Branch data Line data Source code
1 : : /* zxidhlo.c - Hello World CGI binary for SAML 2 SP
2 : : * Copyright (c) 2007-2009 Symlabs (symlabs@symlabs.com), All Rights Reserved.
3 : : * Author: Sampo Kellomaki (sampo@iki.fi)
4 : : * This is confidential unpublished proprietary source code of the author.
5 : : * NO WARRANTY, not even implied warranties. Contains trade secrets.
6 : : * Distribution prohibited unless authorized in writing.
7 : : * Licensed under Apache License 2.0, see file COPYING.
8 : : * $Id: zxidhlo.c,v 1.16 2009-08-30 15:09:26 sampo Exp $
9 : : *
10 : : * 16.1.2007, created --Sampo
11 : : *
12 : : * See also: http://hoohoo.ncsa.uiuc.edu/cgi/interface.html (CGI specification)
13 : : * README-zxid, section 10 "zxid_simple() API"
14 : : */
15 : :
16 : : #include <zx/platform.h>
17 : :
18 : : #include <string.h>
19 : : #include <stdio.h>
20 : : #include <stdlib.h>
21 : :
22 : : #include <sys/types.h>
23 : : #include <sys/stat.h>
24 : : #include <fcntl.h>
25 : :
26 : : #include <zx/errmac.h>
27 : : #include <zx/zxid.h> /* ZXID main API, including zxid_simple(). */
28 : : #include <zx/zxidconf.h> /* Default and compile-time configuration options. */
29 : : #include <zx/c/zxidvers.h>
30 : :
31 : : char* help =
32 : : "zxidhlo - SAML 2.0 SP CGI - R" ZXID_REL "\n\
33 : : SAML 2.0 is a standard for federated identity and Single Sign-On.\n\
34 : : Copyright (c) 2007-2009 Symlabs (symlabs@symlabs.com), All Rights Reserved.\n\
35 : : Author: Sampo Kellomaki (sampo@iki.fi)\n\
36 : : NO WARRANTY, not even implied warranties. Licensed under Apache License v2.0\n\
37 : : See http://www.apache.org/licenses/LICENSE-2.0\n\
38 : : Send well-researched bug reports to the author. Home: zxid.org\n\
39 : : \n\
40 : : Usage: zxidhlo [options] (when used as CGI, no options can be supplied)\n\
41 : : -h This help message\n\
42 : : -- End of options\n";
43 : :
44 : : /* ============== M A I N ============== */
45 : :
46 : : /* CONFIG: You must have created /var/zxid directory hierarchy. See `make dir' */
47 : : /* CONFIG: You must edit the URL to match your domain name and port */
48 : :
49 : : #define ZXIDHLO "zxidhlo"
50 : : //#define CONF "PATH=/var/zxid/&URL=http://sp1.zxid.org/demohlo"
51 : : #define CONF "PATH=/var/zxid/&URL=http://sp1.zxidsp.org:8081/" ZXIDHLO "&NOSIG_FATAL=0&DUP_A7N_FATAL=0&DUP_MSG_FATAL=0&OUTMAP=$*$$$;$IdPSesID$unsb64-inf$IdPsesid$;$testa7nsb64$unsb64$$;$testfeide$feidedec$$;$testfilefeide$del$$"
52 : : //#define CONF "URL=https://sp1.zxidsp.org:8443/" ZXIDHLO "&NOSIG_FATAL=0&PATH=/var/zxid/"
53 : : //#define CONF "URL=https://lima.tas3.eu:8443/" ZXIDHLO "&NOSIG_FATAL=0&PATH=/var/zxid/"
54 : :
55 : : /* Called by: */
56 : : int main(int argc, char** argv)
57 : 28 : {
58 : : char* p;
59 : : char* sid;
60 : : char* nid;
61 : : char* res;
62 : : char* setcookie;
63 : :
64 : : #if 1
65 : : /* Helps debugging CGI scripts if you see stderr. */
66 : : /* Reopen stderr only in mini_httpd case */
67 : 28 : p = getenv("SERVER_SOFTWARE");
68 [ + + + - ]: 28 : if (p && !memcmp(p, "mini_httpd", sizeof("mini_httpd")-1)) {
69 : 17 : close(2);
70 [ - + ]: 17 : if (open("/var/tmp/zxid.stderr", O_WRONLY | O_CREAT | O_APPEND, 0666) != 2)
71 : 0 : exit(2);
72 : : }
73 : 28 : fprintf(stderr, "=================== Running " ZXIDHLO " ===================\n");
74 : : #endif
75 : :
76 [ - + ]: 28 : if (argc > 1) {
77 : 0 : fprintf(stderr, "This is a CGI script (written in C). No arguments are accepted.\n%s", help);
78 : 0 : exit(1);
79 : : }
80 : :
81 : 28 : res = zxid_simple(CONF, 0, 0x1fff); /* 0xfff == full CGI automation */
82 [ - + ]: 3 : switch (res[0]) {
83 : : default:
84 : 0 : ERR("Unknown zxid_simple() response(%s)", res);
85 : : case 'd': break; /* Logged in case */
86 : : }
87 : :
88 : : /* Parse the LDIF to figure out session ID and the federated ID */
89 : :
90 : 3 : sid = strstr(res, "sesid: ");
91 : 3 : nid = strstr(res, "idpnid: ");
92 : 3 : setcookie = strstr(res, "setcookie: ");
93 [ + - ]: 3 : if (sid) {
94 : 3 : sid += sizeof("sesid: ") - 1;
95 : 3 : p = strchr(sid, '\n');
96 [ + - ]: 3 : if (p)
97 : 3 : *p = 0; /* nul termination */
98 : : }
99 [ + - ]: 3 : if (nid) {
100 : 3 : nid += sizeof("idpnid: ") - 1;
101 : 3 : p = strchr(nid, '\n');
102 [ + - ]: 3 : if (p)
103 : 3 : *p = 0; /* nul termination */
104 : : }
105 [ + - ]: 3 : if (setcookie) {
106 : 3 : setcookie += sizeof("setcookie: ") - 1;
107 : 3 : p = strchr(setcookie, '\n');
108 [ + - ]: 3 : if (p)
109 : 3 : *p = 0; /* nul termination */
110 : : }
111 : :
112 : : /* Render protected content page. You should replace this
113 : : * with your own content, or establishment of your own session
114 : : * and then redirection to your own content. Whatever makes sense. */
115 : :
116 [ + - + - : 3 : if (setcookie && !ONE_OF_2(*setcookie, '-', 0))
+ + ]
117 : 1 : printf("SET-COOKIE: %s\r\n", setcookie);
118 : 3 : printf("Content-Type: text/html\r\n\r\n");
119 : 3 : printf("<title>ZXID HELLO SP Mgmt</title>" ZXID_BODY_TAG "<h1>ZXID HELLO SP Management (user logged in, session active)</h1><pre>\n");
120 : 3 : printf("</pre><form method=post action=\"?o=P\">");
121 : : //if (err) printf("<p><font color=red><i>%s</i></font></p>\n", err);
122 : : //if (msg) printf("<p><i>%s</i></p>\n", msg);
123 [ + - ]: 3 : if (sid) {
124 : 3 : printf("<input type=hidden name=s value=\"%s\">", sid);
125 : 3 : printf("<input type=submit name=gl value=\" Local Logout \">\n");
126 : 3 : printf("<input type=submit name=gr value=\" Single Logout (Redir) \">\n");
127 : 3 : printf("<input type=submit name=gs value=\" Single Logout (SOAP) \">\n");
128 : 3 : printf("<input type=submit name=gt value=\" Defederate (Redir) \">\n");
129 : 3 : printf("<input type=submit name=gu value=\" Defederate (SOAP) \"><br>\n");
130 [ + - ]: 3 : printf("sid(%s) nid(%s) <a href=\"?s=%s\">Reload</a> | "
131 : : "<a href=\"?o=v&s=%s\">PEP</a>", sid, nid?nid:"?!?", sid, sid);
132 : : }
133 : :
134 : 3 : printf("</form><hr>");
135 : 3 : printf("<a href=\"http://zxid.org/\">zxid.org</a>, %s", zxid_version_str());
136 : 3 : return 0;
137 : : }
138 : :
139 : : /* EOF -- zxidhlo.c */
|