// Create a temporary file in working directory // If suffix is given, the temporary file will have the suffix // The last six characters of template_string must be XXXXXX. // outname is the full path name of a created file; bool VMType::createTempFile(const char *template_string, const char *suffix, MyString &outname) { MyString tmp_config_name; tmp_config_name.formatstr("%s%c%s",m_workingpath.Value(), DIR_DELIM_CHAR, template_string); char *config_name = strdup(tmp_config_name.Value() ); ASSERT(config_name); int config_fd = -1; config_fd = condor_mkstemp( config_name ); if( config_fd < 0 ) { vmprintf(D_ALWAYS, "condor_mkstemp(%s) returned %d, '%s' (errno %d) " "in VMType::createTempFile()\n", config_name, config_fd, strerror(errno), errno ); free(config_name); return false; } close(config_fd); outname = config_name; if( suffix ) { tmp_config_name.formatstr("%s%s",config_name, suffix); if( rename(config_name, tmp_config_name.Value()) < 0 ) { vmprintf(D_ALWAYS, "Cannot rename the temporary config file(%s), '%s' (errno %d) in " "VMType::createTempFile()\n", tmp_config_name.Value(), strerror(errno), errno ); free(config_name); return false; } outname = tmp_config_name; } free(config_name); return true; }
/* Initializes a backup_info_t struct based on Condor parameters */ static void init_backup_info(backup_info_t* bi, bool skip_backup=false) { MyString local_file; int local_fd = -1; bi->filt = BF_NONE; bi->fn = NULL; bi->fp = NULL; bi->success = false; if (skip_backup) { return; } char* filter = param(LOCAL_XACT_BACKUP_FILTER); char* dir = param(LOCAL_QUEUE_BACKUP_DIR); if (filter == NULL || dir == NULL) { /* No parameter relating to backups was set; we can't store a backup in this case */ goto cleanup; } if(strncasecmp("NONE", filter, strlen("NONE")) == 0) { /* The user explicitly requested no backups. */ goto cleanup; } if(strncasecmp("ALL", filter, strlen("ALL")) == 0) { bi->filt = BF_ALL; } else if(strncasecmp("FAILED", filter, strlen("FAILED")) == 0) { bi->filt = BF_FAILED; } else { /* We're ignoring this value because we don't recognize it. */ dprintf(D_ALWAYS, "Unknown %s value: %s\n", LOCAL_XACT_BACKUP_FILTER, filter); goto cleanup; } /* At this point, we know we *might* be needing a backup file */ if (dir == NULL) { /* We can't keep backup log entries in this case */ dprintf(D_ALWAYS, "You must specify a %s if you are going to specify a %s of %s", LOCAL_QUEUE_BACKUP_DIR, LOCAL_XACT_BACKUP_FILTER, filter); bi->filt = BF_NONE; goto cleanup; } local_file += dir; (local_file += DIR_DELIM_STRING) += "job_queue_log_backup_XXXXXX"; bi->fn = local_file.StrDup(); local_fd = condor_mkstemp(bi->fn); if(local_fd < 0) { /* We can't keep backup log entries if we don't have a backup file */ bi->filt = BF_NONE; goto cleanup; } bi->fp = fdopen(local_fd, "w"); /* bi->success is only set to true if (1) we're here (meaning that we have set LOCAL_QUEUE_BACKUP_DIR and successfully created a temp file name), and (2) we have a non-null pointer for the backup file */ bi->success = (bi->fp != NULL); cleanup: /* The label is for cases of fast-fail -- we always want to free this memory on the way out of the function, though. */ if (filter != NULL) { free(filter); filter = NULL; } if (dir != NULL) { free(dir); dir = NULL; } }
int store_cred_handler(Service * /*service*/, int /*i*/, Stream *stream) { void * data = NULL; int rtnVal = FALSE; int rc; char * temp_file_name = NULL; bool found_cred; CredentialWrapper * temp_cred = NULL; int data_size = -1; classad::ClassAd * _classad = NULL; classad::ClassAd classad; std::string classad_cstr; char * classad_str = NULL; classad::ClassAdParser parser; ReliSock * socket = (ReliSock*)stream; const char * user = NULL; CredentialWrapper * cred_wrapper = NULL; if (!socket->triedAuthentication()) { CondorError errstack; if( ! SecMan::authenticate_sock(socket, WRITE, &errstack) ) { dprintf (D_ALWAYS, "Unable to authenticate, qutting\n"); goto EXIT; } } user = socket->getFullyQualifiedUser(); dprintf (D_FULLDEBUG, "Request by: %s, %s\n", socket->getOwner(), user); socket->decode(); if (!socket->code (classad_str)) { dprintf (D_ALWAYS, "Error receiving credential metadata\n"); goto EXIT; } classad_cstr = classad_str; free (classad_str); _classad = parser.ParseClassAd(classad_cstr); if (!_classad) { dprintf (D_ALWAYS, "Error: invalid credential metadata %s\n", classad_cstr.c_str()); goto EXIT; } classad = *_classad; delete _classad; int type; if (!classad.EvaluateAttrInt ("Type", type)) { dprintf (D_ALWAYS, "Missing Type attribute in classad!\n"); goto EXIT; } if (type == X509_CREDENTIAL_TYPE) { cred_wrapper = new X509CredentialWrapper (classad); dprintf (D_ALWAYS, "Name=%s Size=%d\n", cred_wrapper->cred->GetName(), cred_wrapper->cred->GetDataSize()); } else { dprintf (D_ALWAYS, "Unsupported credential type %d\n", type); goto EXIT; } cred_wrapper->cred->SetOrigOwner (socket->getOwner()); // original remote uname cred_wrapper->cred->SetOwner (user); // mapped uname // Receive credential data data_size = cred_wrapper->cred->GetDataSize(); if (data_size > MAX_CRED_DATA_SIZE) { dprintf (D_ALWAYS, "ERROR: Credential data size %d > maximum allowed (%d)\n", data_size, MAX_CRED_DATA_SIZE); goto EXIT; } data = malloc (data_size); if (data == NULL) { EXCEPT("Out of memory. Aborting."); } if (!socket->code_bytes(data,data_size)) { dprintf (D_ALWAYS, "Error receiving credential data\n"); goto EXIT; } cred_wrapper->cred->SetData (data, data_size); // Check whether credential under this name already exists found_cred=false; credentials.Rewind(); while (credentials.Next(temp_cred)) { if ((strcmp(cred_wrapper->cred->GetName(), temp_cred->cred->GetName()) == 0) && (strcmp(cred_wrapper->cred->GetOwner(), temp_cred->cred->GetOwner()) == 0)) { found_cred=true; break; // found it } } if (found_cred) { dprintf (D_ALWAYS, "Credential %s for owner %s already exists!\n", cred_wrapper->cred->GetName(), cred_wrapper->cred->GetOwner()); socket->encode(); int rcred=CREDD_ERROR_CREDENTIAL_ALREADY_EXISTS; socket->code(rcred); goto EXIT; } // Write data to a file temp_file_name = dircat (cred_store_dir, "credXXXXXX"); condor_mkstemp (temp_file_name); cred_wrapper->SetStorageName (temp_file_name); init_user_id_from_FQN (user); if (!StoreData(temp_file_name,data,data_size)) { socket->encode(); int rcred = CREDD_UNABLE_TO_STORE; socket->code(rcred); goto EXIT; } ((X509CredentialWrapper*)cred_wrapper)->cred->SetRealExpirationTime ( x509_proxy_expiration_time(temp_file_name)); // Write metadata to a file credentials.Append (cred_wrapper); SaveCredentialList(); // Write response to the client socket->encode(); rc = CREDD_SUCCESS; socket->code(rc); dprintf( D_ALWAYS, "Credential name %s owner %s successfully stored\n", cred_wrapper->cred->GetName(), cred_wrapper->cred->GetOwner() ); if (type == X509_CREDENTIAL_TYPE) { ((X509Credential*)cred_wrapper->cred)->display( D_FULLDEBUG ); } rtnVal = TRUE; EXIT: if ( data != NULL ) { free (data); } if ( temp_file_name != NULL ) { delete [] temp_file_name; } if ( cred_wrapper != NULL) { delete cred_wrapper; } return rtnVal; }