rpms/tog-pegasus/devel pegasus-2.7.0-local-or-remote-auth.patch, NONE, 1.1 pegasus-2.7.0-no_snmp_tests.patch, NONE, 1.1 tog-pegasus.spec, 1.55, 1.56 pegasus-2.6.1-local-or-remote-auth.patch, 1.1, NONE
Vitezslav Crhonek (vcrhonek)
fedora-extras-commits at redhat.com
Mon Jan 21 14:52:26 UTC 2008
Author: vcrhonek
Update of /cvs/extras/rpms/tog-pegasus/devel
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv13239
Modified Files:
tog-pegasus.spec
Added Files:
pegasus-2.7.0-local-or-remote-auth.patch
pegasus-2.7.0-no_snmp_tests.patch
Removed Files:
pegasus-2.6.1-local-or-remote-auth.patch
Log Message:
remove snmp test from test rpm
pegasus-2.7.0-local-or-remote-auth.patch:
--- NEW FILE pegasus-2.7.0-local-or-remote-auth.patch ---
diff -up pegasus/src/Pegasus/Server/HTTPAuthenticatorDelegator.cpp_old pegasus/src/Pegasus/Server/HTTPAuthenticatorDelegator.cpp
--- pegasus/src/Pegasus/Server/HTTPAuthenticatorDelegator.cpp_old 2008-01-14 16:27:44.000000000 +0100
+++ pegasus/src/Pegasus/Server/HTTPAuthenticatorDelegator.cpp 2008-01-14 16:30:46.000000000 +0100
@@ -403,6 +403,9 @@ void HTTPAuthenticatorDelegator::handleH
Logger::STANDARD_LOG, System::CIMSERVER, Logger::TRACE,
"HTTPAuthenticatorDelegator - Authentication processing start"));
+ // Let Authenticators know whether this user is Local or Remote:
+ httpMessage->authInfo->setRemoteUser( httpMessage->fromRemoteHost );
+
//
// Handle authentication:
//
diff -up pegasus/src/Pegasus/Common/AuthenticationInfo.h_old pegasus/src/Pegasus/Common/AuthenticationInfo.h
--- pegasus/src/Pegasus/Common/AuthenticationInfo.h_old 2008-01-14 16:03:49.000000000 +0100
+++ pegasus/src/Pegasus/Common/AuthenticationInfo.h 2008-01-14 16:05:06.000000000 +0100
@@ -356,6 +356,22 @@ public:
return _rep->getRemotePrivilegedUserAccessChecked();
}
+ /** Indicate whether the user is Remote
+ */
+ Boolean isRemoteUser() const
+ {
+ _checkRep();
+ return _rep->isRemoteUser();
+ }
+
+ /** Set the Remote User flag
+ */
+ void setRemoteUser(Boolean remoteUser)
+ {
+ _checkRep();
+ _rep->setRemoteUser(remoteUser);
+ }
+
private:
AuthenticationInfo(AuthenticationInfoRep* rep) : _rep(rep)
diff -up pegasus/src/Pegasus/Common/HTTPConnection.cpp_old pegasus/src/Pegasus/Common/HTTPConnection.cpp
--- pegasus/src/Pegasus/Common/HTTPConnection.cpp_old 2008-01-14 16:08:30.000000000 +0100
+++ pegasus/src/Pegasus/Common/HTTPConnection.cpp 2008-01-14 16:12:45.000000000 +0100
@@ -2039,6 +2039,30 @@ void HTTPConnection::_handleReadEvent()
_incomingBuffer).get()));
}
+ // Allow authenticators to differentiate Remote and Local users:
+ struct sockaddr_in sin_peer, sin_svr; // don't need to worry about IPv6 yet ...
+ socklen_t slen1=sizeof(struct sockaddr_in), slen2=sizeof(struct sockaddr_in);
+ uint32_t sock = _socket.get()->getSocket() ;
+ memset(&sin_peer,'\0',slen1);
+ memset(&sin_svr, '\0',slen2);
+ if ( ( ::getpeername( sock, (struct sockaddr*)&sin_peer, &slen1) == 0 )
+ ||( ::getsockname( sock, (struct sockaddr*)&sin_svr, &slen2) == 0 )
+ )
+ {
+ if( sin_peer.sin_family == AF_INET )
+ {
+ if( ((ntohl( sin_peer.sin_addr.s_addr ) >> 24) & 0xff) == 127 )
+ // message was sent FROM localhost interface
+ message->fromRemoteHost = false;
+ }
+ if( sin_svr.sin_family == AF_INET )
+ {
+ if( ((ntohl( sin_svr.sin_addr.s_addr ) >> 24) & 0xff) == 127 )
+ // message was sent TO localhost interface
+ message->fromRemoteHost = false;
+ }
+ }
+
//
// increment request count
//
diff -up pegasus/src/Pegasus/Common/HTTPMessage.h_old pegasus/src/Pegasus/Common/HTTPMessage.h
--- pegasus/src/Pegasus/Common/HTTPMessage.h_old 2008-01-14 16:13:39.000000000 +0100
+++ pegasus/src/Pegasus/Common/HTTPMessage.h 2008-01-14 16:14:02.000000000 +0100
@@ -75,6 +75,7 @@ public:
ContentLanguageList contentLanguages;
Boolean acceptLanguagesDecoded;
Boolean contentLanguagesDecoded;
+ Boolean fromRemoteHost;
CIMException cimException;
void parse(
diff -up pegasus/src/Pegasus/Common/AuthenticationInfoRep.h_old pegasus/src/Pegasus/Common/AuthenticationInfoRep.h
--- pegasus/src/Pegasus/Common/AuthenticationInfoRep.h_old 2008-01-14 16:06:42.000000000 +0100
+++ pegasus/src/Pegasus/Common/AuthenticationInfoRep.h 2008-01-14 16:08:22.000000000 +0100
@@ -149,6 +149,13 @@ public:
void setSecurityAssociation();
#endif
+ Boolean isRemoteUser() const
+ {
+ return _remoteUser;
+ }
+
+ void setRemoteUser(Boolean remoteUser);
+
Array<SSLCertificateInfo*> getClientCertificateChain()
{
return _clientCertificate;
@@ -192,6 +199,7 @@ private:
Boolean _wasRemotePrivilegedUserAccessChecked;
Array<SSLCertificateInfo*> _clientCertificate;
+ Boolean _remoteUser;
};
PEGASUS_NAMESPACE_END
diff -up pegasus/src/Pegasus/Common/AuthenticationInfoRep.cpp_old pegasus/src/Pegasus/Common/AuthenticationInfoRep.cpp
--- pegasus/src/Pegasus/Common/AuthenticationInfoRep.cpp_old 2008-01-14 16:05:14.000000000 +0100
+++ pegasus/src/Pegasus/Common/AuthenticationInfoRep.cpp 2008-01-14 16:06:34.000000000 +0100
@@ -46,7 +46,8 @@ const String AuthenticationInfoRep::AUTH
AuthenticationInfoRep::AuthenticationInfoRep(Boolean flag)
: _connectionAuthenticated(false),
- _wasRemotePrivilegedUserAccessChecked(false)
+ _wasRemotePrivilegedUserAccessChecked(false),
+ _remoteUser(true)
{
PEG_METHOD_ENTER(
TRC_AUTHENTICATION, "AuthenticationInfoRep::AuthenticationInfoRep");
@@ -54,6 +55,16 @@ AuthenticationInfoRep::AuthenticationInf
PEG_METHOD_EXIT();
}
+void AuthenticationInfoRep::setRemoteUser(Boolean remoteUser)
+{
+ PEG_METHOD_ENTER(TRC_AUTHENTICATION,
+ "AuthenticationInfoRep::setRemoteUser");
+
+ _remoteUser = remoteUser;
+
+ PEG_METHOD_EXIT();
+}
+
AuthenticationInfoRep::~AuthenticationInfoRep()
{
PEG_METHOD_ENTER(
diff -up pegasus/src/Pegasus/Common/HTTPMessage.cpp_old pegasus/src/Pegasus/Common/HTTPMessage.cpp
--- pegasus/src/Pegasus/Common/HTTPMessage.cpp_old 2008-01-14 16:13:00.000000000 +0100
+++ pegasus/src/Pegasus/Common/HTTPMessage.cpp 2008-01-14 16:13:27.000000000 +0100
@@ -120,7 +120,8 @@ HTTPMessage::HTTPMessage(
queueId(queueId_),
authInfo(0),
acceptLanguagesDecoded(false),
- contentLanguagesDecoded(false)
+ contentLanguagesDecoded(false),
+ fromRemoteHost(true)
{
if (cimException_)
cimException = *cimException_;
diff -up pegasus/src/Pegasus/Security/Authentication/PAMBasicAuthenticator.h_old pegasus/src/Pegasus/Security/Authentication/PAMBasicAuthenticator.h
--- pegasus/src/Pegasus/Security/Authentication/PAMBasicAuthenticator.h_old 2008-01-14 16:15:56.000000000 +0100
+++ pegasus/src/Pegasus/Security/Authentication/PAMBasicAuthenticator.h 2008-01-14 16:16:41.000000000 +0100
@@ -55,7 +55,8 @@ public:
Boolean authenticate(
const String& userName,
- const String& password);
+ const String& password,
+ Boolean isRemoteUser);
Boolean validateUser(const String& userName);
diff -up pegasus/src/Pegasus/Security/Authentication/PAMBasicAuthenticatorStub.cpp_old pegasus/src/Pegasus/Security/Authentication/PAMBasicAuthenticatorStub.cpp
--- pegasus/src/Pegasus/Security/Authentication/PAMBasicAuthenticatorStub.cpp_old 2008-01-14 16:22:01.000000000 +0100
+++ pegasus/src/Pegasus/Security/Authentication/PAMBasicAuthenticatorStub.cpp 2008-01-14 16:22:31.000000000 +0100
@@ -85,7 +85,8 @@ PAMBasicAuthenticator::~PAMBasicAuthenti
Boolean PAMBasicAuthenticator::authenticate(
const String& userName,
- const String& password)
+ const String& password,
+ Boolean isRemoteUser)
{
PEG_METHOD_ENTER(TRC_AUTHENTICATION,
"PAMBasicAuthenticator::authenticate()");
diff -up pegasus/src/Pegasus/Security/Authentication/BasicAuthenticator.h_old pegasus/src/Pegasus/Security/Authentication/BasicAuthenticator.h
--- pegasus/src/Pegasus/Security/Authentication/BasicAuthenticator.h_old 2008-01-14 16:14:59.000000000 +0100
+++ pegasus/src/Pegasus/Security/Authentication/BasicAuthenticator.h 2008-01-14 16:15:46.000000000 +0100
@@ -67,7 +67,8 @@ public:
*/
virtual Boolean authenticate(
const String& userName,
- const String& password) = 0;
+ const String& password,
+ Boolean isRemoteUser) = 0;
/** Construct and return the HTTP Basic authentication challenge header
@return A string containing the authentication challenge header.
diff -up pegasus/src/Pegasus/Security/Authentication/PAMBasicAuthenticatorUnix.cpp_old pegasus/src/Pegasus/Security/Authentication/PAMBasicAuthenticatorUnix.cpp
--- pegasus/src/Pegasus/Security/Authentication/PAMBasicAuthenticatorUnix.cpp_old 2008-01-14 16:22:42.000000000 +0100
+++ pegasus/src/Pegasus/Security/Authentication/PAMBasicAuthenticatorUnix.cpp 2008-01-14 16:25:46.000000000 +0100
@@ -36,6 +36,8 @@
#include <Pegasus/Common/Tracer.h>
#include "PAMBasicAuthenticator.h"
+#include <syslog.h>
+
PEGASUS_USING_STD;
PEGASUS_NAMESPACE_BEGIN
@@ -72,7 +74,8 @@ PAMBasicAuthenticator::~PAMBasicAuthenti
Boolean PAMBasicAuthenticator::authenticate(
const String& userName,
- const String& password)
+ const String& password,
+ Boolean isRemoteUser)
{
PEG_METHOD_ENTER(TRC_AUTHENTICATION,
"PAMBasicAuthenticator::authenticate()");
diff -up pegasus/src/Pegasus/Security/Authentication/BasicAuthenticationHandler.cpp_old pegasus/src/Pegasus/Security/Authentication/BasicAuthenticationHandler.cpp
--- pegasus/src/Pegasus/Security/Authentication/BasicAuthenticationHandler.cpp_old 2008-01-14 16:14:09.000000000 +0100
+++ pegasus/src/Pegasus/Security/Authentication/BasicAuthenticationHandler.cpp 2008-01-14 16:14:42.000000000 +0100
@@ -164,7 +164,7 @@ Boolean BasicAuthenticationHandler::auth
}
authInfo->setRemotePrivilegedUserAccessChecked();
- authenticated = _basicAuthenticator->authenticate(userName, password);
+ authenticated = _basicAuthenticator->authenticate(userName, password, authInfo->isRemoteUser());
// Log audit message.
PEG_AUDIT_LOG(logBasicAuthentication(
pegasus-2.7.0-no_snmp_tests.patch:
--- NEW FILE pegasus-2.7.0-no_snmp_tests.patch ---
diff -up pegasus/Makefile.ReleaseTest_old pegasus/Makefile.ReleaseTest
--- pegasus/Makefile.ReleaseTest_old 2008-01-15 14:18:29.000000000 +0100
+++ pegasus/Makefile.ReleaseTest 2008-01-15 14:23:30.000000000 +0100
@@ -130,6 +130,7 @@ POSTSTARTTEST_CMDS = \
$(PEGASUS_TEST_DIR)/bin/TestIndicationStressTest@@IndicationStressTestClass@@test/TestProvider@@cleanup
ifdef PEGASUS_USE_NET_SNMP
+ POSTSTARTTEST_CMDS_NO_SNMP := $(POSTSTARTTEST_CMDS)
POSTSTARTTEST_CMDS += \
$(PEGASUS_TEST_DIR)/bin/TestSnmpHandler@@setup@@WQL \
$(PEGASUS_TEST_DIR)/bin/TestSnmpHandler@@run@@4@@2 \
@@ -206,10 +207,23 @@ createMakefile_poststarttests:
@$(ECHO-E) "poststarttests:" >> $(PEGASUS_STAGING_DIR)$(PEGASUS_TEST_DIR)/Makefile
@$(ECHO-E) "\t@$(MAKE) -s poststarttests_internal\n" >> $(PEGASUS_STAGING_DIR)$(PEGASUS_TEST_DIR)/Makefile
@$(ECHO-E) "poststarttests_internal:" >> $(PEGASUS_STAGING_DIR)$(PEGASUS_TEST_DIR)/Makefile
+ifdef PEGASUS_USE_NET_SNMP
+ @$(foreach i, $(POSTSTARTTEST_CMDS_NO_SNMP), $(ECHO-E) "\t$(subst @@, ,$(i))" >> $(PEGASUS_STAGING_DIR)$(PEGASUS_TEST_DIR)/Makefile;)
+else
@$(foreach i, $(POSTSTARTTEST_CMDS), $(ECHO-E) "\t$(subst @@, ,$(i))" >> $(PEGASUS_STAGING_DIR)$(PEGASUS_TEST_DIR)/Makefile;)
@$(ECHO-E) "" >> $(PEGASUS_STAGING_DIR)$(PEGASUS_TEST_DIR)/Makefile
+endif
createMakefile_tests:
+ifdef PEGASUS_USE_NET_SNMP
+ @$(ECHO-E) "# To test OpenPegasus with net-snmp support, please setup net-snmp" >> $(PEGASUS_STAGING_DIR)$(PEGASUS_TEST_DIR)/Makefile
+ @$(ECHO-E) "# and uncomment following four lines." >> $(PEGASUS_STAGING_DIR)$(PEGASUS_TEST_DIR)/Makefile
+ @$(ECHO-E) "#\t/usr/share/Pegasus/test/bin/TestSnmpHandler setup WQL" >> $(PEGASUS_STAGING_DIR)$(PEGASUS_TEST_DIR)/Makefile
+ @$(ECHO-E) "#\t/usr/share/Pegasus/test/bin/TestSnmpHandler run 4 2" >> $(PEGASUS_STAGING_DIR)$(PEGASUS_TEST_DIR)/Makefile
+ @$(ECHO-E) "#\t/usr/share/Pegasus/test/bin/TestSnmpHandler cleanup" >> $(PEGASUS_STAGING_DIR)$(PEGASUS_TEST_DIR)/Makefile
+ @$(ECHO-E) "#\t/usr/share/Pegasus/test/bin/TestSnmpHandler removelog" >> $(PEGASUS_STAGING_DIR)$(PEGASUS_TEST_DIR)/Makefile
+ @$(ECHO-E) "" >> $(PEGASUS_STAGING_DIR)$(PEGASUS_TEST_DIR)/Makefile
+endif
@$(ECHO-E) "###############################################################################" >> $(PEGASUS_STAGING_DIR)$(PEGASUS_TEST_DIR)/Makefile
@$(ECHO-E) "# The tests target stops the cimserver, runs the unit tests, starts the" >> $(PEGASUS_STAGING_DIR)$(PEGASUS_TEST_DIR)/Makefile
@$(ECHO-E) "# cimserver, and runs the poststarttests and local TestClient." >> $(PEGASUS_STAGING_DIR)$(PEGASUS_TEST_DIR)/Makefile
Index: tog-pegasus.spec
===================================================================
RCS file: /cvs/extras/rpms/tog-pegasus/devel/tog-pegasus.spec,v
retrieving revision 1.55
retrieving revision 1.56
diff -u -r1.55 -r1.56
--- tog-pegasus.spec 10 Jan 2008 12:05:13 -0000 1.55
+++ tog-pegasus.spec 21 Jan 2008 14:51:46 -0000 1.56
@@ -41,7 +41,7 @@
%endif
Version: 2.7.0
-Release: 4%{?dist}
+Release: 5%{?dist}
Epoch: 2
#
Summary: OpenPegasus WBEM Services for Linux
@@ -69,7 +69,7 @@
# 4: don't see how http://cvs.rdg.opengroup.org/bugzilla/show_bug.cgi?id=5099 fixed it
Patch4: pegasus-2.6.0-cmpi-provider-lib.patch
# 5: http://cvs.rdg.opengroup.org/bugzilla/show_bug.cgi?id=5010
-Patch5: pegasus-2.6.1-local-or-remote-auth.patch
+Patch5: pegasus-2.7.0-local-or-remote-auth.patch
# 6: http://cvs.rdg.opengroup.org/bugzilla/show_bug.cgi?id=5012
Patch6: pegasus-2.5.1-pam-wbem.patch
# 7: http://cvs.rdg.opengroup.org/bugzilla/show_bug.cgi?id=5006
@@ -78,6 +78,7 @@
Patch9: pegasus-2.6.0-cimuser.patch
Patch10: pegasus-2.7.0-cmpiheaders.patch
Patch11: pegasus-2.7.0-no_privilege_separation.patch
+Patch12: pegasus-2.7.0-no_snmp_tests.patch
#
Conflicts: openwbem
Provides: tog-pegasus-cimserver
@@ -138,13 +139,14 @@
%patch2 -p1 -b .PIE
%patch3 -p1 -b .redhat-config
%patch4 -p1 -b .cmpi-provider-lib
-#%patch5 -p1 -b .local-or-remote-auth
+%patch5 -p1 -b .local-or-remote-auth
%patch6 -p1 -b .pam-wbem
%patch7 -p1 -b .fix-tests
%patch8 -p1 -b .multilib
%patch9 -p1 -b .cimuser
%patch10 -p1 -b .cmpiheaders
%patch11 -p1 -b .no_privilege_separation
+%patch12 -p1 -b .no_snmp_tests
find . -name 'CVS' -exec /bin/rm -rf '{}' ';' >/dev/null 2>&1 ||:;
%build
@@ -440,6 +442,9 @@
%changelog
+* Mon Jan 21 2008 Vitezslav Crhonek <vcrhonek at redhat.com> - 2:2.7.0-5
+- No snmp tests in Test RPM
+
* Thu Jan 10 2008 Vitezslav Crhonek <vcrhonek at redhat.com> - 2:2.7.0-4
- Fix Test RPM
--- pegasus-2.6.1-local-or-remote-auth.patch DELETED ---
More information about the fedora-extras-commits
mailing list