XRootD
XrdSectestServer.cc
Go to the documentation of this file.
1 /******************************************************************************/
2 /* */
3 /* X r d S e c t e s t S e r v e r . c c */
4 /* */
5 /* (c) 2003 by the Board of Trustees of the Leland Stanford, Jr., University */
6 /* All Rights Reserved */
7 /* Produced by Andrew Hanushevsky for Stanford University under contract */
8 /* DE-AC02-76-SFO0515 with the Department of Energy */
9 /* */
10 /* This file is part of the XRootD software suite. */
11 /* */
12 /* XRootD is free software: you can redistribute it and/or modify it under */
13 /* the terms of the GNU Lesser General Public License as published by the */
14 /* Free Software Foundation, either version 3 of the License, or (at your */
15 /* option) any later version. */
16 /* */
17 /* XRootD is distributed in the hope that it will be useful, but WITHOUT */
18 /* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or */
19 /* FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public */
20 /* License for more details. */
21 /* */
22 /* You should have received a copy of the GNU Lesser General Public License */
23 /* along with XRootD in a file called COPYING.LESSER (LGPL license) and file */
24 /* COPYING (GPL license). If not, see <http://www.gnu.org/licenses/>. */
25 /* */
26 /* The copyright holder's institutional names and contributor's names may not */
27 /* be used to endorse or promote products derived from this software without */
28 /* specific prior written permission of the institution or contributor. */
29 /******************************************************************************/
30 
31 #include <unistd.h>
32 #include <cctype>
33 #include <cstdlib>
34 #include <strings.h>
35 #include <cstdio>
36 #include <sys/param.h>
37 
38 #include "XrdNet/XrdNetAddr.hh"
39 #include "XrdOuc/XrdOucErrInfo.hh"
40 #include "XrdSys/XrdSysE2T.hh"
41 #include "XrdSys/XrdSysHeaders.hh"
42 #include "XrdSys/XrdSysLogger.hh"
44 
45 /******************************************************************************/
46 /* L O C A L D E F I N I T I O N S */
47 /******************************************************************************/
48 
49 #define H(x) fprintf(stderr,x); fprintf(stderr, "\n");
50 #define I(x) fprintf(stderr, "\n"); H(x)
51 #define insx(a,b) sprintf(errbuff,a,b)
52 #define insy(a,b,c) sprintf(errbuff,a,b,c)
53 
54 typedef unsigned char uchar;
55 
56 /******************************************************************************/
57 /* g l o b a l v a r i a b l e s */
58 /******************************************************************************/
59 
60 /* Define the execution control structure.
61 */
62 struct myOpts {
63  int debug; /* 1 -> Enable debugging. */
64  int bin; /* 1 -> Input cred in binary format. */
65  int xtra; /* 1 -> Perform null cred test */
66  int online; /* 1 -> Filename is actual hex cred. */
67  char *cfn; /* -> config file */
68  char *host; /* -> hostname */
69  char *inpt; /* -> Input stream name. */
70  FILE *infid; /* -> Input stream (normally stdin). */
71  } opts;
72 
73 /* Define global variables.
74 */
75 char errbuff[256];
76 #ifndef C_Block
77 char hexbuff[256];
78 #else
79 char hexbuff[sizeof(C_Block)+8];
80 #endif
81 
82 extern "C"
83 {
84 extern XrdSecService *XrdSecgetService(XrdSysLogger *lp, const char *cfn);
85 }
86 
87 /******************************************************************************/
88 /* f u n c t i o n d e f i n i t i o n s */
89 /******************************************************************************/
90 
91 int getbintix(uchar *buff, int blen);
92 void getargs(int argc, char **argv);
93 int unhex(uchar *ibuff, uchar *obuff, int blen);
94 int cvtx(uchar idig, uchar *odig);
95 void getline(uchar *buff, int blen);
96 const char *Ereason( );
97 int emsg(int rc,char *msg);
98 void help(int rc);
99 void xerr(int x);
100 
101 /******************************************************************************/
102 /* M A I N P R O G R A M */
103 /******************************************************************************/
104 
105 int main(int argc, char **argv)
106 {
107  XrdNetAddr theAddr;
108  XrdOucErrInfo einfo;
110  XrdSecService *ServerSecurity;
111  XrdSecParameters *parmp;
112  XrdSecCredentials cred((char *)malloc(8192), 8192);
113  XrdSecProtocol *pp;
114  const char *eText;
115  unsigned char bbuff[4096];
116  int i, rc;
117 
118 // Parse the argument list.
119 //
120  getargs(argc, argv);
121 
122 // if hostname given, get the hostname address
123 //
124  if (opts.host)
125  {if ((eText = theAddr.Set(opts.host,0)))
126  {std::cerr <<"testServer: Unable to resolve '" <<opts.host <<"'; " <<eText <<std::endl;
127  exit(1);
128  }
129  }
130  else theAddr.Set("localhost",0);
131 
132 // Create a new security server
133 //
134  ServerSecurity = XrdSecgetService(&Logger, opts.cfn);
135  if (!ServerSecurity)
136  {std::cerr <<"testServer: Unable to create server." <<std::endl; exit(1);}
137 
138 // Get the security token and display it
139 //
140  const char *sect = ServerSecurity->getParms(i, opts.host);
141  if (!sect) std::cerr <<"testServer: No security token for " <<opts.host <<std::endl;
142  else std::cerr <<"testServer: " <<i <<" bytes of SecToken='" <<sect <<"'" <<std::endl;
143 
144 //Get the credentials from whatever source was specified
145 //
146  if (opts.bin) cred.size = getbintix((uchar *)cred.buffer, cred.size);
147  else {if (opts.online) strcpy((char *)bbuff, opts.inpt);
148  else getline(bbuff, sizeof(bbuff));
149  cred.size = unhex(bbuff, (uchar *)cred.buffer, cred.size);
150  }
151 
152 // Verify the length
153 //
154  if (cred.size < 0) emsg(100,(char *)"Invalid credentials format.");
155 
156 // Get the protocol
157 //
158  if (!(pp = ServerSecurity->getProtocol(opts.host, theAddr,
159  (const XrdSecCredentials *)&cred,
160  &einfo)))
161  {rc = einfo.getErrInfo();
162  std::cerr << "testServer: getProtocol error " <<rc <<"; ";
163  std::cerr <<einfo.getErrText() <<std::endl;
164  exit(1);
165  }
166 
167 // Now convert the credentials
168 //
169  if (pp->Authenticate(&cred, &parmp, &einfo) < 0)
170  {rc = einfo.getErrInfo();
171  std::cerr << "testServer: Authenticate error " <<rc <<"; ";
172  std::cerr <<einfo.getErrText() <<std::endl;
173  exit(1);
174  }
175 
176 // Tell everyone what the client identity is.
177 //
178  std::cout <<(pp->Entity.name ? pp->Entity.name : "?")
179  <<"@" <<(pp->Entity.host ? pp->Entity.host : "?")
180  <<" prot=" <<pp->Entity.prot <<std::endl;
181 
182 // All done
183 //
184  exit(0);
185 }
186 
187 /*getbintix: get binary credentials into an array.
188 */
189 int getbintix(uchar *buff, int blen) {
190 int i, j;
191  for (i = 0; i < blen; i++)
192  if ((j = getc(opts.infid)) >= 0) buff[i] = (uchar)j;
193  else if (j == EOF) return i;
194  else xerr(insx("Error reading cred; %s.", Ereason()));
195  xerr(insx("Cred longer than %d bytes.", blen));
196  return -1;
197 }
198 
199 /******************************************************************************/
200 /* Command Line Processing */
201 /******************************************************************************/
202 
203 /* getargs: parse through argv obtaining options and parameters.
204 */
205 void getargs(int argc, char **argv)
206  {
207  extern int optind; extern char *optarg; char c;
208 
209 /* Establish defaults here.
210 */
211  opts.debug = 0;
212  opts.bin = 0;
213  opts.online = 0;
214  opts.cfn = 0;
215  opts.host = 0;
216  opts.xtra = 0;
217  opts.inpt = (char *)"";
218  opts.infid = stdin;
219  opts.cfn = 0;
220 
221 /* Process the options
222 */
223 while ((c=getopt(argc,argv,"c:h:i:k:p:bdx")) != (char)EOF)
224  { switch(c)
225  {
226  case 'b': opts.bin = 1; break;
227  case 'c': opts.cfn = optarg; break;
228  case 'd': opts.debug = 1; break;
229  case 'h': opts.host = optarg; break;
230  case 'i': opts.inpt = optarg; break;
231  case 'x': opts.xtra = 1; break;
232  case '?': help(1);
233  }
234  }
235 
236 /*Get the credentials, if specified on the command line.
237 */
238 if (optind < argc) {opts.inpt = argv[optind++]; opts.online = 1;}
239 
240 /*Make sure no more parameters exist.
241 */
242 if (optind < argc) xerr(insx("Extraneous parameter, '%s'.", argv[optind]));
243 
244 /*If the input stream is other than stdin, verify that it exists.
245 */
246 if (opts.inpt[0] != '\000' && !opts.online
247  && (!(opts.infid = fopen(opts.inpt, "r"))) )
248  xerr(insy("Cannot open '%s'; %s.", opts.inpt, Ereason() ));
249 
250 /* Make sure that -i * and -b are not specified together.
251 */
252 if (opts.online && opts.bin)
253  emsg(8, (char *)"-b is incompatible with inline creds.");
254 
255 /*All done
256 */
257  return;
258  }
259 
260 /******************************************************************************/
261 /* Utility Function */
262 /******************************************************************************/
263 
264 /* unhex() converts a hex character string to its binary equivalent. The result
265  is placed in the passed buffer. It returns the number of bytes extracted.
266  An error results in a -1 response (including uneven hex digits). The
267  input buffer must be terminated with a null.
268 */
269 int unhex(uchar *ibuff, uchar *obuff, int blen) {
270 int i=0, j;
271 uchar dig1, dig2;
272 
273 for (j = 0; j < blen; j++) {
274  if (!ibuff[i]) return j;
275  if (!cvtx(ibuff[i++], &dig1) || !cvtx(ibuff[i++], &dig2)) return -1;
276  obuff[j] = (dig1 << 4) | dig2;
277  }
278 return -1; /* Buffer overflow */
279  }
280 
281 int cvtx(uchar idig, uchar *odig) {
282 if (idig >= '0' && idig <= '9') {*odig = idig & (uchar)0x0f; return 1;}
283 idig = idig | (uchar)0x20; /* Change to lower case. */
284 if (idig < 'a' || idig > 'f') return 0;
285 *odig = (idig & (uchar)0x0f) + (uchar)0x09;
286 return 1;
287 }
288 
289 /*getline() gets a newline terminated string from the expected input source.
290 */
291 void getline(uchar *buff, int blen) {
292  int i;
293  if (!fgets((char *)buff, blen, opts.infid)) return;
294  for (i = 0; i < blen; i++)
295  if (buff[i] == '\n') {buff[i] = '\000'; break;}
296  return;
297  }
298 
299 const char *Ereason( ) {
300  return XrdSysE2T(errno);
301  }
302 
303 /*xerr: print message on standard error using the errbuff as source of message.
304 */
305 void xerr(int x) { emsg(8, errbuff); }
306 
307 /*emsg: print message on standard error.
308 */
309 int emsg(int rc,char *msg) {
310  std::cerr << "testServer: " <<msg <<std::endl;
311  if (!rc) return 0;
312  exit(rc);
313  }
314 
315 /*help prints hout the obvious.
316 */
317 void help(int rc) {
318 /* Use H macro to avoid Sun string catenation bug. */
319 I("Syntax: testServer [ options ] cred ]")
320 I("Options: -b -c config -d -h -i input -t")
321 H(" -p principal[.instance][@realm] -s sep")
322 I("Function: Display the credentials contents.")
323 
324 if (rc > 1) exit(rc);
325 I("options: (defaults: -k /etc/srvtab\\n")
326 I("-b indicates the cred is in binary format (i.e., not hexchar).")
327 I("-c cfn the config file.")
328 I("-d turns on debugging.")
329 I("-h host the incoming hostname.")
330 I("-i input specifies the input stream (e.g., fname) if other than stdin.")
331 H(" This -i is ignored if cred is specified on the command line.")
332 exit(rc);
333 }
int optind
#define fopen(a, b)
Definition: XrdPosix.hh:49
int getbintix(uchar *buff, int blen)
void xerr(int x)
char * inpt
#define insy(a, b, c)
char * cfn
int main(int argc, char **argv)
void getline(uchar *buff, int blen)
char hexbuff[256]
void help(int rc)
int cvtx(uchar idig, uchar *odig)
struct myOpts opts
#define I(x)
unsigned char uchar
const char * Ereason()
#define H(x)
FILE * infid
XrdSecService * XrdSecgetService(XrdSysLogger *lp, const char *cfn)
char errbuff[256]
int unhex(uchar *ibuff, uchar *obuff, int blen)
int emsg(int rc, char *msg)
void getargs(int argc, char **argv)
#define insx(a, b)
char * host
const char * XrdSysE2T(int errcode)
Definition: XrdSysE2T.cc:104
const char * Set(const char *hSpec, int pNum=PortInSpec)
Definition: XrdNetAddr.cc:216
const char * getErrText()
char prot[XrdSecPROTOIDSIZE]
Auth protocol used (e.g. krb5)
Definition: XrdSecEntity.hh:67
char * name
Entity's name.
Definition: XrdSecEntity.hh:69
char * host
Entity's host name dnr dependent.
Definition: XrdSecEntity.hh:70
XrdSecEntity Entity
virtual int Authenticate(XrdSecCredentials *cred, XrdSecParameters **parms, XrdOucErrInfo *einfo=0)=0
virtual const char * getParms(int &size, XrdNetAddrInfo *endPoint=0)=0
virtual XrdSecProtocol * getProtocol(const char *host, XrdNetAddrInfo &endPoint, const XrdSecCredentials *cred, XrdOucErrInfo &einfo)=0
XrdSysLogger Logger
Definition: XrdGlobals.cc:47
Generic structure to pass security information back and forth.
char * buffer
Pointer to the buffer.
int size
Size of the buffer or length of data in the buffer.