Back to index

nordugrid-arc-nox  1.1.0~rc6
test2vomsserver.cpp
Go to the documentation of this file.
00001 // -*- indent-tabs-mode: nil -*-
00002 
00003 #ifdef HAVE_CONFIG_H
00004 #include <config.h>
00005 #endif
00006 
00007 #include <iostream>
00008 #include <signal.h>
00009 #include <fstream>
00010 
00011 #include <arc/ArcConfig.h>
00012 #include <arc/Logger.h>
00013 #include <arc/URL.h>
00014 #include <arc/message/SOAPEnvelope.h>
00015 #include <arc/message/PayloadSOAP.h>
00016 #include <arc/message/MCC.h>
00017 #include <arc/message/MCCLoader.h>
00018 #include <arc/client/ClientInterface.h>
00019 #include <arc/credential/VOMSAttribute.h>
00020 #include <arc/credential/VOMSUtil.h>
00021 #include <arc/credential/Credential.h>
00022 #include <arc/crypto/OpenSSL.h>
00023 #ifdef WIN32
00024 #include <arc/win32.h>
00025 #endif
00026 
00027 int main(void) {
00028   setlocale(LC_ALL, "");
00029 
00030   Arc::OpenSSLInit();
00031 
00032   Arc::Logger logger(Arc::Logger::getRootLogger(), "Test2VOMSServer");
00033   Arc::LogStream logcerr(std::cerr);
00034   logcerr.setFormat(Arc::ShortFormat);
00035   Arc::Logger::getRootLogger().addDestination(logcerr);
00036   Arc::Logger::getRootLogger().setThreshold(Arc::DEBUG);
00037 
00038   std::string cert("../../tests/echo/usercert.pem");
00039   std::string key("../../tests/echo/userkey.pem");
00040   std::string cadir("../../tests/echo/certificates/");
00041   Arc::Credential signer(cert, key, cadir, "");
00042 
00043   //Generate a temporary self-signed proxy certificate
00044   //to contact the voms server
00045   std::string private_key, signing_cert, signing_cert_chain;
00046   std::string out_file_ac("./out_withac.pem");
00047 
00048   Arc::Time t;
00049   int keybits = 1024;
00050   std::string req_str;
00051   Arc::Credential cred_request(t, Arc::Period(12 * 3600), keybits, "rfc", "inheritAll", "", -1);
00052   cred_request.GenerateRequest(req_str);
00053 
00054   Arc::Credential proxy;
00055   proxy.InquireRequest(req_str);
00056 
00057   signer.SignRequest(&proxy, out_file_ac.c_str());
00058 
00059   cred_request.OutputPrivatekey(private_key);
00060   signer.OutputCertificate(signing_cert);
00061   signer.OutputCertificateChain(signing_cert_chain);
00062   std::ofstream out_f(out_file_ac.c_str(), std::ofstream::app);
00063   out_f.write(private_key.c_str(), private_key.size());
00064   out_f.write(signing_cert.c_str(), signing_cert.size());
00065   out_f.write(signing_cert_chain.c_str(), signing_cert_chain.size());
00066   out_f.close();
00067 
00068 
00069 
00070   //Contact the voms server to retrieve attribute certificate
00071 
00072   // The message which will be sent to voms server
00073   //std::string send_msg("<?xml version=\"1.0\" encoding = \"US-ASCII\"?><voms><command>G/playground.knowarc.eu</command><lifetime>43200</lifetime></voms>");
00074   std::string send_msg("<?xml version=\"1.0\" encoding = \"US-ASCII\"?><voms><command>G/knowarc.eu</command><lifetime>43200</lifetime></voms>");
00075 
00076 
00077   std::cout << "Send message to peer end through GSS communication: " << send_msg << " Size: " << send_msg.length() << std::endl;
00078 
00079   Arc::MCCConfig cfg;
00080   cfg.AddProxy(out_file_ac);
00081   //cfg.AddProxy("/tmp/x509up_u1001");
00082   //cfg.AddCertificate("/home/wzqiang/arc-0.9/src/tests/echo/usercert.pem");
00083   //cfg.AddPrivateKey("/home/wzqiang/arc-0.9/src/tests/echo/userkey-nopass.pem");
00084   cfg.AddCADir("../../tests/echo/certificates/");
00085 
00086   //Arc::ClientTCP client(cfg, "arthur.hep.lu.se", 15001, Arc::GSISec, 60);
00087   Arc::ClientTCP client(cfg, "arthur.hep.lu.se", 15001, Arc::SSL3Sec, 60);
00088   //Arc::ClientTCP client(cfg, "squark.uio.no", 15011, Arc::GSISec, 60);
00089 
00090   Arc::PayloadRaw request;
00091   request.Insert(send_msg.c_str(), 0, send_msg.length());
00092   //Arc::PayloadRawInterface& buffer = dynamic_cast<Arc::PayloadRawInterface&>(request);
00093   //std::cout<<"Message in PayloadRaw:  "<<((Arc::PayloadRawInterface&)buffer).Content()<<std::endl;
00094 
00095   Arc::PayloadStreamInterface *response = NULL;
00096   Arc::MCC_Status status = client.process(&request, &response, true);
00097   if (!status) {
00098     logger.msg(Arc::ERROR, (std::string)status);
00099     if (response)
00100       delete response;
00101     return 1;
00102   }
00103   if (!response) {
00104     logger.msg(Arc::ERROR, "No stream response");
00105     return 1;
00106   }
00107 
00108   std::string ret_str;
00109   int length;
00110   char ret_buf[1024];
00111   memset(ret_buf, 0, 1024);
00112   int len;
00113   do {
00114     len = 1024;
00115     response->Get(&ret_buf[0], len);
00116     ret_str.append(ret_buf, len);
00117     memset(ret_buf, 0, 1024);
00118   } while (len == 1024);
00119 
00120   logger.msg(Arc::INFO, "Returned msg from voms server: %s ", ret_str.c_str());
00121 
00122 
00123   //Put the return attribute certificate into proxy certificate as the extension part
00124   Arc::XMLNode node(ret_str);
00125   std::string codedac;
00126   codedac = (std::string)(node["ac"]);
00127   std::cout << "Coded AC: " << codedac << std::endl;
00128   std::string decodedac;
00129   int size;
00130   char *dec = NULL;
00131   dec = Arc::VOMSDecode((char*)(codedac.c_str()), codedac.length(), &size);
00132   decodedac.append(dec, size);
00133   if (dec != NULL) {
00134     free(dec);
00135     dec = NULL;
00136   }
00137   //std::cout<<"Decoded AC: "<<decodedac<<std::endl<<" Size: "<<size<<std::endl;
00138 
00139   ArcCredential::AC **aclist = NULL;
00140   std::string acorder;
00141   Arc::addVOMSAC(aclist, acorder, decodedac);
00142 
00143   Arc::Credential proxy1;
00144   proxy1.InquireRequest(req_str);
00145   //Add AC extension to proxy certificat before signing it
00146   proxy1.AddExtension("acseq", (char**)aclist);
00147   signer.SignRequest(&proxy1, out_file_ac.c_str());
00148 
00149   std::ofstream out_f1(out_file_ac.c_str(), std::ofstream::app);
00150   out_f1.write(private_key.c_str(), private_key.size());
00151   out_f1.write(signing_cert.c_str(), signing_cert.size());
00152   out_f1.write(signing_cert_chain.c_str(), signing_cert_chain.size());
00153   out_f1.close();
00154 
00155 
00156   if (response)
00157     delete response;
00158   return 0;
00159 }