void LoginRESTService::Run() { soap soapServer(SOAP_C_UTFSTRING, SOAP_C_UTFSTRING); // check every 3 seconds if world ended soapServer.accept_timeout = 3; soapServer.recv_timeout = 5; soapServer.send_timeout = 5; if (!soap_valid_socket(soap_bind(&soapServer, _bindIP.c_str(), _port, 100))) { TC_LOG_ERROR("server.rest", "Couldn't bind to %s:%d", _bindIP.c_str(), _port); return; } TC_LOG_INFO("server.rest", "Login service bound to http://%s:%d", _bindIP.c_str(), _port); http_post_handlers handlers[] = { { "application/json;charset=utf-8", handle_post_plugin }, { "application/json", handle_post_plugin }, { nullptr, nullptr } }; soap_register_plugin_arg(&soapServer, &http_get, (void*)&handle_get_plugin); soap_register_plugin_arg(&soapServer, &http_post, handlers); soap_register_plugin_arg(&soapServer, &ContentTypePlugin::Init, (void*)"application/json;charset=utf-8"); // Use our already ready ssl context soapServer.ctx = Battlenet::SslContext::instance().native_handle(); soapServer.ssl_flags = SOAP_SSL_RSA; while (!_stopped) { if (!soap_valid_socket(soap_accept(&soapServer))) continue; // ran into an accept timeout std::shared_ptr<soap> soapClient = std::make_shared<soap>(soapServer); boost::asio::ip::address_v4 address(soapClient->ip); if (soap_ssl_accept(soapClient.get()) != SOAP_OK) { TC_LOG_DEBUG("server.rest", "Failed SSL handshake from IP=%s", address.to_string().c_str()); continue; } TC_LOG_DEBUG("server.rest", "Accepted connection from IP=%s", address.to_string().c_str()); std::thread([soapClient] { soap_serve(soapClient.get()); }).detach(); } // and release the context handle here - soap does not own it so it should not free it on exit soapServer.ctx = nullptr; TC_LOG_INFO("server.rest", "Login service exiting..."); }
/** * srmCheckPermission method. * * \param soap * \param srm_endpoint * \param userID * \param path * \param checkInLocalCacheOnly * \param resp request response * * \returns request exit status (EXIT_SUCCESS/EXIT_FAILURE) */ extern int CheckPermission(struct soap *soap, const char *srm_endpoint, const char *userID, const tSurlInfoArray path, bool *checkInLocalCacheOnly, /* yes, no const in gsoap headers */ struct srm__srmCheckPermissionResponse_ *resp) { DM_DBG_I; struct srm__srmCheckPermissionRequest req; DO_SOAP_INIT(soap); #ifdef HAVE_CGSI_PLUGIN int flags; flags = CGSI_OPT_DISABLE_NAME_CHECK|CGSI_OPT_DELEG_FLAG; soap_register_plugin_arg (soap, client_cgsi_plugin, &flags); #else #warning "Compiling without CGSI plugin support, i.e. no security" #endif NEW_STR_VAL(userID,TUserID); NOT_NULL(req.arrayOfSiteURLs = soap_new_srm__ArrayOfTSURLInfo(soap, -1)); ARRAY_OF_TSURL_INFO(arrayOfSiteURLs); PBOOL_VAL(checkInLocalCacheOnly); /* To send the request ... */ SOAP_CALL_SRM(CheckPermission); RETURN(EXIT_SUCCESS); }
/** * srmSuspendRequest method. * * \param soap * \param srm_endpoint * \param userID * \param requestToken * \param resp request response * * \returns request exit status (EXIT_SUCCESS/EXIT_FAILURE) */ extern int SuspendRequest(struct soap *soap, const char *srm_endpoint, const char *userID, const char *requestToken, struct srm__srmSuspendRequestResponse_ *resp) { DM_DBG_I; struct srm__srmSuspendRequestRequest req; DO_SOAP_INIT(soap); #ifdef HAVE_CGSI_PLUGIN int flags; flags = CGSI_OPT_DISABLE_NAME_CHECK|CGSI_OPT_DELEG_FLAG; soap_register_plugin_arg (soap, client_cgsi_plugin, &flags); #else #warning "Compiling without CGSI plugin support, i.e. no security" #endif NEW_STR_VAL(userID,TUserID); NEW_STR_VAL(requestToken,TRequestToken); /* To send the request ... */ SOAP_CALL_SRM(SuspendRequest); RETURN(EXIT_SUCCESS); }
static int rmc_init (struct soap *soap, char *errbuf, int errbufsz) { int flags; soap_init (soap); soap->namespaces = namespaces_rmc; if (rmc_endpoint == NULL && (rmc_endpoint = getenv ("RMC_ENDPOINT")) == NULL) { if (!gfal_is_nobdii ()) { if (get_rls_endpoints (&lrc_endpoint, &rmc_endpoint, errbuf, errbufsz) != 0) { errno = EINVAL; return (-1); } } else { gfal_errmsg (errbuf, errbufsz, GFAL_ERRLEVEL_ERROR, "You have to define 'RMC_ENDPOINT' and 'LRC_ENDPOINT' environment variables, when BDII calls are disabled"); errno = EINVAL; return (-1); } } #ifdef GFAL_SECURE if (strncmp (rmc_endpoint, "https", 5) == 0) { flags = CGSI_OPT_SSL_COMPATIBLE; soap_register_plugin_arg (soap, client_cgsi_plugin, &flags); } #endif gfal_errmsg (errbuf, errbufsz, GFAL_ERRLEVEL_ERROR, "RMC/LRC are obsolete! Please use LFC instead."); return (0); }
/** * srmMkdir method. * * \param soap * \param srm_endpoint * \param userID * \param SURLOrStFN * \param storageSystemInfo * \param resp request response * * \returns request exit status (EXIT_SUCCESS/EXIT_FAILURE) */ extern int Mkdir(struct soap *soap, const char *srm_endpoint, const char *userID, const char *SURLOrStFN, const char *storageSystemInfo, struct srm__srmMkdirResponse_ *resp) { DM_DBG_I; struct srm__srmMkdirRequest req; DO_SOAP_INIT(soap); #ifdef HAVE_CGSI_PLUGIN int flags; flags = CGSI_OPT_DISABLE_NAME_CHECK|CGSI_OPT_DELEG_FLAG; soap_register_plugin_arg (soap, client_cgsi_plugin, &flags); #else #warning "Compiling without CGSI plugin support, i.e. no security" #endif NEW_STR_VAL(userID,TUserID); NOT_NULL(req.directoryPath = soap_new_srm__TSURLInfo(soap, -1)); NEW_STR_VAL_OPT(req.directoryPath->SURLOrStFN, SURLOrStFN, TSURL); NEW_STR_VAL_OPT(req.directoryPath->storageSystemInfo, storageSystemInfo, TStorageSystemInfo); /* To send the request ... */ SOAP_CALL_SRM(Mkdir); RETURN(EXIT_SUCCESS); }
/** * srmAbortRequest method. * * \param soap * \param srm_endpoint * \param authorizationID * \param requestToken * \param resp request response * * \returns request exit status (EXIT_SUCCESS/EXIT_FAILURE) */ extern int AbortRequest(struct soap *soap, const char *srm_endpoint, const char *authorizationID, const char *requestToken, struct srm__srmAbortRequestResponse_ *resp) { DM_DBG_I; struct srm__srmAbortRequestRequest req; DO_SOAP_INIT(soap); #ifdef HAVE_CGSI_PLUGIN int flags; flags = CGSI_OPT_DISABLE_NAME_CHECK; soap_register_plugin_arg (soap, client_cgsi_plugin, &flags); #else #warning "Compiling without CGSI plugin support, i.e. no security" #endif MV_CSTR2PSTR(req.authorizationID,authorizationID); MV_CSTR2STR(req.requestToken,requestToken); /* To send the request ... */ SOAP_CALL_SRM(AbortRequest); RETURN(EXIT_SUCCESS); }
/** * srmLs method. * * \param soap * \param srm_endpoint * \param userID * \param path * \param fileStorageType * \param fullDetailedList * \param allLevelRecursive * \param numOfLevels * \param offset * \param count * \param resp request response * * \returns request exit status (EXIT_SUCCESS/EXIT_FAILURE) */ extern int Ls(struct soap *soap, const char *srm_endpoint, const char *userID, const tSurlInfoArray path, const long int *fileStorageType, bool *fullDetailedList, /* yes, no const in gsoap headers */ bool *allLevelRecursive, /* yes, no const in gsoap headers */ int *numOfLevels, /* yes, no const in gsoap headers */ int *offset, /* yes, no const in gsoap headers */ int *count, /* yes, no const in gsoap headers */ struct srm__srmLsResponse_ *resp) { DM_DBG_I; struct srm__srmLsRequest req; DO_SOAP_INIT(soap); #ifdef HAVE_CGSI_PLUGIN int flags; flags = CGSI_OPT_DISABLE_NAME_CHECK|CGSI_OPT_DELEG_FLAG; soap_register_plugin_arg (soap, client_cgsi_plugin, &flags); #else #warning "Compiling without CGSI plugin support, i.e. no security" #endif NEW_STR_VAL(userID,TUserID); NOT_NULL(req.paths = soap_new_srm__ArrayOfTSURLInfo(soap, -1)); ARRAY_OF_TSURL_INFO(paths); req.fileStorageType = (srm__TFileStorageType *)fileStorageType; DM_LOG(DM_N(2), "fileStorageType == `%s'\n", getTFileStorageType(*req.fileStorageType).c_str()); PBOOL_VAL(fullDetailedList); PBOOL_VAL(allLevelRecursive); PINT_VAL(numOfLevels); PINT_VAL(offset); PINT_VAL(count); /* To send the request ... */ SOAP_CALL_SRM(Ls); RETURN(EXIT_SUCCESS); }
int main(int argc, char **argv) { char *buf; size_t len; struct soap soap; soap_init(&soap); /* chunking conserves memory and is generally faster: */ soap_set_omode(&soap, SOAP_IO_CHUNK); if (argc < 2) { /* CGI server */ struct http_post_handlers handlers[] = { { "image/jpg", jpg_handler }, { "image/*", image_handler }, { "image/*;*", image_handler }, { "text/*", text_handler }, { "text/*;*", text_handler }, { NULL } }; soap_register_plugin_arg(&soap, http_post, handlers); /* register plugin (server only) */ soap_serve(&soap); exit(0); } /* client */ if (soap_post_connect(&soap, argv[1], NULL, "text/html") || soap_send(&soap, "<html>") || soap_send(&soap, argc == 2 ? "Hello" : argv[2]) || soap_send(&soap, "</html>") || soap_end_send(&soap)) { soap_print_fault(&soap, stderr); exit(1); } /* after sending, receive body (note: POST handlers should not be set) */ if (soap_begin_recv(&soap) || soap_http_body(&soap, &buf, &len) || soap_end_recv(&soap)) { soap_print_fault(&soap, stderr); exit(1); } printf("Received %lu bytes of type %s:\n", (unsigned long)len, soap.http_content?soap.http_content:""); soap_end(&soap); soap_done(&soap); return 0; }
int main() { struct soap *mydlo = NULL; glite_gsplugin_Context gsplugin_ctx = NULL; int ok1; // test 1 - stdsoap2.c compatibility if ((mydlo = soap_new()) == NULL) { std::cerr << "Couldn't create soap" << std::endl; return 1; } soap_set_endpoint(mydlo, TEST_STR); std::cout << mydlo->endpoint << std::endl; ok1 = strcmp(mydlo->endpoint, TEST_STR); // test 2 - glite_gsplugin.c compatibility // // not real test, just may crash in bad test case on calling // soap->fdelete where will be other function if ( glite_gsplugin_init_context(&gsplugin_ctx) ) { std::cerr << "Couldn't create gSOAP plugin context" << std::endl; goto err; } if (soap_register_plugin_arg(mydlo, glite_gsplugin, gsplugin_ctx)) { std::cerr << "Couldn't register gSoap plugin" << std::endl; goto err; } soap_done(mydlo); free(mydlo); glite_gsplugin_free_context(gsplugin_ctx); return ok1; err: if (gsplugin_ctx) glite_gsplugin_free_context(gsplugin_ctx); if (mydlo) soap_destroy(mydlo); return 1; }
/** * srmPurgeFromSpace method. * * \param soap * \param srm_endpoint * \param authorizationID * \param SURL * \param spaceToken * \param storageSystemInfo * \param resp request response * * \returns request exit status (EXIT_SUCCESS/EXIT_FAILURE) */ extern int PurgeFromSpace(struct soap *soap, const char *srm_endpoint, const char *authorizationID, std::vector <std::string *> SURL, const char *spaceToken, tStorageSystemInfo storageSystemInfo, struct srm__srmPurgeFromSpaceResponse_ *resp) { DM_DBG_I; struct srm__srmPurgeFromSpaceRequest req; DO_SOAP_INIT(soap); #ifdef HAVE_CGSI_PLUGIN int flags; flags = CGSI_OPT_DISABLE_NAME_CHECK; soap_register_plugin_arg (soap, client_cgsi_plugin, &flags); #else #warning "Compiling without CGSI plugin support, i.e. no security" #endif MV_CSTR2PSTR(req.authorizationID,authorizationID); /* SURL */ MV_ARRAY_OF_STR_VAL(req.arrayOfSURLs,SURL,urlArray,AnyURI); MV_CSTR2STR(req.spaceToken,spaceToken); /* Storage system info */ MV_STORAGE_SYSTEM_INFO(req.storageSystemInfo,storageSystemInfo); /* To send the request ... */ SOAP_CALL_SRM(PurgeFromSpace); RETURN(EXIT_SUCCESS); }
/** * srmPrepareToGet method. * * \param soap * \param srm_endpoint * \param userID * \param arrayOfFileRequests * \param arrayOfTransferProtocols * \param userRequestDescription * \param storageSystemInfo * \param totalRetryTime * \param resp request response * * \returns request exit status (EXIT_SUCCESS/EXIT_FAILURE) */ extern int PrepareToGet(struct soap *soap, const char *srm_endpoint, const char *userID, const tArrayOfGetFileRequests arrayOfFileRequests, std::vector <std::string *> arrayOfTransferProtocols, const char *userRequestDescription, const char *storageSystemInfo, const int64_t *totalRetryTime, struct srm__srmPrepareToGetResponse_ *resp) { DM_DBG_I; struct srm__srmPrepareToGetRequest req; DO_SOAP_INIT(soap); #ifdef HAVE_CGSI_PLUGIN int flags; flags = CGSI_OPT_DISABLE_NAME_CHECK|CGSI_OPT_DELEG_FLAG; soap_register_plugin_arg (soap, client_cgsi_plugin, &flags); #else #warning "Compiling without CGSI plugin support, i.e. no security" #endif NEW_STR_VAL(userID,TUserID); NOT_NULL(req.arrayOfFileRequests = soap_new_srm__ArrayOfTGetFileRequest(soap, -1)); /* Create the file request */ DM_LOG(DM_N(2), "arrayOfFileRequests.SURLOrStFN.size() == %d\n", arrayOfFileRequests.SURLOrStFN.size()); for (uint u = 0; u < arrayOfFileRequests.SURLOrStFN.size(); u++) { srm__TGetFileRequest *fileRequest; NOT_NULL(fileRequest = soap_new_srm__TGetFileRequest(soap, -1)); NOT_NULL(fileRequest->dirOption = soap_new_srm__TDirOption(soap, -1)); if(NOT_NULL_VEC(arrayOfFileRequests,allLevelRecursive)) { fileRequest->dirOption->allLevelRecursive = (bool *)arrayOfFileRequests.allLevelRecursive[u]; DM_LOG(DM_N(2), "allLevelRecursive[%u] == %d\n", u, *(fileRequest->dirOption->allLevelRecursive)); } else { fileRequest->dirOption->allLevelRecursive = NULL; DM_LOG(DM_N(2), "allLevelRecursive[%u] == NULL\n", u); } if(NOT_NULL_VEC(arrayOfFileRequests,isSourceADirectory)) { fileRequest->dirOption->isSourceADirectory = arrayOfFileRequests.isSourceADirectory[u]; DM_LOG(DM_N(2), "isSourceADirectory[%u] == %d\n", u, fileRequest->dirOption->isSourceADirectory); } else { fileRequest->dirOption->isSourceADirectory = 0; DM_LOG(DM_N(2), "isSourceADirectory[%u] == 0\n", u); } if(NOT_NULL_VEC(arrayOfFileRequests,numOfLevels)) { fileRequest->dirOption->numOfLevels = arrayOfFileRequests.numOfLevels[u]; DM_LOG(DM_N(2), "numOfLevels[%u] == %d\n", u, fileRequest->dirOption->numOfLevels); } else { fileRequest->dirOption->numOfLevels = 0; DM_LOG(DM_N(2), "numOfLevels[%u] == 0\n", u); } if(NOT_NULL_VEC(arrayOfFileRequests,fileStorageType)) { fileRequest->fileStorageType = (srm__TFileStorageType *)getTFileStorageType(arrayOfFileRequests.fileStorageType[u]->c_str()); DM_LOG(DM_N(2), "fileStorageType[%u] == `%s'\n", u, getTFileStorageType(*fileRequest->fileStorageType).c_str()); } else { fileRequest->fileStorageType = NULL; DM_LOG(DM_N(2), "fileStorageType[%u] == NULL\n", u); } NOT_NULL(fileRequest->fromSURLInfo = soap_new_srm__TSURLInfo(soap, -1)); if(NOT_NULL_VEC(arrayOfFileRequests,SURLOrStFN)) { NOT_NULL(fileRequest->fromSURLInfo->SURLOrStFN = soap_new_srm__TSURL(soap, -1)); fileRequest->fromSURLInfo->SURLOrStFN->value.assign(arrayOfFileRequests.SURLOrStFN[u]->c_str()); DM_LOG(DM_N(2), "SURLOrStFN[%u] == `%s'\n", u, fileRequest->fromSURLInfo->SURLOrStFN->value.c_str()); } else { fileRequest->fromSURLInfo->SURLOrStFN = NULL; DM_LOG(DM_N(2), "SURLOrStFN[%u] == NULL\n", u); } if(NOT_NULL_VEC(arrayOfFileRequests,storageSystemInfo)) { NOT_NULL(fileRequest->fromSURLInfo->storageSystemInfo = soap_new_srm__TStorageSystemInfo(soap, -1)); fileRequest->fromSURLInfo->storageSystemInfo->value.assign(arrayOfFileRequests.storageSystemInfo[u]->c_str()); DM_LOG(DM_N(2), "storageSystemInfo[%u] == `%s'\n", u, fileRequest->fromSURLInfo->storageSystemInfo->value.c_str()); } else { fileRequest->fromSURLInfo->storageSystemInfo = NULL; DM_LOG(DM_N(2), "storageSystemInfo[%u] == NULL\n", u); } if(NOT_NULL_VEC(arrayOfFileRequests,lifetime)) { NOT_NULL(fileRequest->lifetime = soap_new_srm__TLifeTimeInSeconds(soap, -1)); fileRequest->lifetime->value = *arrayOfFileRequests.lifetime[u]; DM_LOG(DM_N(2), "lifetime[%u] == %"PRIi64"\n", u, fileRequest->lifetime->value); } else { fileRequest->lifetime = NULL; DM_LOG(DM_N(2), "lifetime[%u] == NULL\n", u); } if(NOT_NULL_VEC(arrayOfFileRequests,spaceToken)) { NOT_NULL(fileRequest->spaceToken = soap_new_srm__TSpaceToken(soap, -1)); fileRequest->spaceToken->value.assign(arrayOfFileRequests.spaceToken[u]->c_str()); DM_LOG(DM_N(2), "spaceToken[%u] == `%s'\n", u, fileRequest->spaceToken->value.c_str()); } else { fileRequest->spaceToken = NULL; DM_LOG(DM_N(2), "spaceToken[%u] == NULL\n", u); } req.arrayOfFileRequests->getRequestArray.push_back(fileRequest); } req.arrayOfTransferProtocols = soap_new_srm__ArrayOf_USCORExsd_USCOREstring(soap, -1); /* Fill in transfer protocols */ DM_LOG(DM_N(2), "arrayOfTransferProtocols.size() == %d\n", arrayOfTransferProtocols.size()); for(uint u = 0; u < arrayOfTransferProtocols.size(); u++) { if(arrayOfTransferProtocols[u]) { req.arrayOfTransferProtocols->stringArray.push_back(arrayOfTransferProtocols[u]->c_str()); DM_LOG(DM_N(2), "arrayOfTransferProtocols[%i] == `%s'\n", u, arrayOfTransferProtocols[u]->c_str()); } else { DM_LOG(DM_N(2), "arrayOfTransferProtocols[%i] == NULL\n", u); } } NEW_STDSTRING(userRequestDescription); NEW_STR_VAL(storageSystemInfo,TStorageSystemInfo); NEW_INT64_VAL(totalRetryTime,TLifeTimeInSeconds); /* To send the request ... */ SOAP_CALL_SRM(PrepareToGet); RETURN(EXIT_SUCCESS); }
int main(int argc, char **argv) { FILE *fd; BIGNUM *bn = BN_new(); /* init OpenSSL before any OpenSSL and crypto operations */ soap_ssl_init(); /* server's RSA private key for signing */ if ((fd = fopen("serverWCF.pem", "r"))) { srv_privk = PEM_read_PrivateKey(fd, NULL, NULL, (void*)"password"); fclose(fd); if (!srv_privk) { fprintf(stderr, "Could not read private RSA key from server.pem\n"); exit(1); } } else fprintf(stderr, "Could not read server.pem\n"); /* server's certificate with public key for encryption and signature verification */ if ((fd = fopen("servercertWCF.pem", "r"))) { srv_cert = PEM_read_X509(fd, NULL, NULL, NULL); fclose(fd); if (!srv_cert) { fprintf(stderr, "Could not read certificate from clientcert.pem\n"); exit(1); } } else fprintf(stderr, "Could not read server.pem\n"); /* server's RSA public key from the certificate */ srv_pubk = X509_get_pubkey(srv_cert); if (!srv_pubk) { fprintf(stderr, "Could not get public key from certificate\n"); exit(1); } /* server's certificate subject, issuer and serial number */ X509_NAME_oneline(X509_get_subject_name(srv_cert), srv_subject, sizeof(srv_subject)); X509_NAME_oneline(X509_get_issuer_name(srv_cert), srv_issuer, sizeof(srv_issuer)); ASN1_INTEGER_to_BN(X509_get_serialNumber(srv_cert), bn); srv_serial = BN_bn2dec(bn); fprintf(stderr, "Server certificate issuer = \"%s\"\n", srv_issuer); fprintf(stderr, "Server certificate serial = %s (%s)\n", BN_bn2hex(bn), srv_serial); /* client's RSA private key for signing */ if ((fd = fopen("clientWCF.pem", "r"))) { clt_privk = PEM_read_PrivateKey(fd, NULL, NULL, (void*)"password"); fclose(fd); if (!clt_privk) { fprintf(stderr, "Could not read private RSA key from server.pem\n"); exit(1); } } else fprintf(stderr, "Could not read server.pem\n"); /* client's certificate with public key for encryption and signature verification */ if ((fd = fopen("clientcertWCF.pem", "r"))) { clt_cert = PEM_read_X509(fd, NULL, NULL, NULL); fclose(fd); if (!clt_cert) { fprintf(stderr, "Could not read certificate from clientcert.pem\n"); exit(1); } } else fprintf(stderr, "Could not read server.pem\n"); /* client's RSA public key from the certificate */ clt_pubk = X509_get_pubkey(clt_cert); if (!clt_pubk) { fprintf(stderr, "Could not get public key from certificate\n"); exit(1); } /* client's certificate subject, issuer and serial number */ X509_NAME_oneline(X509_get_subject_name(clt_cert), clt_subject, sizeof(clt_subject)); X509_NAME_oneline(X509_get_issuer_name(clt_cert), clt_issuer, sizeof(clt_issuer)); ASN1_INTEGER_to_BN(X509_get_serialNumber(clt_cert), bn); clt_serial = BN_bn2dec(bn); fprintf(stderr, "Client certificate issuer = \"%s\"\n", clt_issuer); fprintf(stderr, "Client certificate serial = %s (%s)\n", BN_bn2hex(bn), clt_serial); OPENSSL_free(bn); if (argc >= 2) { // Service sample application int port = atoi(argv[1]); BasicHttpBinding_USCOREICalculatorService service(SOAP_XML_INDENT | SOAP_XML_CANONICAL); soap_register_plugin_arg(service.soap, soap_wsse, (void*)token_handler); service.soap->send_timeout = service.soap->recv_timeout = 10; // 10 sec /* need cacert to verify certificates */ service.soap->cafile = "clientcertWCF.pem"; service.soap->fsslverify = ssl_verify; if (!soap_valid_socket(service.bind(NULL, port, 100))) { service.soap_stream_fault(std::cerr); exit(1); } std::cerr << "Server running" << std::endl; for (;;) { soap_wsse_verify_auto(service.soap, SOAP_WSSE_IGNORE_EXTRA_REFS, NULL, 0); soap_wsse_decrypt_auto(service.soap, SOAP_MEC_ENV_DEC_AES256_CBC, srv_privk, 0); if (!soap_valid_socket(service.accept()) || service.serve()) service.soap_stream_fault(std::cerr); service.destroy(); } } else { // Client sample application BasicHttpBinding_USCOREICalculatorProxy proxy(endpoint, SOAP_XML_INDENT | SOAP_XML_CANONICAL); soap_register_plugin_arg(proxy.soap, soap_wsse, (void*)token_handler); proxy.soap->send_timeout = proxy.soap->recv_timeout = 10; // 10 sec /* need cacert to verify certificates */ proxy.soap->cafile = "servercertWCF.pem"; proxy.soap->fsslverify = ssl_verify; double n1 = 3.14, n2 = 1.41; if (set_clt_security(proxy.soap)) proxy.soap_stream_fault(std::cerr); else { _mssamm__Add areq; _mssamm__AddResponse ares; areq.n1 = &n1; areq.n2 = &n2; if (proxy.Add(&areq, &ares) == SOAP_OK && ares.AddResult && chk_security(proxy.soap) == SOAP_OK) printf("Add(%g, %g) = %g\n", *areq.n1, *areq.n2, *ares.AddResult); else proxy.soap_stream_fault(std::cerr); proxy.destroy(); } if (set_clt_security(proxy.soap)) proxy.soap_stream_fault(std::cerr); else { _mssamm__Subtract sreq; _mssamm__SubtractResponse sres; sreq.n1 = &n1; sreq.n2 = &n2; if (proxy.Subtract(&sreq, &sres) == SOAP_OK && sres.SubtractResult && chk_security(proxy.soap) == SOAP_OK) printf("Subtract(%g, %g) = %g\n", *sreq.n1, *sreq.n2, *sres.SubtractResult); else proxy.soap_stream_fault(std::cerr); proxy.destroy(); } if (set_clt_security(proxy.soap)) proxy.soap_stream_fault(std::cerr); else { _mssamm__Multiply mreq; _mssamm__MultiplyResponse mres; mreq.n1 = &n1; mreq.n2 = &n2; if (proxy.Multiply(&mreq, &mres) == SOAP_OK && mres.MultiplyResult && chk_security(proxy.soap) == SOAP_OK) printf("Multiply(%g, %g) = %g\n", *mreq.n1, *mreq.n2, *mres.MultiplyResult); else proxy.soap_stream_fault(std::cerr); proxy.destroy(); } if (set_clt_security(proxy.soap)) proxy.soap_stream_fault(std::cerr); else { _mssamm__Divide dreq; _mssamm__DivideResponse dres; dreq.n1 = &n1; dreq.n2 = &n2; if (proxy.Divide(&dreq, &dres) == SOAP_OK && dres.DivideResult && chk_security(proxy.soap) == SOAP_OK) printf("Divide(%g, %g) = %g\n", *dreq.n1, *dreq.n2, *dres.DivideResult); else proxy.soap_stream_fault(std::cerr); proxy.destroy(); } } OPENSSL_free(clt_serial); OPENSSL_free(srv_serial); return 0; }
/** * srmCopy method. * * \param srm_endpoint * \param userID * \param arrayOfFileRequests * \param userRequestDescription * \param overwriteOption * \param removeSourceFiles * \param storageSystemInfo * \param totalRetryTime * \param resp request response * * \returns request exit status (EXIT_SUCCESS/EXIT_FAILURE) */ extern int Copy(struct soap *soap, const char *srm_endpoint, const char *userID, const tArrayOfCopyFileRequests arrayOfFileRequests, const char *userRequestDescription, const long int *overwriteOption, bool *removeSourceFiles, /* yes, no const in gsoap headers */ const char *storageSystemInfo, const int64_t *totalRetryTime, struct srm__srmCopyResponse_ *resp ) { DM_DBG_I; struct srm__srmCopyRequest req; DO_SOAP_INIT(soap); #ifdef HAVE_CGSI_PLUGIN int flags; flags = CGSI_OPT_DISABLE_NAME_CHECK|CGSI_OPT_DELEG_FLAG; soap_register_plugin_arg (soap, client_cgsi_plugin, &flags); #else #warning "Compiling without CGSI plugin support, i.e. no security" #endif NEW_STR_VAL(userID,TUserID); NOT_NULL(req.arrayOfFileRequests = soap_new_srm__ArrayOfTCopyFileRequest(soap, -1)); /* Create the file request */ DM_LOG(DM_N(2), "arrayOfFileRequests.fromSURLOrStFN.size() == %d\n", arrayOfFileRequests.fromSURLOrStFN.size()); for (uint u = 0; u < arrayOfFileRequests.fromSURLOrStFN.size(); u++) { srm__TCopyFileRequest *fileRequest; NOT_NULL(fileRequest = soap_new_srm__TCopyFileRequest(soap, -1)); NOT_NULL(fileRequest->dirOption = soap_new_srm__TDirOption(soap, -1)); if(NOT_NULL_VEC(arrayOfFileRequests,allLevelRecursive)) { fileRequest->dirOption->allLevelRecursive = (bool *)arrayOfFileRequests.allLevelRecursive[u]; DM_LOG(DM_N(2), "allLevelRecursive[%u] == %d\n", u, *(fileRequest->dirOption->allLevelRecursive)); } else { fileRequest->dirOption->allLevelRecursive = NULL; DM_LOG(DM_N(2), "allLevelRecursive[%u] == NULL\n", u); } if(NOT_NULL_VEC(arrayOfFileRequests,isSourceADirectory)) { fileRequest->dirOption->isSourceADirectory = arrayOfFileRequests.isSourceADirectory[u]; DM_LOG(DM_N(2), "isSourceADirectory[%u] == %d\n", u, fileRequest->dirOption->isSourceADirectory); } else { fileRequest->dirOption->isSourceADirectory = 0; DM_LOG(DM_N(2), "isSourceADirectory == 0\n"); } if(NOT_NULL_VEC(arrayOfFileRequests,numOfLevels)) { fileRequest->dirOption->numOfLevels = arrayOfFileRequests.numOfLevels[u]; DM_LOG(DM_N(2), "numOfLevels[%u] == %d\n", u, fileRequest->dirOption->numOfLevels); } else { fileRequest->dirOption->numOfLevels = 0; DM_LOG(DM_N(2), "numOfLevels == 0\n"); } if(NOT_NULL_VEC(arrayOfFileRequests,fileStorageType)) { fileRequest->fileStorageType = (srm__TFileStorageType *)getTFileStorageType(arrayOfFileRequests.fileStorageType[u]->c_str()); DM_LOG(DM_N(2), "fileStorageType[%u] == `%s'\n", u, getTFileStorageType(*fileRequest->fileStorageType).c_str()); } else { fileRequest->fileStorageType = NULL; DM_LOG(DM_N(2), "fileStorageType[%u] == NULL\n", u); } NOT_NULL(fileRequest->fromSURLInfo = soap_new_srm__TSURLInfo(soap, -1)); if(NOT_NULL_VEC(arrayOfFileRequests,fromSURLOrStFN)) { NOT_NULL(fileRequest->fromSURLInfo->SURLOrStFN = soap_new_srm__TSURL(soap, -1)); fileRequest->fromSURLInfo->SURLOrStFN->value.assign(arrayOfFileRequests.fromSURLOrStFN[u]->c_str()); DM_LOG(DM_N(2), "fromSURLOrStFN[%u] == `%s'\n", u, fileRequest->fromSURLInfo->SURLOrStFN->value.c_str()); } else { fileRequest->fromSURLInfo->SURLOrStFN = NULL; DM_LOG(DM_N(2), "fromSURLOrStFN[%u] == NULL\n", u); } if(NOT_NULL_VEC(arrayOfFileRequests,fromStorageSystemInfo)) { NOT_NULL(fileRequest->fromSURLInfo->storageSystemInfo = soap_new_srm__TStorageSystemInfo(soap, -1)); fileRequest->fromSURLInfo->storageSystemInfo->value.assign(arrayOfFileRequests.fromStorageSystemInfo[u]->c_str()); DM_LOG(DM_N(2), "fromStorageSystemInfo[%u] == `%s'\n", u, fileRequest->fromSURLInfo->storageSystemInfo->value.c_str()); } else { fileRequest->fromSURLInfo->storageSystemInfo = NULL; DM_LOG(DM_N(2), "fromStorageSystemInfo[%u] == NULL\n", u); } if(NOT_NULL_VEC(arrayOfFileRequests,lifetime)) { NOT_NULL(fileRequest->lifetime = soap_new_srm__TLifeTimeInSeconds(soap, -1)); fileRequest->lifetime->value = *arrayOfFileRequests.lifetime[u]; DM_LOG(DM_N(2), "lifetime[%u] == %"PRIi64"\n", u, fileRequest->lifetime->value); } else { fileRequest->lifetime = NULL; DM_LOG(DM_N(2), "lifetime[%u] == NULL\n", u); } if(NOT_NULL_VEC(arrayOfFileRequests,overwriteMode)) { fileRequest->overwriteMode = (srm__TOverwriteMode *) arrayOfFileRequests.overwriteMode[u]; DM_LOG(DM_N(2), "overwriteMode[%u] == `%s'\n", u, getTOverwriteMode(*fileRequest->overwriteMode).c_str()); } else { fileRequest->overwriteMode = NULL; DM_LOG(DM_N(2), "overwriteMode[%u] == NULL\n", u); } if(NOT_NULL_VEC(arrayOfFileRequests,spaceToken)) { NOT_NULL(fileRequest->spaceToken = soap_new_srm__TSpaceToken(soap, -1)); fileRequest->spaceToken->value.assign(arrayOfFileRequests.spaceToken[u]->c_str()); DM_LOG(DM_N(2), "spaceToken[%u] == `%s'\n", u, fileRequest->spaceToken->value.c_str()); } else { fileRequest->spaceToken = NULL; DM_LOG(DM_N(2), "spaceToken[%u] == NULL\n", u); } NOT_NULL(fileRequest->toSURLInfo = soap_new_srm__TSURLInfo(soap, -1)); if(NOT_NULL_VEC(arrayOfFileRequests,toSURLOrStFN)) { NOT_NULL(fileRequest->toSURLInfo->SURLOrStFN = soap_new_srm__TSURL(soap, -1)); fileRequest->toSURLInfo->SURLOrStFN->value.assign(arrayOfFileRequests.toSURLOrStFN[u]->c_str()); DM_LOG(DM_N(2), "toSURLOrStFN[%u] == `%s'\n", u, fileRequest->toSURLInfo->SURLOrStFN->value.c_str()); } else { fileRequest->toSURLInfo->SURLOrStFN = NULL; DM_LOG(DM_N(2), "toSURLOrStFN[%u] == NULL\n", u); } if(NOT_NULL_VEC(arrayOfFileRequests,toStorageSystemInfo)) { NOT_NULL(fileRequest->toSURLInfo->storageSystemInfo = soap_new_srm__TStorageSystemInfo(soap, -1)); fileRequest->toSURLInfo->storageSystemInfo->value.assign(arrayOfFileRequests.toStorageSystemInfo[u]->c_str()); DM_LOG(DM_N(2), "toStorageSystemInfo[%u] == `%s'\n", u, fileRequest->toSURLInfo->storageSystemInfo->value.c_str()); } else { fileRequest->toSURLInfo->storageSystemInfo = NULL; DM_LOG(DM_N(2), "toStorageSystemInfo[%u] == NULL\n", u); } req.arrayOfFileRequests->copyRequestArray.push_back(fileRequest); } NEW_STDSTRING(userRequestDescription); req.overwriteOption = (srm__TOverwriteMode *) overwriteOption; DM_LOG(DM_N(2), "overwriteOption == `%s'\n", getTOverwriteMode(*req.overwriteOption).c_str()); PBOOL_VAL(removeSourceFiles); NEW_STR_VAL(storageSystemInfo,TStorageSystemInfo); NEW_INT64_VAL(totalRetryTime,TLifeTimeInSeconds); /* To send the request ... */ SOAP_CALL_SRM(Copy); RETURN(EXIT_SUCCESS); }
/** * List all replicas of a given InputDataType. A replica needs to contain * a valid SEId that is registered with the Information Service. * * @param inputDataType Defines one of the following InputDataTypes: * lfn ... LogicalFileName * guid ... GUID Global Unique Idenifier * lds ... LogicalDataSet * query ... generic query to the catalogue * Further InputDataTypes can be extended in the future but need to * be understood by the remote catalogue. * Note that a catalogue does not need to implement all of the four * InputDataTypes but is free to support any subset. * @param inputData Actutual InputData variable * * @returns a vector of URLs that represent the locations of where * the InputData is located. The URL can either be a full URL * of the form protocol://hostname/pathname * or hostname * where hostname is a registered SEId. */ std::vector<std::string> dli::DataLocationInterfaceSOAP::listReplicas(std::string inputDataType, std::string inputData, const classad::ClassAd & ad, const std::string& endpoint) { ///////////////////...for using secure endpoint bool proxyInJdl = true; std::string proxy; try { proxy = jdl::get_x509_user_proxy(ad); } catch(...) { proxyInJdl = false; } if(0 == strncasecmp(endpoint.c_str(), "https://", 8)) { if (proxyInJdl) { if (!m_ctx) { if ( glite_gsplugin_init_context(&m_ctx) ) { throw DLIerror("gsplugin_init_context FAILED"); } } if (glite_gsplugin_set_credential(m_ctx, proxy.c_str(), proxy.c_str())) { std::string gss_err(m_ctx->error_msg); glite_gsplugin_free_context(m_ctx); m_ctx = NULL; throw DLIerror("Cannot set credentials in the gsoap-plugin context: " + gss_err); } } else { throw DLIerror("UserProxy not specified in the ClassAd"); } if (soap_register_plugin_arg(&m_soap, glite_gsplugin, m_ctx)) { std::stringstream ss; ss << m_soap.error; std::string soap_err = ss.str(); throw DLIerror("soap_register_plugin_arg FAILED: " + soap_err); } } std::vector<std::string> urlVector; struct datalocationinterface__listReplicasResponse theList; // Call listReplicas and handle potential SOAP Faults if (soap_call_datalocationinterface__listReplicas( &m_soap, endpoint.c_str(), "", inputDataType, inputData, theList)) { std::string ex; if (m_soap.error) { soap_set_fault(&m_soap); const char** faultdetail_ptr = soap_faultdetail(&m_soap); std::string faultdetail; if (*faultdetail_ptr != NULL) { faultdetail = *faultdetail_ptr; } else { faultdetail = "unknown"; } const char** faultcode_ptr = soap_faultcode(&m_soap); std::string faultcode; if ( *faultcode_ptr != NULL ) faultcode = *faultcode_ptr; else faultcode = "unknown"; const char** faultstring_ptr = soap_faultstring(&m_soap); std::string faultstring; if (*faultstring_ptr != NULL ) faultstring = *faultstring_ptr; else faultstring = "unknown"; std::string SOAP_FAULTCODE = "SOAP_FAULTCODE: "; std::string SOAP_FAULTSTRING = "SOAP_FAULTSTRING: "; std::string SOAP_FAULT_DETAIL = "SOAP_FAULT_DETAIL: "; std::string new_line = "\n"; ex = new_line + SOAP_FAULTCODE + faultcode + new_line + SOAP_FAULTSTRING + faultstring + new_line + SOAP_FAULT_DETAIL + faultdetail + new_line; } else { ex = "Error in soap request towards StorageIndex Catalog. Unknown error."; } throw DLIerror(ex); } for (int i = 0; i < (theList.urlList)->__size; i++) { #ifdef GSOAP_279_TRICK std::string *thisS = *(theList.urlList->__ptritem); #else std::string *thisS = (theList.urlList->__ptritem); #endif //std::string str( ((theList.urlList)->__ptritem)[i] ); std::string str( *(thisS + i) ); urlVector.push_back( str ); } return urlVector; } // listReplicas
int main(int argc, char **argv) { struct soap *soap; int server = 0; int text = 0; int port = 0; FILE *fd; double result; char *user; int runs = 1; /* create context */ soap = soap_new(); /* register wsse plugin */ soap_register_plugin_arg(soap, soap_wsse, (void*)token_handler); /* options */ if (argc >= 2) { if (strchr(argv[1], 'c')) soap_set_omode(soap, SOAP_IO_CHUNK); else if (strchr(argv[1], 'y')) soap_set_omode(soap, SOAP_IO_STORE); if (strchr(argv[1], 'i')) soap_set_omode(soap, SOAP_XML_INDENT); if (strchr(argv[1], 'n')) soap_set_omode(soap, SOAP_XML_CANONICAL); if (strchr(argv[1], 'a')) aes = 1; if (strchr(argv[1], 'o')) oaep = 1; if (strchr(argv[1], 'd')) sym = 1; if (strchr(argv[1], 'e')) enc = 1; if (strchr(argv[1], 'f')) addenc = 1; /* if (strchr(argv[1], 'F')) addenca = 1; */ if (strchr(argv[1], 'h')) hmac = 1; if (strchr(argv[1], 'k')) nokey = 1; if (strchr(argv[1], 's')) server = 1; if (strchr(argv[1], 't')) text = 1; if (strchr(argv[1], 'g')) addsig = 1; if (strchr(argv[1], 'b')) nobody = 1; if (strchr(argv[1], 'x')) nohttp = 1; if (strchr(argv[1], 'z')) soap_set_mode(soap, SOAP_ENC_ZLIB); if (isdigit(argv[1][strlen(argv[1])-1])) { runs = argv[1][strlen(argv[1])-1] - '0'; soap_set_mode(soap, SOAP_IO_KEEPALIVE); } } /* soap->actor = "..."; */ /* set only when required */ user = getenv("USER"); if (!user) user = "******"; /* read RSA private key for signing */ if ((fd = fopen("server.pem", "r"))) { rsa_privk = PEM_read_PrivateKey(fd, NULL, NULL, (void*)"password"); fclose(fd); if (!rsa_privk) { fprintf(stderr, "Could not read private RSA key from server.pem\n"); exit(1); } } else fprintf(stderr, "Could not read server.pem\n"); /* read certificate (more efficient is to keep certificate in memory) to obtain public key for encryption and signature verification */ if ((fd = fopen("servercert.pem", "r"))) { cert = PEM_read_X509(fd, NULL, NULL, NULL); fclose(fd); if (!cert) { fprintf(stderr, "Could not read certificate from servercert.pem\n"); exit(1); } } else fprintf(stderr, "Could not read server.pem\n"); rsa_pubk = X509_get_pubkey(cert); if (!rsa_pubk) { fprintf(stderr, "Could not get public key from certificate\n"); exit(1); } /* port argument */ if (argc >= 3) port = atoi(argv[2]); /* need cacert to verify certificates with CA (cacert.pem for testing and cacerts.pem for production, which contains the trusted CA certificates) */ soap->cafile = "cacert.pem"; /* server or client/ */ if (server) { if (port) { /* stand-alone server serving messages over port */ if (!soap_valid_socket(soap_bind(soap, NULL, port, 100))) { soap_print_fault(soap, stderr); exit(1); } printf("Server started at port %d\n", port); while (soap_valid_socket(soap_accept(soap))) { if (hmac) soap_wsse_verify_auto(soap, SOAP_SMD_HMAC_SHA1, hmac_key, sizeof(hmac_key)); else if (nokey) soap_wsse_verify_auto(soap, SOAP_SMD_VRFY_RSA_SHA1, rsa_pubk, 0); else soap_wsse_verify_auto(soap, SOAP_SMD_NONE, NULL, 0); if (sym) { if (aes) soap_wsse_decrypt_auto(soap, SOAP_MEC_DEC_AES256_CBC, aes_key, sizeof(aes_key)); else soap_wsse_decrypt_auto(soap, SOAP_MEC_DEC_DES_CBC, des_key, sizeof(des_key)); } else if (enc) soap_wsse_decrypt_auto(soap, SOAP_MEC_ENV_DEC_DES_CBC, rsa_privk, 0); if (soap_serve(soap)) { soap_wsse_delete_Security(soap); soap_print_fault(soap, stderr); soap_print_fault_location(soap, stderr); } soap_destroy(soap); soap_end(soap); } soap_print_fault(soap, stderr); exit(1); } else { /* CGI-style server serving messages over stdin/out */ if (hmac) soap_wsse_verify_auto(soap, SOAP_SMD_HMAC_SHA1, hmac_key, sizeof(hmac_key)); else if (nokey) soap_wsse_verify_auto(soap, SOAP_SMD_VRFY_RSA_SHA1, rsa_pubk, 0); else soap_wsse_verify_auto(soap, SOAP_SMD_NONE, NULL, 0); if (sym) { if (aes) soap_wsse_decrypt_auto(soap, SOAP_MEC_DEC_AES256_CBC, aes_key, sizeof(aes_key)); else soap_wsse_decrypt_auto(soap, SOAP_MEC_DEC_DES_CBC, des_key, sizeof(des_key)); } else if (enc) soap_wsse_decrypt_auto(soap, SOAP_MEC_ENV_DEC_DES_CBC, rsa_privk, 0); if (soap_serve(soap)) { soap_wsse_delete_Security(soap); soap_print_fault(soap, stderr); soap_print_fault_location(soap, stderr); } soap_destroy(soap); soap_end(soap); } } else /* client */ { int run; char endpoint[80]; /* ns1:test data */ struct ns1__add a; struct ns1__sub b; a.a = 123; a.b = 456; b.a = 789; b.b = -99999; /* client sending messages to stdout or over port */ if (port) sprintf(endpoint, "http://localhost:%d", port); else if (nohttp) strcpy(endpoint, ""); else strcpy(endpoint, "http://"); for (run = 0; run < runs; run++) { /* message lifetime of 60 seconds */ soap_wsse_add_Timestamp(soap, "Time", 60); /* add user name with text or digest password */ if (text) soap_wsse_add_UsernameTokenText(soap, "User", user, "userPass"); else soap_wsse_add_UsernameTokenDigest(soap, "User", user, "userPass"); if (sym) { if (aes) { /* symmetric encryption with AES */ soap_wsse_add_EncryptedData_KeyInfo_KeyName(soap, "My AES Key"); if (soap_wsse_encrypt_body(soap, SOAP_MEC_ENC_AES256_CBC, aes_key, sizeof(aes_key))) soap_print_fault(soap, stderr); soap_wsse_decrypt_auto(soap, SOAP_MEC_DEC_AES256_CBC, aes_key, sizeof(aes_key)); } else { /* symmetric encryption with DES */ soap_wsse_add_EncryptedData_KeyInfo_KeyName(soap, "My DES Key"); if (soap_wsse_encrypt_body(soap, SOAP_MEC_ENC_DES_CBC, des_key, sizeof(des_key))) soap_print_fault(soap, stderr); soap_wsse_decrypt_auto(soap, SOAP_MEC_DEC_DES_CBC, des_key, sizeof(des_key)); } } else if (addenc || addenca) { /* RSA encryption of the <ns1:add> element */ const char *SubjectKeyId = NULL; /* set to non-NULL to use SubjectKeyIdentifier in Header rather than a full cert key */ /* MUST set wsu:Id of the elements to encrypt */ if (addenc) /* encrypt element <ns1:add> */ { soap_wsse_set_wsu_id(soap, "ns1:add"); if (soap_wsse_add_EncryptedKey_encrypt_only(soap, SOAP_MEC_ENV_ENC_DES_CBC, "Cert", cert, SubjectKeyId, NULL, NULL, "ns1:add")) soap_print_fault(soap, stderr); } else /* encrypt element <a> */ { soap_wsse_set_wsu_id(soap, "a"); if (soap_wsse_add_EncryptedKey_encrypt_only(soap, SOAP_MEC_ENV_ENC_DES_CBC, "Cert", cert, SubjectKeyId, NULL, NULL, "a")) soap_print_fault(soap, stderr); } soap_wsse_decrypt_auto(soap, SOAP_MEC_ENV_DEC_DES_CBC, rsa_privk, 0); } else if (enc) { /* RSA encryption of the SOAP Body */ const char *SubjectKeyId = NULL; /* set to non-NULL to use SubjectKeyIdentifier in Header rather than a full cert key */ if (oaep) { if (soap_wsse_add_EncryptedKey(soap, SOAP_MEC_ENV_ENC_AES256_CBC | SOAP_MEC_OAEP, "Cert", cert, SubjectKeyId, NULL, NULL)) soap_print_fault(soap, stderr); } else if (aes) { if (soap_wsse_add_EncryptedKey(soap, SOAP_MEC_ENV_ENC_AES256_CBC, "Cert", cert, SubjectKeyId, NULL, NULL)) soap_print_fault(soap, stderr); } else { if (soap_wsse_add_EncryptedKey(soap, SOAP_MEC_ENV_ENC_DES_CBC, "Cert", cert, SubjectKeyId, NULL, NULL)) soap_print_fault(soap, stderr); } soap_wsse_decrypt_auto(soap, SOAP_MEC_ENV_DEC_DES_CBC, rsa_privk, 0); } if (hmac) { /* symmetric signature */ if (nobody) soap_wsse_sign(soap, SOAP_SMD_HMAC_SHA1, hmac_key, sizeof(hmac_key)); else soap_wsse_sign_body(soap, SOAP_SMD_HMAC_SHA1, hmac_key, sizeof(hmac_key)); /* WS-SecureConversation contect token */ soap_wsse_add_SecurityContextToken(soap, "SCT", contextId); } else { if (nokey) soap_wsse_add_KeyInfo_KeyName(soap, "MyKey"); else { soap_wsse_add_BinarySecurityTokenX509(soap, "X509Token", cert); soap_wsse_add_KeyInfo_SecurityTokenReferenceX509(soap, "#X509Token"); } if (nobody || addsig) /* do not sign body */ soap_wsse_sign(soap, SOAP_SMD_SIGN_RSA_SHA1, rsa_privk, 0); else soap_wsse_sign_body(soap, SOAP_SMD_SIGN_RSA_SHA256, rsa_privk, 0); } /* enable automatic signature verification of server responses */ if (hmac) soap_wsse_verify_auto(soap, SOAP_SMD_HMAC_SHA1, hmac_key, sizeof(hmac_key)); else if (nokey) soap_wsse_verify_auto(soap, SOAP_SMD_VRFY_RSA_SHA1, rsa_pubk, 0); else soap_wsse_verify_auto(soap, SOAP_SMD_NONE, NULL, 0); /* sign the response message in unsigned body? If so, set wsu:Id */ if (addsig) { soap_wsse_set_wsu_id(soap, "ns1:add"); soap_wsse_sign_only(soap, "User ns1:add"); } /* invoke the server. You can choose add, sub, mul, or div operations * that show different security aspects (intentional message rejections) * for demonstration purposes (see server operations below) */ if (!soap_call_ns1__add(soap, endpoint, NULL, 1.0, 2.0, &result)) { if (!soap_wsse_verify_Timestamp(soap)) { const char *servername = soap_wsse_get_Username(soap); if (servername && !strcmp(servername, "server") && !soap_wsse_verify_Password(soap, "serverPass")) printf("Result = %g\n", result); else { fprintf(stderr, "Server authentication failed\n"); soap_print_fault(soap, stderr); } } else { fprintf(stderr, "Server response expired\n"); soap_print_fault(soap, stderr); } } else { soap_print_fault(soap, stderr); soap_print_fault_location(soap, stderr); } /* clean up security header */ soap_wsse_delete_Security(soap); /* disable soap_wsse_verify_auto */ soap_wsse_verify_done(soap); } /* run */ } /* clean up keys */ if (rsa_privk) EVP_PKEY_free(rsa_privk); if (rsa_pubk) EVP_PKEY_free(rsa_pubk); if (cert) X509_free(cert); /* clean up gSOAP engine */ soap_destroy(soap); soap_end(soap); soap_done(soap); free(soap); /* done */ return 0; }
int32 LoginRESTService::HandlePost(soap* soapClient) { boost::asio::ip::address_v4 address(soapClient->ip); std::string ip_address = address.to_string(); TC_LOG_DEBUG("server.rest", "[%s:%d] Handling POST request path=\"%s\"", ip_address.c_str(), soapClient->port, soapClient->path); static std::string const expectedPath = "/bnetserver/login/"; if (strstr(soapClient->path, expectedPath.c_str()) != &soapClient->path[0]) return 404; char *buf; size_t len; soap_http_body(soapClient, &buf, &len); Battlenet::JSON::Login::LoginForm loginForm; Battlenet::JSON::Login::LoginResult loginResult; if (!JSON::Deserialize(buf, &loginForm)) { if (soap_register_plugin_arg(soapClient, &ResponseCodePlugin::Init, nullptr) != SOAP_OK) return 500; ResponseCodePlugin* responseCode = reinterpret_cast<ResponseCodePlugin*>(soap_lookup_plugin(soapClient, ResponseCodePlugin::PluginId)); ASSERT(responseCode); responseCode->ErrorCode = 400; loginResult.set_authentication_state(Battlenet::JSON::Login::LOGIN); loginResult.set_error_code("UNABLE_TO_DECODE"); loginResult.set_error_message("There was an internal error while connecting to Battle.net. Please try again later."); return SendResponse(soapClient, loginResult); } std::string login; std::string password; for (int32 i = 0; i < loginForm.inputs_size(); ++i) { if (loginForm.inputs(i).input_id() == "account_name") login = loginForm.inputs(i).value(); else if (loginForm.inputs(i).input_id() == "password") password = loginForm.inputs(i).value(); } Utf8ToUpperOnlyLatin(login); Utf8ToUpperOnlyLatin(password); PreparedStatement* stmt = LoginDatabase.GetPreparedStatement(LOGIN_SEL_BNET_ACCOUNT_INFO); stmt->setString(0, login); if (PreparedQueryResult result = LoginDatabase.Query(stmt)) { std::string pass_hash = result->Fetch()[13].GetString(); std::unique_ptr<Battlenet::Session::AccountInfo> accountInfo = Trinity::make_unique<Battlenet::Session::AccountInfo>(); accountInfo->LoadResult(result); if (CalculateShaPassHash(login, std::move(password)) == pass_hash) { stmt = LoginDatabase.GetPreparedStatement(LOGIN_SEL_BNET_CHARACTER_COUNTS_BY_BNET_ID); stmt->setUInt32(0, accountInfo->Id); if (PreparedQueryResult characterCountsResult = LoginDatabase.Query(stmt)) { do { Field* fields = characterCountsResult->Fetch(); accountInfo->GameAccounts[fields[0].GetUInt32()] .CharacterCounts[Battlenet::RealmHandle{ fields[3].GetUInt8(), fields[4].GetUInt8(), fields[2].GetUInt32() }.GetAddress()] = fields[1].GetUInt8(); } while (characterCountsResult->NextRow()); } stmt = LoginDatabase.GetPreparedStatement(LOGIN_SEL_BNET_LAST_PLAYER_CHARACTERS); stmt->setUInt32(0, accountInfo->Id); if (PreparedQueryResult lastPlayerCharactersResult = LoginDatabase.Query(stmt)) { Field* fields = lastPlayerCharactersResult->Fetch(); Battlenet::RealmHandle realmId{ fields[1].GetUInt8(), fields[2].GetUInt8(), fields[3].GetUInt32() }; Battlenet::Session::LastPlayedCharacterInfo& lastPlayedCharacter = accountInfo->GameAccounts[fields[0].GetUInt32()] .LastPlayedCharacters[realmId.GetSubRegionAddress()]; lastPlayedCharacter.RealmId = realmId; lastPlayedCharacter.CharacterName = fields[4].GetString(); lastPlayedCharacter.CharacterGUID = fields[5].GetUInt64(); lastPlayedCharacter.LastPlayedTime = fields[6].GetUInt32(); } BigNumber ticket; ticket.SetRand(20 * 8); loginResult.set_login_ticket("TC-" + ByteArrayToHexStr(ticket.AsByteArray(20).get(), 20)); AddLoginTicket(loginResult.login_ticket(), std::move(accountInfo)); } else if (!accountInfo->IsBanned) { uint32 maxWrongPassword = uint32(sConfigMgr->GetIntDefault("WrongPass.MaxCount", 0)); if (sConfigMgr->GetBoolDefault("WrongPass.Logging", false)) TC_LOG_DEBUG("server.rest", "[%s, Account %s, Id %u] Attempted to connect with wrong password!", ip_address.c_str(), login.c_str(), accountInfo->Id); if (maxWrongPassword) { SQLTransaction trans = LoginDatabase.BeginTransaction(); stmt = LoginDatabase.GetPreparedStatement(LOGIN_UPD_BNET_FAILED_LOGINS); stmt->setUInt32(0, accountInfo->Id); trans->Append(stmt); ++accountInfo->FailedLogins; TC_LOG_DEBUG("server.rest", "MaxWrongPass : %u, failed_login : %u", maxWrongPassword, accountInfo->Id); if (accountInfo->FailedLogins >= maxWrongPassword) { BanMode banType = BanMode(sConfigMgr->GetIntDefault("WrongPass.BanType", uint16(BanMode::BAN_IP))); int32 banTime = sConfigMgr->GetIntDefault("WrongPass.BanTime", 600); if (banType == BanMode::BAN_ACCOUNT) { stmt = LoginDatabase.GetPreparedStatement(LOGIN_INS_BNET_ACCOUNT_AUTO_BANNED); stmt->setUInt32(0, accountInfo->Id); } else { stmt = LoginDatabase.GetPreparedStatement(LOGIN_INS_IP_AUTO_BANNED); stmt->setString(0, ip_address); } stmt->setUInt32(1, banTime); trans->Append(stmt); stmt = LoginDatabase.GetPreparedStatement(LOGIN_UPD_BNET_RESET_FAILED_LOGINS); stmt->setUInt32(0, accountInfo->Id); trans->Append(stmt); } LoginDatabase.CommitTransaction(trans); } } } loginResult.set_authentication_state(Battlenet::JSON::Login::DONE); return SendResponse(soapClient, loginResult); }
/** * srmPrepareToPut method. * * \param soap * \param srm_endpoint * \param authorizationID * \param fileRequests * \param userRequestDescription * \param overwriteOption * \param storageSystemInfo * \param desiredTotalRequestTime * \param desiredPinLifeTime * \param desiredFileLifeTime * \param desiredFileStorageType * \param targetSpaceToken * \param retentionPolicy * \param accessLatency * \param accessPattern * \param connectionType * \param clientNetworks * \param transferProtocols * \param resp request response * * \returns request exit status (EXIT_SUCCESS/EXIT_FAILURE) */ extern int PrepareToPut(struct soap *soap, const char *srm_endpoint, const char *authorizationID, const tArrayOfPutFileRequests fileRequests, const char *userRequestDescription, const long *overwriteOption, tStorageSystemInfo storageSystemInfo, int *desiredTotalRequestTime, int *desiredPinLifeTime, int *desiredFileLifeTime, const long *desiredFileStorageType, const char *targetSpaceToken, const long *retentionPolicy, const long *accessLatency, const long *accessPattern, const long *connectionType, std::vector <std::string *> clientNetworks, std::vector <std::string *> transferProtocols, struct srm__srmPrepareToPutResponse_ *resp) { DM_DBG_I; struct srm__srmPrepareToPutRequest req; DO_SOAP_INIT(soap); #ifdef HAVE_CGSI_PLUGIN int flags; flags = CGSI_OPT_DISABLE_NAME_CHECK; soap_register_plugin_arg (soap, client_cgsi_plugin, &flags); #else #warning "Compiling without CGSI plugin support, i.e. no security" #endif MV_CSTR2PSTR(req.authorizationID,authorizationID); /* Create the file request */ NOT_0(fileRequests.SURL, req.arrayOfFileRequests, soap_new_srm__ArrayOfTPutFileRequest(soap, -1)); for (uint u = 0; u < fileRequests.SURL.size(); u++) { DM_LOG(DM_N(2), "fileRequests.SURL[%u]\n", u); srm__TPutFileRequest *fileRequest; NOT_NULL(fileRequest = soap_new_srm__TPutFileRequest(soap, -1)); MV_PSTR2PSTR(fileRequest->targetSURL,fileRequests.SURL[u]); if(NOT_NULL_VEC(fileRequests,expectedFileSize)) { fileRequest->expectedFileSize = fileRequests.expectedFileSize[u]; DM_LOG(DM_N(2), "expectedFileSize[%u] = %"PRIi64"\n", u, *(fileRequest->expectedFileSize)); } else { fileRequest->expectedFileSize = NULL; DM_LOG(DM_N(2), "expectedFileSize[%u] == NULL\n", u); } req.arrayOfFileRequests->requestArray.push_back(fileRequest); } MV_CSTR2PSTR(req.userRequestDescription,userRequestDescription); MV_PSOAP(OverwriteMode,req.overwriteOption,overwriteOption); /* Storage system info */ MV_STORAGE_SYSTEM_INFO(req.storageSystemInfo,storageSystemInfo); MV_PINT(req.desiredTotalRequestTime,desiredTotalRequestTime); MV_PINT(req.desiredPinLifeTime,desiredPinLifeTime); MV_PINT(req.desiredFileLifeTime,desiredFileLifeTime); MV_PSOAP(FileStorageType,req.desiredFileStorageType,desiredFileStorageType); MV_CSTR2PSTR(req.targetSpaceToken,targetSpaceToken); /* Retention */ MV_RETENTION_POLICY(req.targetFileRetentionPolicyInfo,retentionPolicy,accessLatency); /* Transfer parameters */ MV_TRANSFER_PARAMETERS(req.transferParameters); /* To send the request ... */ SOAP_CALL_SRM(PrepareToPut); RETURN(EXIT_SUCCESS); }