/* * Create a credential info object from a Munge context */ static munge_info_t * cred_info_create(munge_ctx_t ctx) { munge_err_t e; munge_info_t *mi = cred_info_alloc(); e = munge_ctx_get(ctx, MUNGE_OPT_ENCODE_TIME, &mi->encoded); if (e != EMUNGE_SUCCESS) error ("auth_munge: Unable to retrieve encode time: %s", munge_ctx_strerror(ctx)); e = munge_ctx_get(ctx, MUNGE_OPT_DECODE_TIME, &mi->decoded); if (e != EMUNGE_SUCCESS) error ("auth_munge: Unable to retrieve decode time: %s", munge_ctx_strerror(ctx)); e = munge_ctx_get(ctx, MUNGE_OPT_CIPHER_TYPE, &mi->cipher); if (e != EMUNGE_SUCCESS) error ("auth_munge: Unable to retrieve cipher type: %s", munge_ctx_strerror(ctx)); e = munge_ctx_get(ctx, MUNGE_OPT_MAC_TYPE, &mi->mac); if (e != EMUNGE_SUCCESS) error ("auth_munge: Unable to retrieve mac type: %s", munge_ctx_strerror(ctx)); e = munge_ctx_get(ctx, MUNGE_OPT_ZIP_TYPE, &mi->zip); if (e != EMUNGE_SUCCESS) error ("auth_munge: Unable to retrieve zip type: %s", munge_ctx_strerror(ctx)); return mi; }
/* * Allocate a credential. This function should return NULL if it cannot * allocate a credential. Whether the credential is populated with useful * data at this time is implementation-dependent. */ slurm_auth_credential_t * slurm_auth_create( void *argv[], char *socket ) { int retry = 2; slurm_auth_credential_t *cred = NULL; munge_err_t e = EMUNGE_SUCCESS; munge_ctx_t ctx = munge_ctx_create(); SigFunc *ohandler; if (ctx == NULL) { error("munge_ctx_create failure"); return NULL; } #if 0 /* This logic can be used to determine what socket is used by default. * A typical name is "/var/run/munge/munge.socket.2" */ { char *old_socket; if (munge_ctx_get(ctx, MUNGE_OPT_SOCKET, &old_socket) != EMUNGE_SUCCESS) error("munge_ctx_get failure"); else info("Default Munge socket is %s", old_socket); } #endif if (socket && (munge_ctx_set(ctx, MUNGE_OPT_SOCKET, socket) != EMUNGE_SUCCESS)) { error("munge_ctx_set failure"); munge_ctx_destroy(ctx); return NULL; } cred = xmalloc(sizeof(*cred)); cred->verified = false; cred->m_str = NULL; cred->buf = NULL; cred->len = 0; cred->cr_errno = SLURM_SUCCESS; xassert(cred->magic = MUNGE_MAGIC); /* * Temporarily block SIGALARM to avoid misleading * "Munged communication error" from libmunge if we * happen to time out the connection in this secion of * code. */ ohandler = xsignal(SIGALRM, SIG_BLOCK); again: e = munge_encode(&cred->m_str, ctx, cred->buf, cred->len); if (e != EMUNGE_SUCCESS) { if ((e == EMUNGE_SOCKET) && retry--) { error ("Munge encode failed: %s (retrying ...)", munge_ctx_strerror(ctx)); #ifdef MULTIPLE_SLURMD sleep(1); #endif goto again; } error("Munge encode failed: %s", munge_ctx_strerror(ctx)); xfree( cred ); cred = NULL; plugin_errno = e + MUNGE_ERRNO_OFFSET; } xsignal(SIGALRM, ohandler); munge_ctx_destroy(ctx); return cred; }