XRootD
XrdDigConfig Class Reference

#include <XrdDigConfig.hh>

+ Collaboration diagram for XrdDigConfig:

Public Types

enum  pType {
  isAny = 0 ,
  isDir ,
  isFile
}
 

Public Member Functions

 XrdDigConfig ()
 
 ~XrdDigConfig ()
 
bool Configure (const char *cFN, const char *parms)
 
int GenAccess (const XrdSecEntity *client, const char *aList[], int aMax)
 
char * GenPath (int &rc, const XrdSecEntity *client, const char *opname, const char *lfn, pType lfnType=isAny)
 
void GetLocResp (XrdOucErrInfo &eInfo, bool nameok)
 

Static Public Member Functions

static void StatRoot (struct stat *sP)
 

Detailed Description

Definition at line 38 of file XrdDigConfig.hh.

Member Enumeration Documentation

◆ pType

Enumerator
isAny 
isDir 
isFile 

Definition at line 45 of file XrdDigConfig.hh.

Constructor & Destructor Documentation

◆ XrdDigConfig()

XrdDigConfig::XrdDigConfig ( )
inline

Definition at line 59 of file XrdDigConfig.hh.

59 : fnTmplt(0), logAcc(true), logRej(true) {}

◆ ~XrdDigConfig()

XrdDigConfig::~XrdDigConfig ( )
inline

Definition at line 60 of file XrdDigConfig.hh.

60 {}

Member Function Documentation

◆ Configure()

bool XrdDigConfig::Configure ( const char *  cFN,
const char *  parms 
)

Definition at line 97 of file XrdDigConfig.cc.

98 {
99 /*
100  Function: Establish default values using configuration parameters.
101 
102  Input: None.
103 
104  Output: true upon success or false otherwise.
105 */
106  char buff[4096], *afile, *var;
107  XrdOucTokenizer cParms(buff);
108  struct stat Stat;
109  int n;
110  bool isOK = true;
111 
112 // Get the adminpath (this better succeed).
113 //
114  if (!(var = getenv("XRDADMINPATH")) || (n = strlen(var)) >= MAXPATHLEN)
115  {eDest->Emsg("Config", "Unable to deterine adminpath!");
116  return false;
117  }
118 
119 // Create a template for file remapping
120 //
121  strcpy(buff, var);
122  if (buff[n-1] != '/') {buff[n] = '/'; n++;}
123  strcpy(buff+n, ".xrd/=/%s");
124  fnTmplt = strdup(buff);
125 
126 // Make sure that conf/etc no longer exists as a previous start may have
127 // exported something that we no longer wish to export.
128 //
129  if (snprintf(buff, sizeof(buff), fnTmplt, "conf/etc") < (int)sizeof(buff))
130  Empty(buff);
131 
132 // Pake sure there are parameters here
133 //
134  if(!parms || !*parms)
135  {eDest->Emsg("Config", "DigFS parameters not specified.");
136  return false;
137  }
138 
139 // Copy the parms as they will be altered and attach it to the tokenizer
140 //
141  n = strlen(parms);
142  if (n >= (int)sizeof(buff))
143  {eDest->Emsg("Config", "DigFS parm string is too long.");
144  return false;
145  }
146  strcpy(buff, parms);
147 
148 // First token is the authfile
149 //
150  cParms.GetLine();
151  if (!(afile = cParms.GetToken()) || !afile[0])
152  {eDest->Emsg("Config", "DigFS authfile not specified.");
153  return false;
154  }
155 
156 // If we have a config file, process it now
157 //
158  if (cFN && *cFN) isOK = ConfigProc(cFN);
159 
160 // Config authorization. The config may have failed but we want to generate
161 // all of the rror messages in one go.
162 //
163  if (!Auth.Configure(afile)) isOK = false;
164 
165 // Setup locate response
166 //
167  SetLocResp();
168 
169 // Get a valid stat structure for the root directory
170 //
171  stat("/", &rootStat);
172 
173 // Validate base entries
174 //
175  for (n = 0; n < pNum; n++)
176  {sprintf(buff, fnTmplt, pTab[n].pfx);
177  pTab[n].isOK = stat(buff, &Stat) == 0;
178  }
179 
180 // All done
181 //
182  return isOK;
183 }
struct stat Stat
Definition: XrdCks.cc:49
static XrdSysError eDest(0,"crypto_")
int stat(const char *path, struct stat *buf)
bool Configure(const char *aFN)
Definition: XrdDigAuth.cc:163
int Emsg(const char *esfx, int ecode, const char *text1, const char *text2=0)
Definition: XrdSysError.cc:95
XrdDigAuth Auth
Definition: XrdDigAuth.cc:63

References XrdDig::Auth, XrdDigAuth::Configure(), XrdDig::eDest, XrdSysError::Emsg(), XrdOucTokenizer::GetLine(), XrdOucTokenizer::GetToken(), Stat, and stat().

Referenced by XrdDigGetFS().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ GenAccess()

int XrdDigConfig::GenAccess ( const XrdSecEntity client,
const char *  aList[],
int  aMax 
)

Definition at line 189 of file XrdDigConfig.cc.

193 {
194  bool aOK[XrdDigAuthEnt::aNum], hasAcc = false;
195  int i, n = 0;
196 
197 // Validate aMax
198 //
199  if (aMax < 1) return -1;
200 
201 // Get access right for this client
202 //
203  Auth.Authorize(client, XrdDigAuthEnt::aNum, aOK);
204 
205 // Return entries that are allowed
206 //
207  for (i = (int)sizeof(aOK)-1; i >= 0 && n < aMax; i--)
208  {hasAcc |= aOK[i];
209  if (aOK[i] && pTab[i].isOK) aList[n++] = pTab[i].pfx;
210  }
211 
212 // Return permission denied if no access allowed
213 //
214  if (!hasAcc) return -1;
215 
216 // Return something if we had an error setting up as empty dirs cause problems.
217 //
218  if (!n) {aList[0] = "."; n = 1;}
219  return n;
220 }
bool Authorize(const XrdSecEntity *client, XrdDigAuthEnt::aType aType, bool aVec[XrdDigAuthEnt::aNum]=0)
Definition: XrdDigAuth.cc:89

References XrdDigAuthEnt::aNum, XrdDig::Auth, and XrdDigAuth::Authorize().

Referenced by XrdDigDirectory::open(), and XrdDigFS::stat().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ GenPath()

char * XrdDigConfig::GenPath ( int &  rc,
const XrdSecEntity client,
const char *  opname,
const char *  lfn,
XrdDigConfig::pType  lfnType = isAny 
)

Definition at line 226 of file XrdDigConfig.cc.

231 {
232  char path[2048];
233  int i, n;
234 
235 // First we better have a client object
236 //
237  if (!client) {rc = EPERM; return 0;}
238 
239 // Translate the fname to the right file type
240 //
241  for (i = 0; i < pNum; i++)
242  {if (!strncmp(pTab[i].pfx, fname, pTab[i].pfxlen)
243  && (*(fname+pTab[i].pfxlen) == '/' || !*(fname+pTab[i].pfxlen))) break;
244  }
245 
246 // Make sure we found a valid entry
247 //
248  if (i >= pNum || !pTab[i].isOK) {rc = ENOENT; return 0;}
249 
250 // Authorize this access
251 //
252  if (!Auth.Authorize(client, pTab[i].aType))
253  {if (lfnType == isFile && logRej) Audit(client, "denied", opname, fname);
254  rc = EACCES;
255  return 0;
256  }
257 
258 // If the entry is being suffixed and it's proc, make sure we are not trying
259 // to gain access to something outside of the proc directory tree
260 //
261  if (pTab[i].aType == XrdDigAuthEnt::aProc && (rc = ValProc(fname)))
262  {if (logRej && rc == EPERM) Audit(client, "denied", opname, fname);
263  return 0;
264  }
265 
266 // Log this access if so wanted
267 //
268  if (lfnType == isFile && logAcc) Audit(client, "allowed", opname, fname);
269 
270 // Construct the name to be returned
271 //
272  i = (lfnType == isDir ? 1 : 0);
273  n = snprintf(path, sizeof(path), fnTmplt, fname);
274  if (n >= (int)sizeof(path)-1) {rc = ENAMETOOLONG; return 0;}
275 
276 // Attach a trailing slash if there is none if this is a directory
277 //
278  if (lfnType == isDir && path[n-1] != '/') {path[n] = '/'; path[n+1] = 0;}
279 
280 // Return the composite name
281 //
282  rc = 0;
283  return strdup(path);
284 }

References XrdDigAuthEnt::aProc, XrdDig::Auth, and XrdDigAuth::Authorize().

Referenced by XrdDigDirectory::open(), XrdDigFile::open(), and XrdDigFS::stat().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ GetLocResp()

void XrdDigConfig::GetLocResp ( XrdOucErrInfo eInfo,
bool  nameok 
)

Definition at line 290 of file XrdDigConfig.cc.

291 {
292 
293 // Return desired value
294 //
295  if (nameok)
296  eInfo.setErrInfo(locRlenHP, locRespHP);
297  else if (eInfo.getUCap() & XrdOucEI::uIPv4)
298  eInfo.setErrInfo(locRlenV4, locRespV4);
299  else eInfo.setErrInfo(locRlenV6, locRespV6);
300 }
int setErrInfo(int code, const char *emsg)
static const int uIPv4
ucap: Supports read redirects

References XrdOucErrInfo::getUCap(), XrdOucErrInfo::setErrInfo(), and XrdOucEI::uIPv4.

Referenced by XrdDigFS::fsctl().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ StatRoot()

void XrdDigConfig::StatRoot ( struct stat sP)
static

Definition at line 306 of file XrdDigConfig.cc.

307 {
308  memcpy(sP, &rootStat, sizeof(struct stat));
309 }

References stat().

Referenced by XrdDigFS::stat().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

The documentation for this class was generated from the following files: