Author: dumindu
Date: Tue Dec 11 00:34:49 2007
New Revision: 10903
Log:
Sync with the trunk.
Added:
branches/solutions/identity/1.0/solutions/identity/modules/mod-cspace/build/linux/DEB/
branches/solutions/identity/1.0/solutions/identity/modules/mod-cspace/build/linux/DEB/control
branches/solutions/identity/1.0/solutions/identity/modules/mod-cspace/build/linux/DEB/makedeb.sh
branches/solutions/identity/1.0/solutions/identity/modules/mod-cspace/build/linux/DEB/postinst
(contents, props changed)
branches/solutions/identity/1.0/solutions/identity/modules/mod-cspace/build/linux/DEB/rules
(contents, props changed)
Modified:
branches/solutions/identity/1.0/solutions/identity/modules/mod-cspace/Makefile.am
branches/solutions/identity/1.0/solutions/identity/modules/mod-cspace/build/linux/RPM/spec
branches/solutions/identity/1.0/solutions/identity/modules/mod-cspace/configure.ac
branches/solutions/identity/1.0/solutions/identity/modules/mod-cspace/mod_cspace.c
branches/solutions/identity/1.0/solutions/identity/modules/mod-cspace/process_request.c
branches/solutions/identity/1.0/solutions/identity/modules/mod-cspace/process_request.h
branches/solutions/identity/1.0/solutions/identity/modules/mod-cspace/process_request_defines.h
branches/solutions/identity/1.0/solutions/identity/modules/mod-cspace/res/test.c
Modified:
branches/solutions/identity/1.0/solutions/identity/modules/mod-cspace/Makefile.am
==============================================================================
---
branches/solutions/identity/1.0/solutions/identity/modules/mod-cspace/Makefile.am
(original)
+++
branches/solutions/identity/1.0/solutions/identity/modules/mod-cspace/Makefile.am
Tue Dec 11 00:34:49 2007
@@ -7,9 +7,12 @@
mod_cspace.c
-EXTRA_DIST = LICENSE build build.sh AUTHORS NOTICE *.c *.h
+EXTRA_DIST = INSTALL ChangeLog LICENSE build build.sh AUTHORS NOTICE *.c *.h
dist-hook:
+ rm -rf `find $(distdir)/ -type d -name linux`
+ rm -rf `find $(distdir)/ -type d -name nmake`
+ rm -rf `find $(distdir)/ -type d -name iis`
rm -rf `find $(distdir)/ -type d -name .svn`
rm -rf `find $(distdir)/ -type f -name *.la`
rm -rf `find $(distdir)/ -type f -name *.o`
Added:
branches/solutions/identity/1.0/solutions/identity/modules/mod-cspace/build/linux/DEB/control
==============================================================================
--- (empty file)
+++
branches/solutions/identity/1.0/solutions/identity/modules/mod-cspace/build/linux/DEB/control
Tue Dec 11 00:34:49 2007
@@ -0,0 +1,12 @@
+Source: mod-cspace
+Section: unknown
+Priority: extra
+Maintainer: Dumindu Pallewela <[EMAIL PROTECTED]>
+Build-Depends: debhelper (>= 5), autotools-dev
+Standards-Version: 3.7.2
+
+Package: mod-cspace
+Architecture: any
+Depends: ${shlibs:Depends}, ${misc:Depends}
+Description: <insert up to 60 chars description>
+ <insert long description, indented with spaces>
Added:
branches/solutions/identity/1.0/solutions/identity/modules/mod-cspace/build/linux/DEB/makedeb.sh
==============================================================================
--- (empty file)
+++
branches/solutions/identity/1.0/solutions/identity/modules/mod-cspace/build/linux/DEB/makedeb.sh
Tue Dec 11 00:34:49 2007
@@ -0,0 +1,14 @@
+#!/bin/sh
+VER="1.0"
+pushd .
+cd ../../../
+make dist
+tar xf mod-cspace-src-${VER}.tar.gz
+mv mod-cspace-src-${VER} mod-cspace-${VER}
+cd mod-cspace-${VER}/
+dh_make --createorig -l
+cp ../build/linux/DEB/control debian/
+cp ../build/linux/DEB/postinst debian/
+cp ../build/linux/DEB/rules debian/
+dpkg-buildpackage -b
+popd
Added:
branches/solutions/identity/1.0/solutions/identity/modules/mod-cspace/build/linux/DEB/postinst
==============================================================================
--- (empty file)
+++
branches/solutions/identity/1.0/solutions/identity/modules/mod-cspace/build/linux/DEB/postinst
Tue Dec 11 00:34:49 2007
@@ -0,0 +1,43 @@
+#!/bin/sh
+# postinst script for wso2-wsf-php
+#
+# see: dh_installdeb(1)
+
+set -e
+
+# summary of how this script can be called:
+# * <postinst> `configure' <most-recently-configured-version>
+# * <old-postinst> `abort-upgrade' <new version>
+# * <conflictor's-postinst> `abort-remove' `in-favour' <package>
+# <new-version>
+# * <postinst> `abort-remove'
+# * <deconfigured's-postinst> `abort-deconfigure' `in-favour'
+# <failed-install-package> <version> `removing'
+# <conflicting-package> <version>
+# for details, see http://www.debian.org/doc/debian-policy/ or
+# the debian-policy package
+
+
+case "$1" in
+ configure)
+ mv /usr/local/mod-cspace/lib/libmod_cspace.so.0.0.0
/usr/local/mod-cspace/lib/mod_cspace.so
+ apxs2 -i -n "cspace" /usr/local/mod-cspace/lib/mod_cspace.so
+ rm -rf /usr/local/mod-cspace
+ ;;
+ abort-upgrade|abort-remove|abort-deconfigure)
+ ;;
+
+ *)
+ echo "postinst called with unknown argument \`$1'" >&2
+ exit 1
+ ;;
+esac
+
+# dh_installdeb will replace this with shell code automatically
+# generated by other debhelper scripts.
+
+#DEBHELPER#
+
+exit 0
+
+
Added:
branches/solutions/identity/1.0/solutions/identity/modules/mod-cspace/build/linux/DEB/rules
==============================================================================
--- (empty file)
+++
branches/solutions/identity/1.0/solutions/identity/modules/mod-cspace/build/linux/DEB/rules
Tue Dec 11 00:34:49 2007
@@ -0,0 +1,100 @@
+#!/usr/bin/make -f
+# -*- makefile -*-
+# Sample debian/rules that uses debhelper.
+# This file was originally written by Joey Hess and Craig Small.
+# As a special exception, when this file is copied by dh-make into a
+# dh-make output file, you may use that output file without restriction.
+# This special exception was added by Craig Small in version 0.37 of dh-make.
+
+# Uncomment this to turn on verbose mode.
+#export DH_VERBOSE=1
+
+
+# These are used for cross-compiling and for saving the configure script
+# from having to guess our platform (since we know it already)
+DEB_HOST_GNU_TYPE ?= $(shell dpkg-architecture -qDEB_HOST_GNU_TYPE)
+DEB_BUILD_GNU_TYPE ?= $(shell dpkg-architecture -qDEB_BUILD_GNU_TYPE)
+
+
+config.status: configure
+ dh_testdir
+ # Add here commands to configure the package.
+ifneq "$(wildcard /usr/share/misc/config.sub)" ""
+ cp -f /usr/share/misc/config.sub config.sub
+endif
+ifneq "$(wildcard /usr/share/misc/config.guess)" ""
+ cp -f /usr/share/misc/config.guess config.guess
+endif
+ ./configure --with-apxs2
+
+
+build: build-stamp
+
+build-stamp: config.status
+ dh_testdir
+
+ # Add here commands to compile the package.
+ $(MAKE)
+ #docbook-to-man debian/mod-cspace-src.sgml > mod-cspace-src.1
+
+ touch $@
+
+clean:
+ dh_testdir
+ dh_testroot
+ rm -f build-stamp
+
+ # Add here commands to clean up after the build process.
+ $(MAKE) distclean
+ rm -f config.sub config.guess
+
+ dh_clean
+
+install: build
+ dh_testdir
+ dh_testroot
+ dh_clean -k
+ dh_installdirs
+
+ # Add here commands to install the package into debian/mod-cspace-src.
+ $(MAKE) DESTDIR=$(CURDIR)/debian/mod-cspace-src install
+# apxs2 -i -n "cspace" mod_cspace.so
+
+
+# Build architecture-independent files here.
+binary-indep: build install
+# We have nothing to do by default.
+
+# Build architecture-dependent files here.
+binary-arch: build install
+ dh_testdir
+ dh_testroot
+ dh_installchangelogs ChangeLog
+ dh_installdocs
+ dh_installexamples
+# dh_install
+# dh_installmenu
+# dh_installdebconf
+# dh_installlogrotate
+# dh_installemacsen
+# dh_installpam
+# dh_installmime
+# dh_python
+# dh_installinit
+# dh_installcron
+# dh_installinfo
+ dh_installman
+ dh_link
+ dh_strip
+ dh_compress
+ dh_fixperms
+# dh_perl
+# dh_makeshlibs
+ dh_installdeb
+ dh_shlibdeps
+ dh_gencontrol
+ dh_md5sums
+ dh_builddeb
+
+binary: binary-indep binary-arch
+.PHONY: build clean binary-indep binary-arch binary install
Modified:
branches/solutions/identity/1.0/solutions/identity/modules/mod-cspace/build/linux/RPM/spec
==============================================================================
---
branches/solutions/identity/1.0/solutions/identity/modules/mod-cspace/build/linux/RPM/spec
(original)
+++
branches/solutions/identity/1.0/solutions/identity/modules/mod-cspace/build/linux/RPM/spec
Tue Dec 11 00:34:49 2007
@@ -7,7 +7,7 @@
License: Apache License V2.0
Group: Development/Tools
%description
-MOD-CSPACE DESCRIPTOIN PLACEHOLDER
+This is an apache2 module for enabling CardSpace authentication.
%prep
%setup -q
%build
Modified:
branches/solutions/identity/1.0/solutions/identity/modules/mod-cspace/configure.ac
==============================================================================
---
branches/solutions/identity/1.0/solutions/identity/modules/mod-cspace/configure.ac
(original)
+++
branches/solutions/identity/1.0/solutions/identity/modules/mod-cspace/configure.ac
Tue Dec 11 00:34:49 2007
@@ -47,9 +47,9 @@
dnl Checks for libraries.
AC_CHECK_LIB(dl, dlopen)
-CFLAGS="$CFLAGS -DSHARED_MODULE"
+CFLAGS="$CFLAGS -DCSPACE_DEBUG -DSHARED_MODULE"
if test "$GCC" = "yes"; then
- CFLAGS="$CFLAGS -ansi -Wall -Werror -Wno-implicit-function-declaration -g"
+ CFLAGS="-O2 $CFLAGS -ansi -Wall -Werror -Wno-implicit-function-declaration"
fi
LDFLAGS="$LDFLAGS -lpthread"
LDFLAGS="$LDFLAGS"
Modified:
branches/solutions/identity/1.0/solutions/identity/modules/mod-cspace/mod_cspace.c
==============================================================================
---
branches/solutions/identity/1.0/solutions/identity/modules/mod-cspace/mod_cspace.c
(original)
+++
branches/solutions/identity/1.0/solutions/identity/modules/mod-cspace/mod_cspace.c
Tue Dec 11 00:34:49 2007
@@ -39,6 +39,11 @@
#define CARDSPACE_HEADER_PFX "cardspace_"
+static void cspace_log_error(const char *msg, pc_log_level_t level, void
*cb_ctx)
+{
+ ap_log_error(APLOG_MARK, level, 0, (server_rec *)cb_ctx, msg);
+}
+
/* TODO:This function should ideally redirect the browser to the url specified
* by url. This is only used to redirect the browser to the login page when an
* HTTP_UNAUTHORIZED occurs.
@@ -162,6 +167,7 @@
/*this array is free'd before the function exits*/
}
} else {
+ cspace_log_error("Cannot read request body", APLOG_WARNING, r->server);
#ifdef CSPACE_DEBUG
printf("ERR: should_client_block false!\n");
#endif
@@ -180,7 +186,7 @@
static void set_header(char *uri, char *key, char *val, void* table, void
*pool)
{
apr_table_t *t = (apr_table_t *)table;
-
+
#ifdef CSPACE_DEBUG
printf("Header %s/%s:%s\n", uri, key, val);
#endif
@@ -375,6 +381,7 @@
int state = FAIL;
process_context_t *ctx = NULL;
+ cspace_log_error(buf, APLOG_DEBUG, r->server);
#ifdef CSPACE_DEBUG
printf("TOKEN: %s\n", buf);
#endif
@@ -383,9 +390,18 @@
/*TODO: create with pool allocator*/
ctx = cspace_process_context_create_default();
if (!ctx)
+ {
+ cspace_log_error("process context could not be created", APLOG_ERR,
+ r->server);
return HTTP_INTERNAL_SERVER_ERROR;
+ }
cspace_process_context_set_key_file(ctx, svr_cfg->key_file);
+
+ /*if (ctx->ca_file)
+ cspace_process_context_set_ca_file(ctx, svr_cfg->ca_file);*/
+
+ cspace_process_context_set_logger(ctx, cspace_log_error, r->server);
cspace_process_context_set_header_callback(ctx, &set_header,
(void*)(r->subprocess_env));
@@ -422,7 +438,11 @@
status = get_cookie(r, &cookies);
if (status == HTTP_INTERNAL_SERVER_ERROR)
+ {
+ cspace_log_error("Could not retrieve the session cookie", APLOG_NOTICE,
+ r->server);
return status;
+ }
session_ctx = session_ctx_create(r->pool, dir_cfg->session_file,
svr_cfg->session_expire);
@@ -465,6 +485,7 @@
if (session_id)
set_cookie(r, session_id);
+ /*log success/failure of this*/
return OK;
} else {
@@ -475,6 +496,8 @@
#ifdef CSPACE_DEBUG
printf("ERR: request null! can't read?");
#endif
+ cspace_log_error("could not extract the token from the request",
+ APLOG_NOTICE, r->server);
if (ret != OK)
return ret;
}
@@ -518,6 +541,8 @@
printf("ERR: request null! can't read?");
#endif
+ cspace_log_error("could not extract the token from the request",
+ APLOG_NOTICE, r->server);
/*Should it be UNAUTHORIZED_REDIRECT(r, NULL) that should go here*/
if (ret != OK)
return ret;
@@ -548,13 +573,19 @@
if (!(dir_cfg->use_cspace_auth))
return DECLINED;
- if (strcmp(ap_http_scheme(r), "https") != 0)
+ if (strcmp(ap_http_scheme(r), "https") != 0) {
+ cspace_log_error("https scheme expected for cardspace requests",
+ APLOG_NOTICE, r->server);
return UNAUTHORIZED_REDIRECT(r, NULL);
+ }
/*Don't send us CARDSPACE headers*/
- if (!check_valid_headers(r))
+ if (!check_valid_headers(r)) {
+ cspace_log_error("client sent cardspace headers. denied access",
+ APLOG_NOTICE, r->server);
return UNAUTHORIZED_REDIRECT(r, NULL);
-
+ }
+
if (dir_cfg->session) {
if (dir_cfg->sso) {
return handle_session_sso(r, dir_cfg, svr_cfg);
Modified:
branches/solutions/identity/1.0/solutions/identity/modules/mod-cspace/process_request.c
==============================================================================
---
branches/solutions/identity/1.0/solutions/identity/modules/mod-cspace/process_request.c
(original)
+++
branches/solutions/identity/1.0/solutions/identity/modules/mod-cspace/process_request.c
Tue Dec 11 00:34:49 2007
@@ -65,8 +65,9 @@
(obj) ? (((obj)->nodesetval) ? \
((obj)->nodesetval->nodeTab[(i)]) : NULL) : NULL)
-static void* malloc_def(size_t size, void *cb_ctx);
+static void *malloc_def(size_t size, void *cb_ctx);
static void free_def(void *ptr, void *cb_ctx);
+static void logger_def(const char *msg, pc_log_level_t level, void *cb_ctx);
static int decrypt_token(xmlDoc *doc, process_context_t *ctx);
static int register_namespaces(xmlXPathContext *xpath_ctx);
static xmlSecKeysMngr *keys_mnrg_create_and_load_priv_key(process_context_t
*ctx);
@@ -79,7 +80,7 @@
{
int res = FAIL;
xmlDoc *doc = NULL;
-
+
/* Load XML document */
doc = xmlReadMemory(req, (int)strlen(req), NULL, NULL, 0);
@@ -129,9 +130,17 @@
return res;
}
+void cspace_process_context_set_logger(process_context_t *ctx,
+ logger_cb_t logger, void *cb_ctx)
+{
+ ctx->logger_fn = logger;
+ ctx->logger_cb_ctx = cb_ctx;
+}
+
void cspace_process_context_set_header_callback_context(process_context_t *ctx,
void *cb_ctx)
{
+ pc_log_error(ctx, "TEST_ERROR TEST_ERROR", PCLOG_ERR);
ctx->set_header_cb_ctx = cb_ctx;
}
@@ -479,8 +488,12 @@
return SUCC;
}
+static void logger_def(const char *msg, pc_log_level_t level, void *cb_ctx)
+{
+ printf("%s\n", msg);
+}
-static void* malloc_def(size_t size, void *cb_ctx)
+static void *malloc_def(size_t size, void *cb_ctx)
{
return malloc(size);
}
@@ -544,7 +557,12 @@
ctx->allocator->mctx = mctx;
ctx->allocator->free_fn = free_fn;
ctx->allocator->fctx = fctx;
-
+
+ /* Set the default logger (stdio)
+ * "User" can always change this afterwards */
+ ctx->logger_fn = logger_def;
+ ctx->logger_cb_ctx = NULL;
+
ctx->key_file = NULL;
ctx->ca_file = NULL;
Modified:
branches/solutions/identity/1.0/solutions/identity/modules/mod-cspace/process_request.h
==============================================================================
---
branches/solutions/identity/1.0/solutions/identity/modules/mod-cspace/process_request.h
(original)
+++
branches/solutions/identity/1.0/solutions/identity/modules/mod-cspace/process_request.h
Tue Dec 11 00:34:49 2007
@@ -17,14 +17,27 @@
#define cspace_process_context_create \
cspace_process_context_create_with_allocator
+typedef enum {
+ PCLOG_EMERG = 0,
+ PCLOG_ALERT,
+ PCLOG_CRIT,
+ PCLOG_ERR,
+ PCLOG_WARNING,
+ PCLOG_NOTICE,
+ PCLOG_INFO,
+ PCLOG_DEBUG,
+} pc_log_level_t;
+
typedef struct allocator allocator_t;
typedef struct process_context process_context_t;
typedef void *(*malloc_cb_t)(size_t size, void *cb_ctx);
typedef void (*free_cb_t)(void *ptr, void *cb_ctx);
-typedef void (*set_header_cb_t)(char *ns_uri, char *key, char *val, void
*container,
- void *cb_ctx);
+typedef void (*logger_cb_t)(const char *msg, pc_log_level_t level, void
*cb_ctx);
+
+typedef void (*set_header_cb_t)(char *ns_uri, char *key, char *val,
+ void *container, void *cb_ctx);
int cspace_process_context_init(void);
@@ -36,11 +49,14 @@
void cspace_process_context_free(process_context_t *ctx);
void cspace_process_context_halt(void);
+void cspace_process_context_set_logger(process_context_t *ctx,
+ logger_cb_t logger, void *cb_ctx);
+
int cspace_process_context_set_key_file(process_context_t *ctx,
const char* key_file);
int cspace_process_context_set_ca_file(process_context_t *ctx,
- const char* ca_file);
+ const char* ca_file);
void cspace_process_context_set_header_callback(process_context_t *ctx,
set_header_cb_t set_header_fn,
Modified:
branches/solutions/identity/1.0/solutions/identity/modules/mod-cspace/process_request_defines.h
==============================================================================
---
branches/solutions/identity/1.0/solutions/identity/modules/mod-cspace/process_request_defines.h
(original)
+++
branches/solutions/identity/1.0/solutions/identity/modules/mod-cspace/process_request_defines.h
Tue Dec 11 00:34:49 2007
@@ -13,6 +13,9 @@
#define pc_free(ptr, pctx)\
(pctx)->allocator->free_fn((ptr), (pctx)->allocator->fctx)
+
+#define pc_log_error(pctx, error_msg, level) \
+ (pctx)->logger_fn((error_msg), (level), (pctx)->logger_cb_ctx)
struct allocator {
/*void *(*malloc_fn)(size_t size, void *cb_ctx);*/
@@ -27,7 +30,10 @@
void *header_container;
set_header_cb_t set_header_fn;
void *set_header_cb_ctx;
+ logger_cb_t logger_fn;
+ void *logger_cb_ctx;
+
char *key_file;
char *ca_file;
Modified:
branches/solutions/identity/1.0/solutions/identity/modules/mod-cspace/res/test.c
==============================================================================
---
branches/solutions/identity/1.0/solutions/identity/modules/mod-cspace/res/test.c
(original)
+++
branches/solutions/identity/1.0/solutions/identity/modules/mod-cspace/res/test.c
Tue Dec 11 00:34:49 2007
@@ -14,10 +14,11 @@
process_context_t *ctx = cspace_process_context_create_default();
cspace_process_context_set_key_file(ctx, "identity.lk.wso2.com.key");
+ cspace_process_context_set_ca_file(ctx, "cacert.pem");
cspace_process_context_set_header_callback(ctx,
sample_set_header_callback ,
NULL);
- if (cspace_process_request(ctx, TEST_TOKEN_MANAGED, NULL, NULL)) {
+ if (cspace_process_request(ctx, TEST_TOKEN_MANAGED)) {
printf("Verificatio SUCCESS!\n\n");
} else {
printf("Verificatio FAILED!\n\n");
@@ -30,7 +31,7 @@
cspace_process_context_set_header_callback(ctx,
sample_set_header_callback ,
NULL);
- if (cspace_process_request(ctx, TEST_TOKEN_SELF, NULL, NULL)) {
+ if (cspace_process_request(ctx, TEST_TOKEN_SELF)) {
printf("Verificatio SUCCESS!\n");
} else {
printf("Verificatio FAILED!\n");
@@ -46,7 +47,6 @@
void *container, void *cb_ctx)
{
printf("header: %s, val: %s, uri: %s\n", key, val, ns_uri);
- free(ns_uri);
- free(key);
+ free(ns_uri); free(key);
free(val);
}
_______________________________________________
Identity-dev mailing list
[email protected]
http://wso2.org/cgi-bin/mailman/listinfo/identity-dev
