1 /* zxidhlo.c  -  Hello World CGI binary for SAML 2 SP
2  * Copyright (c) 2012 Synergetics SA (sampo@synergetics.be), All Rights Reserved.
3  * Copyright (c) 2011 Sampo Kellomaki (sampo@iki.fi), All Rights Reserved.
4  * Copyright (c) 2007-2009 Symlabs (symlabs@symlabs.com), All Rights Reserved.
5  * Author: Sampo Kellomaki (sampo@iki.fi)
6  * This is confidential unpublished proprietary source code of the author.
7  * NO WARRANTY, not even implied warranties. Contains trade secrets.
8  * Distribution prohibited unless authorized in writing.
9  * Licensed under Apache License 2.0, see file COPYING.
10  * $Id: zxidhlo.c,v 1.16 2009-08-30 15:09:26 sampo Exp $
11  *
12  * 16.1.2007, created --Sampo
13  * 28.2.2011, added attribute dump --Sampo
14  * 13.12.2011, added VPATH and VURL specs --Sampo
15  *
16  * See also: http://hoohoo.ncsa.uiuc.edu/cgi/interface.html (CGI specification)
17  *           README-zxid, section 10 "zxid_simple() API"
18  *
19  * make zxidhlo CDEF="-DZX_CONF='\"URL=http://sp1.zxid.org/demohlo&NICE_NAME=ZXID SP Hello\"'"
20  * cp zxidhlo /var/zxid/webroot/demohlo
21  */
22 
23 #include <zx/platform.h>
24 
25 #include <string.h>
26 #include <stdio.h>
27 #include <stdlib.h>
28 
29 #include <sys/types.h>
30 #include <sys/stat.h>
31 #include <fcntl.h>
32 
33 #include <zx/errmac.h>
34 #include <zx/zxid.h>      /* ZXID main API, including zxid_simple(). */
35 #include <zx/zxidconf.h>  /* Default and compile-time configuration options. */
36 #include <zx/c/zxidvers.h>
37 
38 char* help =
39 "zxidhlo  -  SAML 2.0 SP CGI - R" ZXID_REL "\n\
40 SAML 2.0 is a standard for federated identity and Single Sign-On.\n\
41 Copyright (c) 2012 Synergetics SA (sampo@synergetics.be), All Rights Reserved.\n\
42 Copyright (c) 2011 Sampo Kellomaki (sampo@iki.fi), All Rights Reserved.\n\
43 Copyright (c) 2007-2009 Symlabs (symlabs@symlabs.com), All Rights Reserved.\n\
44 Author: Sampo Kellomaki (sampo@iki.fi)\n\
45 NO WARRANTY, not even implied warranties. Licensed under Apache License v2.0\n\
46 See http://www.apache.org/licenses/LICENSE-2.0\n\
47 Send well-researched bug reports to the author. Home: zxid.org\n\
48 \n\
49 Usage: zxidhlo [options]   (when used as CGI, no options can be supplied)\n\
50   -h               This help message\n\
51   --               End of options\n";
52 
53 /* ============== M A I N ============== */
54 
55 /* CONFIG: You must have created /var/zxid directory hierarchy. See `make dir' */
56 /* CONFIG: You must edit the URL to match your domain name and port */
57 
58 #define ZXIDHLO "zxidhlo"
59 //#define ZX_CONF "PATH=/var/zxid/&URL=http://sp1.zxid.org/demohlo"
60 #ifndef ZX_CONF
61 //#define ZX_CONF "VPATH=%h/&VURL=%a%h%s&NOSIG_FATAL=0&DUP_A7N_FATAL=0&DUP_MSG_FATAL=0&OUTMAP=$*$$$;$IdPSesID$unsb64-inf$IdPsesid$;$testa7nsb64$unsb64$$;$testfeide$feidedec$$;$testfilefeide$del$$"
62 #define ZX_CONF "NOSIG_FATAL=0&DUP_A7N_FATAL=0&DUP_MSG_FATAL=0&OUTMAP=$*$$$;$IdPSesID$unsb64-inf$IdPsesid$;$testa7nsb64$unsb64$$;$testfeide$feidedec$$;$testfilefeide$del$$"
63 #endif
64 //#define ZX_CONF "URL=https://sp1.zxidsp.org:8443/" ZXIDHLO "&NOSIG_FATAL=0&PATH=/var/zxid/"
65 //#define ZX_CONF "URL=https://lima.tas3.eu:8443/" ZXIDHLO "&NOSIG_FATAL=0&PATH=/var/zxid/"
66 
67 /* Called by: */
main(int argc,char ** argv)68 int main(int argc, char** argv)
69 {
70   char* res;
71   char* p;
72   char* q;
73   char sid[192];
74   char nid[ZXID_MAX_EID];
75   char setcookie[256];
76 
77 #if 1
78   /* Helps debugging CGI scripts if you see stderr. */
79   /* Reopen stderr only in mini_httpd case */
80   //p = getenv("SERVER_SOFTWARE");
81   //if (p && (!memcmp(p, "mini_httpd", sizeof("mini_httpd")-1)||!memcmp(p, "zxid_httpd", sizeof("zxid_httpd")-1))) {
82     close(2);
83     if (open("/var/tmp/zxid.stderr", O_WRONLY | O_CREAT | O_APPEND, 0666) != 2) {
84       perror("/var/tmp/zxid.stderr");
85       exit(2);
86     }
87   //}
88   fprintf(stderr, "=================== Running " ZXIDHLO " ===================\n");
89 #endif
90 
91   if (argc > 1) {
92     fprintf(stderr, "This is a CGI script (written in C). No arguments are accepted.\n%s", help);
93     exit(1);
94   }
95 
96   res = zxid_simple(ZX_CONF, 0, 0x0fff);  /* 0xfff == full CGI automation */
97   switch (res[0]) {
98   default:
99     ERR("Unknown zxid_simple() response(%s)", res);
100   case 'd': break; /* Logged in case */
101   }
102 
103   /* Parse the LDIF to figure out session ID and the federated ID */
104 
105   p = strstr(res, "sesid: ");
106   if (p) {
107     p += sizeof("sesid: ")-1;
108     q = strchr(p, '\n');
109     if (q) {
110       memcpy(sid, p, MIN(q-p, sizeof(sid)-1));
111       sid[MIN(q-p, sizeof(sid)-1)] = 0;
112       D("sid(%s)",sid);
113     } else {
114       strncpy(sid, p, sizeof(sid));
115       sid[sizeof(sid)-1] = 0;
116       D("sid(%s)",sid);
117     }
118   } else
119     sid[0] = 0;
120 
121   p = strstr(res, "idpnid: ");
122   if (p) {
123     p += sizeof("idpnid: ")-1;
124     q = strchr(p, '\n');
125     if (q) {
126       memcpy(nid, p, MIN(q-p, sizeof(nid)-1));
127       nid[MIN(q-p, sizeof(nid)-1)] = 0;
128       D("nid(%s)",nid);
129     } else {
130       strncpy(nid, p, sizeof(nid));
131       nid[sizeof(nid)-1] = 0;
132       D("nid(%s)",nid);
133     }
134   } else
135     nid[0] = 0;
136 
137   p = strstr(res, "setcookie: ");
138   if (p) {
139     p += sizeof("setcookie: ")-1;
140     q = strchr(p, '\n');
141     if (q) {
142       memcpy(setcookie, p, MIN(q-p, sizeof(setcookie)-1));
143       setcookie[MIN(q-p, sizeof(setcookie)-1)] = 0;
144       D("setcookie(%s)",setcookie);
145     } else {
146       strncpy(setcookie, p, sizeof(setcookie));
147       setcookie[sizeof(setcookie)-1] = 0;
148       D("setcookie(%s)",setcookie);
149     }
150   } else
151     setcookie[0] = 0;
152 
153   /* Render protected content page. You should replace this
154    * with your own content, or establishment of your own session
155    * and then redirection to your own content. Whatever makes sense. */
156 
157   if (!ONE_OF_2(*setcookie, '-', 0))
158     printf("SET-COOKIE: %s\r\n", setcookie);
159   printf("Content-Type: text/html\r\n\r\n");
160   printf("<title>ZXID HELLO SP Mgmt</title>" ZXID_BODY_TAG "<h1>ZXID HELLO SP Management (user logged in, session active)</h1><pre>\n");
161   printf("</pre><form method=post action=\"?o=P\">");
162   //if (err) printf("<p><font color=red><i>%s</i></font></p>\n", err);
163   //if (msg) printf("<p><i>%s</i></p>\n", msg);
164   if (*sid) {
165     printf("<input type=hidden name=s value=\"%s\">", sid);
166     printf("<input type=submit name=gl value=\" Local Logout \">\n");
167     printf("<input type=submit name=gr value=\" Single Logout (Redir) \">\n");
168     printf("<input type=submit name=gs value=\" Single Logout (SOAP) \">\n");
169     printf("<input type=submit name=gt value=\" Defederate (Redir) \">\n");
170     printf("<input type=submit name=gu value=\" Defederate (SOAP) \"><br>\n");
171     printf("sid(%s) nid(%s) <a href=\"?s=%s\">Reload</a> | "
172 	   "<a href=\"?o=v&s=%s\">PEP</a>", sid, *nid?nid:"?!?", sid, sid);
173   } else {
174     printf("<p>No session established.\n");
175   }
176 
177   printf("</form><hr>\n");
178   printf("<pre>%s</pre>\n<hr>\n", res);
179   printf("<a href=\"http://zxid.org/\">zxid.org</a>, %s", zxid_version_str());
180   return 0;
181 }
182 
183 /* EOF  --  zxidhlo.c */
184