XRootD
XrdHttpProtocol.hh
Go to the documentation of this file.
1 //------------------------------------------------------------------------------
2 // This file is part of XrdHTTP: A pragmatic implementation of the
3 // HTTP/WebDAV protocol for the Xrootd framework
4 //
5 // Copyright (c) 2013 by European Organization for Nuclear Research (CERN)
6 // Author: Fabrizio Furano <furano@cern.ch>
7 // File Date: Nov 2012
8 //------------------------------------------------------------------------------
9 // XRootD is free software: you can redistribute it and/or modify
10 // it under the terms of the GNU Lesser General Public License as published by
11 // the Free Software Foundation, either version 3 of the License, or
12 // (at your option) any later version.
13 //
14 // XRootD is distributed in the hope that it will be useful,
15 // but WITHOUT ANY WARRANTY; without even the implied warranty of
16 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 // GNU General Public License for more details.
18 //
19 // You should have received a copy of the GNU Lesser General Public License
20 // along with XRootD. If not, see <http://www.gnu.org/licenses/>.
21 //------------------------------------------------------------------------------
22 
23 
24 #ifndef __XRDHTTP_PROTOCOL_H__
25 #define __XRDHTTP_PROTOCOL_H__
26 
37 #include <cstdlib>
38 #include <unistd.h>
39 #include <sys/types.h>
40 
41 #include "XrdSys/XrdSysError.hh"
42 #include "XrdSys/XrdSysPthread.hh"
44 #include "Xrd/XrdObject.hh"
46 #include "XrdOuc/XrdOucStream.hh"
47 #include "Xrd/XrdProtocol.hh"
48 #include "XrdOuc/XrdOucHash.hh"
51 #include "XrdNet/XrdNetPMark.hh"
52 
53 #include <openssl/ssl.h>
54 
55 #include <unordered_map>
56 #include <vector>
57 
58 #include "XrdHttpReq.hh"
59 
60 /******************************************************************************/
61 /* D e f i n e s */
62 /******************************************************************************/
63 
64 
65 #ifndef __GNUC__
66 #define __attribute__(x)
67 #endif
68 
69 class XrdOucTokenizer;
70 class XrdOucTrace;
71 class XrdBuffer;
72 class XrdLink;
73 class XrdXrootdProtocol;
74 class XrdHttpSecXtractor;
75 class XrdHttpExtHandler;
76 struct XrdVersionInfo;
77 class XrdOucGMap;
78 class XrdCryptoFactory;
79 
80 class XrdHttpProtocol : public XrdProtocol {
81 
82  friend class XrdHttpReq;
83  friend class XrdHttpExtReq;
84 
85 public:
86 
88  static int Configure(char *parms, XrdProtocol_Config *pi);
89 
91  void DoIt() {
92  if (Resume) (*this.*Resume)();
93  }
94 
96  static int parseHeader2CGI(XrdOucStream &Config, XrdSysError & err, std::map<std::string, std::string> & header2cgi);
97 
100 
102  int Process(XrdLink *lp); // Sync: Job->Link.DoIt->Process
103 
104 
106  void Recycle(XrdLink *lp, int consec, const char *reason);
107 
109  int Stats(char *buff, int blen, int do_sync = 0);
110 
111 
112 
113 
115  int doStat(char *fname);
116 
118  int doChksum(const XrdOucString &fname);
119 
121  XrdHttpProtocol(const XrdHttpProtocol&) = default;
123  XrdHttpProtocol(bool imhttps);
125  Cleanup();
126  }
127 
130 
131 
134 
135  // XrdHttp checksum handling class
137 
140 
142  bool isHTTPS() { return ishttps; }
143 
144 private:
145 
146 
148  int (XrdHttpProtocol::*Resume)();
149 
151  static bool InitTLS();
152 
154  static bool InitSecurity();
155 
157  int StartSimpleResp(int code, const char *desc, const char *header_to_add, long long bodylen, bool keepalive);
158 
160  int SendData(const char *body, int bodylen);
161 
163  void Cleanup();
164 
166  void Reset();
167 
170  int HandleAuthentication(XrdLink* lp);
171 
174  int GetVOMSData(XrdLink *lp);
175 
176  // Handle gridmap file mapping if present
177  // Second argument is the OpenSSL hash of the EEC, if present; this allows
178  // a consistent fallback if the user is not in the mapfile.
179  //
180  // @return 0 if successful, otherwise !0
181  int HandleGridMap(XrdLink* lp, const char * eechash);
182 
185  int getDataOneShot(int blen, bool wait=false);
186 
188  static BIO *CreateBIO(XrdLink *lp);
189 
193  struct extHInfo
194  {XrdOucString extHName; // The instance name (1 to 16 characters)
195  XrdOucString extHPath; // The shared library path
196  XrdOucString extHParm; // The parameter (sort of)
197  bool extHNoTlsOK; // If true the exthandler can be loaded if TLS has NOT been configured
198  extHInfo(const char *hName, const char *hPath, const char *hParm, const bool hNoTlsOK)
199  : extHName(hName), extHPath(hPath), extHParm(hParm), extHNoTlsOK(hNoTlsOK) {}
200  ~extHInfo() {}
201  };
203  static int Config(const char *fn, XrdOucEnv *myEnv);
204  static const char *Configed();
205  static int xtrace(XrdOucStream &Config);
206  static int xsslcert(XrdOucStream &Config);
207  static int xsslkey(XrdOucStream &Config);
208  static int xsecxtractor(XrdOucStream &Config);
209  static int xexthandler(XrdOucStream & Config, std::vector<extHInfo> &hiVec);
210  static int xsslcadir(XrdOucStream &Config);
211  static int xsslcipherfilter(XrdOucStream &Config);
212  static int xdesthttps(XrdOucStream &Config);
213  static int xlistdeny(XrdOucStream &Config);
214  static int xlistredir(XrdOucStream &Config);
215  static int xselfhttps2http(XrdOucStream &Config);
216  static int xembeddedstatic(XrdOucStream &Config);
217  static int xstaticheader(XrdOucStream &Config);
218  static int xstaticredir(XrdOucStream &Config);
219  static int xstaticpreload(XrdOucStream &Config);
220  static int xgmap(XrdOucStream &Config);
221  static int xsslcafile(XrdOucStream &Config);
222  static int xsslverifydepth(XrdOucStream &Config);
223  static int xsecretkey(XrdOucStream &Config);
224  static int xheader2cgi(XrdOucStream &Config);
225  static int xhttpsmode(XrdOucStream &Config);
226  static int xtlsreuse(XrdOucStream &Config);
227  static int xauth(XrdOucStream &Config);
228  static int xtlsclientauth(XrdOucStream &Config);
229 
230  static bool isRequiredXtractor; // If true treat secxtractor errors as fatal
231  static XrdHttpSecXtractor *secxtractor;
232 
233  static bool usingEC; // using XrdEC
234  // Loads the SecXtractor plugin, if available
235  static int LoadSecXtractor(XrdSysError *eDest, const char *libName,
236  const char *libParms);
237 
238  // An oldstyle struct array to hold exthandlers
239  #define MAX_XRDHTTPEXTHANDLERS 4
240  static struct XrdHttpExtHandlerInfo {
241  char name[16];
242  XrdHttpExtHandler *ptr;
243  } exthandler[MAX_XRDHTTPEXTHANDLERS];
244  static int exthandlercnt;
245 
246  static int LoadExtHandlerNoTls(std::vector<extHInfo> &hiVec,
247  const char *cFN, XrdOucEnv &myEnv);
248 
249  // Loads the ExtHandler plugin, if available
250  static int LoadExtHandler(std::vector<extHInfo> &hiVec,
251  const char *cFN, XrdOucEnv &myEnv);
252 
253  static int LoadExtHandler(XrdSysError *eDest, const char *libName,
254  const char *configFN, const char *libParms,
255  XrdOucEnv *myEnv, const char *instName);
256 
257  // Determines whether one of the loaded ExtHandlers are interested in
258  // handling a given request.
259  //
260  // Returns NULL if there is no matching handler.
261  static XrdHttpExtHandler *FindMatchingExtHandler(const XrdHttpReq &);
262 
263  // Tells if an ext handler with the given name has already been loaded
264  static bool ExtHandlerLoaded(const char *handlername);
265 
267  XrdBuffer *myBuff;
269  char *myBuffStart, *myBuffEnd;
270 
272  XrdOucString tmpline;
273 
275  int BuffAvailable();
277  int BuffUsed();
279  int BuffFree();
280 
282  void BuffConsume(int blen);
284  int BuffgetData(int blen, char **data, bool wait);
286  int BuffgetLine(XrdOucString &dest);
287 
289  int SendSimpleResp(int code, const char *desc, const char *header_to_add, const char *body, long long bodylen, bool keepalive);
290 
292  // API.
293  int StartChunkedResp(int code, const char *desc, const char *header_to_add, long long bodylen, bool keepalive);
294 
296  // indicates that this is the last chunk in the response.
297  int ChunkResp(const char *body, long long bodylen);
298 
300  // of the chunk is known but the body is not immediately available.
301  int ChunkRespHeader(long long bodylen);
302 
304  int ChunkRespFooter();
305 
307  char *GetClientIPStr();
308 
310  bool DoingLogin;
311 
313  bool DoneSetInfo;
314 
316  long ResumeBytes;
317 
319  SSL *ssl;
320 
322  BIO *sbio;
323 
325  static BIO *sslbio_err;
326 
328  bool ishttps;
329 
332  bool ssldone;
333  static XrdCryptoFactory *myCryptoFactory;
334 
335 protected:
336 
337  // Statistical area
338  //
339 // static XrdXrootdStats *SI;
340 // int numReads; // Count for kXR_read
341 // int numReadP; // Count for kXR_read pre-preads
342 // int numReadV; // Count for kR_readv
343 // int numSegsV; // Count for kR_readv segmens
344 // int numWrites; // Count
345 // int numFiles; // Count
346 //
347 // int cumReads; // Count less numReads
348 // int cumReadP; // Count less numReadP
349 // int cumReadV; // Count less numReadV
350 // int cumSegsV; // Count less numSegsV
351 // int cumWrites; // Count less numWrites
352 // long long totReadP; // Bytes
353 
354  static XrdScheduler *Sched; // System scheduler
355  static XrdBuffManager *BPool; // Buffer manager
356  static XrdSysError eDest; // Error message handler
357  static XrdSecService *CIA; // Authentication Server
358 
361 
364  char *Addr_str;
365 
367  static XrdOucGMap *servGMap; // Grid mapping service
368 
371 
372 
376 
377 
378  //
379  // Processing configuration values
380  //
381 
383  static int hailWait;
384 
386  static int readWait;
387 
389  static int Port;
390 
392  static char * Port_str;
393 
396 
398  static int crlRefIntervalSec;
399 
401  static char *gridmap;// [s] gridmap file [/etc/grid-security/gridmap]
402  static bool isRequiredGridmap; // If true treat gridmap errors as fatal
403  static bool compatNameGeneration; // If true, utilize the old algorithm for username generation for unknown users.
404 
406  static char *secretkey;
407 
409  static int sslverifydepth;
410 
412  static bool isdesthttps;
413 
415  static char *listredir;
416 
418  static bool listdeny;
419 
421  static bool selfhttps2http;
422 
424  static bool embeddedstatic;
425 
426  // Url to redirect to in the case a /static is requested
427  static char *staticredir;
428 
429  // Hash that keeps preloaded files
431  char *data;
432  int len;
433  };
435 
438 
440  static std::map< std::string, std::string > hdr2cgimap;
441 
443  static int m_bio_type;
444 
446  static BIO_METHOD *m_bio_method;
447 
449  static char * xrd_cslist;
450 
453 
455  static bool tpcForwardCreds;
456 
458  static std::unordered_map<std::string, std::vector<std::pair<std::string, std::string>>> m_staticheader_map;
459 
462  static std::unordered_map<std::string, std::string> m_staticheaders;
463 };
464 #endif
int kXR_int32
Definition: XPtypes.hh:89
#define MAX_XRDHTTPEXTHANDLERS
Main request/response class, handling the logical status of the communication.
static char * secretkey
The key used to calculate the url hashes.
static BIO_METHOD * m_bio_method
C-style vptr table for our custom BIO objects.
static char * gridmap
Gridmap file location. The same used by XrdSecGsi.
static XrdScheduler * Sched
static kXR_int32 myRole
Our role.
static char * sslcafile
static XrdNetPMark * pmarkHandle
Packet marking handler pointer (assigned from the environment during the Config() call)
static char * Port_str
Our port, as a string.
XrdXrootd::Bridge * Bridge
The Bridge that we use to exercise the xrootd internals.
static char * staticredir
static XrdSysError eDest
static bool selfhttps2http
If client is HTTPS, self-redirect with HTTP+token.
static XrdHttpChecksumHandler cksumHandler
static XrdOucGMap * servGMap
The instance of the DN mapper. Created only when a valid path is given.
static int hailWait
Timeout for reading the handshake.
int doChksum(const XrdOucString &fname)
Perform a checksum request.
static XrdOucHash< StaticPreloadInfo > * staticpreload
static char * xrd_cslist
The list of checksums that were configured via the xrd.cksum parameter on the server config file.
static char * sslcipherfilter
static int m_bio_type
Type identifier for our custom BIO objects.
static std::map< std::string, std::string > hdr2cgimap
Rules that turn HTTP headers to cgi tokens in the URL, for internal comsumption.
static char * sslcert
OpenSSL stuff.
XrdLink * Link
The link we are bound to.
static char * sslkey
int doStat(char *fname)
Perform a Stat request.
XrdObject< XrdHttpProtocol > ProtLink
static int readWait
Timeout for reading data.
void Recycle(XrdLink *lp, int consec, const char *reason)
Recycle this instance.
void DoIt()
Override from the base class.
static char * sslcadir
XrdHttpProtocol operator=(const XrdHttpProtocol &rhs)
bool isHTTPS()
called via https
static bool compatNameGeneration
static bool isdesthttps
True if the redirections must be towards https targets.
static XrdObjectQ< XrdHttpProtocol > ProtStack
XrdProtocol * Match(XrdLink *lp)
Tells if the oustanding bytes on the socket match this protocol implementation.
static std::unordered_map< std::string, std::vector< std::pair< std::string, std::string > > > m_staticheader_map
The static headers to always return; map is from verb to a list of (header, val) pairs.
static bool isRequiredGridmap
static char * listredir
Url to redirect to in the case a listing is requested.
int Stats(char *buff, int blen, int do_sync=0)
Get activity stats.
static std::unordered_map< std::string, std::string > m_staticheaders
XrdHttpReq CurrentReq
static int crlRefIntervalSec
CRL thread refresh interval.
static int Port
Our port.
static XrdHttpReadRangeHandler::Configuration ReadRangeConfig
configuration for the read range handler
static XrdSecService * CIA
static XrdBuffManager * BPool
static bool tpcForwardCreds
If set to true, the HTTP TPC transfers will forward the credentials to redirected hosts.
int Process(XrdLink *lp)
Process data incoming from the socket.
XrdHttpProtocol(const XrdHttpProtocol &)=default
Ctor, dtors and copy ctor.
static bool listdeny
If true, any form of listing is denied.
static int parseHeader2CGI(XrdOucStream &Config, XrdSysError &err, std::map< std::string, std::string > &header2cgi)
Use this function to parse header2cgi configurations.
XrdSecEntity SecEntity
Authentication area.
static bool embeddedstatic
If true, use the embedded css and icons.
static int sslverifydepth
Depth of verification of a certificate chain.
static int Configure(char *parms, XrdProtocol_Config *pi)
Read and apply the configuration.
bool InitTLS()
Definition: XrdClTls.cc:96
XrdCmsConfig Config