moved AXIS stuff into euca_axis.[ch] to avoid pollution

eucalyptus · Oct 9, 2009 · 0c32c26 · 0c32c26
1 parent a6afded
commit 0c32c26
Show file tree

Hide file tree

Showing 17 changed files with 105 additions and 283 deletions.
diff --git a/cluster/CCclient.c b/cluster/CCclient.c
@@ -60,7 +60,7 @@ permission notice:
 #include <stdio.h>
 #include <time.h>
 #include <misc.h>
-
+#include <euca_axis.h>
 #include <cc-client-marshal.h>
 
 #ifndef MODE

diff --git a/cluster/Makefile b/cluster/Makefile
@@ -16,7 +16,7 @@ CLIENTKILLALL=euca_killall
 NCLIBS=../util/data.o ../node/client-marshal-adb.o ../util/ipc.o
 SCLIBS=../storage/storage.o
 VNLIBS=../net/vnetwork.o ../util/misc.o
-WSSECLIBS=../util/euca_auth.o
+WSSECLIBS=../util/euca_axis.o
 CC_LIBS 	= ${LIBS} -lcurl
 
 all: server client
@@ -50,10 +50,10 @@ $(SERVICE_SO): generated/stubs ../storage/storage.o server-marshal.o handlers.o
 client: $(CLIENT)_full $(CLIENTKILLALL)
 
 $(CLIENT)_full: generated/stubs $(CLIENT).c cc-client-marshal-adb.c handlers.o $(AXIS2C_HOME)/lib/libaxutil.so
-	$(CC) -o $(CLIENT)_full $(CFLAGS) $(INCLUDES) $(CC_LIBS) generated/adb_*.o generated/axis2_stub_*.o  ../util/misc.o ../util/euca_auth.o $(CLIENT).c cc-client-marshal-adb.c -DMODE=1
+	$(CC) -o $(CLIENT)_full $(CFLAGS) $(INCLUDES) $(CC_LIBS) generated/adb_*.o generated/axis2_stub_*.o  ../util/misc.o $(WSSECLIBS) ../util/euca_auth.o $(CLIENT).c cc-client-marshal-adb.c -DMODE=1
 
 $(CLIENTKILLALL): generated/stubs $(CLIENT).c cc-client-marshal-adb.c handlers.o $(AXIS2C_HOME)/lib/libaxutil.so
-	$(CC) -o $(CLIENTKILLALL) $(CFLAGS) $(INCLUDES) $(CC_LIBS) generated/adb_*.o generated/axis2_stub_*.o  ../util/misc.o ../util/euca_auth.o $(CLIENT).c cc-client-marshal-adb.c -DMODE=0
+	$(CC) -o $(CLIENTKILLALL) $(CFLAGS) $(INCLUDES) $(CC_LIBS) generated/adb_*.o generated/axis2_stub_*.o  ../util/misc.o $(WSSECLIBS) ../util/euca_auth.o $(CLIENT).c cc-client-marshal-adb.c -DMODE=0
 
 deploy:
 	$(INSTALL) -d $(AXIS2C_SERVICES)/$(SERVICE_NAME)/

diff --git a/cluster/handlers.c b/cluster/handlers.c
@@ -75,9 +75,9 @@ permission notice:
 #include <handlers.h>
 #include <storage.h>
 #include <vnetwork.h>
-#include <euca_auth.h>
 #include <misc.h>
 
+#include <euca_axis.h>
 #include "data.h"
 #include "client-marshal.h"
 

diff --git a/net/vnetwork.c b/net/vnetwork.c
@@ -73,6 +73,10 @@ permission notice:
 #include <fcntl.h>
 #include <stdarg.h>
 #include <ifaddrs.h>
+#include <math.h> /* log2 */
+#include <sys/socket.h>
+#include <netdb.h>
+#include <arpa/inet.h>
 
 #include <sys/ioctl.h>
 #include <net/if.h>  

diff --git a/node/Makefile b/node/Makefile
@@ -57,17 +57,17 @@ server: $(SERVICE_SO)
 	make -C ../util
 
 $(SERVICE_SO): generated/stubs ../storage/storage.o ../storage/walrus.o ../net/vnetwork.o ../util/misc.o ../util/data.o server-marshal.o handlers.o $(NC_HANDLERS) $(AXIS2C_HOME)/lib/libaxutil.so ../util/eucalyptus.h ../util/euca_auth.o
-	$(CC) -o $(SERVICE_SO) -shared $(NC_LIBS) generated/adb_*.o generated/axis2*_skel_*.o server-marshal.o handlers.o $(NC_HANDLERS) ../storage/*.o ../net/*.o ../util/*.o
+	$(CC) -o $(SERVICE_SO) -shared $(NC_LIBS) generated/adb_*.o generated/axis2*_skel_*.o server-marshal.o handlers.o $(NC_HANDLERS) ../storage/storage.o ../storage/walrus.o ../net/*.o ../util/*.o
 
 clientlib: generated/stubs ../util/data.o client-marshal-adb.o
 
 client: $(CLIENT) $(CLIENT)_local
 
 $(CLIENT): generated/stubs ../util/misc.o ../util/data.o client-marshal-adb.o client-marshal-local.o $(AXIS2C_HOME)/lib/libaxutil.so $(CLIENT).c
-	$(CC) -o $(CLIENT) $(CFLAGS) $(INCLUDES) $(NC_LIBS) generated/adb_*.o generated/axis2_stub_*.o client-marshal-adb.o ../util/*.o ../storage/*.o ../net/*.o $(CLIENT).c
+	$(CC) -o $(CLIENT) $(CFLAGS) $(INCLUDES) $(NC_LIBS) generated/adb_*.o generated/axis2_stub_*.o client-marshal-adb.o ../util/*.o ../storage/storage.o ../storage/walrus.o ../net/*.o $(CLIENT).c
 
 $(CLIENT)_local: generated/stubs ../util/misc.o ../util/data.o client-marshal-adb.o client-marshal-local.o handlers.o $(NC_HANDLERS) $(CLIENT).c ../util/euca_auth.o
-	$(CC) -o $(CLIENT)_local $(INCLUDES) $(CFLAGS) client-marshal-local.o ../util/*.o ../storage/*.o ../net/*.o handlers.o $(NC_HANDLERS) $(CLIENT).c $(NC_LIBS)
+	$(CC) -o $(CLIENT)_local $(INCLUDES) $(CFLAGS) client-marshal-local.o ../util/*.o ../storage/storage.o ../storage/walrus.o ../net/*.o handlers.o $(NC_HANDLERS) $(CLIENT).c $(NC_LIBS)
 
 test: test.c ../util/misc.o ../util/data.o
 	$(CC) $(CFLAGS) $(INCLUDES) $(NC_LIBS) -o test test.c ../util/misc.o ../util/data.o

diff --git a/node/NCclient.c b/node/NCclient.c
@@ -61,7 +61,8 @@ permission notice:
 #include <unistd.h> /* getopt */
 #include "data.h"
 #include "client-marshal.h"
-#include <misc.h>
+#include "misc.h"
+#include "euca_axis.h"
 
 #define NC_ENDPOINT "/axis2/services/EucalyptusNC"
 #define WALRUS_ENDPOINT "/services/Walrus"

diff --git a/node/handlers_kvm.c b/node/handlers_kvm.c
@@ -69,6 +69,8 @@ permission notice:
 #include <errno.h>
 #include <pthread.h>
 #include <signal.h> /* SIGINT */
+#include <sys/stat.h>
+#include <fcntl.h>
 
 #include "ipc.h"
 #include "misc.h"

diff --git a/node/handlers_xen.c b/node/handlers_xen.c
@@ -69,6 +69,8 @@ permission notice:
 #include <errno.h>
 #include <pthread.h>
 #include <signal.h> /* SIGINT */
+#include <sys/stat.h>
+#include <fcntl.h>
 
 #include "ipc.h"
 #include "misc.h"

diff --git a/node/test_nc.c b/node/test_nc.c
@@ -59,6 +59,7 @@ permission notice:
 */
 #include <stdio.h>
 #include <stdlib.h>
+#include <string.h>
 #include <libvirt/libvirt.h>
 #include <libvirt/virterror.h>
 #include "misc.h"

diff --git a/storage/Makefile b/storage/Makefile
@@ -5,11 +5,15 @@
 include ../Makedefs
 
 STORAGE_LIBS = ${LIBS} -lcurl
+IMAGER_LIBS = ../util/euca_auth.o ../util/misc.o ../util/ipc.o walrus.o img.o cache.o ami2vmx.o do_convert.o
 
-all: storage.o walrus.o Wclient
+all: storage.o walrus.o Wclient euca_imager
 
 build: all
 
+euca_imager: Makefile euca_imager.c $(IMAGER_LIBS)
+	$(CC) $(CFLAGS) $(INCLUDES) euca_imager.c -o euca_imager $(IMAGER_LIBS) -lcurl
+
 Wclient: Makefile Wclient.c ../util/euca_auth.o ../util/misc.o walrus.o
 	$(CC) $(CFLAGS) $(INCLUDES) Wclient.c -o Wclient ../util/euca_auth.o ../util/misc.o walrus.o $(STORAGE_LIBS)
 
@@ -38,11 +42,11 @@ test: test.c storage.h storage.o ../util/misc.o ../util/data.o ../util/ipc.o ../
 	make -C ../util
 
 clean:
-	rm -rf *~ *.o Wclient
+	rm -rf *~ *.o Wclient euca_imager
 
 distclean:
 
 install:
-
+	@$(INSTALL) -m 0755 euca_imager $(usrdir)/lib/eucalyptus
 deploy:
 
diff --git a/util/Makefile b/util/Makefile
@@ -4,7 +4,7 @@
 
 include ../Makedefs
 
-all: misc.o data.o euca_auth.o ipc.o euca_rootwrap euca_mountwrap
+all: misc.o data.o euca_auth.o euca_axis.o ipc.o euca_rootwrap euca_mountwrap
 
 build: all 
 

diff --git a/util/euca_auth.c b/util/euca_auth.c
@@ -57,30 +57,6 @@ permission notice:
   WITHDRAWAL OF THE CODE CAPABILITY TO THE EXTENT NEEDED TO COMPLY WITH
   ANY SUCH LICENSES OR RIGHTS.
 */
-/* BRIEF EXAMPLE MSG:
-<soapenv:Envelope>.
-  <soapenv:Header>
-    [..snip..]
-    <wsse:Security>
-      [..snip..]
-      <wsse:BinarySecurityToken xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
-                              EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary"
-                              ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"
-                              wsu:Id="CertId-469">[..snip..]</wsse:BinarySecurityToken>
-      [..snip..]
-      <ds:Signature>
-        <ds:KeyInfo Id="KeyId-374652">
-          <wsse:SecurityTokenReference xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="STRId-22112351">
-            <!-- this thing points to the wsse:BinarySecurityToken above -->
-            <wsse:Reference URI="#CertId-469" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"/>
-          </wsse:SecurityTokenReference>
-        </ds:KeyInfo>
-      </ds:Signature>
-    </wsse:Security>
-  </soapenv:Header>
-  <soapenv:Body>...</soapenv:Body>
-</soapenv:Envelope>.
-*/
 
 #include <sys/types.h>
 #include <sys/stat.h>
@@ -95,152 +71,10 @@ permission notice:
 #include <openssl/pem.h>
 #include <openssl/bio.h>
 #include <openssl/evp.h>
+
 #include "euca_auth.h"
 #include "misc.h" /* get_string_stats, logprintf */
 
-#ifndef NO_AXIS /* for compiling on systems without Axis */
-#include "oxs_axiom.h"
-#include "oxs_x509_cert.h"
-#include "oxs_key_mgr.h"
-#include "rampart_handler_util.h"
-#include "rampart_sec_processed_result.h"
-#include "rampart_error.h"
-#include "axis2_op_ctx.h"
-#include "rampart_context.h"
-
-#define NO_U_FAIL(x) do{ \
-AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI, "[rampart][eucalyptus-verify] " #x );\
-AXIS2_ERROR_SET(env->error, RAMPART_ERROR_FAILED_AUTHENTICATION, AXIS2_FAILURE);\
-return AXIS2_FAILURE; \
-}while(0)
-
-axis2_status_t __euca_authenticate(const axutil_env_t *env,axis2_msg_ctx_t *out_msg_ctx, axis2_op_ctx_t *op_ctx)
-{
-  //***** First get the message context before doing anything dumb w/ a NULL pointer *****/
-  axis2_msg_ctx_t *msg_ctx = NULL; //<--- incoming msg context, it is NULL, see?
-  msg_ctx = axis2_op_ctx_get_msg_ctx(op_ctx, env, AXIS2_WSDL_MESSAGE_LABEL_IN);  
-
-  //***** Print everything from the security results, just for testing now *****//
-  rampart_context_t *rampart_context = NULL;
-  axutil_property_t *property = NULL;
-
-  property = axis2_msg_ctx_get_property(msg_ctx, env, RAMPART_CONTEXT);
-  if(property)
-  {
-     rampart_context = (rampart_context_t *)axutil_property_get_value(property, env);
-     //     AXIS2_LOG_CRITICAL(env->log,AXIS2_LOG_SI," ======== PRINTING PROCESSED WSSEC TOKENS ======== ");
-     rampart_print_security_processed_results_set(env,msg_ctx);
-  }
-
-  //***** Extract Security Node from header from enveloper from msg_ctx *****//
-  axiom_soap_envelope_t *soap_envelope = NULL;
-  axiom_soap_header_t *soap_header = NULL;
-  axiom_node_t *sec_node = NULL;
-
-
-  soap_envelope = axis2_msg_ctx_get_soap_envelope(msg_ctx, env);
-  if(!soap_envelope) NO_U_FAIL("SOAP envelope cannot be found."); 
-  soap_header = axiom_soap_envelope_get_header(soap_envelope, env);
-  if (!soap_header) NO_U_FAIL("SOAP header cannot be found.");
-  sec_node = rampart_get_security_header(env, msg_ctx, soap_header); // <---- here it is!
-  if(!sec_node)NO_U_FAIL("No node wsse:Security -- required: ws-security");
-
-  //***** Find the wsse:Reference to the BinarySecurityToken *****//
-  //** Path is: Security/
-  //** *sec_node must be non-NULL, kkthx **//
-  axiom_node_t *sig_node = NULL;
-  axiom_node_t *key_info_node = NULL;
-  axiom_node_t *sec_token_ref_node = NULL;
-  /** the ds:Signature node **/
-  sig_node = oxs_axiom_get_first_child_node_by_name(env,sec_node, OXS_NODE_SIGNATURE, OXS_DSIG_NS, OXS_DS );
-  if(!sig_node)NO_U_FAIL("No node ds:Signature -- required: signature");
-  /** the ds:KeyInfo **/
-  key_info_node = oxs_axiom_get_first_child_node_by_name(env, sig_node, OXS_NODE_KEY_INFO, OXS_DSIG_NS, NULL );
-  if(!key_info_node)NO_U_FAIL("No node ds:KeyInfo -- required: signature key");
-  /** the wsse:SecurityTokenReference **/ 
-  sec_token_ref_node = oxs_axiom_get_first_child_node_by_name(env, key_info_node,OXS_NODE_SECURITY_TOKEN_REFRENCE, OXS_WSSE_XMLNS, NULL);
-  if(!sec_token_ref_node)NO_U_FAIL("No node wsse:SecurityTokenReference -- required: signing token");
-  //** in theory this is the branching point for supporting all kinds of tokens -- we only do BST Direct Reference **/
-
-  //***** Find the wsse:Reference to the BinarySecurityToken *****//
-  //** *sec_token_ref_node must be non-NULL **/
-  axis2_char_t *ref = NULL;
-  axis2_char_t *ref_id = NULL;
-  axiom_node_t *token_ref_node = NULL;
-  axiom_node_t *bst_node = NULL;
-  /** the wsse:Reference node **/
-  token_ref_node = oxs_axiom_get_first_child_node_by_name(env, sec_token_ref_node,OXS_NODE_REFERENCE, OXS_WSSE_XMLNS, NULL);
-  /** pull out the name of the BST node **/
-  ref = oxs_token_get_reference(env, token_ref_node);
-  ref_id = axutil_string_substring_starting_at(axutil_strdup(env, ref), 1);
-  /** get the wsse:BinarySecurityToken used to sign the message **/
-  bst_node = oxs_axiom_get_node_by_id(env, sec_node, "Id", ref_id, OXS_WSU_XMLNS);
-  if(!bst_node){oxs_error(env, OXS_ERROR_LOCATION, OXS_ERROR_ELEMENT_FAILED, "Error retrieving elementwith ID=%s", ref_id);NO_U_FAIL("Cant find the required node");}
-
-
-  //***** Find the wsse:Reference to the BinarySecurityToken *****//
-  //** *bst_node must be non-NULL **/
-  axis2_char_t *data = NULL;
-  oxs_x509_cert_t *_cert = NULL;
-  oxs_x509_cert_t *recv_cert = NULL;
-  axis2_char_t *file_name = NULL;
-  axis2_char_t *recv_x509_buf = NULL;
-  axis2_char_t *msg_x509_buf = NULL;
-
-  /** pull out the data from the BST **/
-  data = oxs_axiom_get_node_content(env, bst_node);
-  /** create an oxs_X509_cert **/
-  _cert = oxs_key_mgr_load_x509_cert_from_string(env, data);
-  if(_cert)
-  {
-    //***** FINALLY -- we have the certificate used to sign the message.  authenticate it HERE *****//
-    msg_x509_buf = oxs_x509_cert_get_data(_cert,env);
-    if(!msg_x509_buf)NO_U_FAIL("OMG WHAT NOW?!");
-    /*
-    recv_x509_buf = (axis2_char_t *)rampart_context_get_receiver_certificate(rampart_context, env);
-    if(recv_x509_buf)
-        recv_cert = oxs_key_mgr_load_x509_cert_from_string(env, recv_x509_buf);
-    else
-    {
-        file_name = rampart_context_get_receiver_certificate_file(rampart_context, env);
-        if(!file_name) NO_U_FAIL("Policy for the service is incorrect -- ReceiverCertificate is not set!!");
-	if (check_file(file_name)) NO_U_FAIL("No cert file ($EUCALYPTUS/var/lib/eucalyptus/keys/cloud-cert.pem) found, failing");
-        recv_cert = oxs_key_mgr_load_x509_cert_from_pem_file(env, file_name);
-    }
-    */
-
-    file_name = rampart_context_get_receiver_certificate_file(rampart_context, env);
-    if(!file_name) NO_U_FAIL("Policy for the service is incorrect -- ReceiverCertificate is not set!!");
-    if (check_file(file_name)) NO_U_FAIL("No cert file ($EUCALYPTUS/var/lib/eucalyptus/keys/cloud-cert.pem) found, failing");
-    recv_cert = oxs_key_mgr_load_x509_cert_from_pem_file(env, file_name);
-
-    if (recv_cert) {
-      recv_x509_buf = oxs_x509_cert_get_data(recv_cert,env);
-    } else {
-      NO_U_FAIL("could not populate receiver cert");
-    }
-
-    if( axutil_strcmp(recv_x509_buf,msg_x509_buf)!=0){
-      AXIS2_LOG_CRITICAL(env->log,AXIS2_LOG_SI," --------- Received x509 certificate value ---------" );
-      AXIS2_LOG_CRITICAL(env->log,AXIS2_LOG_SI, msg_x509_buf );
-      AXIS2_LOG_CRITICAL(env->log,AXIS2_LOG_SI," --------- Local x509 certificate value! ---------" );
-      AXIS2_LOG_CRITICAL(env->log,AXIS2_LOG_SI, recv_x509_buf );
-      AXIS2_LOG_CRITICAL(env->log,AXIS2_LOG_SI," ---------------------------------------------------" );
-      NO_U_FAIL("The certificate specified is invalid!");
-    }
-  }
-  else 
-  {
-    oxs_error(env, OXS_ERROR_LOCATION, OXS_ERROR_DEFAULT, "Cannot load certificate from string =%s", data); 
-    NO_U_FAIL("Failed to build certificate from BinarySecurityToken");
-  }
-  oxs_x509_cert_free(_cert, env);
-  oxs_x509_cert_free(recv_cert, env);
-  return AXIS2_SUCCESS;
-
-}
-#endif /* NO_AXIS */
-
 static int initialized = 0;
 
 #define FILENAME 512

diff --git a/util/euca_auth.h b/util/euca_auth.h
@@ -60,21 +60,6 @@ permission notice:
 #ifndef INCLUDE_EUCA_AUTH_H
 #define INCLUDE_EUCA_AUTH_H
 
-#ifndef NO_AXIS /* for compiling on systems without Axis */
-#include "oxs_axiom.h"
-#include "oxs_x509_cert.h"
-#include "oxs_key_mgr.h"
-#include "rampart_handler_util.h"
-#include "rampart_sec_processed_result.h"
-#include "rampart_error.h"
-#include "axis2_op_ctx.h"
-#include "rampart_context.h"
-
-axis2_status_t __euca_authenticate(const axutil_env_t *env,axis2_msg_ctx_t *out_msg_ctx, axis2_op_ctx_t *op_ctx);
-
-#define euca_authenticate(a,b,c) do{ if( __euca_authenticate(a,b,c) == AXIS2_FAILURE ) return NULL; }while(0)
-#endif /* NO_AXIS */
-
 /* 
  * functions for Walrus clients
  */