void
CheckCredentials () {
CredentialWrapper * pCred;
credentials.Rewind();
dprintf (D_FULLDEBUG, "In CheckCredentials()\n");
// Get current time
time_t now = time(NULL);
while (credentials.Next(pCred)) {
init_user_id_from_FQN (pCred->cred->GetOwner());
priv_state priv = set_user_priv();
time_t time = pCred->cred->GetRealExpirationTime();
dprintf (D_FULLDEBUG, "Checking %s:%s = %ld\n",
pCred->cred->GetOwner(),
pCred->cred->GetName(),
time);
if (time - now < 0) {
dprintf (D_FULLDEBUG, "Credential %s:%s expired!\n",
pCred->cred->GetOwner(),
pCred->cred->GetName());
}
else if (time - now < default_cred_expire_threshold) {
dprintf (D_FULLDEBUG, "Credential %s:%s about to expire\n",
pCred->cred->GetOwner(),
pCred->cred->GetName());
if (pCred->cred->GetType() == X509_CREDENTIAL_TYPE) {
RefreshProxyThruMyProxy ((X509CredentialWrapper*)pCred);
}
}
set_priv (priv); // restore old priv
}
}
// This function is called
// periodically to check for updated proxies. It can be called earlier
// if a proxy is about to expire.
void CheckProxies()
{
int now = time(NULL);
int next_check = CheckProxies_interval + now;
ProxySubject *curr_subject;
dprintf( D_FULLDEBUG, "Checking proxies\n" );
SubjectsByName.startIterations();
while ( SubjectsByName.iterate( curr_subject ) != 0 ) {
Proxy *curr_proxy;
Proxy *new_master = curr_subject->master_proxy;
curr_subject->proxies.Rewind();
while ( curr_subject->proxies.Next( curr_proxy ) != false ) {
int new_expiration =
x509_proxy_expiration_time( curr_proxy->proxy_filename );
// Check whether to renew the proxy (need to check all myproxy entries)
if (!curr_proxy->myproxy_entries.IsEmpty()) {
curr_proxy->myproxy_entries.Rewind();
MyProxyEntry * myProxyEntry=NULL;
while (curr_proxy->myproxy_entries.Next (myProxyEntry) != false ) {
if (new_expiration <= now + (myProxyEntry->refresh_threshold*60)) {
dprintf (D_FULLDEBUG,
"About to RefreshProxyThruMyProxy() for %s\n",
curr_proxy->proxy_filename);
RefreshProxyThruMyProxy (curr_proxy);
break;
}
}
}
curr_proxy->near_expired =
(curr_proxy->expiration_time - now) <= minProxy_time;
if ( new_expiration > curr_proxy->expiration_time ) {
curr_proxy->expiration_time = new_expiration;
curr_proxy->near_expired =
(curr_proxy->expiration_time - now) <= minProxy_time;
Callback cb;
curr_proxy->m_callbacks.Rewind();
while ( curr_proxy->m_callbacks.Next( cb ) ) {
((cb.m_data)->*(cb.m_func_ptr))();
}
if ( curr_proxy->expiration_time > new_master->expiration_time ) {
new_master = curr_proxy;
}
} else if ( curr_proxy->near_expired ) {
Callback cb;
curr_proxy->m_callbacks.Rewind();
while ( curr_proxy->m_callbacks.Next( cb ) ) {
((cb.m_data)->*(cb.m_func_ptr))();
}
}
if ( curr_proxy->expiration_time - minProxy_time < next_check &&
!curr_proxy->near_expired ) {
next_check = curr_proxy->expiration_time - minProxy_time;
}
}
if ( new_master != curr_subject->master_proxy ) {
SetMasterProxy( curr_subject->master_proxy, new_master );
}
}
// next_check is the absolute time of the next check, convert it to
// a relative time (from now)
daemonCore->Reset_Timer( CheckProxies_tid, next_check - now );
}
