static
int
globus_gfs_acl_test_authorize(
void * out_handle,
const char * action,
const char * object,
globus_gfs_acl_info_t * acl_info,
globus_gfs_acl_handle_t acl_handle,
globus_result_t * out_res)
{
GlobusGFSName(globus_gfs_acl_test_authorize);
GlobusGFSDebugEnter();
if(1 || strncmp(object, "/path/you/allow", 5) == 0)
{
*out_res = GLOBUS_SUCCESS;
}
else
{
*out_res = GlobusGFSErrorGeneric("No soup for you.");
}
globus_gfs_acl_authorized_finished(acl_handle, *out_res);
GlobusGFSDebugExit();
return GLOBUS_GFS_ACL_WOULD_BLOCK;
}
static
int
globus_gfs_acl_test_init(
void ** out_handle,
globus_gfs_acl_info_t * acl_info,
globus_gfs_acl_handle_t acl_handle,
globus_result_t * out_res)
{
GlobusGFSName(globus_gfs_acl_test_init);
GlobusGFSDebugEnter();
if(1 || (acl_info->subject &&
strcmp(acl_info->subject, "subject you allow") == 0))
{
*out_res = GLOBUS_SUCCESS;
}
else
{
*out_res = GlobusGFSErrorGeneric("No soup for you.");
}
globus_gfs_acl_authorized_finished(acl_handle, *out_res);
GlobusGFSDebugExit();
return GLOBUS_GFS_ACL_WOULD_BLOCK;
}
globus_result_t
stat_populate(char * Name,
int Type,
int LinkCount,
uint64_t Size,
char * Owner,
char * ModTime,
globus_gfs_stat_t * GFSStat)
{
GlobusGFSName(stat_populate);
memset(GFSStat, 0, sizeof(globus_gfs_stat_t));
GFSStat->mode = Type | S_IRWXU;
GFSStat->nlink = LinkCount;
// XXX Inodes not supported
GFSStat->ino = 0xDEADBEEF;
// XXX UIDs not supported
// XXX GFSStat->uid = HpssStat->st_uid;
GFSStat->gid = 0; // Groups not supported
GFSStat->dev = 0;
GFSStat->size = Size;
GFSStat->name = globus_libc_strdup(Name);
if (!ModTime)
{
GFSStat->atime = 0;
GFSStat->mtime = 0;
GFSStat->ctime = 0;
} else
{
struct tm t;
memset(&t, 0, sizeof(t));
int ret = sscanf(ModTime, "%d-%d-%dT%d:%d:%d.", &t.tm_year,
&t.tm_mon,
&t.tm_mday,
&t.tm_hour,
&t.tm_min,
&t.tm_sec);
if (ret != 6)
return GlobusGFSErrorGeneric("Invalid time string");
t.tm_year -= 1900;
time_t time_of_day = mktime(&t);
GFSStat->atime = time_of_day;
GFSStat->mtime = time_of_day;
GFSStat->ctime = time_of_day;
}
return GLOBUS_SUCCESS;
}
void
dsi_send(globus_gfs_operation_t Operation,
globus_gfs_transfer_info_t * TransferInfo,
void * UserArg)
{
globus_result_t result = GLOBUS_SUCCESS;
GlobusGFSName(dsi_send);
if (dsi_partial_transfer(TransferInfo) || dsi_restart_transfer(TransferInfo))
{
result = GlobusGFSErrorGeneric("Non-zero offsets are not supported");
globus_gridftp_server_finished_transfer(Operation, result);
return;
}
retr(UserArg, Operation, TransferInfo);
}
globus_result_t
stat_entries(ds3_client * Client,
char * Path,
int FileOnly,
int MaxEntries,
globus_gfs_stat_t * GFSStatArray,
int * CountOut,
stat_state_t * State)
{
globus_result_t result = GLOBUS_SUCCESS;
int i = 0;
int expanding_search = 0;
GlobusGFSName(stat_entries);
if (!State->_bucket_name && !State->_object_name)
path_split(Path, &State->_bucket_name, &State->_object_name);
if (!State->_service_response)
{
result = gds3_get_service(Client, &State->_service_response);
if (result != GLOBUS_SUCCESS)
return result;
}
*CountOut = 0;
/* No bucket_name means it _is_ '/' */
if (!State->_bucket_name)
{
if (FileOnly)
{
/* Return a stat of only '/'. */
result = stat_populate("/",
S_IFDIR,
State->_service_response->num_buckets + 2,
1024,
ds3_str_value(State->_service_response->owner->name),
NULL,
&GFSStatArray[(*CountOut)++]);
State->_complete = 1;
return result;
} else
{
/* Return the contents of '/'. */
if (State->_index++ == 0)
{
result = stat_populate(".",
S_IFDIR,
State->_service_response->num_buckets + 2,
1024,
ds3_str_value(State->_service_response->owner->name),
NULL, // XXX no modify time
&GFSStatArray[(*CountOut)++]);
if (result != GLOBUS_SUCCESS || *CountOut == MaxEntries)
return result;
}
if (State->_index++ == 1)
{
result = stat_populate("..",
S_IFDIR,
State->_service_response->num_buckets + 2,
1024,
ds3_str_value(State->_service_response->owner->name),
NULL, // XXX no modify time
&GFSStatArray[(*CountOut)++]);
if (State->_service_response->num_buckets == 0)
State->_complete = 1;
if (result != GLOBUS_SUCCESS || *CountOut == MaxEntries)
return result;
}
for (i = State->_index-2;
i < State->_service_response->num_buckets && *CountOut < MaxEntries;
i++)
{
result = stat_populate(ds3_str_value(State->_service_response->buckets[i].name),
S_IFDIR,
2,
1024,
ds3_str_value(State->_service_response->owner->name),
ds3_str_value(State->_service_response->buckets[i].creation_date),
&GFSStatArray[(*CountOut)++]);
if (result != GLOBUS_SUCCESS)
return result;
}
State->_complete = (i == State->_service_response->num_buckets);
return result;
}
}
/* No object_name means it is _in_ '/' */
if (!State->_object_name && FileOnly)
{
for (i = 0;
i < State->_service_response->num_buckets;
i++)
{
if (strcmp(State->_bucket_name, ds3_str_value(State->_service_response->buckets[i].name)) == 0)
{
result = stat_populate(ds3_str_value(State->_service_response->buckets[i].name),
S_IFDIR,
2,
1024,
ds3_str_value(State->_service_response->owner->name),
ds3_str_value(State->_service_response->buckets[i].creation_date),
&GFSStatArray[(*CountOut)++]);
State->_complete = 1;
return result;
}
}
return GlobusGFSErrorGeneric("No such file or directory");
}
/* Let's find this object. */
if (State->_object_name && State->_object_name[strlen(State->_object_name)-1] != '/')
{
do
{
/* Get the next response. */
if (!State->_bucket_response)
{
result = gds3_get_bucket(Client,
State->_bucket_name,
&State->_bucket_response,
"/", /* Delimiter */
State->_object_name,
State->_marker,
MaxEntries);
if (result)
return result;
}
/* If it is an object... */
for (i = 0; i < State->_bucket_response->num_objects; i++)
{
if (strcmp(State->_object_name, ds3_str_value(State->_bucket_response->objects[i].name)) == 0)
{
char * last_modified = NULL;
if (State->_bucket_response->objects[i].last_modified)
last_modified = ds3_str_value(State->_bucket_response->objects[i].last_modified);
result = stat_populate(basename(State->_object_name),
S_IFREG,
1,
State->_bucket_response->objects[i].size,
ds3_str_value(State->_bucket_response->objects[i].owner->name),
last_modified,
&GFSStatArray[(*CountOut)++]);
State->_complete = 1;
return result;
}
}
/* If it is a directory... */
for (i = 0; i < State->_bucket_response->num_common_prefixes; i++)
{
if (strncmp(State->_object_name,
ds3_str_value(State->_bucket_response->common_prefixes[i]),
ds3_str_size(State->_bucket_response->common_prefixes[i])-1) == 0 &&
State->_bucket_response->common_prefixes[i]->value[
State->_bucket_response->common_prefixes[i]->size-1] == '/')
{
/* If we do not need to expand the directory... */
if (FileOnly)
{
result = stat_populate(basename(State->_object_name),
S_IFDIR,
2,
1024,
ds3_str_value(State->_service_response->owner->name),
NULL,
&GFSStatArray[(*CountOut)++]);
State->_complete = 1;
return result;
} else
{
char * new_object_name = malloc(strlen(State->_object_name)+2);
sprintf(new_object_name, "%s/", State->_object_name);
free(State->_object_name);
State->_object_name = new_object_name;
if (State->_bucket_response)
ds3_free_bucket_response(State->_bucket_response);
State->_bucket_response = NULL;
if (State->_marker)
free(State->_marker);
State->_index = 0;
expanding_search = 1;
break;
}
}
}
} while (State->_marker);
/* We could not find it. */
if (!expanding_search)
return GlobusGFSErrorGeneric("No such file or directory");
}
do
{
/* First pass. */
if (!State->_bucket_response && !State->_index)
{
result = stat_populate(".",
S_IFDIR,
2,
1024,
ds3_str_value(State->_service_response->owner->name),
NULL, // XXX no modify time
&GFSStatArray[(*CountOut)++]);
if (result != GLOBUS_SUCCESS)
return result;
result = stat_populate("..",
S_IFDIR,
2,
1024,
ds3_str_value(State->_service_response->owner->name),
NULL, // XXX no modify time
&GFSStatArray[(*CountOut)++]);
if (result != GLOBUS_SUCCESS)
return result;
}
/* Get the next response. */
if (!State->_bucket_response)
{
result = gds3_get_bucket(Client,
State->_bucket_name,
&State->_bucket_response,
"/", /* Delimiter */
State->_object_name,
State->_marker,
MaxEntries);
if (result)
return result;
State->_index = 0;
}
for (i = State->_index; i < State->_bucket_response->num_objects; i++, State->_index++)
{
if (State->_object_name && strcmp(State->_bucket_response->objects[i].name->value, State->_object_name) == 0)
continue;
char * last_modified = NULL;
if (State->_bucket_response->objects[i].last_modified)
last_modified = ds3_str_value(State->_bucket_response->objects[i].last_modified);
result = stat_populate(State->_bucket_response->objects[i].name->value + (State->_object_name ? strlen(State->_object_name) : 0),
S_IFREG,
1,
State->_bucket_response->objects[i].size,
ds3_str_value(State->_bucket_response->objects[i].owner->name),
last_modified,
&GFSStatArray[(*CountOut)++]);
if (result != GLOBUS_SUCCESS || *CountOut == MaxEntries)
return result;
}
for (i = State->_index - State->_bucket_response->num_objects;
i < State->_bucket_response->num_common_prefixes;
i++, State->_index++)
{
char * entry = malloc(State->_bucket_response->common_prefixes[i]->size);
snprintf(entry,
State->_bucket_response->common_prefixes[i]->size,
"%s",
State->_bucket_response->common_prefixes[i]->value);
result = stat_populate(entry + (State->_object_name ? strlen(State->_object_name) : 0),
S_IFDIR,
2,
1024,
ds3_str_value(State->_service_response->owner->name),
NULL,
&GFSStatArray[(*CountOut)++]);
free(entry);
if (result != GLOBUS_SUCCESS || *CountOut == MaxEntries)
return result;
}
ds3_free_bucket_response(State->_bucket_response);
State->_bucket_response = NULL;
} while (State->_marker);
State->_complete = 1;
return result;
}
static void
site_usage(globus_gfs_operation_t op,
globus_gfs_command_info_t *cmd_info)
{
GlobusGFSName(site_usage);
int argc = 0;
char **argv;
globus_result_t result = globus_gridftp_server_query_op_info(
op,
cmd_info->op_info,
GLOBUS_GFS_OP_INFO_CMD_ARGS,
&argv,
&argc
);
if (result != GLOBUS_SUCCESS)
{
result = GlobusGFSErrorGeneric("Incorrect invocation of SITE USAGE command");
globus_gridftp_server_finished_command(op, result, "550 Incorrect invocation of SITE USAGE.\r\n");
return;
}
if ((argc != 3) && (argc != 5))
{
result = GlobusGFSErrorGeneric("Incorrect number of arguments to SITE USAGE command");
globus_gridftp_server_finished_command(op, result, "550 Incorrect number of arguments to SITE USAGE command.\r\n");
return;
}
const char *token_name = "default";
if ((argc == 5) && strcasecmp("TOKEN", argv[2]))
{
result = GlobusGFSErrorGeneric("Incorrect format for SITE USAGE command");
globus_gridftp_server_finished_command(op, result, "550 Expected format: SITE USAGE [TOKEN name] path.\r\n");
return;
}
if (argc == 5) {
token_name = argv[3];
}
const char *script_pathname = getenv("OSG_SITE_USAGE_SCRIPT");
if (!script_pathname)
{
result = GlobusGFSErrorGeneric("Site usage script not configured");
globus_gridftp_server_finished_command(op, result, "550 Server is not configured to provide site usage.\r\n");
return;
}
char cmd[256];
snprintf(cmd, 256, "%s %s %s", script_pathname, token_name, cmd_info->pathname);
cmd[255] = '\0';
FILE *fp = popen(cmd, "r");
if (fp == NULL) {
result = GlobusGFSErrorSystemError("usage script", errno);
globus_gridftp_server_finished_command(op, result, "550 Server failed to start usage query.\r\n");
return;
}
char output[1024];
while (fgets(output, 1024, fp) != NULL) {}
int status = pclose(fp);
if ((status == -1) || (status > 0))
{
if (status == -1) {result = GlobusGFSErrorSystemError("Usage script failed", errno);}
else {result = GlobusGFSErrorGeneric("Site usage script failed");}
globus_gridftp_server_finished_command(op, result, "550 Server usage query failed.\r\n");
return;
}
char *newline_char = strchr(output, '\n');
if (newline_char) {*newline_char = '\0';}
long long usage, free, total;
int output_count = sscanf(output, "%lld %lld %lld", &usage, &free, &total);
if (output_count < 2)
{
result = GlobusGFSErrorGeneric("Invalid output from site usage script");
globus_gridftp_server_finished_command(op, result, "550 Invalid output from site usage script.\r\n");
return;
}
if (output_count == 2) {total = usage + free;}
char final_output[1024];
snprintf(final_output, 1024, "250 USAGE %lld FREE %lld TOTAL %lld\r\n", usage, free, total);
final_output[1023] = '\0';
globus_gridftp_server_finished_command(op, result, final_output);
}
/*
* Authenticate to HPSS.
*/
static globus_result_t
session_auth_to_hpss(session_handle_t * SessionHandle)
{
int uid = -1;
int retval = 0;
char * login_name = NULL;
char * authn_mech = NULL;
char * config_authenticator_str = NULL;
char * actual_authenticator_val = NULL;
globus_result_t result = GLOBUS_SUCCESS;
hpss_rpc_auth_type_t auth_type;
api_config_t api_config;
mode_t old_mask;
GlobusGFSName(__func__);
GlobusGFSHpssDebugEnter();
/* Get the login name of the priviledged user. */
login_name = config_get_login_name(SessionHandle->ConfigHandle);
if (login_name == NULL)
{
result = GlobusGFSErrorGeneric("LoginName missing from config file");
goto cleanup;
}
/* Get the authentication mechanism (unix, krb5, etc) */
authn_mech = config_get_authentication_mech(SessionHandle->ConfigHandle);
if (!authn_mech)
{
result = GlobusGFSErrorGeneric("AuthenticationMech missing from config file");
goto cleanup;
}
/* Get the authenticator. */
config_authenticator_str = config_get_authenticator(SessionHandle->ConfigHandle);
if (!config_authenticator_str)
{
result = GlobusGFSErrorGeneric("Authenticator missing from config file");
goto cleanup;
}
/*
* Get the current HPSS client configuration.
*/
retval = hpss_GetConfiguration(&api_config);
if (retval != 0)
{
result = GlobusGFSErrorSystemError("hpss_GetConfiguration", -retval);
goto cleanup;
}
/* Translate the authentication mechanism. */
retval = hpss_AuthnMechTypeFromString(authn_mech, &api_config.AuthnMech);
if (retval != HPSS_E_NOERROR)
{
result = GlobusGFSErrorGeneric("Bad value for config value AuthenticationMech");
goto cleanup;
}
/* Parse the authenticator. */
retval = hpss_ParseAuthString(config_authenticator_str,
&api_config.AuthnMech,
&auth_type,
(void **)&actual_authenticator_val);
if (retval != HPSS_E_NOERROR)
{
actual_authenticator_val = NULL;
result = GlobusGFSErrorGeneric("Bad value for config value Authenticator");
goto cleanup;
}
/* Now set the current HPSS client configuration. */
api_config.Flags = API_USE_CONFIG;
retval = hpss_SetConfiguration(&api_config);
if (retval != 0)
{
result = GlobusGFSErrorSystemError("hpss_SetConfiguration", -retval);
goto cleanup;
}
/* Now log into HPSS using our configured 'super user' */
retval = hpss_SetLoginCred(login_name,
api_config.AuthnMech,
hpss_rpc_cred_client,
auth_type,
actual_authenticator_val);
if (retval != 0)
{
result = GlobusGFSErrorSystemError("hpss_SetLoginCred", -retval);
goto cleanup;
}
/*
* Now we need to masquerade as this user on our HPSS connection.
*/
/* Get the user's UID. */
result = misc_username_to_uid(SessionHandle->SessionInfo.username, &uid);
if (result != GLOBUS_SUCCESS)
goto cleanup;
/*
* Deterine the current umask.
*/
old_mask = hpss_Umask(0);
hpss_Umask(old_mask);
/*
* Now masquerade as this user. This will lookup uid in our realm and
* set our credential to that user. The lookup is determined by the
* /var/hpss/etc/auth.conf, authz.conf files.
*/
retval = hpss_LoadDefaultThreadState(uid, old_mask, NULL);
if(retval != 0)
{
result = GlobusGFSErrorSystemError("hpss_LoadDefaultThreadState", -retval);
goto cleanup;
}
cleanup:
if (actual_authenticator_val)
free(actual_authenticator_val);
if (result != GLOBUS_SUCCESS)
{
GlobusGFSHpssDebugExitWithError();
return result;
}
GlobusGFSHpssDebugExit();
return GLOBUS_SUCCESS;
}
