// Create a temporary file in working directory
// If suffix is given, the temporary file will have the suffix
// The last six characters of template_string must be XXXXXX.
// outname is the full path name of a created file;
bool
VMType::createTempFile(const char *template_string, const char *suffix, MyString &outname)
{
MyString tmp_config_name;
tmp_config_name.formatstr("%s%c%s",m_workingpath.Value(),
DIR_DELIM_CHAR, template_string);
char *config_name = strdup(tmp_config_name.Value() );
ASSERT(config_name);
int config_fd = -1;
config_fd = condor_mkstemp( config_name );
if( config_fd < 0 ) {
vmprintf(D_ALWAYS, "condor_mkstemp(%s) returned %d, '%s' (errno %d) "
"in VMType::createTempFile()\n", config_name, config_fd,
strerror(errno), errno );
free(config_name);
return false;
}
close(config_fd);
outname = config_name;
if( suffix ) {
tmp_config_name.formatstr("%s%s",config_name, suffix);
if( rename(config_name, tmp_config_name.Value()) < 0 ) {
vmprintf(D_ALWAYS, "Cannot rename the temporary config file(%s), '%s' (errno %d) in "
"VMType::createTempFile()\n", tmp_config_name.Value(),
strerror(errno), errno );
free(config_name);
return false;
}
outname = tmp_config_name;
}
free(config_name);
return true;
}
/* Initializes a backup_info_t struct based on Condor parameters */
static void
init_backup_info(backup_info_t* bi, bool skip_backup=false)
{
MyString local_file;
int local_fd = -1;
bi->filt = BF_NONE;
bi->fn = NULL;
bi->fp = NULL;
bi->success = false;
if (skip_backup) {
return;
}
char* filter = param(LOCAL_XACT_BACKUP_FILTER);
char* dir = param(LOCAL_QUEUE_BACKUP_DIR);
if (filter == NULL || dir == NULL) {
/* No parameter relating to backups was set; we can't store a
backup in this case */
goto cleanup;
}
if(strncasecmp("NONE", filter, strlen("NONE")) == 0) {
/* The user explicitly requested no backups. */
goto cleanup;
}
if(strncasecmp("ALL", filter, strlen("ALL")) == 0) {
bi->filt = BF_ALL;
} else if(strncasecmp("FAILED", filter, strlen("FAILED")) == 0) {
bi->filt = BF_FAILED;
} else {
/* We're ignoring this value because we don't recognize it. */
dprintf(D_ALWAYS, "Unknown %s value: %s\n", LOCAL_XACT_BACKUP_FILTER, filter);
goto cleanup;
}
/* At this point, we know we *might* be needing a backup file */
if (dir == NULL) {
/* We can't keep backup log entries in this case */
dprintf(D_ALWAYS, "You must specify a %s if you are going to specify a %s of %s", LOCAL_QUEUE_BACKUP_DIR, LOCAL_XACT_BACKUP_FILTER, filter);
bi->filt = BF_NONE;
goto cleanup;
}
local_file += dir;
(local_file += DIR_DELIM_STRING) += "job_queue_log_backup_XXXXXX";
bi->fn = local_file.StrDup();
local_fd = condor_mkstemp(bi->fn);
if(local_fd < 0) {
/* We can't keep backup log entries if we don't have a backup file */
bi->filt = BF_NONE;
goto cleanup;
}
bi->fp = fdopen(local_fd, "w");
/*
bi->success is only set to true if (1) we're here (meaning that
we have set LOCAL_QUEUE_BACKUP_DIR and successfully created a temp
file name), and (2) we have a non-null pointer for the backup file
*/
bi->success = (bi->fp != NULL);
cleanup:
/* The label is for cases of fast-fail -- we always want to free
this memory on the way out of the function, though. */
if (filter != NULL) {
free(filter);
filter = NULL;
}
if (dir != NULL) {
free(dir);
dir = NULL;
}
}
int
store_cred_handler(Service * /*service*/, int /*i*/, Stream *stream) {
void * data = NULL;
int rtnVal = FALSE;
int rc;
char * temp_file_name = NULL;
bool found_cred;
CredentialWrapper * temp_cred = NULL;
int data_size = -1;
classad::ClassAd * _classad = NULL;
classad::ClassAd classad;
std::string classad_cstr;
char * classad_str = NULL;
classad::ClassAdParser parser;
ReliSock * socket = (ReliSock*)stream;
const char * user = NULL;
CredentialWrapper * cred_wrapper = NULL;
if (!socket->triedAuthentication()) {
CondorError errstack;
if( ! SecMan::authenticate_sock(socket, WRITE, &errstack) ) {
dprintf (D_ALWAYS, "Unable to authenticate, qutting\n");
goto EXIT;
}
}
user = socket->getFullyQualifiedUser();
dprintf (D_FULLDEBUG, "Request by: %s, %s\n", socket->getOwner(), user);
socket->decode();
if (!socket->code (classad_str)) {
dprintf (D_ALWAYS, "Error receiving credential metadata\n");
goto EXIT;
}
classad_cstr = classad_str;
free (classad_str);
_classad = parser.ParseClassAd(classad_cstr);
if (!_classad) {
dprintf (D_ALWAYS, "Error: invalid credential metadata %s\n", classad_cstr.c_str());
goto EXIT;
}
classad = *_classad;
delete _classad;
int type;
if (!classad.EvaluateAttrInt ("Type", type)) {
dprintf (D_ALWAYS, "Missing Type attribute in classad!\n");
goto EXIT;
}
if (type == X509_CREDENTIAL_TYPE) {
cred_wrapper = new X509CredentialWrapper (classad);
dprintf (D_ALWAYS, "Name=%s Size=%d\n",
cred_wrapper->cred->GetName(),
cred_wrapper->cred->GetDataSize());
} else {
dprintf (D_ALWAYS, "Unsupported credential type %d\n", type);
goto EXIT;
}
cred_wrapper->cred->SetOrigOwner (socket->getOwner()); // original remote uname
cred_wrapper->cred->SetOwner (user); // mapped uname
// Receive credential data
data_size = cred_wrapper->cred->GetDataSize();
if (data_size > MAX_CRED_DATA_SIZE) {
dprintf (D_ALWAYS, "ERROR: Credential data size %d > maximum allowed (%d)\n", data_size, MAX_CRED_DATA_SIZE);
goto EXIT;
}
data = malloc (data_size);
if (data == NULL) {
EXCEPT("Out of memory. Aborting.");
}
if (!socket->code_bytes(data,data_size)) {
dprintf (D_ALWAYS, "Error receiving credential data\n");
goto EXIT;
}
cred_wrapper->cred->SetData (data, data_size);
// Check whether credential under this name already exists
found_cred=false;
credentials.Rewind();
while (credentials.Next(temp_cred)) {
if ((strcmp(cred_wrapper->cred->GetName(),
temp_cred->cred->GetName()) == 0) &&
(strcmp(cred_wrapper->cred->GetOwner(),
temp_cred->cred->GetOwner()) == 0)) {
found_cred=true;
break; // found it
}
}
if (found_cred) {
dprintf (D_ALWAYS, "Credential %s for owner %s already exists!\n",
cred_wrapper->cred->GetName(),
cred_wrapper->cred->GetOwner());
socket->encode();
int rcred=CREDD_ERROR_CREDENTIAL_ALREADY_EXISTS;
socket->code(rcred);
goto EXIT;
}
// Write data to a file
temp_file_name = dircat (cred_store_dir, "credXXXXXX");
condor_mkstemp (temp_file_name);
cred_wrapper->SetStorageName (temp_file_name);
init_user_id_from_FQN (user);
if (!StoreData(temp_file_name,data,data_size)) {
socket->encode();
int rcred = CREDD_UNABLE_TO_STORE;
socket->code(rcred);
goto EXIT;
}
((X509CredentialWrapper*)cred_wrapper)->cred->SetRealExpirationTime (
x509_proxy_expiration_time(temp_file_name));
// Write metadata to a file
credentials.Append (cred_wrapper);
SaveCredentialList();
// Write response to the client
socket->encode();
rc = CREDD_SUCCESS;
socket->code(rc);
dprintf( D_ALWAYS, "Credential name %s owner %s successfully stored\n",
cred_wrapper->cred->GetName(), cred_wrapper->cred->GetOwner() );
if (type == X509_CREDENTIAL_TYPE) {
((X509Credential*)cred_wrapper->cred)->display( D_FULLDEBUG );
}
rtnVal = TRUE;
EXIT:
if ( data != NULL ) {
free (data);
}
if ( temp_file_name != NULL ) {
delete [] temp_file_name;
}
if ( cred_wrapper != NULL) {
delete cred_wrapper;
}
return rtnVal;
}
