)||(_PSEC_STATE.pss_modcnt<mdlhndl)) {
// printf("Error [%s:%d]: invalid module handle\n", __FILE__, __LINE__);
rc = PSEC_MODULE_HNDL_ERR; break;
}
{
_psec_module_t psmp = _PSEC_STATE.pss_mdlslist[mdlhndl-1];
if (!psmp||(mdlhndl!=((0xfff000&psmp->psm_stindex)>>16))) {
// this should not happen, something went very wrong
// printf("Error [%s:%d]: internal failure: no auth module\n", __FILE__, __LINE__);
rc = PSEC_MODULE_HNDL2_ERR; break;
}
// check the module's state
if (!(PSM_STATE_INITED&psmp->psm_stindex)) {
if (rc = _psec_load_auth_module(psmp)) {
// printf("Error [%s:%d]: failed to load and init auth module (%s)\n", __FILE__, __LINE__, psmp->psm_fpath);
break;
}
}
// call the module's routine
if (rc = ((int(*)(psec_idbuf_t, char*, size_t *))psmp->psm_symtble[PSM__GET_ID_FROM_TOKEN])(idtok, usrid, usridlen)) {
// printf("Error [%s:%d]: auth module's get_id_from_token() failed w/rc = %d\n", __FILE__, __LINE__, rc);
if (PSM__MEMORY_ERR == rc) { rc = PSEC_MEMORY_ERR; break; }
rc = PSEC_MODULE_INTERNAL_ERR; break;
}
}
} while (0);
return rc;
}
int
psec_get_key_from_token(
unsigned int mdlhndl,
char *uname,
psec_idbuf_t idtok,
char *key,
size_t *keylen)
{
int rc = 0;
do {
// check arguments
if (!idtok) {
// printf("Error [%s:%d]: invalid id token argument\n", __FILE__, __LINE__);
rc = PSEC_ARGS_ERR; break;
}
if (!keylen) {
// printf("Error [%s:%d]: invalid key length argument\n", __FILE__, __LINE__);
rc = PSEC_ARGS3_ERR; break;
}
if ((0!=*keylen)&&(!key)) {
// printf("Error [%s:%d]: invalid key argument\n", __FILE__, __LINE__);
rc = PSEC_ARGS2_ERR; break;
}
// find the authentication module by handle
if ((1>mdlhndl)||(_PSEC_STATE.pss_modcnt<mdlhndl)) {
// printf("Error [%s:%d]: invalid module handle\n", __FILE__, __LINE__);
rc = PSEC_MODULE_HNDL_ERR; break;
}
{
_psec_module_t psmp = _PSEC_STATE.pss_mdlslist[mdlhndl-1];
if (!psmp||(mdlhndl!=((0xfff000&psmp->psm_stindex)>>16))) {
// this should not happen, something went very wrong
// printf("Error [%s:%d]: internal failure: no auth module\n", __FILE__, __LINE__);
rc = PSEC_MODULE_HNDL2_ERR; break;
}
// check the module's state
if (!(PSM_STATE_INITED&psmp->psm_stindex)) {
if (rc = _psec_load_auth_module(psmp)) {
// printf("Error [%s:%d]: failed to load and init auth module (%s)\n", __FILE__, __LINE__, psmp->psm_fpath);
break;
}
}
// check whether routine supported by authentication module
if (!psmp->psm_symtble[PSM__GET_KEY_FROM_TOKEN]) {
// printf("Error [%s:%d]: function not supported\n", __FILE__, __LINE__);
rc = PSEC_NOT_SUPPORTED_ERR; break;
}
// call the module's routine
if (rc = ((int(*)(char *, psec_idbuf_t, char *, size_t *))psmp->psm_symtble[PSM__GET_KEY_FROM_TOKEN])(uname, idtok, key, keylen)) {
// printf("Error [%s:%d]: auth module's get_key_from_token() failed w/rc = %d\n", __FILE__, __LINE__, rc);
if (PSM__MEMORY_ERR == rc) { rc = PSEC_MEMORY_ERR; break; }
rc = PSEC_MODULE_INTERNAL_ERR; break;
}
}
} while (0);
return rc;
}
int
psec_sign_data(
unsigned int mdlhndl,
char *key,
size_t keylen,
struct iovec *in,
int cnt,
struct iovec *signature)
{
int rc = 0;
do {
// check arguments
if (!key) {
// printf("Error [%s:%d]: invalid key argument\n", __FILE__, __LINE__);
rc = PSEC_ARGS_ERR; break;
}
if (0==keylen) {
// printf("Error [%s:%d]: invalid key length argument\n", __FILE__, __LINE__);
rc = PSEC_ARGS2_ERR; break;
}
if ((NULL==in)||(0==in->iov_len)||(NULL==in->iov_base)) {
// printf("Error [%s:%d]: invalid input data argument\n", __FILE__, __LINE__);
rc = PSEC_ARGS3_ERR; break;
}
if (NULL==signature) {
// printf("Error [%s:%d]: invalid signature argument\n", __FILE__, __LINE__);
rc = PSEC_ARGS4_ERR; break;
}
// find the authentication module by handle
if ((1>mdlhndl)||(_PSEC_STATE.pss_modcnt<mdlhndl)) {
// printf("Error [%s:%d]: invalid module handle\n", __FILE__, __LINE__);
rc = PSEC_MODULE_HNDL_ERR; break;
}
{
_psec_module_t psmp = _PSEC_STATE.pss_mdlslist[mdlhndl-1];
if (!psmp||(mdlhndl!=((0xfff000&psmp->psm_stindex)>>16))) {
// this should not happen, something went very wrong
// printf("Error [%s:%d]: internal failure: no auth module\n", __FILE__, __LINE__);
rc = PSEC_MODULE_HNDL2_ERR; break;
}
// check the module's state
if (!(PSM_STATE_INITED&psmp->psm_stindex)) {
if (rc = _psec_load_auth_module(psmp)) {
// printf("Error [%s:%d]: failed to load and init auth module (%s)\n", __FILE__, __LINE__, psmp->psm_fpath);
break;
}
}
// check whether routine is supported by authentication module
if (!psmp->psm_symtble[PSM__SIGN_DATA]) {
// printf("Error [%s:%d]: function not supported\n", __FILE__, __LINE__);
rc = PSEC_NOT_SUPPORTED_ERR; break;
}
// call the module's routine
if (rc = ((int(*)(char*, size_t, struct iovec*, int, struct iovec*))psmp->psm_symtble[PSM__SIGN_DATA])(key, keylen, in, cnt, signature)) {
// printf("Error [%s:%d]: auth module's sign_data() failed w/rc = %d\n", __FILE__, __LINE__, rc);
if (PSM__MEMORY_ERR == rc) { rc = PSEC_MEMORY_ERR; break; }
rc = PSEC_MODULE_INTERNAL_ERR; break;
}
}
} while (0);
return rc;
}
int
psec_verify_data(
unsigned int mdlhndl,
char *key,
size_t keylen,
struct iovec *in,
int cnt,
struct iovec *signature)
{
int rc = 0;
do {
// check arguments
if (!key) {
// printf("Error [%s:%d]: invalid key argument\n", __FILE__, __LINE__);
rc = PSEC_ARGS_ERR; break;
}
if (0==keylen) {
// printf("Error [%s:%d]: invalid key length argument\n", __FILE__, __LINE__);
rc = PSEC_ARGS2_ERR; break;
}
if ((NULL==in)||(0==cnt)) {
// printf("Error [%s:%d]: invalid input data argument\n", __FILE__, __LINE__);
rc = PSEC_ARGS3_ERR; break;
}
if ((NULL==signature)||(0==signature->iov_len)||(NULL==signature->iov_base)) {
// printf("Error [%s:%d]: invalid signature argument\n", __FILE__, __LINE__);
rc = PSEC_ARGS4_ERR; break;
}
// find the authentication module by handle
if ((1>mdlhndl)||(_PSEC_STATE.pss_modcnt<mdlhndl)) {
// printf("Error [%s:%d]: invalid module handle\n", __FILE__, __LINE__);
rc = PSEC_MODULE_HNDL_ERR; break;
}
{
_psec_module_t psmp = _PSEC_STATE.pss_mdlslist[mdlhndl-1];
if (!psmp||(mdlhndl!=((0xfff000&psmp->psm_stindex)>>16))) {
// this should not happen, something went very wrong
// printf("Error [%s:%d]: internal failure: no auth module\n", __FILE__, __LINE__);
rc = PSEC_MODULE_HNDL2_ERR; break;
}
// check the module's state
if (!(PSM_STATE_INITED&psmp->psm_stindex)) {
if (rc = _psec_load_auth_module(psmp)) {
// printf("Error [%s:%d]: failed to load and init auth module (%s)\n", __FILE__, __LINE__, psmp->psm_fpath);
break;
}
}
// check whether routine is supported by authentication module
if (!psmp->psm_symtble[PSM__VERIFY_DATA]) {
// printf("Error [%s:%d]: function not supported\n", __FILE__, __LINE__);
rc = PSEC_NOT_SUPPORTED_ERR; break;
}
// call the module's routine
if (rc = ((int(*)(char*, size_t, struct iovec*, int, struct iovec*))psmp->psm_symtble[PSM__VERIFY_DATA])(key, keylen, in, cnt, signature)) {
// printf("Error [%s:%d]: auth module's verify_data() failed w/rc = %d\n", __FILE__, __LINE__, rc);
if (PSM__MEMORY_ERR == rc) { rc = PSEC_MEMORY_ERR; break; }
rc = PSEC_MODULE_INTERNAL_ERR; break;
}
}
} while (0);
return rc;
}
int
psec_free_id_token(
unsigned int mdlhndl,
psec_idbuf_t idtok)
{
int rc = 0;
do {
// check arguments
if (!idtok) {
// printf("Error [%s:%d]: invalid id token argument\n", __FILE__, __LINE__);
rc = PSEC_ARGS_ERR; break;
}
// find the authentication module by handle
if ((1>mdlhndl)||(_PSEC_STATE.pss_modcnt<mdlhndl)) {
// printf("Error [%s:%d]: invalid module handle\n", __FILE__, __LINE__);
rc = PSEC_MODULE_HNDL_ERR; break;
}
{
_psec_module_t psmp = _PSEC_STATE.pss_mdlslist[mdlhndl-1];
if (!psmp||(mdlhndl!=((0xfff000&psmp->psm_stindex)>>16))) {
// this should not happen, something went very wrong
// printf("Error [%s:%d]: internal failure: no auth module\n", __FILE__, __LINE__);
rc = PSEC_MODULE_HNDL2_ERR; break;
}
// check the module's state
if (!(PSM_STATE_INITED&psmp->psm_stindex)) {
if (rc = _psec_load_auth_module(psmp)) {
// printf("Error [%s:%d]: failed to load and init auth module (%s)\n", __FILE__, __LINE__, psmp->psm_fpath);
break;
}
}
// call the module's routine
if (rc = ((int(*)(psec_idbuf_t))psmp->psm_symtble[PSM__FREE_ID_TOKEN])(idtok)) {
// printf("Error [%s:%d]: auth module's free_id_token() failed w/rc = %d\n", __FILE__, __LINE__, rc);
rc = PSEC_MODULE_INTERNAL_ERR; break;
}
}
} while (0);
return rc;
}
int
psec_free_signature(
unsigned int mdlhndl,
struct iovec *signature)
{
int rc = 0;
do {
// check arguments
if (!signature) {
// printf("Error [%s:%d]: invalid signature argument\n", __FILE__, __LINE__);
rc = PSEC_ARGS_ERR; break;
}
// find the authentication module by handle
if ((1>mdlhndl)||(_PSEC_STATE.pss_modcnt<mdlhndl)) {
// printf("Error [%s:%d]: invalid module handle\n", __FILE__, __LINE__);
rc = PSEC_MODULE_HNDL_ERR; break;
}
{
_psec_module_t psmp = _PSEC_STATE.pss_mdlslist[mdlhndl-1];
if (!psmp||(mdlhndl!=((0xfff000&psmp->psm_stindex)>>16))) {
// this should not happen, something went very wrong
// printf("Error [%s:%d]: internal failure: no auth module\n", __FILE__, __LINE__);
rc = PSEC_MODULE_HNDL2_ERR; break;
}
// check the module's state
if (!(PSM_STATE_INITED&psmp->psm_stindex)) {
if (rc = _psec_load_auth_module(psmp)) {
// printf("Error [%s:%d]: failed to load and init auth module (%s)\n", __FILE__, __LINE__, psmp->psm_fpath);
break;
}
}
// check whether routine is supported by authentication module
if (!psmp->psm_symtble[PSM__FREE_SIGNATURE]) {
// printf("Error [%s:%d]: function not supported\n", __FILE__, __LINE__);
rc = PSEC_NOT_SUPPORTED_ERR; break;
}
// call the module's routine
if (rc = ((int(*)(psec_idbuf_t))psmp->psm_symtble[PSM__FREE_SIGNATURE])(signature)) {
// printf("Error [%s:%d]: auth module's free_id_token() failed w/rc = %d\n", __FILE__, __LINE__, rc);
rc = PSEC_MODULE_INTERNAL_ERR; break;
}
}
} while (0);
return rc;
}
// EOF