Exemplo n.º 1
0
/*
 * Execute the job_submit() function in each job submit plugin.
 * If any plugin function returns anything other than SLURM_SUCCESS
 * then stop and forward it's return value.
 * IN job_desc - Job request specification
 * IN submit_uid - User issuing job submit request
 * OUT err_msg - Custom error message to the user, caller to xfree results
 */
extern int job_submit_plugin_submit(struct job_descriptor *job_desc,
				    uint32_t submit_uid, char **err_msg)
{
	DEF_TIMERS;
	int i, rc;

	xassert(verify_lock(CONF_LOCK, READ_LOCK));
	xassert(verify_lock(JOB_LOCK, READ_LOCK));
	xassert(verify_lock(NODE_LOCK, READ_LOCK));
	xassert(verify_lock(PART_LOCK, READ_LOCK));

	START_TIMER;
	rc = job_submit_plugin_init();
	slurm_mutex_lock(&g_context_lock);
	/* NOTE: On function entry read locks are set on config, job, node and
	 * partition structures. Do not attempt to unlock them and then
	 * lock again (say with a write lock) since doing so will trigger
	 * a deadlock with the g_context_lock above. */
	for (i = 0; ((i < g_context_cnt) && (rc == SLURM_SUCCESS)); i++)
		rc = (*(ops[i].submit))(job_desc, submit_uid, err_msg);
	slurm_mutex_unlock(&g_context_lock);
	END_TIMER2("job_submit_plugin_submit");

	return rc;
}
Exemplo n.º 2
0
/* This implements the svn_fs_get_locks_callback_t interface, where
   BATON is just an svn_fs_t object. */
static svn_error_t *
get_locks_callback(void *baton,
                   svn_lock_t *lock,
                   apr_pool_t *pool)
{
  return verify_lock(baton, lock, pool);
}
Exemplo n.º 3
0
const crypto::key::Asymmetric& Nym::get_public_sign_key(
    const T& lock,
    proto::AsymmetricKeyType keytype) const
{
    OT_ASSERT(!m_mapCredentialSets.empty());

    OT_ASSERT(verify_lock(lock));

    const CredentialSet* pCredential = nullptr;

    for (const auto& it : m_mapCredentialSets) {
        // Todo: If we have some criteria, such as which master or
        // child credential
        // is currently being employed by the user, we'll use that here to
        // skip
        // through this loop until we find the right one. Until then, I'm
        // just
        // going to return the first one that's valid (not null).

        pCredential = it.second;
        if (nullptr != pCredential) break;
    }
    if (nullptr == pCredential) OT_FAIL;

    return pCredential->GetPublicSignKey(
        keytype,
        &m_listRevokedIDs);  // success
}
Exemplo n.º 4
0
/*
 * Execute the job_modify() function in each job submit plugin.
 * If any plugin function returns anything other than SLURM_SUCCESS
 * then stop and forward it's return value.
 */
extern int job_submit_plugin_modify(struct job_descriptor *job_desc,
				    struct job_record *job_ptr,
				    uint32_t submit_uid)
{
	DEF_TIMERS;
	int i, rc;

	xassert(verify_lock(CONF_LOCK, READ_LOCK));
	xassert(verify_lock(JOB_LOCK, READ_LOCK));
	xassert(verify_lock(NODE_LOCK, READ_LOCK));
	xassert(verify_lock(PART_LOCK, READ_LOCK));

	START_TIMER;
	rc = job_submit_plugin_init();
	slurm_mutex_lock(&g_context_lock);
	for (i = 0; ((i < g_context_cnt) && (rc == SLURM_SUCCESS)); i++)
		rc = (*(ops[i].modify))(job_desc, job_ptr, submit_uid);
	slurm_mutex_unlock(&g_context_lock);
	END_TIMER2("job_submit_plugin_modify");

	return rc;
}
Exemplo n.º 5
0
bool Nym::load_credential_index(
    const eLock& lock,
    const serializedCredentialIndex& index)
{
    if (!proto::Validate<proto::CredentialIndex>(index, VERBOSE)) {
        otErr << __FUNCTION__ << ": Unable to load invalid serialized"
              << " credential index." << std::endl;

        return false;
    }

    OT_ASSERT(verify_lock(lock));

    const auto nymID = Identifier::Factory(index.nymid());

    if (m_nymID != nymID) { return false; }

    version_ = index.version();
    index_ = index.index();
    revision_.store(index.revision());
    mode_ = index.mode();
    source_ = std::make_shared<NymIDSource>(api_.Factory(), index.source());
    proto::KeyMode mode = (proto::CREDINDEX_PRIVATE == mode_)
                              ? proto::KEYMODE_PRIVATE
                              : proto::KEYMODE_PUBLIC;
    contact_data_.reset();
    m_mapCredentialSets.clear();

    for (auto& it : index.activecredentials()) {
        CredentialSet* newSet = new CredentialSet(api_, mode, it);

        if (nullptr != newSet) {
            m_mapCredentialSets.emplace(
                std::make_pair(newSet->GetMasterCredID(), newSet));
        }
    }

    m_mapRevokedSets.clear();

    for (auto& it : index.revokedcredentials()) {
        CredentialSet* newSet = new CredentialSet(api_, mode, it);

        if (nullptr != newSet) {
            m_mapRevokedSets.emplace(
                std::make_pair(newSet->GetMasterCredID(), newSet));
        }
    }

    return true;
}
Exemplo n.º 6
0
void Nym::revoke_verification_credentials(const eLock& lock)
{
    OT_ASSERT(verify_lock(lock));

    std::list<std::string> revokedIDs;

    for (auto& it : m_mapCredentialSets) {
        if (nullptr != it.second) {
            it.second->RevokeVerificationCredentials(revokedIDs);
        }
    }

    for (auto& it : revokedIDs) { m_listRevokedIDs.push_back(it); }
}
Exemplo n.º 7
0
bool Nym::update_nym(const eLock& lock, const std::int32_t version)
{
    OT_ASSERT(verify_lock(lock));

    if (verify_pseudonym(lock)) {
        // Upgrade version
        if (version > version_) { version_ = version; }

        ++revision_;

        return true;
    }

    return false;
}
Exemplo n.º 8
0
bool Nym::has_capability(const eLock& lock, const NymCapability& capability)
    const
{
    OT_ASSERT(verify_lock(lock));

    for (auto& it : m_mapCredentialSets) {
        OT_ASSERT(nullptr != it.second);

        if (nullptr != it.second) {
            const CredentialSet& credSet = *it.second;

            if (credSet.hasCapability(capability)) { return true; }
        }
    }

    return false;
}
Exemplo n.º 9
0
void Nym::clear_credentials(const eLock& lock)
{
    OT_ASSERT(verify_lock(lock));

    m_listRevokedIDs.clear();

    while (!m_mapCredentialSets.empty()) {
        CredentialSet* pCredential = m_mapCredentialSets.begin()->second;
        m_mapCredentialSets.erase(m_mapCredentialSets.begin());
        delete pCredential;
        pCredential = nullptr;
    }

    while (!m_mapRevokedSets.empty()) {
        CredentialSet* pCredential = m_mapRevokedSets.begin()->second;
        m_mapRevokedSets.erase(m_mapRevokedSets.begin());
        delete pCredential;
        pCredential = nullptr;
    }
}
Exemplo n.º 10
0
bool Nym::add_verification_credential(
    const eLock& lock,
    const proto::VerificationSet& data)
{
    OT_ASSERT(verify_lock(lock));

    bool added = false;

    for (auto& it : m_mapCredentialSets) {
        if (nullptr != it.second) {
            if (it.second->hasCapability(NymCapability::SIGN_CHILDCRED)) {
                added = it.second->AddVerificationCredential(data);

                break;
            }
        }
    }

    return added;
}
Exemplo n.º 11
0
/* The main routine for lock enforcement, used throughout libsvn_fs_base. */
svn_error_t *
svn_fs_base__allow_locked_operation(const char *path,
                                    svn_boolean_t recurse,
                                    trail_t *trail,
                                    apr_pool_t *pool)
{
  if (recurse)
    {
      /* Discover all locks at or below the path. */
      SVN_ERR(svn_fs_bdb__locks_get(trail->fs, path, get_locks_callback,
                                    trail->fs, trail, pool));
    }
  else
    {
      svn_lock_t *lock;

      /* Discover any lock attached to the path. */
      SVN_ERR(svn_fs_base__get_lock_helper(&lock, path, trail, pool));
      if (lock)
        SVN_ERR(verify_lock(trail->fs, lock, pool));
    }
  return SVN_NO_ERROR;
}
Exemplo n.º 12
0
void Nym::init_claims(const eLock& lock) const
{
    OT_ASSERT(verify_lock(lock));

    const auto nymID{m_nymID->str()};
    // const std::string nymID = String::Factory(m_nymID)->Get();

    contact_data_.reset(new class ContactData(
        nymID,
        NYM_CONTACT_DATA_VERSION,
        NYM_CONTACT_DATA_VERSION,
        ContactData::SectionMap()));

    OT_ASSERT(contact_data_);

    std::unique_ptr<proto::ContactData> serialized{nullptr};

    for (auto& it : m_mapCredentialSets) {
        OT_ASSERT(nullptr != it.second);

        const auto& credSet = *it.second;
        credSet.GetContactData(serialized);

        if (serialized) {
            OT_ASSERT(
                proto::Validate(*serialized, VERBOSE, proto::CLAIMS_NORMAL));

            class ContactData claimCred(
                nymID, NYM_CONTACT_DATA_VERSION, *serialized);
            contact_data_.reset(
                new class ContactData(*contact_data_ + claimCred));
            serialized.reset();
        }
    }

    OT_ASSERT(contact_data_)
}
Exemplo n.º 13
0
bool Nym::set_contact_data(const eLock& lock, const proto::ContactData& data)
{
    OT_ASSERT(verify_lock(lock));

    auto version = proto::NymRequiredVersion(data.version(), version_);

    if (!version || version > NYM_UPGRADE_VERSION) {
        otErr << OT_METHOD << __FUNCTION__
              << ": Contact data version not supported by this nym."
              << std::endl;
        return false;
    }

    if (false == has_capability(lock, NymCapability::SIGN_CHILDCRED)) {
        otErr << OT_METHOD << __FUNCTION__ << ": This nym can not be modified."
              << std::endl;

        return false;
    }

    if (false == proto::Validate(data, VERBOSE, false)) {
        otErr << OT_METHOD << __FUNCTION__ << ": Invalid contact data."
              << std::endl;

        return false;
    }

    revoke_contact_credentials(lock);

    if (add_contact_credential(lock, data)) {

        return update_nym(lock, version);
    }

    return false;
}
Exemplo n.º 14
0
Arquivo: refs.c Projeto: ratnikov/git
static struct ref_lock *lock_ref_sha1_basic(const char *ref, const unsigned char *old_sha1, int flags, int *type_p)
{
	char *ref_file;
	const char *orig_ref = ref;
	struct ref_lock *lock;
	int last_errno = 0;
	int type, lflags;
	int mustexist = (old_sha1 && !is_null_sha1(old_sha1));
	int missing = 0;

	lock = xcalloc(1, sizeof(struct ref_lock));
	lock->lock_fd = -1;

	ref = resolve_ref(ref, lock->old_sha1, mustexist, &type);
	if (!ref && errno == EISDIR) {
		/* we are trying to lock foo but we used to
		 * have foo/bar which now does not exist;
		 * it is normal for the empty directory 'foo'
		 * to remain.
		 */
		ref_file = git_path("%s", orig_ref);
		if (remove_empty_directories(ref_file)) {
			last_errno = errno;
			error("there are still refs under '%s'", orig_ref);
			goto error_return;
		}
		ref = resolve_ref(orig_ref, lock->old_sha1, mustexist, &type);
	}
	if (type_p)
	    *type_p = type;
	if (!ref) {
		last_errno = errno;
		error("unable to resolve reference %s: %s",
			orig_ref, strerror(errno));
		goto error_return;
	}
	missing = is_null_sha1(lock->old_sha1);
	/* When the ref did not exist and we are creating it,
	 * make sure there is no existing ref that is packed
	 * whose name begins with our refname, nor a ref whose
	 * name is a proper prefix of our refname.
	 */
	if (missing &&
	     !is_refname_available(ref, NULL, get_packed_refs(NULL), 0)) {
		last_errno = ENOTDIR;
		goto error_return;
	}

	lock->lk = xcalloc(1, sizeof(struct lock_file));

	lflags = LOCK_DIE_ON_ERROR;
	if (flags & REF_NODEREF) {
		ref = orig_ref;
		lflags |= LOCK_NODEREF;
	}
	lock->ref_name = xstrdup(ref);
	lock->orig_ref_name = xstrdup(orig_ref);
	ref_file = git_path("%s", ref);
	if (missing)
		lock->force_write = 1;
	if ((flags & REF_NODEREF) && (type & REF_ISSYMREF))
		lock->force_write = 1;

	if (safe_create_leading_directories(ref_file)) {
		last_errno = errno;
		error("unable to create directory for %s", ref_file);
		goto error_return;
	}

	lock->lock_fd = hold_lock_file_for_update(lock->lk, ref_file, lflags);
	return old_sha1 ? verify_lock(lock, old_sha1, mustexist) : lock;

 error_return:
	unlock_ref(lock);
	errno = last_errno;
	return NULL;
}