+Option -X now makes it possible to stop YAZ proxy by sending
+"stop" as PROXY target (in init). This used to be debug code in a
+#if 0 .. #endif section.
+
+Moved a lot of "private" stuff to proxyp.h so that only Yaz_Proxy
+is publicly defined in include/yazproxy/proxy.h.
+
+Authentication info sent to target modified. Element renamed from
+"authentication" to "target-authentication" to avoid confusion with
+client authentication. It now takes an authentication
+type=open|idPass|anonymous . Value is user:group:password for idPass,
+user/pass for open. Option -U auth is no longer supported.
+
+Update YAZ Proxy config schema yazproxy.xsd to include definitions
+for new elements negotation-charset, negotiation-lang, module, etc. .
+Bump version to 0.9.
Started work on facility for module loading (plugins). Initial
effort is to be able to authenticate via a module. See mod_sample.cpp.
<arg choice="opt">-m <replaceable>num</replaceable></arg>
<arg choice="opt">-v <replaceable>level</replaceable></arg>
<arg choice="opt">-t <replaceable>target</replaceable></arg>
- <arg choice="opt">-U <replaceable>auth</replaceable></arg>
<arg choice="opt">-o <replaceable>level</replaceable></arg>
<arg choice="opt">-i <replaceable>seconds</replaceable></arg>
<arg choice="opt">-T <replaceable>seconds</replaceable></arg>
<literal>initRequest</literal>.
</para></listitem>
</varlistentry>
- <varlistentry><term>-U <replaceable>auth</replaceable></term>
- <listitem><para>
- Specifies authentication info to be sent to the backend target.
- This is useful if you happen to have an internal target that
- requires authentication, or if the client software does not allow
- you to set it.
- </para></listitem>
- </varlistentry>
<varlistentry><term>-o <replaceable>level</replaceable></term>
<listitem><para>
Sets level for optimization. Use zero to disable; non-zero
<?xml version="1.0"?>
-<!-- $Id: config.xml,v 1.8 2005-02-11 15:19:07 adam Exp $ -->
-<proxy xmlns="http://indexdata.dk/yazproxy/schema/0.8/"
+<!-- $Id: config.xml,v 1.9 2005-02-21 14:27:31 adam Exp $ -->
+<proxy xmlns="http://indexdata.dk/yazproxy/schema/0.9/"
xmlns:xi="http://www.w3.org/2001/XInclude"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://indexdata.dk/yazproxy/schema/0.8/ yazproxy.xsd"
->
+ xsi:schemaLocation="http://indexdata.dk/yazproxy/schema/0.9/ yazproxy.xsd"
+ >
<!-- Config can be checked with xerces-c++: PParse -n -s config.xml -->
<target name="localhost" default="1">
- <negotiation-charset>iso-8859-1</negotiation-charset>
<url>localhost:9999</url>
<target-timeout>30</target-timeout>
<client-timeout>60</client-timeout>
- <authentication handler="pipe" args="authenticate.pl"/>
<keepalive>
<bandwidth>1000000</bandwidth>
<pdu>1000</pdu>
<preinit>0</preinit>
<xi:include href="explain.xml"/>
<cql2rpn>pqf.properties</cql2rpn>
+ <target-authentication type="open">my/bad</target-authentication>
+ <client-authentication module="sample" args="authenticate.pl"/>
+ <negotiation-charset>iso-8859-1</negotiation-charset>
+ <negotiation-lang>US</negotiation-lang>
</target>
<target name="*">
<target-timeout>60</target-timeout>
<serverInfo>
<host>localhost</host>
<port>9000</port>
- <database>gils</database>
+ <database>Default</database>
</serverInfo>
<databaseInfo>
<title>My Database</title>
<?xml version="1.0"?>
<!-- XML Schema for YAZ proxy config file.
- $Id: yazproxy.xsd,v 1.7 2004-12-03 14:28:18 adam Exp $
+ $Id: yazproxy.xsd,v 1.8 2005-02-21 14:27:31 adam Exp $
-->
<xs:schema
xmlns:xs="http://www.w3.org/2001/XMLSchema"
xmlns:exp="http://explain.z3950.org/dtd/2.0/"
- xmlns="http://indexdata.dk/yazproxy/schema/0.8/"
- targetNamespace="http://indexdata.dk/yazproxy/schema/0.8/"
+ xmlns="http://indexdata.dk/yazproxy/schema/0.9/"
+ targetNamespace="http://indexdata.dk/yazproxy/schema/0.9/"
>
<xs:import namespace="http://explain.z3950.org/dtd/2.0/"
schemaLocation="zeerex-2.0.xsd"/>
<xs:element ref="target" minOccurs="0" maxOccurs="unbounded"/>
<xs:element ref="max-clients" minOccurs="0"/>
<xs:element ref="log" minOccurs="0"/>
+ <xs:element ref="module" minOccurs="0"/>
</xs:sequence>
</xs:complexType>
</xs:element>
<xs:element ref="preinit" minOccurs="0"/>
<xs:element ref="exp:explain" minOccurs="0"/>
<xs:element ref="cql2rpn" minOccurs="0"/>
- <xs:element ref="authentication" minOccurs="0"/>
+ <xs:element ref="target-authentication" minOccurs="0"/>
+ <xs:element ref="client-authentication" minOccurs="0"/>
+ <xs:element ref="negotiation-charset" minOccurs="0"/>
+ <xs:element ref="negotiation-lang" minOccurs="0"/>
</xs:sequence>
<xs:attribute name="default" type="xs:string" use="optional"/>
<xs:attribute name="name" type="xs:string"/>
<xs:element name="retrieve" type="xs:integer"/>
<xs:element name="preinit" type="xs:integer"/>
<xs:element name="cql2rpn" type="xs:string"/>
- <xs:element name="authentication" type="xs:string"/>
+ <xs:element name="target-authentication">
+ <xs:complexType>
+ <xs:simpleContent>
+ <xs:extension base="xs:string">
+ <xs:attribute name="type" type="xs:string"/>
+ </xs:extension>
+ </xs:simpleContent>
+ </xs:complexType>
+ </xs:element>
+
+ <xs:element name="client-authentication">
+ <xs:complexType>
+ <xs:simpleContent>
+ <xs:extension base="xs:string">
+ <xs:attribute name="module" type="xs:string"/>
+ <xs:attribute name="args" type="xs:string"/>
+ </xs:extension>
+ </xs:simpleContent>
+ </xs:complexType>
+ </xs:element>
+
+ <xs:element name="negotiation-charset" type="xs:string"/>
+ <xs:element name="negotiation-lang" type="xs:string"/>
<xs:element name="keepalive">
<xs:complexType>
<xs:element name="max-clients" type="xs:integer"/>
<xs:element name="log" type="xs:string"/>
+ <xs:element name="module" type="xs:string"/>
</xs:schema>
-/* $Id: module.h,v 1.1 2005-02-11 15:19:08 adam Exp $
+/* $Id: module.h,v 1.2 2005-02-21 14:27:31 adam Exp $
Copyright (c) 1998-2005, Index Data.
This file is part of the yaz-proxy.
#define YAZPROXY_RET_PERM 2 /* Permissiong denied, reject etc. */
struct Yaz_ProxyModule_int0 {
- void *(*init)(void);
- void (*destroy)(void *handle);
- int (*authenticate)(void *handle,
- const char *user, const char *group, const char *pw);
+ void *(*init)(void); // Init handler - returns module-specific handle
+
+ void (*destroy)( // Destroy handler
+ void *handle // module-specific handle as returned by init
+ );
+
+ int (*authenticate)( // Authenticate handler. Returns YAZPROXY_RET_..
+ void *handle, // module-specific handle as returned by init
+ const char *name, // target name (or NULL if default target)
+ void *element_ptr, // xmlnodePtr thing to XML config this
+ const char *user, // User ID (or NULL if no suppliied User ID)
+ const char *group, // Group ID (or NULL if no supplied Group ID)
+ const char *pw // Password (or NULL if no supplied password)
+ );
};
#endif
-/* $Id: proxy.h,v 1.12 2005-02-11 15:19:08 adam Exp $
+/* $Id: proxy.h,v 1.13 2005-02-21 14:27:32 adam Exp $
Copyright (c) 1998-2005, Index Data.
This file is part of the yaz-proxy.
#define PROXY_LOG_REQ_CLIENT 4
#define PROXY_LOG_REQ_SERVER 8
-struct Yaz_RecordCache_Entry;
-class Yaz_ProxyConfigP;
class Yaz_usemarcon;
-
-class YAZ_EXPORT Yaz_ProxyConfig {
-public:
- Yaz_ProxyConfig();
- ~Yaz_ProxyConfig();
- int read_xml(const char *fname);
-
- int get_target_no(int no,
- const char **name,
- const char **url,
- int *limit_bw,
- int *limit_pdu,
- int *limit_req,
- int *target_idletime,
- int *client_idletime,
- int *max_clients,
- int *keepalive_limit_bw,
- int *keepalive_limit_pdu,
- int *pre_init,
- const char **cql2rpn,
- const char **authentication,
- const char **negotiation_charset,
- const char **negotiation_lang);
-
- void get_generic_info(int *log_mask, int *max_clients);
-
- void get_target_info(const char *name, const char **url,
- int *limit_bw, int *limit_pdu, int *limit_req,
- int *target_idletime, int *client_idletime,
- int *max_clients,
- int *keepalive_limit_bw, int *keepalive_limit_pdu,
- int *pre_init,
- const char **cql2rpn,
- const char **authentication,
- const char **negotiation_charset,
- const char **negotiation_lang);
-
- const char *check_mime_type(const char *path);
- int check_query(ODR odr, const char *name, Z_Query *query, char **addinfo);
- int check_syntax(ODR odr, const char *name,
- Odr_oid *syntax, Z_RecordComposition *comp,
- char **addinfo, char **stylesheet, char **schema,
- char **backend_type, char **backend_charset,
- char **usemarcon_ini_stage1, char **usemarcon_ini_stage2);
-
- int check_authentication(const char *user, const char *group,
- const char *password);
- char *get_explain_doc(ODR odr, const char *name, const char *db,
- int *len);
- const char *get_explain_name(const char *db, const char **backend_db);
- private:
- void operator=(const Yaz_ProxyConfig &conf);
- class Yaz_ProxyConfigP *m_cp;
-};
-
-class YAZ_EXPORT Yaz_RecordCache {
- public:
- Yaz_RecordCache ();
- ~Yaz_RecordCache ();
- void add (ODR o, Z_NamePlusRecordList *npr, int start, int hits);
-
- int lookup (ODR o, Z_NamePlusRecordList **npr, int start, int num,
- Odr_oid *syntax, Z_RecordComposition *comp);
- void clear();
-
- void copy_searchRequest(Z_SearchRequest *sr);
- void copy_presentRequest(Z_PresentRequest *pr);
- void set_max_size(int sz);
- private:
- NMEM m_mem;
- Yaz_RecordCache_Entry *m_entries;
- Z_SearchRequest *m_searchRequest;
- Z_PresentRequest *m_presentRequest;
- int match (Yaz_RecordCache_Entry *entry,
- Odr_oid *syntax, int offset,
- Z_RecordComposition *comp);
- int m_max_size;
-};
-
-/// Private class
-class YAZ_EXPORT Yaz_ProxyClient : public Yaz_Z_Assoc {
- friend class Yaz_Proxy;
- Yaz_ProxyClient(IYaz_PDU_Observable *the_PDU_Observable,
- Yaz_Proxy *parent);
- ~Yaz_ProxyClient();
- void recv_GDU(Z_GDU *apdu, int len);
- void recv_Z_PDU(Z_APDU *apdu, int len);
- void recv_HTTP_response(Z_HTTP_Response *apdu, int len);
- IYaz_PDU_Observer* sessionNotify
- (IYaz_PDU_Observable *the_PDU_Observable, int fd);
- void shutdown();
- Yaz_Proxy *m_server;
- void failNotify();
- void timeoutNotify();
- void connectNotify();
- int send_to_target(Z_APDU *apdu);
- const char *get_session_str();
- char *m_cookie;
- Yaz_ProxyClient *m_next;
- Yaz_ProxyClient **m_prev;
- int m_init_flag;
- Yaz_Z_Query *m_last_query;
- Yaz_Z_Databases m_last_databases;
- char *m_last_resultSetId;
- int m_last_ok;
- int m_last_resultCount;
- int m_sr_transform;
- int m_seqno;
- int m_waiting;
- int m_resultSetStartPoint;
- int m_bytes_sent;
- int m_bytes_recv;
- int m_pdu_recv;
- ODR m_init_odr;
- Z_APDU *m_initResponse;
- Z_Options *m_initResponse_options;
- Z_ProtocolVersion *m_initResponse_version;
- int m_initResponse_preferredMessageSize;
- int m_initResponse_maximumRecordSize;
- Yaz_RecordCache m_cache;
- void pre_init_client();
- int m_target_idletime;
- Yaz_Proxy *m_root;
-};
-
+class Yaz_ProxyConfig;
+class Yaz_ProxyClient;
/// Information Retrieval Proxy Server.
class YAZ_EXPORT Yaz_Proxy : public Yaz_Z_Assoc {
int m_keepalive_limit_pdu;
int m_client_idletime;
int m_target_idletime;
+ int m_debug_mode;
char *m_proxyTarget;
char *m_default_target;
- char *m_proxy_authentication;
char *m_proxy_negotiation_charset;
char *m_proxy_negotiation_lang;
long m_seed;
void markInvalid();
const char *option(const char *name, const char *value);
void set_default_target(const char *target);
- void set_proxy_authentication (const char *auth);
void set_proxy_negotiation (const char *charset, const char *lang);
char *get_proxy_target() { return m_proxyTarget; };
char *get_session_str() { return m_session_str; };
void pre_init();
int get_log_mask() { return m_log_mask; };
int handle_init_response_for_invalid_session(Z_APDU *apdu);
+ void set_debug_mode(int mode);
};
#endif
-/* $Id: mod_sample.cpp,v 1.1 2005-02-11 15:19:08 adam Exp $
+/* $Id: mod_sample.cpp,v 1.2 2005-02-21 14:27:32 adam Exp $
Copyright (c) 1998-2005, Index Data.
This file is part of the yaz-proxy.
#include <yazproxy/module.h>
+#if HAVE_XSLT
+#include <libxml/parser.h>
+#include <libxml/tree.h>
+#include <libxml/xinclude.h>
+#include <libxslt/xsltutils.h>
+#include <libxslt/transform.h>
+#endif
+
void *my_init(void)
{
return 0; // no private data for handler
// private data destroy
}
-int my_authenticate(void *p, const char *user, const char *group,
- const char *password)
+int my_authenticate(void *user_handle,
+ const char *target_name,
+ void *element_ptr,
+ const char *user, const char *group, const char *password)
{
- fprintf(stderr, "my_authenticate: user=%s group=%s\n",
- user ? user : "none", group ? group : "none");
+ // see if we have an "args" attribute
+ const char *args = 0;
+#if HAVE_XSLT
+ xmlNodePtr ptr = (xmlNodePtr) element_ptr;
+ struct _xmlAttr *attr;
+
+ for (attr = ptr->properties; attr; attr = attr->next)
+ {
+ if (!strcmp((const char *) attr->name, "args") &&
+ attr->children && attr->children->type == XML_TEXT_NODE)
+ args = (const char *) attr->children->content;
+ }
+#endif
+ // args holds args (or NULL if none is provided)
+
+ fprintf(stderr, "my_authenticate: target=%s user=%s group=%s args=%s\n",
+ target_name ? target_name : "none",
+ user ? user : "none", group ? group : "none",
+ args ? args : "none");
// authentication handler
if (!user && !group && !password)
return YAZPROXY_RET_OK; // OK if anonymous
"Sample Module for YAZ Proxy",// description
&interface0
};
-
-/* $Id: proxyp.h,v 1.2 2005-02-11 15:19:08 adam Exp $
+/* $Id: proxyp.h,v 1.3 2005-02-21 14:27:32 adam Exp $
Copyright (c) 1998-2005, Index Data.
This file is part of the yaz-proxy.
#include <yazproxy/proxy.h>
#include <yazproxy/module.h>
+struct Yaz_RecordCache_Entry;
+
class Yaz_usemarcon {
public:
Yaz_usemarcon();
int dummy;
#endif
};
+
+class Yaz_ProxyConfig {
+public:
+ Yaz_ProxyConfig();
+ ~Yaz_ProxyConfig();
+ int read_xml(const char *fname);
+
+ int get_target_no(int no,
+ const char **name,
+ const char **url,
+ int *limit_bw,
+ int *limit_pdu,
+ int *limit_req,
+ int *target_idletime,
+ int *client_idletime,
+ int *max_clients,
+ int *keepalive_limit_bw,
+ int *keepalive_limit_pdu,
+ int *pre_init,
+ const char **cql2rpn,
+ const char **authentication,
+ const char **negotiation_charset,
+ const char **negotiation_lang);
+
+ void get_generic_info(int *log_mask, int *max_clients);
+
+ void get_target_info(const char *name, const char **url,
+ int *limit_bw, int *limit_pdu, int *limit_req,
+ int *target_idletime, int *client_idletime,
+ int *max_clients,
+ int *keepalive_limit_bw, int *keepalive_limit_pdu,
+ int *pre_init,
+ const char **cql2rpn,
+ const char **negotiation_charset,
+ const char **negotiation_lang);
+
+ const char *check_mime_type(const char *path);
+ int check_query(ODR odr, const char *name, Z_Query *query, char **addinfo);
+ int check_syntax(ODR odr, const char *name,
+ Odr_oid *syntax, Z_RecordComposition *comp,
+ char **addinfo, char **stylesheet, char **schema,
+ char **backend_type, char **backend_charset,
+ char **usemarcon_ini_stage1, char **usemarcon_ini_stage2);
+
+ void target_authentication(const char *name,
+ ODR odr,
+ Z_InitRequest *req);
+
+ int client_authentication(const char *name,
+ const char *user, const char *group,
+ const char *password);
+ char *get_explain_doc(ODR odr, const char *name, const char *db,
+ int *len);
+ const char *get_explain_name(const char *db, const char **backend_db);
+ private:
+ void operator=(const Yaz_ProxyConfig &conf);
+ class Yaz_ProxyConfigP *m_cp;
+};
+
+class Yaz_RecordCache {
+ public:
+ Yaz_RecordCache ();
+ ~Yaz_RecordCache ();
+ void add (ODR o, Z_NamePlusRecordList *npr, int start, int hits);
+
+ int lookup (ODR o, Z_NamePlusRecordList **npr, int start, int num,
+ Odr_oid *syntax, Z_RecordComposition *comp);
+ void clear();
+
+ void copy_searchRequest(Z_SearchRequest *sr);
+ void copy_presentRequest(Z_PresentRequest *pr);
+ void set_max_size(int sz);
+ private:
+ NMEM m_mem;
+ Yaz_RecordCache_Entry *m_entries;
+ Z_SearchRequest *m_searchRequest;
+ Z_PresentRequest *m_presentRequest;
+ int match (Yaz_RecordCache_Entry *entry,
+ Odr_oid *syntax, int offset,
+ Z_RecordComposition *comp);
+ int m_max_size;
+};
+
+class Yaz_ProxyClient : public Yaz_Z_Assoc {
+ friend class Yaz_Proxy;
+ Yaz_ProxyClient(IYaz_PDU_Observable *the_PDU_Observable,
+ Yaz_Proxy *parent);
+ ~Yaz_ProxyClient();
+ void recv_GDU(Z_GDU *apdu, int len);
+ void recv_Z_PDU(Z_APDU *apdu, int len);
+ void recv_HTTP_response(Z_HTTP_Response *apdu, int len);
+ IYaz_PDU_Observer* sessionNotify
+ (IYaz_PDU_Observable *the_PDU_Observable, int fd);
+ void shutdown();
+ Yaz_Proxy *m_server;
+ void failNotify();
+ void timeoutNotify();
+ void connectNotify();
+ int send_to_target(Z_APDU *apdu);
+ const char *get_session_str();
+ char *m_cookie;
+ Yaz_ProxyClient *m_next;
+ Yaz_ProxyClient **m_prev;
+ int m_init_flag;
+ Yaz_Z_Query *m_last_query;
+ Yaz_Z_Databases m_last_databases;
+ char *m_last_resultSetId;
+ int m_last_ok;
+ int m_last_resultCount;
+ int m_sr_transform;
+ int m_seqno;
+ int m_waiting;
+ int m_resultSetStartPoint;
+ int m_bytes_sent;
+ int m_bytes_recv;
+ int m_pdu_recv;
+ ODR m_init_odr;
+ Z_APDU *m_initResponse;
+ Z_Options *m_initResponse_options;
+ Z_ProtocolVersion *m_initResponse_version;
+ int m_initResponse_preferredMessageSize;
+ int m_initResponse_maximumRecordSize;
+ Yaz_RecordCache m_cache;
+ void pre_init_client();
+ int m_target_idletime;
+ Yaz_Proxy *m_root;
+};
+
-/* $Id: yaz-proxy-config.cpp,v 1.16 2005-02-20 21:59:08 adam Exp $
+/* $Id: yaz-proxy-config.cpp,v 1.17 2005-02-21 14:27:32 adam Exp $
Copyright (c) 1998-2005, Index Data.
This file is part of the yaz-proxy.
class Yaz_ProxyModule {
private:
- void *m_dl_handle; /* dlopen/close handle */
+ void *m_dl_handle; /* dlopen/close handle */
Yaz_ProxyModule_entry *m_entry;
Yaz_ProxyModule *m_next;
void *m_user_handle; /* user handle */
Yaz_ProxyModule(void *dl_handle, Yaz_ProxyModule_entry *ent,
Yaz_ProxyModule *next);
~Yaz_ProxyModule();
+
Yaz_ProxyModule *get_next() { return m_next; };
- int authenticate(const char *user, const char *group, const char *password);
+ int is_module(const char *name);
+ int authenticate(const char *target_name, void *element_ptr,
+ const char *user, const char *group, const char *password);
};
+int Yaz_ProxyModule::is_module(const char *type)
+{
+ if (!type || !strcmp(m_entry->module_name, type))
+ return 1;
+ return 0;
+}
+
Yaz_ProxyModule::Yaz_ProxyModule(void *dl_handle, Yaz_ProxyModule_entry *ent,
Yaz_ProxyModule *next)
{
#endif
}
-int Yaz_ProxyModule::authenticate(const char *user, const char *group,
+int Yaz_ProxyModule::authenticate(const char *name,
+ void *element_ptr,
+ const char *user, const char *group,
const char *password)
{
if (m_entry->int_version == 0)
if (!int0->authenticate)
return YAZPROXY_RET_NOT_ME;
- return (*int0->authenticate)(m_user_handle, user, group, password);
+ return (*int0->authenticate)(m_user_handle, name, element_ptr,
+ user, group, password);
}
return YAZPROXY_RET_NOT_ME;
}
int *target_idletime, int *client_idletime,
int *keepalive_limit_bw, int *keepalive_limit_pdu,
int *pre_init, const char **cql2rpn,
- const char **authentication,
const char **negotiation_charset,
const char **negotiation_lang);
void return_limit(xmlNodePtr ptr,
#if HAVE_XSLT
void Yaz_ProxyConfigP::unload_modules()
{
- yaz_log(YLOG_WARN, "unload_modules not implemented yet");
+ Yaz_ProxyModule *m = m_modules;
+ while (m)
+ {
+ Yaz_ProxyModule *m_next = m->get_next();
+ delete m;
+ m = m_next;
+ }
+ m_modules = 0;
}
#endif
int *keepalive_limit_pdu,
int *pre_init,
const char **cql2rpn,
- const char **authentication,
const char **negotiation_charset,
const char **negotiation_lang)
{
*cql2rpn = t;
}
if (ptr->type == XML_ELEMENT_NODE
- && !strcmp((const char *) ptr->name, "authentication"))
- {
- const char *t = get_text(ptr);
- if (t)
- *authentication = t;
- }
- if (ptr->type == XML_ELEMENT_NODE
&& !strcmp((const char *) ptr->name, "negotiation-charset"))
{
const char *t = get_text(ptr);
}
-int Yaz_ProxyConfig::check_authentication(const char *user,
- const char *group,
- const char *password)
+void Yaz_ProxyConfig::target_authentication(const char *name,
+ ODR odr, Z_InitRequest *req)
{
- Yaz_ProxyModule *m = m_cp->m_modules;
+#if HAVE_XSLT
+ xmlNodePtr ptr = m_cp->find_target_node(name, 0);
+ if (!ptr)
+ return ;
+
+ for (ptr = ptr->children; ptr; ptr = ptr->next)
+ if (ptr->type == XML_ELEMENT_NODE &&
+ !strcmp((const char *) ptr->name, "target-authentication"))
+ {
+ struct _xmlAttr *attr;
+ const char *type = "open";
+ for (attr = ptr->properties; attr; attr = attr->next)
+ {
+ if (!strcmp((const char *) attr->name, "type") &&
+ attr->children && attr->children->type == XML_TEXT_NODE)
+ type = (const char *) attr->children->content;
+ }
+ const char *t = m_cp->get_text(ptr);
+ if (!t || !strcmp(type, "none"))
+ req->idAuthentication = 0;
+ else if (!strcmp(type, "anonymous"))
+ {
+ req->idAuthentication =
+ (Z_IdAuthentication *)
+ odr_malloc (odr, sizeof(*req->idAuthentication));
+ req->idAuthentication->which =
+ Z_IdAuthentication_anonymous;
+ req->idAuthentication->u.anonymous = odr_nullval();
+ }
+ else if (!strcmp(type, "open"))
+ {
+ req->idAuthentication =
+ (Z_IdAuthentication *)
+ odr_malloc (odr, sizeof(*req->idAuthentication));
+ req->idAuthentication->which =
+ Z_IdAuthentication_open;
+ req->idAuthentication->u.open = odr_strdup (odr, t);
+ }
+ else if (!strcmp(type, "idPass"))
+ {
+ char user[64], group[64], password[64];
+ *group = '\0';
+ *password = '\0';
+ *user = '\0';
+ sscanf(t, "%63[^:]:%63[^:]:%63s", user, group, password);
+
+ req->idAuthentication =
+ (Z_IdAuthentication *)
+ odr_malloc (odr, sizeof(*req->idAuthentication));
+ req->idAuthentication->which =
+ Z_IdAuthentication_idPass;
+ req->idAuthentication->u.idPass =
+ (Z_IdPass*) odr_malloc(odr, sizeof(Z_IdPass));
+ req->idAuthentication->u.idPass->userId =
+ *user ? odr_strdup(odr, user) : 0;
+ req->idAuthentication->u.idPass->groupId =
+ *group ? odr_strdup(odr, group) : 0;
+ req->idAuthentication->u.idPass->password =
+ *password ? odr_strdup(odr, password) : 0;
+ }
+ }
+#endif
+}
+int Yaz_ProxyConfig::client_authentication(const char *name,
+ const char *user,
+ const char *group,
+ const char *password)
+{
int ret = YAZPROXY_RET_NOT_ME;
- for (; m; m = m->get_next())
- {
- ret = m->authenticate(user, group, password);
- if (ret != YAZPROXY_RET_NOT_ME)
- break;
- }
+#if HAVE_XSLT
+ xmlNodePtr ptr;
+ ptr = m_cp->find_target_node(name, 0);
+ if (!ptr)
+ return 1;
+ for (ptr = ptr->children; ptr; ptr = ptr->next)
+ if (ptr->type == XML_ELEMENT_NODE &&
+ !strcmp((const char *) ptr->name, "client-authentication"))
+ {
+ struct _xmlAttr *attr;
+ const char *module_name = 0;
+ for (attr = ptr->properties; attr; attr = attr->next)
+ {
+ if (!strcmp((const char *) attr->name, "module") &&
+ attr->children && attr->children->type == XML_TEXT_NODE)
+ module_name = (const char *) attr->children->content;
+ }
+ Yaz_ProxyModule *m = m_cp->m_modules;
+ for (; m; m = m->get_next())
+ {
+ if (m->is_module(module_name))
+ {
+ ret = m->authenticate(name, ptr, user, group, password);
+ if (ret != YAZPROXY_RET_NOT_ME)
+ break;
+ }
+ }
+ }
+#endif
if (ret == YAZPROXY_RET_PERM)
return 0;
return 1;
limit_bw, limit_pdu, limit_req,
target_idletime, client_idletime,
keepalive_limit_bw, keepalive_limit_pdu,
- pre_init, cql2rpn, authentication,
+ pre_init, cql2rpn,
negotiation_charset, negotiation_lang);
return 1;
}
int *keepalive_limit_pdu,
int *pre_init,
const char **cql2rpn,
- const char **authentication,
const char **negotiation_charset,
const char **negotiation_lang)
{
m_cp->return_target_info(ptr, url, limit_bw, limit_pdu, limit_req,
target_idletime, client_idletime,
keepalive_limit_bw, keepalive_limit_pdu,
- pre_init, cql2rpn, authentication,
+ pre_init, cql2rpn,
negotiation_charset, negotiation_lang);
}
#else
-/* $Id: yaz-proxy-main.cpp,v 1.11 2005-02-11 15:39:55 adam Exp $
+/* $Id: yaz-proxy-main.cpp,v 1.12 2005-02-21 14:27:32 adam Exp $
Copyright (c) 1998-2005, Index Data.
This file is part of the yaz-proxy.
char *prog = argv[0];
int ret;
- while ((ret = options("o:a:t:v:c:u:i:m:l:T:p:U:n:X",
+ while ((ret = options("o:a:t:v:c:u:i:m:l:T:p:n:X",
argv, argc, &arg)) != -2)
{
int err;
case 't':
proxy->set_default_target(arg);
break;
- case 'U':
- proxy->set_proxy_authentication(arg);
- break;
case 'o':
proxy->option("optimize", arg);
break;
no_limit_files = atoi(arg);
break;
case 'X':
+ proxy->set_debug_mode(1);
debug = 1;
break;
case 'p':
-/* $Id: yaz-proxy.cpp,v 1.22 2005-02-11 15:19:08 adam Exp $
+/* $Id: yaz-proxy.cpp,v 1.23 2005-02-21 14:27:32 adam Exp $
Copyright (c) 1998-2005, Index Data.
This file is part of the yaz-proxy.
#endif
#include <assert.h>
+#include <stdlib.h>
#include <time.h>
#include <fcntl.h>
m_keepalive_limit_pdu = 1000;
m_proxyTarget = 0;
m_default_target = 0;
- m_proxy_authentication = 0;
m_proxy_negotiation_charset = 0;
m_proxy_negotiation_lang = 0;
m_max_clients = 150;
xfree(m_proxyTarget);
xfree(m_default_target);
- xfree(m_proxy_authentication);
xfree(m_proxy_negotiation_charset);
xfree(m_proxy_negotiation_lang);
xfree(m_optimize);
delete m_config;
}
+void Yaz_Proxy::set_debug_mode(int mode)
+{
+ m_debug_mode = mode;
+}
+
int Yaz_Proxy::set_config(const char *config)
{
delete m_config;
m_default_target = (char *) xstrdup (target);
}
-void Yaz_Proxy::set_proxy_authentication (const char *auth)
-{
- xfree (m_proxy_authentication);
- m_proxy_authentication = 0;
- if (auth)
- m_proxy_authentication = (char *) xstrdup (auth);
-}
-
void Yaz_Proxy::set_proxy_negotiation (const char *charset, const char *lang)
{
yaz_log(YLOG_LOG, "%sSet the proxy negotiation: charset to '%s', "
new_proxy->set_APDU_yazlog(1);
else
new_proxy->set_APDU_yazlog(0);
- new_proxy->set_proxy_authentication(m_proxy_authentication);
new_proxy->set_proxy_negotiation(m_proxy_negotiation_charset,
m_proxy_negotiation_lang);
sprintf(new_proxy->m_session_str, "%ld:%d ", (long) time(0), m_session_no);
Yaz_ProxyConfig *cfg = check_reconfigure();
if (proxy_host)
{
-#if 0
-/* only to be enabled for debugging... */
- if (!strcmp(proxy_host, "stop"))
- exit(0);
-#endif
+ if (parent && parent->m_debug_mode)
+ {
+ // only to be enabled for debugging...
+ if (!strcmp(proxy_host, "stop"))
+ exit(0);
+ }
xfree(m_default_target);
m_default_target = xstrdup(proxy_host);
}
proxy_host = m_default_target;
int client_idletime = -1;
const char *cql2rpn_fname = 0;
- const char *authentication = 0;
const char *negotiation_charset = 0;
const char *negotiation_lang = 0;
url[0] = m_default_target;
&m_keepalive_limit_pdu,
&pre_init,
&cql2rpn_fname,
- &authentication,
&negotiation_charset,
&negotiation_lang);
}
}
if (cql2rpn_fname)
m_cql2rpn.set_pqf_file(cql2rpn_fname);
- if (authentication)
- set_proxy_authentication(authentication);
if (negotiation_charset || negotiation_lang)
+ {
+ yaz_log(YLOG_LOG, "set_proxy_negotiation...");
set_proxy_negotiation(negotiation_charset,
negotiation_lang);
+ }
if (!url[0])
{
yaz_log(YLOG_LOG, "%sNo default target", m_session_str);
}
Z_InitRequest *initRequest = apdu->u.initRequest;
- if (!initRequest->idAuthentication)
- {
- if (m_proxy_authentication)
- {
- initRequest->idAuthentication =
- (Z_IdAuthentication *)
- odr_malloc (odr_encode(),
- sizeof(*initRequest->idAuthentication));
- initRequest->idAuthentication->which =
- Z_IdAuthentication_open;
- initRequest->idAuthentication->u.open =
- odr_strdup (odr_encode(), m_proxy_authentication);
- }
- }
- else
+ if (initRequest->idAuthentication)
{
- // the client use authentication. We set the keepalive PDU
+ // the client uses authentication. We set the keepalive PDU
// to 0 so we don't cache it in releaseClient
m_keepalive_limit_pdu = 0;
}
continue;
}
#endif
+/* HAVE_USEMARCON */
npr->u.databaseRecord =
z_ext_record(odr_encode(),
m_frontend_type,
int ret;
if (req->idAuthentication == 0)
{
- ret = cfg->check_authentication(0, 0, 0);
+ ret = cfg->client_authentication(m_default_target, 0, 0, 0);
}
else if (req->idAuthentication->which == Z_IdAuthentication_idPass)
{
- ret = cfg->check_authentication(
+ ret = cfg->client_authentication(m_default_target,
req->idAuthentication->u.idPass->userId,
req->idAuthentication->u.idPass->groupId,
req->idAuthentication->u.idPass->password);
*user = '\0';
*pass = '\0';
sscanf(req->idAuthentication->u.open, "%63[^/]/%63s", user, pass);
- ret = cfg->check_authentication(user, 0, pass);
+ ret = cfg->client_authentication(m_default_target, user, 0, pass);
}
else
- ret = cfg->check_authentication(0, 0, 0);
+ ret = cfg->client_authentication(m_default_target, 0, 0, 0);
+
+ cfg->target_authentication(m_default_target, odr_encode(), req);
+
return ret;
}