From: Adam Dickmeiss Date: Mon, 21 Feb 2005 14:27:31 +0000 (+0000) Subject: Option -X now makes it possible to stop YAZ proxy by sending X-Git-Tag: YAZPROXY.1.0~8 X-Git-Url: http://git.indexdata.com/?p=yazproxy-moved-to-github.git;a=commitdiff_plain;h=e9a5a9feeb12335c668b73dbb6385908be6806f1 Option -X now makes it possible to stop YAZ proxy by sending "stop" as PROXY target (in init). This used to be debug code in a #if 0 .. #endif section. Moved a lot of "private" stuff to proxyp.h so that only Yaz_Proxy is publicly defined in include/yazproxy/proxy.h. Authentication info sent to target modified. Element renamed from "authentication" to "target-authentication" to avoid confusion with client authentication. It now takes an authentication type=open|idPass|anonymous . Value is user:group:password for idPass, user/pass for open. Option -U auth is no longer supported. --- diff --git a/NEWS b/NEWS index 196f87e..3d76936 100644 --- a/NEWS +++ b/NEWS @@ -1,3 +1,19 @@ +Option -X now makes it possible to stop YAZ proxy by sending +"stop" as PROXY target (in init). This used to be debug code in a +#if 0 .. #endif section. + +Moved a lot of "private" stuff to proxyp.h so that only Yaz_Proxy +is publicly defined in include/yazproxy/proxy.h. + +Authentication info sent to target modified. Element renamed from +"authentication" to "target-authentication" to avoid confusion with +client authentication. It now takes an authentication +type=open|idPass|anonymous . Value is user:group:password for idPass, +user/pass for open. Option -U auth is no longer supported. + +Update YAZ Proxy config schema yazproxy.xsd to include definitions +for new elements negotation-charset, negotiation-lang, module, etc. . +Bump version to 0.9. Started work on facility for module loading (plugins). Initial effort is to be able to authenticate via a module. See mod_sample.cpp. diff --git a/doc/yaz-proxy-ref.xml b/doc/yaz-proxy-ref.xml index c44603d..209a178 100644 --- a/doc/yaz-proxy-ref.xml +++ b/doc/yaz-proxy-ref.xml @@ -14,7 +14,6 @@ -m num -v level -t target - -U auth -o level -i seconds -T seconds @@ -86,14 +85,6 @@ initRequest. - -U auth - - Specifies authentication info to be sent to the backend target. - This is useful if you happen to have an internal target that - requires authentication, or if the client software does not allow - you to set it. - - -o level Sets level for optimization. Use zero to disable; non-zero diff --git a/etc/config.xml b/etc/config.xml index 6fffe7b..0265e45 100644 --- a/etc/config.xml +++ b/etc/config.xml @@ -1,17 +1,15 @@ - - + + xsi:schemaLocation="http://indexdata.dk/yazproxy/schema/0.9/ yazproxy.xsd" + > - iso-8859-1 localhost:9999 30 60 - 1000000 1000 @@ -31,6 +29,10 @@ 0 pqf.properties + my/bad + + iso-8859-1 + US 60 diff --git a/etc/explain.xml b/etc/explain.xml index 4db3c6b..3369e0e 100644 --- a/etc/explain.xml +++ b/etc/explain.xml @@ -2,7 +2,7 @@ localhost 9000 - gils + Default My Database diff --git a/etc/yazproxy.xsd b/etc/yazproxy.xsd index f447afc..4e30805 100644 --- a/etc/yazproxy.xsd +++ b/etc/yazproxy.xsd @@ -1,12 +1,12 @@ @@ -16,6 +16,7 @@ + @@ -33,7 +34,10 @@ - + + + + @@ -49,7 +53,29 @@ - + + + + + + + + + + + + + + + + + + + + + + + @@ -100,5 +126,6 @@ + diff --git a/include/yazproxy/module.h b/include/yazproxy/module.h index 6d2fd34..7afbff5 100644 --- a/include/yazproxy/module.h +++ b/include/yazproxy/module.h @@ -1,4 +1,4 @@ -/* $Id: module.h,v 1.1 2005-02-11 15:19:08 adam Exp $ +/* $Id: module.h,v 1.2 2005-02-21 14:27:31 adam Exp $ Copyright (c) 1998-2005, Index Data. This file is part of the yaz-proxy. @@ -34,10 +34,20 @@ struct Yaz_ProxyModule_entry { #define YAZPROXY_RET_PERM 2 /* Permissiong denied, reject etc. */ struct Yaz_ProxyModule_int0 { - void *(*init)(void); - void (*destroy)(void *handle); - int (*authenticate)(void *handle, - const char *user, const char *group, const char *pw); + void *(*init)(void); // Init handler - returns module-specific handle + + void (*destroy)( // Destroy handler + void *handle // module-specific handle as returned by init + ); + + int (*authenticate)( // Authenticate handler. Returns YAZPROXY_RET_.. + void *handle, // module-specific handle as returned by init + const char *name, // target name (or NULL if default target) + void *element_ptr, // xmlnodePtr thing to XML config this + const char *user, // User ID (or NULL if no suppliied User ID) + const char *group, // Group ID (or NULL if no supplied Group ID) + const char *pw // Password (or NULL if no supplied password) + ); }; #endif diff --git a/include/yazproxy/proxy.h b/include/yazproxy/proxy.h index 264aac5..95dc385 100644 --- a/include/yazproxy/proxy.h +++ b/include/yazproxy/proxy.h @@ -1,4 +1,4 @@ -/* $Id: proxy.h,v 1.12 2005-02-11 15:19:08 adam Exp $ +/* $Id: proxy.h,v 1.13 2005-02-21 14:27:32 adam Exp $ Copyright (c) 1998-2005, Index Data. This file is part of the yaz-proxy. @@ -38,134 +38,9 @@ class Yaz_Proxy; #define PROXY_LOG_REQ_CLIENT 4 #define PROXY_LOG_REQ_SERVER 8 -struct Yaz_RecordCache_Entry; -class Yaz_ProxyConfigP; class Yaz_usemarcon; - -class YAZ_EXPORT Yaz_ProxyConfig { -public: - Yaz_ProxyConfig(); - ~Yaz_ProxyConfig(); - int read_xml(const char *fname); - - int get_target_no(int no, - const char **name, - const char **url, - int *limit_bw, - int *limit_pdu, - int *limit_req, - int *target_idletime, - int *client_idletime, - int *max_clients, - int *keepalive_limit_bw, - int *keepalive_limit_pdu, - int *pre_init, - const char **cql2rpn, - const char **authentication, - const char **negotiation_charset, - const char **negotiation_lang); - - void get_generic_info(int *log_mask, int *max_clients); - - void get_target_info(const char *name, const char **url, - int *limit_bw, int *limit_pdu, int *limit_req, - int *target_idletime, int *client_idletime, - int *max_clients, - int *keepalive_limit_bw, int *keepalive_limit_pdu, - int *pre_init, - const char **cql2rpn, - const char **authentication, - const char **negotiation_charset, - const char **negotiation_lang); - - const char *check_mime_type(const char *path); - int check_query(ODR odr, const char *name, Z_Query *query, char **addinfo); - int check_syntax(ODR odr, const char *name, - Odr_oid *syntax, Z_RecordComposition *comp, - char **addinfo, char **stylesheet, char **schema, - char **backend_type, char **backend_charset, - char **usemarcon_ini_stage1, char **usemarcon_ini_stage2); - - int check_authentication(const char *user, const char *group, - const char *password); - char *get_explain_doc(ODR odr, const char *name, const char *db, - int *len); - const char *get_explain_name(const char *db, const char **backend_db); - private: - void operator=(const Yaz_ProxyConfig &conf); - class Yaz_ProxyConfigP *m_cp; -}; - -class YAZ_EXPORT Yaz_RecordCache { - public: - Yaz_RecordCache (); - ~Yaz_RecordCache (); - void add (ODR o, Z_NamePlusRecordList *npr, int start, int hits); - - int lookup (ODR o, Z_NamePlusRecordList **npr, int start, int num, - Odr_oid *syntax, Z_RecordComposition *comp); - void clear(); - - void copy_searchRequest(Z_SearchRequest *sr); - void copy_presentRequest(Z_PresentRequest *pr); - void set_max_size(int sz); - private: - NMEM m_mem; - Yaz_RecordCache_Entry *m_entries; - Z_SearchRequest *m_searchRequest; - Z_PresentRequest *m_presentRequest; - int match (Yaz_RecordCache_Entry *entry, - Odr_oid *syntax, int offset, - Z_RecordComposition *comp); - int m_max_size; -}; - -/// Private class -class YAZ_EXPORT Yaz_ProxyClient : public Yaz_Z_Assoc { - friend class Yaz_Proxy; - Yaz_ProxyClient(IYaz_PDU_Observable *the_PDU_Observable, - Yaz_Proxy *parent); - ~Yaz_ProxyClient(); - void recv_GDU(Z_GDU *apdu, int len); - void recv_Z_PDU(Z_APDU *apdu, int len); - void recv_HTTP_response(Z_HTTP_Response *apdu, int len); - IYaz_PDU_Observer* sessionNotify - (IYaz_PDU_Observable *the_PDU_Observable, int fd); - void shutdown(); - Yaz_Proxy *m_server; - void failNotify(); - void timeoutNotify(); - void connectNotify(); - int send_to_target(Z_APDU *apdu); - const char *get_session_str(); - char *m_cookie; - Yaz_ProxyClient *m_next; - Yaz_ProxyClient **m_prev; - int m_init_flag; - Yaz_Z_Query *m_last_query; - Yaz_Z_Databases m_last_databases; - char *m_last_resultSetId; - int m_last_ok; - int m_last_resultCount; - int m_sr_transform; - int m_seqno; - int m_waiting; - int m_resultSetStartPoint; - int m_bytes_sent; - int m_bytes_recv; - int m_pdu_recv; - ODR m_init_odr; - Z_APDU *m_initResponse; - Z_Options *m_initResponse_options; - Z_ProtocolVersion *m_initResponse_version; - int m_initResponse_preferredMessageSize; - int m_initResponse_maximumRecordSize; - Yaz_RecordCache m_cache; - void pre_init_client(); - int m_target_idletime; - Yaz_Proxy *m_root; -}; - +class Yaz_ProxyConfig; +class Yaz_ProxyClient; /// Information Retrieval Proxy Server. class YAZ_EXPORT Yaz_Proxy : public Yaz_Z_Assoc { @@ -191,9 +66,9 @@ class YAZ_EXPORT Yaz_Proxy : public Yaz_Z_Assoc { int m_keepalive_limit_pdu; int m_client_idletime; int m_target_idletime; + int m_debug_mode; char *m_proxyTarget; char *m_default_target; - char *m_proxy_authentication; char *m_proxy_negotiation_charset; char *m_proxy_negotiation_lang; long m_seed; @@ -305,7 +180,6 @@ class YAZ_EXPORT Yaz_Proxy : public Yaz_Z_Assoc { void markInvalid(); const char *option(const char *name, const char *value); void set_default_target(const char *target); - void set_proxy_authentication (const char *auth); void set_proxy_negotiation (const char *charset, const char *lang); char *get_proxy_target() { return m_proxyTarget; }; char *get_session_str() { return m_session_str; }; @@ -320,6 +194,7 @@ class YAZ_EXPORT Yaz_Proxy : public Yaz_Z_Assoc { void pre_init(); int get_log_mask() { return m_log_mask; }; int handle_init_response_for_invalid_session(Z_APDU *apdu); + void set_debug_mode(int mode); }; #endif diff --git a/src/mod_sample.cpp b/src/mod_sample.cpp index 05b121b..11c00ad 100644 --- a/src/mod_sample.cpp +++ b/src/mod_sample.cpp @@ -1,4 +1,4 @@ -/* $Id: mod_sample.cpp,v 1.1 2005-02-11 15:19:08 adam Exp $ +/* $Id: mod_sample.cpp,v 1.2 2005-02-21 14:27:32 adam Exp $ Copyright (c) 1998-2005, Index Data. This file is part of the yaz-proxy. @@ -24,6 +24,14 @@ Free Software Foundation, 59 Temple Place - Suite 330, Boston, MA #include +#if HAVE_XSLT +#include +#include +#include +#include +#include +#endif + void *my_init(void) { return 0; // no private data for handler @@ -34,11 +42,30 @@ void my_destroy(void *p) // private data destroy } -int my_authenticate(void *p, const char *user, const char *group, - const char *password) +int my_authenticate(void *user_handle, + const char *target_name, + void *element_ptr, + const char *user, const char *group, const char *password) { - fprintf(stderr, "my_authenticate: user=%s group=%s\n", - user ? user : "none", group ? group : "none"); + // see if we have an "args" attribute + const char *args = 0; +#if HAVE_XSLT + xmlNodePtr ptr = (xmlNodePtr) element_ptr; + struct _xmlAttr *attr; + + for (attr = ptr->properties; attr; attr = attr->next) + { + if (!strcmp((const char *) attr->name, "args") && + attr->children && attr->children->type == XML_TEXT_NODE) + args = (const char *) attr->children->content; + } +#endif + // args holds args (or NULL if none is provided) + + fprintf(stderr, "my_authenticate: target=%s user=%s group=%s args=%s\n", + target_name ? target_name : "none", + user ? user : "none", group ? group : "none", + args ? args : "none"); // authentication handler if (!user && !group && !password) return YAZPROXY_RET_OK; // OK if anonymous @@ -60,4 +87,3 @@ Yaz_ProxyModule_entry yazproxy_module = { "Sample Module for YAZ Proxy",// description &interface0 }; - diff --git a/src/proxyp.h b/src/proxyp.h index 1f2acd6..3485885 100644 --- a/src/proxyp.h +++ b/src/proxyp.h @@ -1,4 +1,4 @@ -/* $Id: proxyp.h,v 1.2 2005-02-11 15:19:08 adam Exp $ +/* $Id: proxyp.h,v 1.3 2005-02-21 14:27:32 adam Exp $ Copyright (c) 1998-2005, Index Data. This file is part of the yaz-proxy. @@ -34,6 +34,8 @@ Free Software Foundation, 59 Temple Place - Suite 330, Boston, MA #include #include +struct Yaz_RecordCache_Entry; + class Yaz_usemarcon { public: Yaz_usemarcon(); @@ -49,3 +51,131 @@ class Yaz_usemarcon { int dummy; #endif }; + +class Yaz_ProxyConfig { +public: + Yaz_ProxyConfig(); + ~Yaz_ProxyConfig(); + int read_xml(const char *fname); + + int get_target_no(int no, + const char **name, + const char **url, + int *limit_bw, + int *limit_pdu, + int *limit_req, + int *target_idletime, + int *client_idletime, + int *max_clients, + int *keepalive_limit_bw, + int *keepalive_limit_pdu, + int *pre_init, + const char **cql2rpn, + const char **authentication, + const char **negotiation_charset, + const char **negotiation_lang); + + void get_generic_info(int *log_mask, int *max_clients); + + void get_target_info(const char *name, const char **url, + int *limit_bw, int *limit_pdu, int *limit_req, + int *target_idletime, int *client_idletime, + int *max_clients, + int *keepalive_limit_bw, int *keepalive_limit_pdu, + int *pre_init, + const char **cql2rpn, + const char **negotiation_charset, + const char **negotiation_lang); + + const char *check_mime_type(const char *path); + int check_query(ODR odr, const char *name, Z_Query *query, char **addinfo); + int check_syntax(ODR odr, const char *name, + Odr_oid *syntax, Z_RecordComposition *comp, + char **addinfo, char **stylesheet, char **schema, + char **backend_type, char **backend_charset, + char **usemarcon_ini_stage1, char **usemarcon_ini_stage2); + + void target_authentication(const char *name, + ODR odr, + Z_InitRequest *req); + + int client_authentication(const char *name, + const char *user, const char *group, + const char *password); + char *get_explain_doc(ODR odr, const char *name, const char *db, + int *len); + const char *get_explain_name(const char *db, const char **backend_db); + private: + void operator=(const Yaz_ProxyConfig &conf); + class Yaz_ProxyConfigP *m_cp; +}; + +class Yaz_RecordCache { + public: + Yaz_RecordCache (); + ~Yaz_RecordCache (); + void add (ODR o, Z_NamePlusRecordList *npr, int start, int hits); + + int lookup (ODR o, Z_NamePlusRecordList **npr, int start, int num, + Odr_oid *syntax, Z_RecordComposition *comp); + void clear(); + + void copy_searchRequest(Z_SearchRequest *sr); + void copy_presentRequest(Z_PresentRequest *pr); + void set_max_size(int sz); + private: + NMEM m_mem; + Yaz_RecordCache_Entry *m_entries; + Z_SearchRequest *m_searchRequest; + Z_PresentRequest *m_presentRequest; + int match (Yaz_RecordCache_Entry *entry, + Odr_oid *syntax, int offset, + Z_RecordComposition *comp); + int m_max_size; +}; + +class Yaz_ProxyClient : public Yaz_Z_Assoc { + friend class Yaz_Proxy; + Yaz_ProxyClient(IYaz_PDU_Observable *the_PDU_Observable, + Yaz_Proxy *parent); + ~Yaz_ProxyClient(); + void recv_GDU(Z_GDU *apdu, int len); + void recv_Z_PDU(Z_APDU *apdu, int len); + void recv_HTTP_response(Z_HTTP_Response *apdu, int len); + IYaz_PDU_Observer* sessionNotify + (IYaz_PDU_Observable *the_PDU_Observable, int fd); + void shutdown(); + Yaz_Proxy *m_server; + void failNotify(); + void timeoutNotify(); + void connectNotify(); + int send_to_target(Z_APDU *apdu); + const char *get_session_str(); + char *m_cookie; + Yaz_ProxyClient *m_next; + Yaz_ProxyClient **m_prev; + int m_init_flag; + Yaz_Z_Query *m_last_query; + Yaz_Z_Databases m_last_databases; + char *m_last_resultSetId; + int m_last_ok; + int m_last_resultCount; + int m_sr_transform; + int m_seqno; + int m_waiting; + int m_resultSetStartPoint; + int m_bytes_sent; + int m_bytes_recv; + int m_pdu_recv; + ODR m_init_odr; + Z_APDU *m_initResponse; + Z_Options *m_initResponse_options; + Z_ProtocolVersion *m_initResponse_version; + int m_initResponse_preferredMessageSize; + int m_initResponse_maximumRecordSize; + Yaz_RecordCache m_cache; + void pre_init_client(); + int m_target_idletime; + Yaz_Proxy *m_root; +}; + diff --git a/src/yaz-proxy-config.cpp b/src/yaz-proxy-config.cpp index 951f1aa..29865e0 100644 --- a/src/yaz-proxy-config.cpp +++ b/src/yaz-proxy-config.cpp @@ -1,4 +1,4 @@ -/* $Id: yaz-proxy-config.cpp,v 1.16 2005-02-20 21:59:08 adam Exp $ +/* $Id: yaz-proxy-config.cpp,v 1.17 2005-02-21 14:27:32 adam Exp $ Copyright (c) 1998-2005, Index Data. This file is part of the yaz-proxy. @@ -31,7 +31,7 @@ Free Software Foundation, 59 Temple Place - Suite 330, Boston, MA class Yaz_ProxyModule { private: - void *m_dl_handle; /* dlopen/close handle */ + void *m_dl_handle; /* dlopen/close handle */ Yaz_ProxyModule_entry *m_entry; Yaz_ProxyModule *m_next; void *m_user_handle; /* user handle */ @@ -39,10 +39,20 @@ public: Yaz_ProxyModule(void *dl_handle, Yaz_ProxyModule_entry *ent, Yaz_ProxyModule *next); ~Yaz_ProxyModule(); + Yaz_ProxyModule *get_next() { return m_next; }; - int authenticate(const char *user, const char *group, const char *password); + int is_module(const char *name); + int authenticate(const char *target_name, void *element_ptr, + const char *user, const char *group, const char *password); }; +int Yaz_ProxyModule::is_module(const char *type) +{ + if (!type || !strcmp(m_entry->module_name, type)) + return 1; + return 0; +} + Yaz_ProxyModule::Yaz_ProxyModule(void *dl_handle, Yaz_ProxyModule_entry *ent, Yaz_ProxyModule *next) { @@ -73,7 +83,9 @@ Yaz_ProxyModule::~Yaz_ProxyModule() #endif } -int Yaz_ProxyModule::authenticate(const char *user, const char *group, +int Yaz_ProxyModule::authenticate(const char *name, + void *element_ptr, + const char *user, const char *group, const char *password) { if (m_entry->int_version == 0) @@ -83,7 +95,8 @@ int Yaz_ProxyModule::authenticate(const char *user, const char *group, if (!int0->authenticate) return YAZPROXY_RET_NOT_ME; - return (*int0->authenticate)(m_user_handle, user, group, password); + return (*int0->authenticate)(m_user_handle, name, element_ptr, + user, group, password); } return YAZPROXY_RET_NOT_ME; } @@ -108,7 +121,6 @@ class Yaz_ProxyConfigP { int *target_idletime, int *client_idletime, int *keepalive_limit_bw, int *keepalive_limit_pdu, int *pre_init, const char **cql2rpn, - const char **authentication, const char **negotiation_charset, const char **negotiation_lang); void return_limit(xmlNodePtr ptr, @@ -160,7 +172,14 @@ Yaz_ProxyConfig::~Yaz_ProxyConfig() #if HAVE_XSLT void Yaz_ProxyConfigP::unload_modules() { - yaz_log(YLOG_WARN, "unload_modules not implemented yet"); + Yaz_ProxyModule *m = m_modules; + while (m) + { + Yaz_ProxyModule *m_next = m->get_next(); + delete m; + m = m_next; + } + m_modules = 0; } #endif @@ -308,7 +327,6 @@ void Yaz_ProxyConfigP::return_target_info(xmlNodePtr ptr, int *keepalive_limit_pdu, int *pre_init, const char **cql2rpn, - const char **authentication, const char **negotiation_charset, const char **negotiation_lang) { @@ -375,13 +393,6 @@ void Yaz_ProxyConfigP::return_target_info(xmlNodePtr ptr, *cql2rpn = t; } if (ptr->type == XML_ELEMENT_NODE - && !strcmp((const char *) ptr->name, "authentication")) - { - const char *t = get_text(ptr); - if (t) - *authentication = t; - } - if (ptr->type == XML_ELEMENT_NODE && !strcmp((const char *) ptr->name, "negotiation-charset")) { const char *t = get_text(ptr); @@ -632,19 +643,108 @@ const char *Yaz_ProxyConfig::check_mime_type(const char *path) } -int Yaz_ProxyConfig::check_authentication(const char *user, - const char *group, - const char *password) +void Yaz_ProxyConfig::target_authentication(const char *name, + ODR odr, Z_InitRequest *req) { - Yaz_ProxyModule *m = m_cp->m_modules; +#if HAVE_XSLT + xmlNodePtr ptr = m_cp->find_target_node(name, 0); + if (!ptr) + return ; + + for (ptr = ptr->children; ptr; ptr = ptr->next) + if (ptr->type == XML_ELEMENT_NODE && + !strcmp((const char *) ptr->name, "target-authentication")) + { + struct _xmlAttr *attr; + const char *type = "open"; + for (attr = ptr->properties; attr; attr = attr->next) + { + if (!strcmp((const char *) attr->name, "type") && + attr->children && attr->children->type == XML_TEXT_NODE) + type = (const char *) attr->children->content; + } + const char *t = m_cp->get_text(ptr); + if (!t || !strcmp(type, "none")) + req->idAuthentication = 0; + else if (!strcmp(type, "anonymous")) + { + req->idAuthentication = + (Z_IdAuthentication *) + odr_malloc (odr, sizeof(*req->idAuthentication)); + req->idAuthentication->which = + Z_IdAuthentication_anonymous; + req->idAuthentication->u.anonymous = odr_nullval(); + } + else if (!strcmp(type, "open")) + { + req->idAuthentication = + (Z_IdAuthentication *) + odr_malloc (odr, sizeof(*req->idAuthentication)); + req->idAuthentication->which = + Z_IdAuthentication_open; + req->idAuthentication->u.open = odr_strdup (odr, t); + } + else if (!strcmp(type, "idPass")) + { + char user[64], group[64], password[64]; + *group = '\0'; + *password = '\0'; + *user = '\0'; + sscanf(t, "%63[^:]:%63[^:]:%63s", user, group, password); + + req->idAuthentication = + (Z_IdAuthentication *) + odr_malloc (odr, sizeof(*req->idAuthentication)); + req->idAuthentication->which = + Z_IdAuthentication_idPass; + req->idAuthentication->u.idPass = + (Z_IdPass*) odr_malloc(odr, sizeof(Z_IdPass)); + req->idAuthentication->u.idPass->userId = + *user ? odr_strdup(odr, user) : 0; + req->idAuthentication->u.idPass->groupId = + *group ? odr_strdup(odr, group) : 0; + req->idAuthentication->u.idPass->password = + *password ? odr_strdup(odr, password) : 0; + } + } +#endif +} +int Yaz_ProxyConfig::client_authentication(const char *name, + const char *user, + const char *group, + const char *password) +{ int ret = YAZPROXY_RET_NOT_ME; - for (; m; m = m->get_next()) - { - ret = m->authenticate(user, group, password); - if (ret != YAZPROXY_RET_NOT_ME) - break; - } +#if HAVE_XSLT + xmlNodePtr ptr; + ptr = m_cp->find_target_node(name, 0); + if (!ptr) + return 1; + for (ptr = ptr->children; ptr; ptr = ptr->next) + if (ptr->type == XML_ELEMENT_NODE && + !strcmp((const char *) ptr->name, "client-authentication")) + { + struct _xmlAttr *attr; + const char *module_name = 0; + for (attr = ptr->properties; attr; attr = attr->next) + { + if (!strcmp((const char *) attr->name, "module") && + attr->children && attr->children->type == XML_TEXT_NODE) + module_name = (const char *) attr->children->content; + } + Yaz_ProxyModule *m = m_cp->m_modules; + for (; m; m = m->get_next()) + { + if (m->is_module(module_name)) + { + ret = m->authenticate(name, ptr, user, group, password); + if (ret != YAZPROXY_RET_NOT_ME) + break; + } + } + } +#endif if (ret == YAZPROXY_RET_PERM) return 0; return 1; @@ -948,7 +1048,7 @@ int Yaz_ProxyConfig::get_target_no(int no, limit_bw, limit_pdu, limit_req, target_idletime, client_idletime, keepalive_limit_bw, keepalive_limit_pdu, - pre_init, cql2rpn, authentication, + pre_init, cql2rpn, negotiation_charset, negotiation_lang); return 1; } @@ -1147,7 +1247,6 @@ void Yaz_ProxyConfig::get_target_info(const char *name, int *keepalive_limit_pdu, int *pre_init, const char **cql2rpn, - const char **authentication, const char **negotiation_charset, const char **negotiation_lang) { @@ -1185,7 +1284,7 @@ void Yaz_ProxyConfig::get_target_info(const char *name, m_cp->return_target_info(ptr, url, limit_bw, limit_pdu, limit_req, target_idletime, client_idletime, keepalive_limit_bw, keepalive_limit_pdu, - pre_init, cql2rpn, authentication, + pre_init, cql2rpn, negotiation_charset, negotiation_lang); } #else diff --git a/src/yaz-proxy-main.cpp b/src/yaz-proxy-main.cpp index e25b1e4..f40c64a 100644 --- a/src/yaz-proxy-main.cpp +++ b/src/yaz-proxy-main.cpp @@ -1,4 +1,4 @@ -/* $Id: yaz-proxy-main.cpp,v 1.11 2005-02-11 15:39:55 adam Exp $ +/* $Id: yaz-proxy-main.cpp,v 1.12 2005-02-21 14:27:32 adam Exp $ Copyright (c) 1998-2005, Index Data. This file is part of the yaz-proxy. @@ -76,7 +76,7 @@ int args(Yaz_Proxy *proxy, int argc, char **argv) char *prog = argv[0]; int ret; - while ((ret = options("o:a:t:v:c:u:i:m:l:T:p:U:n:X", + while ((ret = options("o:a:t:v:c:u:i:m:l:T:p:n:X", argv, argc, &arg)) != -2) { int err; @@ -109,9 +109,6 @@ int args(Yaz_Proxy *proxy, int argc, char **argv) case 't': proxy->set_default_target(arg); break; - case 'U': - proxy->set_proxy_authentication(arg); - break; case 'o': proxy->option("optimize", arg); break; @@ -135,6 +132,7 @@ int args(Yaz_Proxy *proxy, int argc, char **argv) no_limit_files = atoi(arg); break; case 'X': + proxy->set_debug_mode(1); debug = 1; break; case 'p': diff --git a/src/yaz-proxy.cpp b/src/yaz-proxy.cpp index 4400bbb..0e07078 100644 --- a/src/yaz-proxy.cpp +++ b/src/yaz-proxy.cpp @@ -1,4 +1,4 @@ -/* $Id: yaz-proxy.cpp,v 1.22 2005-02-11 15:19:08 adam Exp $ +/* $Id: yaz-proxy.cpp,v 1.23 2005-02-21 14:27:32 adam Exp $ Copyright (c) 1998-2005, Index Data. This file is part of the yaz-proxy. @@ -38,6 +38,7 @@ Free Software Foundation, 59 Temple Place - Suite 330, Boston, MA #endif #include +#include #include #include @@ -116,7 +117,6 @@ Yaz_Proxy::Yaz_Proxy(IYaz_PDU_Observable *the_PDU_Observable, m_keepalive_limit_pdu = 1000; m_proxyTarget = 0; m_default_target = 0; - m_proxy_authentication = 0; m_proxy_negotiation_charset = 0; m_proxy_negotiation_lang = 0; m_max_clients = 150; @@ -196,7 +196,6 @@ Yaz_Proxy::~Yaz_Proxy() xfree(m_proxyTarget); xfree(m_default_target); - xfree(m_proxy_authentication); xfree(m_proxy_negotiation_charset); xfree(m_proxy_negotiation_lang); xfree(m_optimize); @@ -222,6 +221,11 @@ Yaz_Proxy::~Yaz_Proxy() delete m_config; } +void Yaz_Proxy::set_debug_mode(int mode) +{ + m_debug_mode = mode; +} + int Yaz_Proxy::set_config(const char *config) { delete m_config; @@ -242,14 +246,6 @@ void Yaz_Proxy::set_default_target(const char *target) m_default_target = (char *) xstrdup (target); } -void Yaz_Proxy::set_proxy_authentication (const char *auth) -{ - xfree (m_proxy_authentication); - m_proxy_authentication = 0; - if (auth) - m_proxy_authentication = (char *) xstrdup (auth); -} - void Yaz_Proxy::set_proxy_negotiation (const char *charset, const char *lang) { yaz_log(YLOG_LOG, "%sSet the proxy negotiation: charset to '%s', " @@ -310,7 +306,6 @@ IYaz_PDU_Observer *Yaz_Proxy::sessionNotify(IYaz_PDU_Observable new_proxy->set_APDU_yazlog(1); else new_proxy->set_APDU_yazlog(0); - new_proxy->set_proxy_authentication(m_proxy_authentication); new_proxy->set_proxy_negotiation(m_proxy_negotiation_charset, m_proxy_negotiation_lang); sprintf(new_proxy->m_session_str, "%ld:%d ", (long) time(0), m_session_no); @@ -415,18 +410,18 @@ Yaz_ProxyClient *Yaz_Proxy::get_client(Z_APDU *apdu, const char *cookie, Yaz_ProxyConfig *cfg = check_reconfigure(); if (proxy_host) { -#if 0 -/* only to be enabled for debugging... */ - if (!strcmp(proxy_host, "stop")) - exit(0); -#endif + if (parent && parent->m_debug_mode) + { + // only to be enabled for debugging... + if (!strcmp(proxy_host, "stop")) + exit(0); + } xfree(m_default_target); m_default_target = xstrdup(proxy_host); } proxy_host = m_default_target; int client_idletime = -1; const char *cql2rpn_fname = 0; - const char *authentication = 0; const char *negotiation_charset = 0; const char *negotiation_lang = 0; url[0] = m_default_target; @@ -442,7 +437,6 @@ Yaz_ProxyClient *Yaz_Proxy::get_client(Z_APDU *apdu, const char *cookie, &m_keepalive_limit_pdu, &pre_init, &cql2rpn_fname, - &authentication, &negotiation_charset, &negotiation_lang); } @@ -453,11 +447,12 @@ Yaz_ProxyClient *Yaz_Proxy::get_client(Z_APDU *apdu, const char *cookie, } if (cql2rpn_fname) m_cql2rpn.set_pqf_file(cql2rpn_fname); - if (authentication) - set_proxy_authentication(authentication); if (negotiation_charset || negotiation_lang) + { + yaz_log(YLOG_LOG, "set_proxy_negotiation..."); set_proxy_negotiation(negotiation_charset, negotiation_lang); + } if (!url[0]) { yaz_log(YLOG_LOG, "%sNo default target", m_session_str); @@ -561,23 +556,9 @@ Yaz_ProxyClient *Yaz_Proxy::get_client(Z_APDU *apdu, const char *cookie, } Z_InitRequest *initRequest = apdu->u.initRequest; - if (!initRequest->idAuthentication) - { - if (m_proxy_authentication) - { - initRequest->idAuthentication = - (Z_IdAuthentication *) - odr_malloc (odr_encode(), - sizeof(*initRequest->idAuthentication)); - initRequest->idAuthentication->which = - Z_IdAuthentication_open; - initRequest->idAuthentication->u.open = - odr_strdup (odr_encode(), m_proxy_authentication); - } - } - else + if (initRequest->idAuthentication) { - // the client use authentication. We set the keepalive PDU + // the client uses authentication. We set the keepalive PDU // to 0 so we don't cache it in releaseClient m_keepalive_limit_pdu = 0; } @@ -844,6 +825,7 @@ void Yaz_Proxy::convert_to_frontend_type(Z_NamePlusRecordList *p) continue; } #endif +/* HAVE_USEMARCON */ npr->u.databaseRecord = z_ext_record(odr_encode(), m_frontend_type, @@ -1850,11 +1832,11 @@ int Yaz_Proxy::handle_authentication(Z_APDU *apdu) int ret; if (req->idAuthentication == 0) { - ret = cfg->check_authentication(0, 0, 0); + ret = cfg->client_authentication(m_default_target, 0, 0, 0); } else if (req->idAuthentication->which == Z_IdAuthentication_idPass) { - ret = cfg->check_authentication( + ret = cfg->client_authentication(m_default_target, req->idAuthentication->u.idPass->userId, req->idAuthentication->u.idPass->groupId, req->idAuthentication->u.idPass->password); @@ -1865,10 +1847,13 @@ int Yaz_Proxy::handle_authentication(Z_APDU *apdu) *user = '\0'; *pass = '\0'; sscanf(req->idAuthentication->u.open, "%63[^/]/%63s", user, pass); - ret = cfg->check_authentication(user, 0, pass); + ret = cfg->client_authentication(m_default_target, user, 0, pass); } else - ret = cfg->check_authentication(0, 0, 0); + ret = cfg->client_authentication(m_default_target, 0, 0, 0); + + cfg->target_authentication(m_default_target, odr_encode(), req); + return ret; }