upgrade to upstream version 2.5.2; fix bugs 198185, 200246
This commit is contained in:
parent
6e1bf4c5ce
commit
88ee59f8c0
@ -1,3 +1,4 @@
|
|||||||
tog-pegasus-2.4.1.Beta-1.tar.gz
|
tog-pegasus-2.4.1.Beta-1.tar.gz
|
||||||
pegasus-2.5.tar.gz
|
pegasus-2.5.tar.gz
|
||||||
pegasus-2.5.1.tar.gz
|
pegasus-2.5.1.tar.gz
|
||||||
|
pegasus-2.5.2.tar.gz
|
||||||
|
11
pegasus-2.5.1-bz198185.patch
Normal file
11
pegasus-2.5.1-bz198185.patch
Normal file
@ -0,0 +1,11 @@
|
|||||||
|
--- pegasus/src/Pegasus/Common/Makefile.bz198185 2006-07-19 16:21:06.000000000 -0400
|
||||||
|
+++ pegasus/src/Pegasus/Common/Makefile 2006-07-19 19:19:42.000000000 -0400
|
||||||
|
@@ -183,7 +183,7 @@
|
||||||
|
SOURCES = $(SOURCES1) $(SOURCES2)
|
||||||
|
|
||||||
|
ifeq ($(OS),linux)
|
||||||
|
- EXTRA_LIBRARIES += -lcrypt
|
||||||
|
+ EXTRA_LIBRARIES += -lcrypt -lpthread
|
||||||
|
ifdef PEGASUS_HAS_SSL
|
||||||
|
EXTRA_LIBRARIES += -lssl -lcrypto
|
||||||
|
endif
|
11
pegasus-2.5.2-PATH_MAX.patch
Normal file
11
pegasus-2.5.2-PATH_MAX.patch
Normal file
@ -0,0 +1,11 @@
|
|||||||
|
--- pegasus/src/Pegasus/Common/System.cpp.PATH_MAX 2006-06-09 13:36:52.000000000 -0400
|
||||||
|
+++ pegasus/src/Pegasus/Common/System.cpp 2006-07-27 14:11:16.000000000 -0400
|
||||||
|
@@ -185,7 +185,7 @@
|
||||||
|
char *System::extract_file_path(const char *fullpath, char *dirname)
|
||||||
|
{
|
||||||
|
char *p;
|
||||||
|
- char buff[4096];
|
||||||
|
+ char buff[PATH_MAX];
|
||||||
|
if (fullpath == NULL)
|
||||||
|
{
|
||||||
|
dirname[0] = '\0';
|
11
pegasus-2.5.2-cmpi-provider-lib.patch
Normal file
11
pegasus-2.5.2-cmpi-provider-lib.patch
Normal file
@ -0,0 +1,11 @@
|
|||||||
|
--- pegasus/src/Pegasus/Config/FixedPropertyTableLinux.h.cmpi-provider-lib 2006-06-13 14:00:13.000000000 -0400
|
||||||
|
+++ pegasus/src/Pegasus/Config/FixedPropertyTableLinux.h 2006-07-27 14:01:23.000000000 -0400
|
||||||
|
@@ -65,7 +65,7 @@
|
||||||
|
{"crlStore", PEGASUS_SSL_SERVER_CRL},
|
||||||
|
#endif
|
||||||
|
{"repositoryDir", PEGASUS_REPOSITORY_DIR},
|
||||||
|
- {"providerDir", PEGASUS_PROVIDER_LIB_DIR ":/usr/" PEGASUS_ARCH_LIB "/cmpi"},
|
||||||
|
+ {"providerDir", PEGASUS_PROVIDER_LIB_DIR ":" PEGASUS_DEST_LIB_DIR "/cmpi"},
|
||||||
|
#else /* PEGASUS_OVERRIDE_DEFAULT_RELEASE_DIRS */
|
||||||
|
{"traceFilePath", "/var/opt/tog-pegasus/cache/trace/cimserver.trc"},
|
||||||
|
#if !defined(PEGASUS_USE_SYSLOGS)
|
439
pegasus-2.5.2-local-or-remote-auth.patch
Normal file
439
pegasus-2.5.2-local-or-remote-auth.patch
Normal file
@ -0,0 +1,439 @@
|
|||||||
|
--- pegasus/src/Pegasus/Server/HTTPAuthenticatorDelegator.cpp.local-or-remote-auth 2006-03-10 18:18:37.000000000 -0500
|
||||||
|
+++ pegasus/src/Pegasus/Server/HTTPAuthenticatorDelegator.cpp 2006-07-27 14:04:18.000000000 -0400
|
||||||
|
@@ -384,6 +384,9 @@
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
+ // Let Authenticators know whether this user is Local or Remote:
|
||||||
|
+ httpMessage->authInfo->setRemoteUser( httpMessage->fromRemoteHost );
|
||||||
|
+
|
||||||
|
//
|
||||||
|
// Handle authentication:
|
||||||
|
//
|
||||||
|
--- pegasus/src/Pegasus/Security/Authentication/PAMBasicAuthenticatorUnix.cpp.local-or-remote-auth 2006-01-30 11:18:28.000000000 -0500
|
||||||
|
+++ pegasus/src/Pegasus/Security/Authentication/PAMBasicAuthenticatorUnix.cpp 2006-07-27 14:04:18.000000000 -0400
|
||||||
|
@@ -48,6 +48,8 @@
|
||||||
|
#include <prot.h>
|
||||||
|
#endif
|
||||||
|
|
||||||
|
+#include <syslog.h>
|
||||||
|
+
|
||||||
|
#if defined (PEGASUS_USE_PAM_STANDALONE_PROC)
|
||||||
|
#include <Pegasus/Common/Logger.h>
|
||||||
|
#include <Pegasus/Common/IPC.h>
|
||||||
|
@@ -131,7 +133,8 @@
|
||||||
|
|
||||||
|
Boolean PAMBasicAuthenticator::authenticate(
|
||||||
|
const String& userName,
|
||||||
|
- const String& password)
|
||||||
|
+ const String& password,
|
||||||
|
+ Boolean isRemoteUser)
|
||||||
|
{
|
||||||
|
PEG_METHOD_ENTER(TRC_AUTHENTICATION,
|
||||||
|
"PAMBasicAuthenticator::authenticate()");
|
||||||
|
@@ -139,7 +142,7 @@
|
||||||
|
Boolean authenticated;
|
||||||
|
|
||||||
|
#if !defined(PEGASUS_USE_PAM_STANDALONE_PROC)
|
||||||
|
- authenticated = _authenticateByPAM(userName, password);
|
||||||
|
+ authenticated = _authenticateByPAM(userName, password, isRemoteUser);
|
||||||
|
#else
|
||||||
|
//
|
||||||
|
// Mutex to Serialize Authentication calls.
|
||||||
|
@@ -147,8 +150,9 @@
|
||||||
|
Tracer::trace(TRC_AUTHENTICATION, Tracer::LEVEL4,
|
||||||
|
"Authentication Mutex lock.");
|
||||||
|
AutoMutex lock(_authSerializeMutex);
|
||||||
|
- authenticated = _pamBasicAuthenticatorStandAlone.authenticate(
|
||||||
|
- userName, password);
|
||||||
|
+ authenticated =
|
||||||
|
+ _pamBasicAuthenticatorStandAlone->authenticate(userName,
|
||||||
|
+ password);
|
||||||
|
#endif
|
||||||
|
|
||||||
|
PEG_METHOD_EXIT();
|
||||||
|
@@ -157,7 +161,8 @@
|
||||||
|
|
||||||
|
Boolean PAMBasicAuthenticator::_authenticateByPAM(
|
||||||
|
const String& userName,
|
||||||
|
- const String& password)
|
||||||
|
+ const String& password,
|
||||||
|
+ Boolean isRemoteUser)
|
||||||
|
{
|
||||||
|
PEG_METHOD_ENTER(TRC_AUTHENTICATION,
|
||||||
|
"PAMBasicAuthenticator::_authenticateByPAM()");
|
||||||
|
@@ -167,6 +172,7 @@
|
||||||
|
pam_handle_t *phandle;
|
||||||
|
char *name;
|
||||||
|
APP_DATA mydata;
|
||||||
|
+ int retcode;
|
||||||
|
|
||||||
|
//
|
||||||
|
// Store the password for PAM authentication
|
||||||
|
@@ -180,13 +186,31 @@
|
||||||
|
// Tracer::trace(TRC_AUTHENTICATION, Tracer::LEVEL4,
|
||||||
|
// "PAMBasicAuthenticator::_authenticateByPAM() - userName = %s; userPassword = %s",
|
||||||
|
// (const char *)userName.getCString(), (const char *)password.getCString());
|
||||||
|
+
|
||||||
|
+ // NOTE: if any pam call should log anything, our syslog socket will be redirected
|
||||||
|
+ // to the AUTH facility, so we need to redirect it back after each pam call.
|
||||||
|
|
||||||
|
//
|
||||||
|
//Call pam_start since you need to before making any other PAM calls
|
||||||
|
//
|
||||||
|
- if ( ( pam_start(service,
|
||||||
|
+
|
||||||
|
+ if ( (retcode = pam_start(service,
|
||||||
|
(const char *)userName.getCString(), &pconv, &phandle) ) != PAM_SUCCESS )
|
||||||
|
{
|
||||||
|
+ closelog();
|
||||||
|
+ openlog("cimserver", LOG_PID, LOG_DAEMON);
|
||||||
|
+ syslog( LOG_ERR, "pam_start failed: %s", pam_strerror(phandle, retcode));
|
||||||
|
+ PEG_METHOD_EXIT();
|
||||||
|
+ return (authenticated);
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+
|
||||||
|
+ if ( (retcode = pam_set_item(phandle, PAM_TTY, isRemoteUser ? "wbemNetwork" : "wbemLocal")) != PAM_SUCCESS )
|
||||||
|
+ {
|
||||||
|
+ pam_end(phandle, 0);
|
||||||
|
+ closelog();
|
||||||
|
+ openlog("cimserver", LOG_PID, LOG_DAEMON);
|
||||||
|
+ syslog( LOG_ERR, "pam_set_item(PAM_TTY=wbem) failed: %s", pam_strerror(phandle, retcode));
|
||||||
|
PEG_METHOD_EXIT();
|
||||||
|
return (authenticated);
|
||||||
|
}
|
||||||
|
@@ -194,7 +218,7 @@
|
||||||
|
//
|
||||||
|
//Call pam_authenticate to authenticate the user
|
||||||
|
//
|
||||||
|
- if ( ( pam_authenticate(phandle, 0) ) == PAM_SUCCESS )
|
||||||
|
+ if ( ( retcode = pam_authenticate(phandle, 0) ) == PAM_SUCCESS )
|
||||||
|
{
|
||||||
|
Tracer::trace(TRC_AUTHENTICATION, Tracer::LEVEL4,
|
||||||
|
"pam_authenticate successful.");
|
||||||
|
@@ -203,22 +227,40 @@
|
||||||
|
//checking for password and account expiration, as well as verifying access
|
||||||
|
//hour restrictions.
|
||||||
|
//
|
||||||
|
- if ( ( pam_acct_mgmt(phandle, 0) ) == PAM_SUCCESS )
|
||||||
|
+
|
||||||
|
+ if ( ( retcode = pam_acct_mgmt(phandle, 0) ) == PAM_SUCCESS )
|
||||||
|
{
|
||||||
|
Tracer::trace(TRC_AUTHENTICATION, Tracer::LEVEL4,
|
||||||
|
"pam_acct_mgmt successful.");
|
||||||
|
authenticated = true;
|
||||||
|
- }
|
||||||
|
+ }else
|
||||||
|
+ {
|
||||||
|
+ closelog();
|
||||||
|
+ openlog("cimserver", LOG_PID, LOG_DAEMON);
|
||||||
|
+ syslog(LOG_ERR, "pam_acct_mgmt failed: %s",pam_strerror(phandle, retcode));
|
||||||
|
+ }
|
||||||
|
+ }else
|
||||||
|
+ {
|
||||||
|
+ closelog();
|
||||||
|
+ openlog("cimserver", LOG_PID, LOG_DAEMON);
|
||||||
|
+ syslog(LOG_ERR, "pam_authenticate failed: %s",pam_strerror(phandle, retcode));
|
||||||
|
}
|
||||||
|
-
|
||||||
|
//
|
||||||
|
//Call pam_end to end our PAM work
|
||||||
|
//
|
||||||
|
pam_end(phandle, 0);
|
||||||
|
+ closelog();
|
||||||
|
+ openlog("cimserver", LOG_PID, LOG_DAEMON);
|
||||||
|
|
||||||
|
- PEG_METHOD_EXIT();
|
||||||
|
+ if ( ! authenticated )
|
||||||
|
+ syslog(LOG_ERR, "PAM authentication failed for %s user: %s",
|
||||||
|
+ isRemoteUser ? "remote" : "local",
|
||||||
|
+ (const char*)userName.getCString()
|
||||||
|
+ );
|
||||||
|
|
||||||
|
+ PEG_METHOD_EXIT();
|
||||||
|
return (authenticated);
|
||||||
|
+
|
||||||
|
}
|
||||||
|
|
||||||
|
Boolean PAMBasicAuthenticator::validateUser(const String& userName)
|
||||||
|
@@ -233,6 +275,7 @@
|
||||||
|
pam_handle_t *phandle;
|
||||||
|
char *name;
|
||||||
|
APP_DATA mydata;
|
||||||
|
+ int retcode;
|
||||||
|
|
||||||
|
const char *service = "wbem";
|
||||||
|
pconv.conv = PAMBasicAuthenticator::pamValidateUserCallback;
|
||||||
|
@@ -241,21 +284,43 @@
|
||||||
|
//
|
||||||
|
// Call pam_start since you need to before making any other PAM calls
|
||||||
|
//
|
||||||
|
- if ( pam_start(service,
|
||||||
|
- (const char *)userName.getCString(), &pconv, &phandle) != PAM_SUCCESS)
|
||||||
|
- {
|
||||||
|
+ if ( (retcode =
|
||||||
|
+ pam_start(service,(const char *)userName.getCString(), &pconv, &phandle)
|
||||||
|
+ ) != PAM_SUCCESS
|
||||||
|
+ )
|
||||||
|
+ {
|
||||||
|
+ closelog();
|
||||||
|
+ openlog("cimserver", LOG_PID, LOG_DAEMON);
|
||||||
|
+ syslog( LOG_ERR, "pam_start() failed: %s", pam_strerror(phandle, retcode));
|
||||||
|
PEG_METHOD_EXIT();
|
||||||
|
return (authenticated);
|
||||||
|
}
|
||||||
|
|
||||||
|
+ if ( (retcode = pam_set_item(phandle, PAM_TTY, "wbemLocal")) != PAM_SUCCESS )
|
||||||
|
+ {
|
||||||
|
+ pam_end(phandle, 0);
|
||||||
|
+ closelog();
|
||||||
|
+ openlog("cimserver", LOG_PID, LOG_DAEMON);
|
||||||
|
+ syslog( LOG_ERR, "pam_set_item(PAM_TTY=wbemLocal) failed: %s", pam_strerror(phandle, retcode));
|
||||||
|
+ PEG_METHOD_EXIT();
|
||||||
|
+ return (authenticated);
|
||||||
|
+ }
|
||||||
|
//
|
||||||
|
// Call pam_acct_mgmt, to check if the user account is valid. This includes
|
||||||
|
// checking for account expiration, as well as verifying access
|
||||||
|
// hour restrictions.
|
||||||
|
//
|
||||||
|
- if ( pam_acct_mgmt(phandle, 0) == PAM_SUCCESS )
|
||||||
|
- {
|
||||||
|
+ if ( (retcode = pam_acct_mgmt(phandle, 0)) == PAM_SUCCESS )
|
||||||
|
+ {
|
||||||
|
authenticated = true;
|
||||||
|
+ }else
|
||||||
|
+ {
|
||||||
|
+ pam_end(phandle, 0);
|
||||||
|
+ closelog();
|
||||||
|
+ openlog("cimserver", LOG_PID, LOG_DAEMON);
|
||||||
|
+ syslog( LOG_ERR, "pam_acct_mgmt() failed: %s", pam_strerror(phandle, retcode));
|
||||||
|
+ PEG_METHOD_EXIT();
|
||||||
|
+ return (authenticated);
|
||||||
|
}
|
||||||
|
|
||||||
|
//
|
||||||
|
@@ -263,6 +328,9 @@
|
||||||
|
//
|
||||||
|
pam_end(phandle, 0);
|
||||||
|
|
||||||
|
+ closelog();
|
||||||
|
+ openlog("cimserver", LOG_PID, LOG_DAEMON);
|
||||||
|
+
|
||||||
|
#else
|
||||||
|
//
|
||||||
|
// Mutex to Serialize Authentication calls.
|
||||||
|
--- pegasus/src/Pegasus/Security/Authentication/BasicAuthenticator.h.local-or-remote-auth 2006-01-30 11:18:28.000000000 -0500
|
||||||
|
+++ pegasus/src/Pegasus/Security/Authentication/BasicAuthenticator.h 2006-07-27 14:04:18.000000000 -0400
|
||||||
|
@@ -67,7 +67,8 @@
|
||||||
|
*/
|
||||||
|
virtual Boolean authenticate(
|
||||||
|
const String& userName,
|
||||||
|
- const String& password) = 0;
|
||||||
|
+ const String& password,
|
||||||
|
+ Boolean isRemoteUser) = 0;
|
||||||
|
|
||||||
|
/** Construct and return the HTTP Basic authentication challenge header
|
||||||
|
@return A string containing the authentication challenge header.
|
||||||
|
--- pegasus/src/Pegasus/Security/Authentication/BasicAuthenticationHandler.cpp.local-or-remote-auth 2006-07-11 13:25:28.000000000 -0400
|
||||||
|
+++ pegasus/src/Pegasus/Security/Authentication/BasicAuthenticationHandler.cpp 2006-07-27 14:07:01.000000000 -0400
|
||||||
|
@@ -163,7 +163,7 @@
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
- authenticated = _basicAuthenticator->authenticate(userName, password);
|
||||||
|
+ authenticated = _basicAuthenticator->authenticate(userName, password, authInfo->isRemoteUser());
|
||||||
|
|
||||||
|
if (authenticated)
|
||||||
|
{
|
||||||
|
--- pegasus/src/Pegasus/Security/Authentication/PAMBasicAuthenticatorStub.cpp.local-or-remote-auth 2006-01-30 11:18:28.000000000 -0500
|
||||||
|
+++ pegasus/src/Pegasus/Security/Authentication/PAMBasicAuthenticatorStub.cpp 2006-07-27 14:04:18.000000000 -0400
|
||||||
|
@@ -92,7 +92,8 @@
|
||||||
|
|
||||||
|
Boolean PAMBasicAuthenticator::authenticate(
|
||||||
|
const String& userName,
|
||||||
|
- const String& password)
|
||||||
|
+ const String& password,
|
||||||
|
+ Boolean isRemoteUser)
|
||||||
|
{
|
||||||
|
PEG_METHOD_ENTER(TRC_AUTHENTICATION,
|
||||||
|
"PAMBasicAuthenticator::authenticate()");
|
||||||
|
--- pegasus/src/Pegasus/Security/Authentication/PAMBasicAuthenticator.h.local-or-remote-auth 2006-01-30 11:18:28.000000000 -0500
|
||||||
|
+++ pegasus/src/Pegasus/Security/Authentication/PAMBasicAuthenticator.h 2006-07-27 14:04:18.000000000 -0400
|
||||||
|
@@ -73,7 +73,8 @@
|
||||||
|
*/
|
||||||
|
Boolean authenticate(
|
||||||
|
const String& userName,
|
||||||
|
- const String& password);
|
||||||
|
+ const String& password,
|
||||||
|
+ Boolean isRemoteUser);
|
||||||
|
|
||||||
|
/** Verify PAM account management for the requesting user.
|
||||||
|
@param userName String containing the user name
|
||||||
|
@@ -102,7 +103,8 @@
|
||||||
|
|
||||||
|
Boolean _authenticateByPAM(
|
||||||
|
const String& userName,
|
||||||
|
- const String& password);
|
||||||
|
+ const String& password,
|
||||||
|
+ Boolean isRemoteUser);
|
||||||
|
|
||||||
|
void _createPAMStandalone();
|
||||||
|
|
||||||
|
@@ -158,7 +160,8 @@
|
||||||
|
*/
|
||||||
|
Boolean authenticate(
|
||||||
|
const String& userName,
|
||||||
|
- const String& password);
|
||||||
|
+ const String& password,
|
||||||
|
+ Boolean isRemoteUser);
|
||||||
|
|
||||||
|
/** Verify whether the user is valid.
|
||||||
|
@param userName String containing the user name
|
||||||
|
@@ -220,7 +223,8 @@
|
||||||
|
|
||||||
|
Boolean _authenticateByPAM(
|
||||||
|
const String& userName,
|
||||||
|
- const String& password);
|
||||||
|
+ const String& password,
|
||||||
|
+ Boolean isRemoteUser);
|
||||||
|
|
||||||
|
#if defined(PEGASUS_USE_PAM_STANDALONE_PROC)
|
||||||
|
PAMBasicAuthenticatorStandAlone _pamBasicAuthenticatorStandAlone;
|
||||||
|
--- pegasus/src/Pegasus/Common/AuthenticationInfoRep.cpp.local-or-remote-auth 2006-01-30 11:16:46.000000000 -0500
|
||||||
|
+++ pegasus/src/Pegasus/Common/AuthenticationInfoRep.cpp 2006-07-27 14:04:18.000000000 -0400
|
||||||
|
@@ -57,7 +57,8 @@
|
||||||
|
_privileged(false),
|
||||||
|
_authType(String::EMPTY),
|
||||||
|
_authStatus(NEW_REQUEST),
|
||||||
|
- _exportConnection(false)
|
||||||
|
+ _exportConnection(false),
|
||||||
|
+ _remoteUser(true)
|
||||||
|
{
|
||||||
|
PEG_METHOD_ENTER(
|
||||||
|
TRC_AUTHENTICATION, "AuthenticationInfoRep::AuthenticationInfoRep");
|
||||||
|
@@ -180,5 +181,14 @@
|
||||||
|
PEG_METHOD_EXIT();
|
||||||
|
}
|
||||||
|
|
||||||
|
+void AuthenticationInfoRep::setRemoteUser(Boolean remoteUser)
|
||||||
|
+{
|
||||||
|
+ PEG_METHOD_ENTER(TRC_AUTHENTICATION,
|
||||||
|
+ "AuthenticationInfoRep::setRemoteUser");
|
||||||
|
+
|
||||||
|
+ _remoteUser = remoteUser;
|
||||||
|
+
|
||||||
|
+ PEG_METHOD_EXIT();
|
||||||
|
+}
|
||||||
|
|
||||||
|
PEGASUS_NAMESPACE_END
|
||||||
|
--- pegasus/src/Pegasus/Common/HTTPMessage.cpp.local-or-remote-auth 2006-01-30 11:17:04.000000000 -0500
|
||||||
|
+++ pegasus/src/Pegasus/Common/HTTPMessage.cpp 2006-07-27 14:04:18.000000000 -0400
|
||||||
|
@@ -119,7 +119,8 @@
|
||||||
|
queueId(queueId_),
|
||||||
|
authInfo(0),
|
||||||
|
acceptLanguagesDecoded(false),
|
||||||
|
- contentLanguagesDecoded(false)
|
||||||
|
+ contentLanguagesDecoded(false),
|
||||||
|
+ fromRemoteHost(true)
|
||||||
|
{
|
||||||
|
if (cimException_)
|
||||||
|
cimException = *cimException_;
|
||||||
|
--- pegasus/src/Pegasus/Common/AuthenticationInfo.h.local-or-remote-auth 2006-01-30 11:16:46.000000000 -0500
|
||||||
|
+++ pegasus/src/Pegasus/Common/AuthenticationInfo.h 2006-07-27 14:04:18.000000000 -0400
|
||||||
|
@@ -331,6 +331,22 @@
|
||||||
|
_rep->setClientCertificateChain(clientCertificate);
|
||||||
|
}
|
||||||
|
|
||||||
|
+ /** Indicate whether the user is Remote
|
||||||
|
+ */
|
||||||
|
+ Boolean isRemoteUser() const
|
||||||
|
+ {
|
||||||
|
+ _checkRep();
|
||||||
|
+ return _rep->isRemoteUser();
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ /** Set the Remote User flag
|
||||||
|
+ */
|
||||||
|
+ void setRemoteUser(Boolean remoteUser)
|
||||||
|
+ {
|
||||||
|
+ _checkRep();
|
||||||
|
+ _rep->setRemoteUser(remoteUser);
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
private:
|
||||||
|
|
||||||
|
AuthenticationInfo(AuthenticationInfoRep* rep) : _rep(rep)
|
||||||
|
--- pegasus/src/Pegasus/Common/HTTPConnection.cpp.local-or-remote-auth 2006-05-12 14:28:20.000000000 -0400
|
||||||
|
+++ pegasus/src/Pegasus/Common/HTTPConnection.cpp 2006-07-27 14:04:18.000000000 -0400
|
||||||
|
@@ -1841,6 +1841,30 @@
|
||||||
|
"_requestCount = %d", _requestCount.get());
|
||||||
|
message->dest = _outputMessageQueue->getQueueId();
|
||||||
|
// SendForget(message);
|
||||||
|
+
|
||||||
|
+ // Allow authenticators to differentiate Remote and Local users:
|
||||||
|
+ struct sockaddr_in sin_peer, sin_svr; // don't need to worry about IPv6 yet ...
|
||||||
|
+ socklen_t slen1=sizeof(struct sockaddr_in), slen2=sizeof(struct sockaddr_in);
|
||||||
|
+ uint32_t sock = _socket.get()->getSocket() ;
|
||||||
|
+ memset(&sin_peer,'\0',slen1);
|
||||||
|
+ memset(&sin_svr, '\0',slen2);
|
||||||
|
+ if ( ( ::getpeername( sock, (struct sockaddr*)&sin_peer, &slen1) == 0 )
|
||||||
|
+ ||( ::getsockname( sock, (struct sockaddr*)&sin_svr, &slen2) == 0 )
|
||||||
|
+ )
|
||||||
|
+ {
|
||||||
|
+ if( sin_peer.sin_family == AF_INET )
|
||||||
|
+ {
|
||||||
|
+ if( ((ntohl( sin_peer.sin_addr.s_addr ) >> 24) & 0xff) == 127 )
|
||||||
|
+ // message was sent FROM localhost interface
|
||||||
|
+ message->fromRemoteHost = false;
|
||||||
|
+ }
|
||||||
|
+ if( sin_svr.sin_family == AF_INET )
|
||||||
|
+ {
|
||||||
|
+ if( ((ntohl( sin_svr.sin_addr.s_addr ) >> 24) & 0xff) == 127 )
|
||||||
|
+ // message was sent TO localhost interface
|
||||||
|
+ message->fromRemoteHost = false;
|
||||||
|
+ }
|
||||||
|
+ }
|
||||||
|
|
||||||
|
//
|
||||||
|
// Set the entry status to BUSY.
|
||||||
|
--- pegasus/src/Pegasus/Common/AuthenticationInfoRep.h.local-or-remote-auth 2006-01-30 11:16:46.000000000 -0500
|
||||||
|
+++ pegasus/src/Pegasus/Common/AuthenticationInfoRep.h 2006-07-27 14:04:18.000000000 -0400
|
||||||
|
@@ -143,6 +143,14 @@
|
||||||
|
|
||||||
|
void setExportConnection(Boolean exportConnection);
|
||||||
|
|
||||||
|
+ Boolean isRemoteUser() const
|
||||||
|
+ {
|
||||||
|
+ return _remoteUser;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ void setRemoteUser(Boolean remoteUser);
|
||||||
|
+
|
||||||
|
+
|
||||||
|
//PEP187
|
||||||
|
Array<SSLCertificateInfo*> getClientCertificateChain()
|
||||||
|
{
|
||||||
|
@@ -173,7 +181,8 @@
|
||||||
|
#endif
|
||||||
|
|
||||||
|
Boolean _exportConnection;
|
||||||
|
- Array<SSLCertificateInfo*> _clientCertificate;
|
||||||
|
+ Array<SSLCertificateInfo*> _clientCertificate;
|
||||||
|
+ Boolean _remoteUser;
|
||||||
|
};
|
||||||
|
|
||||||
|
PEGASUS_NAMESPACE_END
|
||||||
|
--- pegasus/src/Pegasus/Common/HTTPMessage.h.local-or-remote-auth 2006-01-30 11:17:04.000000000 -0500
|
||||||
|
+++ pegasus/src/Pegasus/Common/HTTPMessage.h 2006-07-27 14:04:18.000000000 -0400
|
||||||
|
@@ -80,7 +80,8 @@
|
||||||
|
ContentLanguageList contentLanguages;
|
||||||
|
Boolean acceptLanguagesDecoded;
|
||||||
|
Boolean contentLanguagesDecoded;
|
||||||
|
- CIMException cimException;
|
||||||
|
+ Boolean fromRemoteHost;
|
||||||
|
+ CIMException cimException;
|
||||||
|
|
||||||
|
void parse(
|
||||||
|
String& startLine,
|
2
sources
2
sources
@ -1 +1 @@
|
|||||||
b7b392d2ff7ba9a4a3b8d7722d47314b pegasus-2.5.1.tar.gz
|
988a751af48d0eb4f298d51eca78d1cc pegasus-2.5.2.tar.gz
|
||||||
|
@ -40,8 +40,8 @@
|
|||||||
%endif
|
%endif
|
||||||
%endif
|
%endif
|
||||||
|
|
||||||
Version: 2.5.1
|
Version: 2.5.2
|
||||||
Release: 11%{?LINUX_VERSION:%{LINUX_VERSION}}
|
Release: 1%{?LINUX_VERSION:%{LINUX_VERSION}}
|
||||||
Epoch: 2
|
Epoch: 2
|
||||||
#
|
#
|
||||||
Summary: OpenPegasus WBEM Services for Linux
|
Summary: OpenPegasus WBEM Services for Linux
|
||||||
@ -63,40 +63,17 @@ Patch0: pegasus-2.5.1-initscript.patch
|
|||||||
Patch1: pegasus-2.5.1-no-rpath.patch
|
Patch1: pegasus-2.5.1-no-rpath.patch
|
||||||
Patch2: pegasus-2.5.1-linkflags.patch
|
Patch2: pegasus-2.5.1-linkflags.patch
|
||||||
Patch3: pegasus-2.5.1-PIE.patch
|
Patch3: pegasus-2.5.1-PIE.patch
|
||||||
Patch4: pegasus-2.5.1-warnings.patch
|
#
|
||||||
|
# patches 4, 10, 12-14, 17-37 now upstream
|
||||||
|
#
|
||||||
Patch5: pegasus-2.5.1-redhat-config.patch
|
Patch5: pegasus-2.5.1-redhat-config.patch
|
||||||
Patch6: pegasus-2.5.1-cmpi-provider-lib.patch
|
Patch6: pegasus-2.5.2-cmpi-provider-lib.patch
|
||||||
Patch7: pegasus-2.5.1-local-or-remote-auth.patch
|
Patch7: pegasus-2.5.2-local-or-remote-auth.patch
|
||||||
Patch8: pegasus-2.5.1-pam-wbem.patch
|
Patch8: pegasus-2.5.1-pam-wbem.patch
|
||||||
Patch9: pegasus-2.5.1-parallel_make.patch
|
Patch9: pegasus-2.5.1-parallel_make.patch
|
||||||
Patch10: pegasus-2.5.1-fix_zseries_flags.patch
|
|
||||||
Patch11: pegasus-2.5.1-fix_tests.patch
|
Patch11: pegasus-2.5.1-fix_tests.patch
|
||||||
Patch12: pegasus-2.5.1-AutoPtr-Core.patch
|
Patch15: pegasus-2.5.2-PATH_MAX.patch
|
||||||
Patch13: pegasus-2.5.1-obz4934.patch
|
|
||||||
Patch14: pegasus-2.5.1-obz4945.patch
|
|
||||||
Patch15: pegasus-2.5.1-PATH_MAX.patch
|
|
||||||
Patch16: pegasus-2.5.1-HOSTNAME_MAX.patch
|
Patch16: pegasus-2.5.1-HOSTNAME_MAX.patch
|
||||||
Patch17: pegasus-2.5.1-fix_repupgrade.patch
|
|
||||||
Patch18: pegasus-2.5.1-obz4968_upcalls_oop.patch
|
|
||||||
Patch19: pegasus-2.5.1-obz4955.patch
|
|
||||||
Patch20: pegasus-2.5.1-obz4956.patch
|
|
||||||
Patch21: pegasus-2.5.1-obz4978.patch
|
|
||||||
Patch22: pegasus-2.5.1-obz4983.patch
|
|
||||||
Patch23: pegasus-2.5.1-obz4984.patch
|
|
||||||
Patch24: pegasus-2.5.1-obz4986.patch
|
|
||||||
Patch25: pegasus-2.5.1-obz5046.patch
|
|
||||||
Patch26: pegasus-2.5.1-obz5047.patch
|
|
||||||
Patch27: pegasus-2.5.1-obz5048.patch
|
|
||||||
Patch28: pegasus-2.5.1-obz5049.patch
|
|
||||||
Patch29: pegasus-2.5.1-obz5053.patch
|
|
||||||
Patch30: pegasus-2.5.1-obz5059.patch
|
|
||||||
Patch31: pegasus-2.5.1-obz5072.patch
|
|
||||||
Patch32: pegasus-2.5.1-obz5083.patch
|
|
||||||
Patch33: pegasus-2.5.1-obz5115.patch
|
|
||||||
Patch34: pegasus-2.5.1-obz5119.patch
|
|
||||||
Patch35: pegasus-2.5.1-obz5073.patch
|
|
||||||
Patch36: pegasus-2.5.1-obz5090.patch
|
|
||||||
Patch37: pegasus-2.5.1-obz5180.patch
|
|
||||||
Patch38: pegasus-2.5.1-bz198185.patch
|
Patch38: pegasus-2.5.1-bz198185.patch
|
||||||
#
|
#
|
||||||
Conflicts: openwbem
|
Conflicts: openwbem
|
||||||
@ -155,42 +132,16 @@ The OpenPegasus WBEM tests for the OpenPegasus %{version} Linux rpm.
|
|||||||
%patch1 -p1 -b .no-rpath
|
%patch1 -p1 -b .no-rpath
|
||||||
%patch2 -p1 -b .linkflags
|
%patch2 -p1 -b .linkflags
|
||||||
%patch3 -p1 -b .PIE
|
%patch3 -p1 -b .PIE
|
||||||
%patch4 -p1 -b .warnings
|
|
||||||
%patch5 -p1 -b .redhat-config
|
%patch5 -p1 -b .redhat-config
|
||||||
%patch6 -p1 -b .cmpi-provider-lib
|
%patch6 -p1 -b .cmpi-provider-lib
|
||||||
%patch7 -p1 -b .local-or-remote-auth
|
%patch7 -p1 -b .local-or-remote-auth
|
||||||
%patch8 -p1 -b .pam-wbem
|
%patch8 -p1 -b .pam-wbem
|
||||||
%patch9 -p1 -b .parallel-make
|
%patch9 -p1 -b .parallel-make
|
||||||
%patch10 -p1 -b .fix-zseries-flags
|
|
||||||
%patch11 -p1 -b .fix-tests
|
%patch11 -p1 -b .fix-tests
|
||||||
#%patch12 -p1 -b .AutoPtr-Core
|
|
||||||
#^- now fixed with upstream obz4968 patch
|
|
||||||
%patch13 -p1 -b .obz4934
|
|
||||||
%patch14 -p1 -b .obz4945
|
|
||||||
%patch15 -p1 -b .PATH_MAX
|
%patch15 -p1 -b .PATH_MAX
|
||||||
%patch16 -p1 -b .HOSTNAME_MAX
|
%patch16 -p1 -b .HOSTNAME_MAX
|
||||||
%patch17 -p1 -b .fix_repupgrade
|
|
||||||
%patch18 -p1 -b .obz4968_upcalls_oop
|
|
||||||
%patch19 -p1 -b .obz4955
|
|
||||||
%patch20 -p1 -b .obz4956
|
|
||||||
%patch21 -p1 -b .obz4978
|
|
||||||
%patch22 -p1 -b .obz4983
|
|
||||||
%patch23 -p1 -b .obz4984
|
|
||||||
%patch24 -p1 -b .obz4986
|
|
||||||
%patch25 -p1 -b .obz5046
|
|
||||||
%patch26 -p1 -b .obz5047
|
|
||||||
%patch27 -p1 -b .obz5048
|
|
||||||
%patch28 -p1 -b .obz5049
|
|
||||||
%patch29 -p1 -b .obz5053
|
|
||||||
%patch30 -p1 -b .obz5059
|
|
||||||
%patch31 -p1 -b .obz5072
|
|
||||||
%patch32 -p1 -b .obz5083
|
|
||||||
%patch33 -p1 -b .obz5115
|
|
||||||
%patch34 -p1 -b .obz5119
|
|
||||||
%patch35 -p1 -b .obz5073
|
|
||||||
%patch36 -p1 -b .obz5090
|
|
||||||
%patch37 -p1 -b .obz5180
|
|
||||||
%patch38 -p1 -b .bz198185
|
%patch38 -p1 -b .bz198185
|
||||||
|
find . -name 'CVS' -exec /bin/rm -rf '{}' ';' >/dev/null 2>&1 ||:;
|
||||||
|
|
||||||
%build
|
%build
|
||||||
rm -rf ${RPM_BUILD_ROOT} || :;
|
rm -rf ${RPM_BUILD_ROOT} || :;
|
||||||
@ -384,6 +335,11 @@ fi
|
|||||||
|
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Thu Jul 27 2006 Jason Vas Dias <jvdias@redhat.com> - 2:2.5.2-1.fc6
|
||||||
|
- Upgrade to upstream version 2.5.2
|
||||||
|
- fix bug 198185
|
||||||
|
- fix bug 200246
|
||||||
|
|
||||||
* Wed Jul 12 2006 Jesse Keating <jkeating@redhat.com> - 2:2.5.1-10.FC6.1
|
* Wed Jul 12 2006 Jesse Keating <jkeating@redhat.com> - 2:2.5.1-10.FC6.1
|
||||||
- rebuild
|
- rebuild
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user