/*
* Create a credential info object from a Munge context
*/
static munge_info_t *
cred_info_create(munge_ctx_t ctx)
{
munge_err_t e;
munge_info_t *mi = cred_info_alloc();
e = munge_ctx_get(ctx, MUNGE_OPT_ENCODE_TIME, &mi->encoded);
if (e != EMUNGE_SUCCESS)
error ("auth_munge: Unable to retrieve encode time: %s",
munge_ctx_strerror(ctx));
e = munge_ctx_get(ctx, MUNGE_OPT_DECODE_TIME, &mi->decoded);
if (e != EMUNGE_SUCCESS)
error ("auth_munge: Unable to retrieve decode time: %s",
munge_ctx_strerror(ctx));
e = munge_ctx_get(ctx, MUNGE_OPT_CIPHER_TYPE, &mi->cipher);
if (e != EMUNGE_SUCCESS)
error ("auth_munge: Unable to retrieve cipher type: %s",
munge_ctx_strerror(ctx));
e = munge_ctx_get(ctx, MUNGE_OPT_MAC_TYPE, &mi->mac);
if (e != EMUNGE_SUCCESS)
error ("auth_munge: Unable to retrieve mac type: %s",
munge_ctx_strerror(ctx));
e = munge_ctx_get(ctx, MUNGE_OPT_ZIP_TYPE, &mi->zip);
if (e != EMUNGE_SUCCESS)
error ("auth_munge: Unable to retrieve zip type: %s",
munge_ctx_strerror(ctx));
return mi;
}
/*
* Allocate a credential. This function should return NULL if it cannot
* allocate a credential. Whether the credential is populated with useful
* data at this time is implementation-dependent.
*/
slurm_auth_credential_t *
slurm_auth_create( void *argv[], char *socket )
{
int retry = 2;
slurm_auth_credential_t *cred = NULL;
munge_err_t e = EMUNGE_SUCCESS;
munge_ctx_t ctx = munge_ctx_create();
SigFunc *ohandler;
if (ctx == NULL) {
error("munge_ctx_create failure");
return NULL;
}
#if 0
/* This logic can be used to determine what socket is used by default.
* A typical name is "/var/run/munge/munge.socket.2" */
{
char *old_socket;
if (munge_ctx_get(ctx, MUNGE_OPT_SOCKET, &old_socket) != EMUNGE_SUCCESS)
error("munge_ctx_get failure");
else
info("Default Munge socket is %s", old_socket);
}
#endif
if (socket &&
(munge_ctx_set(ctx, MUNGE_OPT_SOCKET, socket) != EMUNGE_SUCCESS)) {
error("munge_ctx_set failure");
munge_ctx_destroy(ctx);
return NULL;
}
cred = xmalloc(sizeof(*cred));
cred->verified = false;
cred->m_str = NULL;
cred->buf = NULL;
cred->len = 0;
cred->cr_errno = SLURM_SUCCESS;
xassert(cred->magic = MUNGE_MAGIC);
/*
* Temporarily block SIGALARM to avoid misleading
* "Munged communication error" from libmunge if we
* happen to time out the connection in this secion of
* code.
*/
ohandler = xsignal(SIGALRM, SIG_BLOCK);
again:
e = munge_encode(&cred->m_str, ctx, cred->buf, cred->len);
if (e != EMUNGE_SUCCESS) {
if ((e == EMUNGE_SOCKET) && retry--) {
error ("Munge encode failed: %s (retrying ...)",
munge_ctx_strerror(ctx));
#ifdef MULTIPLE_SLURMD
sleep(1);
#endif
goto again;
}
error("Munge encode failed: %s", munge_ctx_strerror(ctx));
xfree( cred );
cred = NULL;
plugin_errno = e + MUNGE_ERRNO_OFFSET;
}
xsignal(SIGALRM, ohandler);
munge_ctx_destroy(ctx);
return cred;
}
