int GetMyProxyPasswordFromSchedD (int cluster_id, int proc_id, char ** password) { // This might seem not necessary, but it IS // For some reason you can't just pass cluster_id to sock->code() directly!!!! int cluster, proc; cluster = cluster_id; proc = proc_id; dprintf ( D_FULLDEBUG, " GetMyProxyPasswordFromSchedD %d, %d\n", cluster_id, proc_id); // Get At Schedd Daemon schedd( DT_SCHEDD ); if( ! schedd.locate() ) { dprintf( D_ALWAYS, "GetMyProxyPasswordFromSchedD: Can't find address of local schedd\n" ); return FALSE; } // Start command Sock* sock; if (!(sock = schedd.startCommand( GET_MYPROXY_PASSWORD, Stream::reli_sock, 0))) { dprintf( D_ALWAYS, "GetMyProxyPasswordFromSchedD: Could not connect to local schedd\n" ); return FALSE; } sock->encode(); if (!sock->code (cluster) || !sock->code(proc)) { dprintf( D_ALWAYS, "GetMyProxyPasswordFromSchedD: Could not encode clusterId, procId\n" ); return FALSE; } sock->end_of_message(); sock->decode(); if (!sock->code (*password)) { dprintf( D_ALWAYS, "GetMyProxyPasswordFromSchedD: Can't retrieve password\n" ); return FALSE; } sock->end_of_message(); sock->close(); delete sock; return TRUE; }
int DCStartd::activateClaim( ClassAd* job_ad, int starter_version, ReliSock** claim_sock_ptr ) { int reply; dprintf( D_FULLDEBUG, "Entering DCStartd::activateClaim()\n" ); setCmdStr( "activateClaim" ); if( claim_sock_ptr ) { // our caller wants a pointer to the socket we used to // successfully activate the claim. right now, set it to // NULL to signify error, and if everything works out, // we'll give them a pointer to the real object. *claim_sock_ptr = NULL; } if( ! claim_id ) { newError( CA_INVALID_REQUEST, "DCStartd::activateClaim: called with NULL claim_id, failing" ); return CONDOR_ERROR; } // if this claim is associated with a security session ClaimIdParser cidp(claim_id); char const *sec_session = cidp.secSessionId(); Sock* tmp; tmp = startCommand( ACTIVATE_CLAIM, Stream::reli_sock, 20, NULL, NULL, false, sec_session ); if( ! tmp ) { newError( CA_COMMUNICATION_ERROR, "DCStartd::activateClaim: Failed to send command ACTIVATE_CLAIM to the startd" ); return CONDOR_ERROR; } if( ! tmp->put_secret(claim_id) ) { newError( CA_COMMUNICATION_ERROR, "DCStartd::activateClaim: Failed to send ClaimId to the startd" ); delete tmp; return CONDOR_ERROR; } if( ! tmp->code(starter_version) ) { newError( CA_COMMUNICATION_ERROR, "DCStartd::activateClaim: Failed to send starter_version to the startd" ); delete tmp; return CONDOR_ERROR; } if( ! putClassAd(tmp, *job_ad) ) { newError( CA_COMMUNICATION_ERROR, "DCStartd::activateClaim: Failed to send job ClassAd to the startd" ); delete tmp; return CONDOR_ERROR; } if( ! tmp->end_of_message() ) { newError( CA_COMMUNICATION_ERROR, "DCStartd::activateClaim: Failed to send EOM to the startd" ); delete tmp; return CONDOR_ERROR; } // Now, try to get the reply tmp->decode(); if( !tmp->code(reply) || !tmp->end_of_message()) { std::string err = "DCStartd::activateClaim: "; err += "Failed to receive reply from "; err += _addr ? _addr : "NULL"; newError( CA_COMMUNICATION_ERROR, err.c_str() ); delete tmp; return CONDOR_ERROR; } dprintf( D_FULLDEBUG, "DCStartd::activateClaim: " "successfully sent command, reply is: %d\n", reply ); if( reply == OK && claim_sock_ptr ) { *claim_sock_ptr = (ReliSock*)tmp; } else { // in any other case, we're going to leak this ReliSock // object if we don't delete it here... delete tmp; } return reply; }
// process ads from the collector, handing each to the callback // callback will return 'false' if it took ownership of the ad. QueryResult CondorQuery:: processAds (bool (*callback)(void*, ClassAd *), void* pv, const char * poolName, CondorError* errstack /*= NULL*/) { Sock* sock; QueryResult result; ClassAd queryAd(extraAttrs); if ( !poolName ) { return Q_NO_COLLECTOR_HOST; } // contact collector Daemon my_collector( DT_COLLECTOR, poolName, NULL ); if( !my_collector.locate() ) { // We were passed a bogus poolName, abort gracefully return Q_NO_COLLECTOR_HOST; } // make the query ad result = getQueryAd (queryAd); if (result != Q_OK) return result; if (IsDebugLevel(D_HOSTNAME)) { dprintf( D_HOSTNAME, "Querying collector %s (%s) with classad:\n", my_collector.addr(), my_collector.fullHostname() ); dPrintAd( D_HOSTNAME, queryAd ); dprintf( D_HOSTNAME, " --- End of Query ClassAd ---\n" ); } int mytimeout = param_integer ("QUERY_TIMEOUT",60); if (!(sock = my_collector.startCommand(command, Stream::reli_sock, mytimeout, errstack)) || !putClassAd (sock, queryAd) || !sock->end_of_message()) { if (sock) { delete sock; } return Q_COMMUNICATION_ERROR; } // get result sock->decode (); int more = 1; while (more) { if (!sock->code (more)) { sock->end_of_message(); delete sock; return Q_COMMUNICATION_ERROR; } if (more) { ClassAd * ad = new ClassAd; if( !getClassAd(sock, *ad) ) { sock->end_of_message(); delete ad; delete sock; return Q_COMMUNICATION_ERROR; } if (callback(pv, ad)) { delete ad; } } } sock->end_of_message(); // finalize sock->close(); delete sock; return (Q_OK); }
// fetch all ads from the collector that satisfy the constraints QueryResult CondorQuery:: fetchAds (ClassAdList &adList, const char *poolName, CondorError* errstack) { Sock* sock; int more; QueryResult result; ClassAd queryAd(extraAttrs), *ad; if ( !poolName ) { return Q_NO_COLLECTOR_HOST; } // contact collector Daemon my_collector( DT_COLLECTOR, poolName, NULL ); if( !my_collector.locate() ) { // We were passed a bogus poolName, abort gracefully return Q_NO_COLLECTOR_HOST; } // make the query ad result = getQueryAd (queryAd); if (result != Q_OK) return result; if( IsDebugLevel( D_HOSTNAME ) ) { dprintf( D_HOSTNAME, "Querying collector %s (%s) with classad:\n", my_collector.addr(), my_collector.fullHostname() ); queryAd.dPrint( D_HOSTNAME ); dprintf( D_HOSTNAME, " --- End of Query ClassAd ---\n" ); } int mytimeout = param_integer ("QUERY_TIMEOUT",60); if (!(sock = my_collector.startCommand(command, Stream::reli_sock, mytimeout, errstack)) || !queryAd.put (*sock) || !sock->end_of_message()) { if (sock) { delete sock; } return Q_COMMUNICATION_ERROR; } // get result sock->decode (); more = 1; while (more) { if (!sock->code (more)) { sock->end_of_message(); delete sock; return Q_COMMUNICATION_ERROR; } if (more) { ad = new ClassAd; if( !ad->initFromStream(*sock) ) { sock->end_of_message(); delete ad; delete sock; return Q_COMMUNICATION_ERROR; } adList.Insert (ad); } } sock->end_of_message(); // finalize sock->close(); delete sock; return (Q_OK); }
int store_cred(const char* user, const char* pw, int mode, Daemon* d, bool force) { int result; int return_val; Sock* sock = NULL; // to help future debugging, print out the mode we are in static const int mode_offset = 100; static const char *mode_name[] = { ADD_CREDENTIAL, DELETE_CREDENTIAL, QUERY_CREDENTIAL #ifdef WIN32 , CONFIG_CREDENTIAL #endif }; dprintf ( D_ALWAYS, "STORE_CRED: In mode '%s'\n", mode_name[mode - mode_offset] ); // If we are root / SYSTEM and we want a local daemon, // then do the work directly to the local registry. // If not, then send the request over the wire to a remote credd or schedd. if ( is_root() && d == NULL ) { // do the work directly onto the local registry return_val = store_cred_service(user,pw,mode); } else { // send out the request remotely. // first see if we're operating on the pool password int cmd = STORE_CRED; char const *tmp = strchr(user, '@'); if (tmp == NULL || tmp == user || *(tmp + 1) == '\0') { dprintf(D_ALWAYS, "store_cred: user not in user@domain format\n"); return FAILURE; } if (((mode == ADD_MODE) || (mode == DELETE_MODE)) && ( (size_t)(tmp - user) == strlen(POOL_PASSWORD_USERNAME)) && (memcmp(POOL_PASSWORD_USERNAME, user, tmp - user) == 0)) { cmd = STORE_POOL_CRED; user = tmp + 1; // we only need to send the domain name for STORE_POOL_CRED } if (d == NULL) { if (cmd == STORE_POOL_CRED) { // need to go to the master for setting the pool password dprintf(D_FULLDEBUG, "Storing credential to local master\n"); Daemon my_master(DT_MASTER); sock = my_master.startCommand(cmd, Stream::reli_sock, 0); } else { dprintf(D_FULLDEBUG, "Storing credential to local schedd\n"); Daemon my_schedd(DT_SCHEDD); sock = my_schedd.startCommand(cmd, Stream::reli_sock, 0); } } else { dprintf(D_FULLDEBUG, "Starting a command on a REMOTE schedd\n"); sock = d->startCommand(cmd, Stream::reli_sock, 0); } if( !sock ) { dprintf(D_ALWAYS, "STORE_CRED: Failed to start command.\n"); dprintf(D_ALWAYS, "STORE_CRED: Unable to contact the REMOTE schedd.\n"); return FAILURE; } // for remote updates (which send the password), verify we have a secure channel, // unless "force" is specified if (((mode == ADD_MODE) || (mode == DELETE_MODE)) && !force && (d != NULL) && ((sock->type() != Stream::reli_sock) || !((ReliSock*)sock)->triedAuthentication() || !sock->get_encryption())) { dprintf(D_ALWAYS, "STORE_CRED: blocking attempt to update over insecure channel\n"); delete sock; return FAILURE_NOT_SECURE; } if (cmd == STORE_CRED) { result = code_store_cred(sock, const_cast<char*&>(user), const_cast<char*&>(pw), mode); if( result == FALSE ) { dprintf(D_ALWAYS, "store_cred: code_store_cred failed.\n"); delete sock; return FAILURE; } } else { // only need to send the domain and password for STORE_POOL_CRED if (!sock->code(const_cast<char*&>(user)) || !sock->code(const_cast<char*&>(pw)) || !sock->end_of_message()) { dprintf(D_ALWAYS, "store_cred: failed to send STORE_POOL_CRED message\n"); delete sock; return FAILURE; } } sock->decode(); result = sock->code(return_val); if( !result ) { dprintf(D_ALWAYS, "store_cred: failed to recv answer.\n"); delete sock; return FAILURE; } result = sock->end_of_message(); if( !result ) { dprintf(D_ALWAYS, "store_cred: failed to recv eom.\n"); delete sock; return FAILURE; } } // end of case where we send out the request remotely switch(mode) { case ADD_MODE: if( return_val == SUCCESS ) { dprintf(D_FULLDEBUG, "Addition succeeded!\n"); } else { dprintf(D_FULLDEBUG, "Addition failed!\n"); } break; case DELETE_MODE: if( return_val == SUCCESS ) { dprintf(D_FULLDEBUG, "Delete succeeded!\n"); } else { dprintf(D_FULLDEBUG, "Delete failed!\n"); } break; case QUERY_MODE: if( return_val == SUCCESS ) { dprintf(D_FULLDEBUG, "We have a credential stored!\n"); } else { dprintf(D_FULLDEBUG, "Query failed!\n"); } break; } if ( sock ) delete sock; return return_val; }