mod-cspace

svn Tue, 04 Dec 2007 10:24:32 -0800

Author: dumindu
Date: Tue Dec  4 10:24:18 2007
New Revision: 10491

Log:


Added support for the user to specify the ca files.



Modified:
   trunk/solutions/identity/modules/mod-cspace/cspace_config.c
   trunk/solutions/identity/modules/mod-cspace/mod_cspace.c
   trunk/solutions/identity/modules/mod-cspace/mod_cspace.h
   trunk/solutions/identity/modules/mod-cspace/process_request.c
   trunk/solutions/identity/modules/mod-cspace/process_request.h
   trunk/solutions/identity/modules/mod-cspace/process_request_defines.h

Modified: trunk/solutions/identity/modules/mod-cspace/cspace_config.c
==============================================================================
--- trunk/solutions/identity/modules/mod-cspace/cspace_config.c (original)
+++ trunk/solutions/identity/modules/mod-cspace/cspace_config.c Tue Dec  4 
10:24:18 2007
@@ -113,6 +113,15 @@
     return NULL;
 }
 
+static const char *cmd_ca_file(cmd_parms *cmd, void *mconfig,
+                                const char *arg)
+{
+    cspace_svr_cfg *cfg = ap_get_module_config(cmd->server->module_config,
+                                               &cspace_module);
+    cfg->ca_file = (char *)arg;
+    return NULL;
+}
+
 static const char *cmd_sdbm_file(cmd_parms *cmd, void *mconfig,
                                  const char *arg)
 {
@@ -164,6 +173,8 @@
                     "SSL Server Private Key file"),*/
     AP_INIT_TAKE1("SSLCertificateKeyFile", cmd_key_file, NULL, RSRC_CONF,
                   "SSL Server Private Key file"),
+    AP_INIT_TAKE1("CardSpaceCAFile", cmd_ca_file, NULL, RSRC_CONF,
+                  "CardSpace CA file"),
     AP_INIT_TAKE1("CardSpaceGlobalSessionCache", cmd_global_sdbm_file, NULL, 
                   RSRC_CONF, "Path to global session cache sdbm file"),
     AP_INIT_TAKE1("CardSpaceSessionCache", cmd_sdbm_file, NULL, OR_ALL,

Modified: trunk/solutions/identity/modules/mod-cspace/mod_cspace.c
==============================================================================
--- trunk/solutions/identity/modules/mod-cspace/mod_cspace.c    (original)
+++ trunk/solutions/identity/modules/mod-cspace/mod_cspace.c    Tue Dec  4 
10:24:18 2007
@@ -37,6 +37,8 @@
 
 #define UNAUTHORIZED_REDIRECT(r, u) redirect((r), (u))
 
+#define CARDSPACE_HEADER_PFX "cardspace_"
+
 /* TODO:This function should ideally redirect the browser to the url specified
  * by url. This is only used to redirect the browser to the login page when an
  * HTTP_UNAUTHORIZED occurs.
@@ -174,7 +176,6 @@
     /*return (res == OK);*/
 }
 
-#define CARDSPACE_HEADER_PFX "cardspace_"
 
 static void set_header(char *uri, char *key, char *val, void* table, void 
*pool)
 {

Modified: trunk/solutions/identity/modules/mod-cspace/mod_cspace.h
==============================================================================
--- trunk/solutions/identity/modules/mod-cspace/mod_cspace.h    (original)
+++ trunk/solutions/identity/modules/mod-cspace/mod_cspace.h    Tue Dec  4 
10:24:18 2007
@@ -48,6 +48,8 @@
 typedef struct cspace_svr_cfg {
     apr_pool_t *pool;
     char *key_file;
+    char *ca_path;
+    char *ca_file;
     char *session_file;
     /*void *session_ctx;*/ /*of session_ctx_t type*/
     long int session_expire; /*session expire time in seconds*/
@@ -64,7 +66,7 @@
 #define cfg_dir_printf(st, cfg, nl) 
 #endif
 
-const command_rec cspace_cmds[10];
+const command_rec cspace_cmds[11];
 
 void *cspace_svr_cfg_create(apr_pool_t *p, server_rec *s);
 

Modified: trunk/solutions/identity/modules/mod-cspace/process_request.c
==============================================================================
--- trunk/solutions/identity/modules/mod-cspace/process_request.c       
(original)
+++ trunk/solutions/identity/modules/mod-cspace/process_request.c       Tue Dec 
 4 10:24:18 2007
@@ -189,14 +189,16 @@
         fprintf(stderr, "Error: failed to initialize keys manager.\n");
         goto done;
     }
-
-/*  if(xmlSecCryptoAppKeysMngrCertLoad(vfy_mngr, "cacert.pem", 
-                                       xmlSecKeyDataFormatPem,
-                                       xmlSecKeyDataTypeTrusted) < 0) {
-        fprintf(stderr,"Error: failed to load pem certificate from \n" );
-        goto done;
+    
+    if (ctx->ca_file) {
+        if(xmlSecCryptoAppKeysMngrCertLoad(vfy_mngr, ctx->ca_file,
+                                           xmlSecKeyDataFormatPem,
+                                           xmlSecKeyDataTypeTrusted) < 0) {
+            fprintf(stderr,"Error: failed to load pem certificate from \n" );
+            goto done;
+        }
     }
-*/
+
     /* Add the ID for non-standard reference
        refer to http://ml.osdir.com/text.xml.xmlsec/2003-12/msg00019.html */
     if (!register_id(doc, xmlDocGetRootElement(doc), BAD_CAST ASSERTION_ID)) {
@@ -504,6 +506,16 @@
     return SUCC;
 }
 
+int cspace_process_context_set_ca_file(process_context_t *ctx,
+                                        const char* ca_file)
+{
+    ctx->ca_file = pc_malloc(strlen(ca_file) + 1, ctx);
+    if (!ctx->ca_file)
+        return FAIL;
+    
+    cspace_strcpy(ctx->ca_file, ca_file);
+    return SUCC;
+}
 void cspace_process_context_set_header_callback(process_context_t *ctx,
                                                 set_header_cb_t set_header_fn,
                                                 void *container)
@@ -539,6 +551,7 @@
     ctx->allocator->fctx = fctx;
     
     ctx->key_file = NULL;
+    ctx->ca_file = NULL;
 
     /* This call needs to be moved to user
      * For example in module we need this before the

Modified: trunk/solutions/identity/modules/mod-cspace/process_request.h
==============================================================================
--- trunk/solutions/identity/modules/mod-cspace/process_request.h       
(original)
+++ trunk/solutions/identity/modules/mod-cspace/process_request.h       Tue Dec 
 4 10:24:18 2007
@@ -15,7 +15,8 @@
 #define CARDSPACE_STATE_SUCCESS "success"
 #define CARDSPACE_STATE_FAIL "failure"
 
-#define cspace_process_context_create 
cspace_process_context_create_with_allocator
+#define cspace_process_context_create \
+        cspace_process_context_create_with_allocator 
 
 typedef struct allocator allocator_t;
 typedef struct process_context process_context_t;
@@ -39,6 +40,9 @@
 int cspace_process_context_set_key_file(process_context_t *ctx,
                                         const char* key_file);
 
+int cspace_process_context_set_ca_file(process_context_t *ctx,
+                                        const char* ca_file);
+
 void cspace_process_context_set_header_callback(process_context_t *ctx,
                                                 set_header_cb_t set_header_fn,
                                                 void *container);

Modified: trunk/solutions/identity/modules/mod-cspace/process_request_defines.h
==============================================================================
--- trunk/solutions/identity/modules/mod-cspace/process_request_defines.h       
(original)
+++ trunk/solutions/identity/modules/mod-cspace/process_request_defines.h       
Tue Dec  4 10:24:18 2007
@@ -29,7 +29,7 @@
     void *set_header_cb_ctx;
     
     char *key_file;
-    char *cafile;
+    char *ca_file;
 
     char **white_list;
 

_______________________________________________
Identity-dev mailing list
[email protected]
http://wso2.org/cgi-bin/mailman/listinfo/identity-dev

[Identity-dev] svn commit r10491 - trunk/solutions/identity/modules/mod-cspace

Reply via email to