Skip to content

Commit

Permalink
Credentials save/load implemented
Browse files Browse the repository at this point in the history
  • Loading branch information
cpiker committed Dec 12, 2023
1 parent 16c6176 commit ba98458
Show file tree
Hide file tree
Showing 8 changed files with 197 additions and 28 deletions.
4 changes: 3 additions & 1 deletion buildfiles/Darwin.arm64.mak
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,7 @@ UTIL_PROGS=das1_inctime das2_prtime das1_fxtime das2_ascii das2_bin_avg \
das2_cache_rdr das_node

TEST_PROGS:=TestUnits TestArray TestVariable LoadStream TestBuilder \
TestAuth TestCatalog TestTT2000 ex_das_cli ex_das_ephem
TestAuth TestCatalog TestTT2000 ex_das_cli ex_das_ephem TestCredMngr

ifeq ($(SPICE),yes)
TEST_PROGS:=$(TEST_PROGS) TestSpice
Expand Down Expand Up @@ -185,6 +185,8 @@ test: $(BD) $(BD)/$(TARG) $(BUILD_TEST_PROGS) $(BULID_UTIL_PROGS)
@$(BD)/TestCatalog
@echo "INFO: Running unit test for dataset builder, $(BD)/TestBuilder..."
@$(BD)/TestBuilder
@echo "INFO: Running unit test for credentials manager, $(BD)/TestCredMngr..."
@$(BD)/TestCredMngr $(BD)
@echo "INFO: All test programs completed without errors"


Expand Down
4 changes: 3 additions & 1 deletion buildfiles/Darwin.mak
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,7 @@ UTIL_PROGS=das1_inctime das2_prtime das1_fxtime das2_ascii das2_bin_avg \
das2_cache_rdr das_node

TEST_PROGS:=TestUnits TestArray TestVariable LoadStream TestBuilder \
TestAuth TestCatalog TestTT2000 ex_das_cli ex_das_ephem
TestAuth TestCatalog TestTT2000 ex_das_cli ex_das_ephem TestCredMngr

ifeq ($(SPICE),yes)
TEST_PROGS:=$(TEST_PROGS) TestSpice
Expand Down Expand Up @@ -184,6 +184,8 @@ test: $(BD) $(BD)/$(TARG) $(BUILD_TEST_PROGS) $(BULID_UTIL_PROGS)
@$(BD)/TestCatalog
@echo "INFO: Running unit test for dataset builder, $(BD)/TestBuilder..."
@$(BD)/TestBuilder
@echo "INFO: Running unit test for credentials manager, $(BD)/TestCredMngr..."
@$(BD)/TestCredMngr $(BD)
@echo "INFO: All test programs completed without errors"


Expand Down
4 changes: 3 additions & 1 deletion buildfiles/Linux.mak
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,7 @@ UTIL_PROGS=das1_inctime das2_prtime das1_fxtime das2_ascii das2_bin_avg \
das2_cache_rdr das_node

TEST_PROGS:=TestUnits TestArray TestVariable LoadStream TestBuilder \
TestAuth TestCatalog TestTT2000 ex_das_cli ex_das_ephem
TestAuth TestCatalog TestTT2000 ex_das_cli ex_das_ephem TestCredMngr

ifeq ($(SPICE),yes)
TEST_PROGS:=$(TEST_PROGS) TestSpice
Expand Down Expand Up @@ -186,6 +186,8 @@ test: $(BD) $(BD)/$(TARG).a $(BUILD_TEST_PROGS) $(BULID_UTIL_PROGS)
@$(BD)/TestBuilder
@echo "INFO: Running unit test for dataset loader, $(BD)/LoadStream..."
@$(BD)/LoadStream
@echo "INFO: Running unit test for credentials manager, $(BD)/TestCredMngr..."
@$(BD)/TestCredMngr $(BD)
@echo "INFO: All test programs completed without errors"

test_spice:$(BD) $(BD)/$(TARG).a $(BUILD_TEST_PROGS) $(BULID_UTIL_PROGS)
Expand Down
3 changes: 2 additions & 1 deletion buildfiles/Windows.mak
Original file line number Diff line number Diff line change
Expand Up @@ -73,7 +73,7 @@ UTIL_PROGS=$(BD)\das1_inctime.exe $(BD)\das2_prtime.exe $(BD)\das1_fxtime.exe \

TEST_PROGS=$(BD)\TestUnits.exe $(BD)\TestArray.exe $(BD)\LoadStream.exe \
$(BD)\TestBuilder.exe $(BD)\TestAuth.exe $(BD)\TestCatalog.exe $(BD)\TestTT2000.exe \
$(BD)\TestVariable.exe
$(BD)\TestVariable.exe $(BD)\TestCredMngr.exe

# Add in cspice error handling functions if SPICE = yes
!if defined(SPICE)
Expand Down Expand Up @@ -110,6 +110,7 @@ run_test:
$(BD)\TestCatalog.exe
$(BD)\TestBuilder.exe
$(BD)\LoadStream.exe
$(BD)\TestCredMngr.exe $(BD)

run_test_spice: run_test
$(BD)\TestSpice.exe
Expand Down
47 changes: 24 additions & 23 deletions das2/credentials.c
Original file line number Diff line number Diff line change
Expand Up @@ -184,13 +184,6 @@ bool das_cred_init(
/* ************************************************************************** */
DasCredMngr* new_CredMngr(const char* sKeyStore)
{
/* I don't actually have the code to read/write key files at this point */
if(sKeyStore != NULL){
das_error(DASERR_NOTIMP, "Reading/Writing to keystore files is not yet "
"implemented.");
return NULL;
}

DasCredMngr* pThis = (DasCredMngr*)calloc(1, sizeof(DasCredMngr));

das_credential fill;
Expand All @@ -213,7 +206,7 @@ void del_CredMngr(DasCredMngr* pThis){
free(pThis);
}

das_credential* _CredMngr_getCred(
das_credential* CredMngr_getCred(
DasCredMngr* pThis, const char* sServer, const char* sRealm,
const char* sDataset, bool bValidOnly
){
Expand Down Expand Up @@ -249,7 +242,7 @@ int CredMngr_addCred(DasCredMngr* pThis, const das_credential* pCred)
/* fprintf(stderr, "Adding server: %s, realm: %s, dataset: %s, hash: %s",
pCred->sServer, pCred->sRealm, pCred->sDataset, pCred->sHash); */

pOld = _CredMngr_getCred(pThis, pCred->sServer, pCred->sRealm, pCred->sDataset, false);
pOld = CredMngr_getCred(pThis, pCred->sServer, pCred->sRealm, pCred->sDataset, false);
if(pOld == NULL)
DasAry_append(pThis->pCreds, (const byte*)pCred, 1);
else
Expand All @@ -273,7 +266,7 @@ int CredMngr_addUserPass(
}

/* Hash it */
snprintf(sBuf, DASCRED_HASH_SZ+1, "%s:%s", sUser, sPassword); /* 257 is not an error */
snprintf(sBuf, DASCRED_HASH_SZ+1, "%s:%s", sUser, sPass); /* 257 is not an error */
size_t uLen;
char* sHash = das_b64_encode((unsigned char*)sBuf, strlen(sBuf), &uLen);
/*fprintf(stderr, "DEBUG: Print hash: %s, length %zu\n", sHash, uLen); */
Expand All @@ -284,7 +277,7 @@ int CredMngr_addUserPass(
return -1;
}

if(! das_cred_init(sServer, sRealm, sDataset, sHash))
if(! das_cred_init(&cred, sServer, sRealm, sDataset, sHash))
return -1; /* Function sets it's own error message */

return CredMngr_addCred(pThis, &cred);
Expand All @@ -295,7 +288,7 @@ const char* CredMngr_getHttpAuth(
DasCredMngr* pThis, const char* sServer, const char* sRealm, const char* sDataset
){

das_credential* pCred = _CredMngr_getCred(pThis, sServer, sRealm, sDataset, true);
das_credential* pCred = CredMngr_getCred(pThis, sServer, sRealm, sDataset, true);
if(pCred) return pCred->sHash;

char sUser[128];
Expand Down Expand Up @@ -333,7 +326,7 @@ const char* CredMngr_getHttpAuth(

/* Store it either in the old spot, or if that doesn't exist, make a
* new one */
pCred = _CredMngr_getCred(pThis, sServer, sRealm, sDataset, false);
pCred = CredMngr_getCred(pThis, sServer, sRealm, sDataset, false);
if(pCred == NULL){
das_credential cred;
memset(&cred, 0, sizeof(cred));
Expand All @@ -359,7 +352,7 @@ void CredMngr_authFailed(
DasCredMngr* pThis, const char* sServer, const char* sRealm,
const char* sDataset, const char* sMsg
){
das_credential* pCred = _CredMngr_getCred(pThis, sServer, sRealm, sDataset, false);
das_credential* pCred = CredMngr_getCred(pThis, sServer, sRealm, sDataset, false);
if(pCred != NULL) pCred->bValid = false;

if(sMsg != NULL)
Expand Down Expand Up @@ -471,7 +464,7 @@ int CredMngr_load(DasCredMngr* pThis, const char* sSymKey, const char* sFile)

// Section begin and end are the same for empty sections
aBeg[0] = aLine;
aEnd[4] = aLine + strlen(aLine) + 1;
aEnd[4] = aLine + strlen(aLine);
iSection = 0;
for(pChar = aLine; *pChar != '\0'; ++pChar){
if(*pChar == '|'){
Expand All @@ -497,10 +490,12 @@ int CredMngr_load(DasCredMngr* pThis, const char* sSymKey, const char* sFile)
aBeg[iSection] += 1;
}

pChar = aEnd[iSection];
while((pChar >= aBeg[iSection]) && ((*pChar == ' ')||(*pChar == '\t'))){
pChar = aEnd[iSection] - 1;
while((pChar >= aBeg[iSection]) && pChar > aBeg[iSection] && (
(*pChar == ' ')||(*pChar == '\t')||(*pChar == '\n')||(*pChar == '\r')
)){
*pChar = '\0';
--pChar;
*(aEnd[iSection]) = '\0';
aEnd[iSection] -= 1;
}
}
Expand All @@ -509,16 +504,16 @@ int CredMngr_load(DasCredMngr* pThis, const char* sSymKey, const char* sFile)
if((aBeg[0] == aEnd[0])||(aBeg[1] == aEnd[1])||(aBeg[4] == aEnd[4]))
continue;

// Expect the key 'dataset' if aEnd[2] is not null
if((*(aEnd[2]) != '\0')&&(strcmp(aBeg[2], "dataset") != 0)){
// Expect the key 'dataset' if for second string, if present
if((*(aBeg[2]) != '\0')&&(strcmp(aBeg[2], "dataset") != 0)){
daslog_warn_v(
"%s,%d: Hashes for specific datasets must indicate the key 'dataset'",
sIn, nLine
);
continue;
}

if(das_cred_init(
if(!das_cred_init(
&cred, aBeg[0], aBeg[1], *(aBeg[3]) == '\0' ? NULL : aBeg[3], aBeg[4]
)){
daslog_warn_v("%s,%d: Could not parse credential", sIn, nLine);
Expand All @@ -536,9 +531,9 @@ int CredMngr_load(DasCredMngr* pThis, const char* sSymKey, const char* sFile)
das_credential* pNew = NULL;
das_credential* pOld = NULL;
for(ptrdiff_t i = 0; i < DasAry_size(pTmpCreds); ++i){
pNew = (das_credential*)DasAry_getAt(pThis->pCreds, vtUnknown, IDX0(i));
pNew = (das_credential*)DasAry_getAt(pTmpCreds, vtUnknown, IDX0(i));

pOld = _CredMngr_getCred(pThis, pNew->sServer, pNew->sRealm, pNew->sDataset, false);
pOld = CredMngr_getCred(pThis, pNew->sServer, pNew->sRealm, pNew->sDataset, false);
if(pOld == NULL){
DasAry_append(pThis->pCreds, (const byte*)pNew, 1); // append always copies
}
Expand All @@ -551,7 +546,13 @@ int CredMngr_load(DasCredMngr* pThis, const char* sSymKey, const char* sFile)
}
}

fclose(pIn);

dec_DasAry(pTmpCreds); // Frees the temporary credentials array


// Save the new keystore location
snprintf(pThis->sKeyFile, DASCMGR_FILE_SZ - 1, "%s", sIn);

return nCreds;
}
24 changes: 23 additions & 1 deletion das2/credentials.h
Original file line number Diff line number Diff line change
Expand Up @@ -159,6 +159,25 @@ DAS_API void del_CredMngr(DasCredMngr* pThis);
DAS_API int CredMngr_addCred(DasCredMngr* pThis, const das_credential* pCred);


/** Get direct memory access to a stored credential
*
* Used by other functions to find a credential for a particular URL
*
* @param pThis A credentials manager
* @param sServer The service end point (A URL without fragments or query params)
* @param sRealm The security realm
* @param sDataset If not NULL, the dataset parameter must equal this
* @param bValidOnly Only return valid credentials. Credentials are assmed valid
* unless
*
* @returns A pointer to the in-memory credential, NULL if no credential matched
* the given conditions
*/
DAS_API das_credential* CredMngr_getCred(
DasCredMngr* pThis, const char* sServer, const char* sRealm,
const char* sDataset, bool bValidOnly
);

/** Manually add a credential to a credentials manager instead of prompting the
* user.
*
Expand All @@ -183,7 +202,10 @@ DAS_API int CredMngr_addUserPass(
);

/** Retrieve an HTTP basic authentication token for a given dataset on a given
* server.
* server.
*
* Side Effect:
* This may call the .prompt() method, which may initiate Terminal IO.
*
* @param pThis A pointer to a credentials manager structure
* @param sServer The name of the server for which these credentials apply
Expand Down
1 change: 1 addition & 0 deletions das2/dataset.c
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,7 @@
#include <ctype.h>
#include <stdbool.h>
#include <string.h>
#include <strings.h>

#include "util.h"
#include "dataset.h"
Expand Down
Loading

0 comments on commit ba98458

Please sign in to comment.