Beispiel #1
0
static void
testServerInfo(void) {

    xmlrpc_env env;
    xmlrpc_server_info * serverInfoP;
    xmlrpc_server_info * serverInfo2P;

    printf("  Running serverInfo tests...\n");

    xmlrpc_env_init(&env);

    serverInfoP = xmlrpc_server_info_new(&env, "testurl");
    TEST_NO_FAULT(&env);

    serverInfo2P = xmlrpc_server_info_copy(&env, serverInfoP);
    TEST_NO_FAULT(&env);

    xmlrpc_server_info_free(serverInfo2P);

    /* Fails because we haven't set user/password yet: */
    xmlrpc_server_info_allow_auth_basic(&env, serverInfoP);
    TEST_FAULT(&env, XMLRPC_INTERNAL_ERROR);
    
    xmlrpc_server_info_set_basic_auth(&env, serverInfoP,
                                      "username", "password");
    TEST_NO_FAULT(&env);

    xmlrpc_server_info_set_user(&env, serverInfoP, "username", "password");
    TEST_NO_FAULT(&env);

    xmlrpc_server_info_allow_auth_basic(&env, serverInfoP);
    TEST_NO_FAULT(&env);
    
    xmlrpc_server_info_disallow_auth_basic(&env, serverInfoP);
    TEST_NO_FAULT(&env);
    
    xmlrpc_server_info_allow_auth_digest(&env, serverInfoP);
    TEST_NO_FAULT(&env);
    
    xmlrpc_server_info_disallow_auth_digest(&env, serverInfoP);
    TEST_NO_FAULT(&env);
    
    xmlrpc_server_info_allow_auth_negotiate(&env, serverInfoP);
    TEST_NO_FAULT(&env);
    
    xmlrpc_server_info_disallow_auth_negotiate(&env, serverInfoP);
    TEST_NO_FAULT(&env);
    
    xmlrpc_server_info_allow_auth_ntlm(&env, serverInfoP);
    TEST_NO_FAULT(&env);
    
    xmlrpc_server_info_disallow_auth_ntlm(&env, serverInfoP);
    TEST_NO_FAULT(&env);

    xmlrpc_server_info_free(serverInfoP);
    
    xmlrpc_env_clean(&env);
}
Beispiel #2
0
/*
 * Make an XML-RPC call to methodName. This uses the curl client to make
 * a connection over SSL using the CA cert that should have been installed
 * by ipa-client-install.
 */
static void
callRPC(char * user_agent,
     xmlrpc_env *            const envP,
     xmlrpc_server_info * const serverInfoP,
     const char *               const methodName,
     xmlrpc_value *             const paramArrayP,
     xmlrpc_value **            const resultPP) {

    struct xmlrpc_clientparms clientparms;
    struct xmlrpc_curl_xportparms * curlXportParmsP = NULL;
    xmlrpc_client * clientP = NULL;

    memset(&clientparms, 0, sizeof(clientparms));

    XMLRPC_ASSERT(xmlrpc_value_type(paramArrayP) == XMLRPC_TYPE_ARRAY);

    curlXportParmsP = malloc(sizeof(*curlXportParmsP));
    if (curlXportParmsP == NULL) {
        xmlrpc_env_set_fault(envP, XMLRPC_INTERNAL_ERROR, _("Out of memory!"));
        return;
    }
    memset(curlXportParmsP, 0, sizeof(*curlXportParmsP));

    /* Have curl do SSL certificate validation */
    curlXportParmsP->no_ssl_verifypeer = 0;
    curlXportParmsP->no_ssl_verifyhost = 0;
    curlXportParmsP->cainfo = "/etc/ipa/ca.crt";
    curlXportParmsP->user_agent = user_agent;
    /* Enable GSSAPI credentials delegation */
    curlXportParmsP->gssapi_delegation = 1;

    clientparms.transport = "curl";
    clientparms.transportparmsP = (struct xmlrpc_xportparms *)
            curlXportParmsP;
    clientparms.transportparm_size = XMLRPC_CXPSIZE(gssapi_delegation);
    xmlrpc_client_create(envP, XMLRPC_CLIENT_NO_FLAGS, NAME, VERSION,
                         &clientparms, sizeof(clientparms),
                         &clientP);

    /* Set up kerberos negotiate authentication in curl. */
    xmlrpc_server_info_set_user(envP, serverInfoP, ":", "");
    xmlrpc_server_info_allow_auth_negotiate(envP, serverInfoP);

    /* Perform the XML-RPC call */
    if (!envP->fault_occurred) {
        xmlrpc_client_call2(envP, clientP, serverInfoP, methodName, paramArrayP, resultPP);
    }

    /* Cleanup */
    xmlrpc_server_info_free(serverInfoP);
    xmlrpc_client_destroy(clientP);
    free((void*)clientparms.transportparmsP);
}
void 
xmlrpc_server_info_set_basic_auth(xmlrpc_env *         const envP,
                                  xmlrpc_server_info * const serverInfoP,
                                  const char *         const username,
                                  const char *         const password) {

    xmlrpc_server_info_set_user(envP, serverInfoP, username, password);

    if (!envP->fault_occurred) {
        serverInfoP->allowedAuth.basic        = true;
        serverInfoP->allowedAuth.digest       = false;
        serverInfoP->allowedAuth.gssnegotiate = false;
        serverInfoP->allowedAuth.ntlm         = false;
    }
}
Beispiel #4
0
/*
 *	Do any per-module initialization that is separate to each
 *	configured instance of the module.  e.g. set up connections
 *	to external databases, read configuration files, set up
 *	dictionary entries, etc.
 *
 *	If configuration information is given in the config section
 *	that must be referenced in later calls, store a handle to it
 *	in *instance otherwise put a null pointer there.
 */
static int xmlrpc_instantiate(CONF_SECTION * conf, void **instance)
{
	rlm_xmlrpc_t *data;
	rlm_xmlrpc_client_t *first_client;
	rlm_xmlrpc_client_t *client;

	xmlrpc_env env;

	struct xmlrpc_clientparms clientParms;
	struct xmlrpc_curl_xportparms curlParms;

	int i, error;
	void (*do_auth) ();

	/*
	 *      Set up a storage area for instance data
	 */
	data = rad_malloc(sizeof(*data));
	if (!data) {
		return -1;
	}
	memset(data, 0, sizeof(*data));

	/*
	 *      If the configuration parameters can't be parsed, then
	 *      fail.
	 */
	if (cf_section_parse(conf, data, module_config) < 0) {
		free(data);
		return -1;
	}

	*instance = data;

#ifdef HAVE_PTHREAD_H
	pthread_mutex_init(&data->client_mutex, NULL);
#endif

	/*
	 * network_interface parameter cannot be omitted because the
	 * XMLRPC_CXPSIZE macro calcs the size from the first parameter
	 * to the last modified.
	 * Unfortunately is this the order. 
	 */
	curlParms.network_interface = data->interface;
	curlParms.no_ssl_verifypeer = data->no_ssl_verify_peer;
	curlParms.no_ssl_verifyhost = data->no_ssl_verify_host;

	clientParms.transport = "curl";
	clientParms.transportparmsP = &curlParms;
	clientParms.transportparm_size = XMLRPC_CXPSIZE(no_ssl_verifyhost);

	/*
	 * Choosing method authentication
	 */
	if (strcmp(data->auth_type, "auth_basic") == 0) {
		do_auth = xmlrpc_server_info_allow_auth_basic;
	} else if (strcmp(data->auth_type, "auth_digest") == 0) {
		do_auth = xmlrpc_server_info_allow_auth_digest;
	} else if (strcmp(data->auth_type, "auth_negotiate") == 0) {
		do_auth = xmlrpc_server_info_allow_auth_negotiate;
	} else if (strcmp(data->auth_type, "auth_ntlm") == 0) {
		do_auth = xmlrpc_server_info_allow_auth_ntlm;
	}

	/*
	 * Clients are created into a circular linked list.
	 * Into this cycle we setup clients and server information objects.
	 * Server information contains a method to do html authentication. 
	 */
	for (i = 0; i < data->xmlrpc_num_socks; i++) {
		client = rad_malloc(sizeof(*client));
		if (!client) {
			return -1;
		}
		memset(client, 0, sizeof(*client));

		env = client->env;
		xmlrpc_env_init(&env);

		if (i == 0) {
			data->client = client;
			first_client = client;

			xmlrpc_client_setup_global_const(&env);
		} else {
			data->client->next = client;
			data->client = data->client->next;
		}

		xmlrpc_client_create(&env, XMLRPC_CLIENT_NO_FLAGS, NAME,
				     VERSION, &clientParms,
				     XMLRPC_CPSIZE(transportparm_size), &client->clientP);

		error = check_error_and_free(data);
		if (error != RLM_MODULE_OK)
			return error;

		client->serverInfoP = xmlrpc_server_info_new(&env, data->url);
		error = check_error_and_free(data);
		if (error != RLM_MODULE_OK)
			return error;

		if (strcmp(data->auth_type, "none") != 0) {
			xmlrpc_server_info_set_user(&env, client->serverInfoP,
						    data->user, data->password);
			error = check_error_and_free(data);
			if (error != RLM_MODULE_OK)
				return error;

			do_auth(&env, client->serverInfoP);
			error = check_error_and_free(data);
			if (error != RLM_MODULE_OK)
				return error;

			radlog(L_INFO, "\trlm_xmlrpc: client #%d logged in as %s", i, data->user);
		}

		radlog(L_INFO, "\trlm_xmlrpc: client #%d initialized", i);

	}

	/*
	 * closing the circular linked list. data->client helds a pointer
	 * to the last client used by a thread.
	 */

	data->client->next = first_client;
	data->client = data->client->next;

	return 0;
}