AccessControl/LocalCredentialData.cpp

Go to the documentation of this file.
00001 /*
00002  * Distributed under the OpenDDS License.
00003  * See: http://www.OpenDDS.org/license.html
00004  */
00005 
00006 #include "LocalCredentialData.h"
00007 #include "dds/DCPS/security/CommonUtilities.h"
00008 
00009 namespace OpenDDS {
00010 namespace Security {
00011 
00012     //LocalAccessCredentialData::LocalAccessCredentialData(const DDS::PropertySeq& props)
00013     //{
00014     //  load(props);
00015     //}
00016 
00017     LocalAccessCredentialData::LocalAccessCredentialData()
00018     {
00019 
00020     }
00021 
00022     LocalAccessCredentialData::~LocalAccessCredentialData()
00023     {
00024 
00025     }
00026 
00027     CORBA::Boolean LocalAccessCredentialData::load(const DDS::PropertySeq& props,
00028                                                    ::DDS::Security::SecurityException& ex)
00029     {
00030       const std::string file("file:");
00031       bool permission = false,
00032            governance = false,
00033            ca = false;
00034 
00035       for (size_t i = 0; i < props.length(); ++i) {
00036         const std::string name = props[i].name.in();
00037         const std::string value = props[i].value.in();
00038 
00039         if (name == "dds.sec.access.permissions_ca") {
00040           if (value.length() > 0) {
00041             if (value.find(file) != std::string::npos) {
00042               std::string fn = extract_file_name(value);
00043 
00044               if (!fn.empty()) {
00045                 if (!file_exists(fn)) {
00046                   CommonUtilities::set_security_error(ex, -1, 0, "AccessControlBuiltInImpl::validate_local_permissions: Certificate file could not be found");
00047                   return false;
00048                 }
00049               }
00050             }
00051           }
00052           else {
00053             CommonUtilities::set_security_error(ex, -1, 0, "AccessControlBuiltInImpl::validate_local_permissions: Certificate filename not provided");
00054             return false;
00055           }
00056 
00057           ca_cert_.reset(new SSL::Certificate(value));
00058           ca = true;
00059         } else if (name == "dds.sec.access.governance") {
00060           if (value.length() > 0) {
00061             if (value.find(file) != std::string::npos) {
00062               std::string fn = extract_file_name(value);
00063 
00064               if (!fn.empty()) {
00065                 if (!file_exists(fn)) {
00066                   CommonUtilities::set_security_error(ex, -1, 0, "AccessControlBuiltInImpl::validate_local_permissions: Governance file could not be found");
00067                   return false;
00068                 }
00069               }
00070             }
00071           }
00072           else {
00073             CommonUtilities::set_security_error(ex, -1, 0, "AccessControlBuiltInImpl::validate_local_permissions: Governance filename not provided");
00074             return false;
00075           }
00076 
00077           governance_doc_.reset(new SSL::SignedDocument(value));
00078           governance = true;
00079         } else if (name == "dds.sec.access.permissions") {
00080           if (value.length() > 0) {
00081             if (value.find(file) != std::string::npos) {
00082               std::string fn = extract_file_name(value);
00083 
00084               if (!fn.empty()) {
00085                 if (!file_exists(fn)) {
00086                   CommonUtilities::set_security_error(ex, -1, 0, "AccessControlBuiltInImpl::validate_local_permissions: Permissions file could not be found");
00087                   return false;
00088                 }
00089               }
00090             }
00091           }
00092           else {
00093             CommonUtilities::set_security_error(ex, -1, 0, "AccessControlBuiltInImpl::validate_local_permissions: Permissions filename not provided");
00094             return false;
00095           }
00096 
00097           permissions_doc_.reset(new SSL::SignedDocument(value));
00098           permission = true;
00099         }
00100       }
00101 
00102       // If props did not have all 3 properties in it, set the missing properties to an empty string
00103       if (props.length() != 3) {
00104         if (!permission) {
00105           CommonUtilities::set_security_error(ex, -1, 0, "AccessControlBuiltInImpl::validate_local_permissions: Certificate data not provided");
00106           return false;
00107         }
00108 
00109         if (!governance) {
00110           CommonUtilities::set_security_error(ex, -1, 0, "AccessControlBuiltInImpl::validate_local_permissions: Governance data not provided");
00111           return false;
00112         }
00113 
00114         if (!ca) {
00115           CommonUtilities::set_security_error(ex, -1, 0, "AccessControlBuiltInImpl::validate_local_permissions: Permissions data not provided");
00116           return false;
00117         }
00118       }
00119 
00120       return true;
00121     }
00122 
00123     std::string LocalAccessCredentialData::extract_file_name(const std::string & file_parm)
00124     {
00125       std::string del = ":";
00126       u_long pos = file_parm.find_last_of(del);
00127       if ((pos > 0UL) && (pos != file_parm.length() - 1)) {
00128         return file_parm.substr(pos + 1);
00129       }
00130       else {
00131         return std::string("");
00132       }
00133     }
00134 
00135     ::CORBA::Boolean LocalAccessCredentialData::file_exists(const std::string & name)
00136     {
00137       struct stat buffer;
00138       return (stat(name.c_str(), &buffer) == 0);
00139     }
00140 
00141 }
00142 }
 All Classes Namespaces Files Functions Variables Typedefs Enumerations Enumerator Friends Defines
Generated on 10 Aug 2018 for OpenDDS by  doxygen 1.6.1