![]() |
XRootD
|
#include <XrdCryptoX509Chain.hh>
Public Types | |
enum | ECAStatus { kUnknown = 0 , kAbsent , kInvalid , kValid } |
enum | EX509ChainErr { kNone = 0 , kInconsistent , kTooMany , kNoCA , kNoCertificate , kInvalidType , kInvalidNames , kRevoked , kExpired , kMissingExtension , kVerifyFail , kInvalidSign , kCANotAutoSigned , kNoEEC , kTooManyEEC , kInvalidProxy } |
Public Member Functions | |
XrdCryptoX509Chain (XrdCryptoX509 *c=0) | |
XrdCryptoX509Chain (XrdCryptoX509Chain *ch) | |
virtual | ~XrdCryptoX509Chain () |
XrdCryptoX509 * | Begin () |
const char * | CAhash () |
const char * | CAname () |
bool | CheckCA (bool checkselfsigned=1) |
virtual int | CheckValidity (bool outatfirst=1, int when=0) |
void | Cleanup (bool keepCA=0) |
void | Dump () |
const char * | EEChash () |
const char * | EECname () |
XrdCryptoX509 * | EffCA () const |
XrdCryptoX509 * | End () const |
void | InsertAfter (XrdCryptoX509 *c, XrdCryptoX509 *cp) |
const char * | LastError () const |
XrdCryptoX509 * | Next () |
void | PushBack (XrdCryptoX509 *c) |
void | PutInFront (XrdCryptoX509 *c) |
void | Remove (XrdCryptoX509 *c) |
virtual int | Reorder () |
XrdCryptoX509 * | SearchByIssuer (const char *issuer, ESearchMode mode=kExact) |
XrdCryptoX509 * | SearchBySubject (const char *subject, ESearchMode mode=kExact) |
void | SetStatusCA (ECAStatus st) |
int | Size () const |
ECAStatus | StatusCA () const |
virtual bool | Verify (EX509ChainErr &e, x509ChainVerifyOpt_t *vopt=0) |
const char * | X509ChainError (EX509ChainErr e) |
Protected Member Functions | |
XrdCryptoX509ChainNode * | Find (XrdCryptoX509 *c) |
XrdCryptoX509ChainNode * | FindIssuer (const char *issuer, ESearchMode mode=kExact, XrdCryptoX509ChainNode **p=0) |
XrdCryptoX509ChainNode * | FindSubject (const char *subject, ESearchMode mode=kExact, XrdCryptoX509ChainNode **p=0) |
void | SetEffectiveCA () |
bool | Verify (EX509ChainErr &e, const char *msg, XrdCryptoX509::EX509Type type, int when, XrdCryptoX509 *xcer, XrdCryptoX509 *xsig, XrdCryptoX509Crl *crl=0) |
Definition at line 80 of file XrdCryptoX509Chain.hh.
Enumerator | |
---|---|
kNone | |
kInconsistent | |
kTooMany | |
kNoCA | |
kNoCertificate | |
kInvalidType | |
kInvalidNames | |
kRevoked | |
kExpired | |
kMissingExtension | |
kVerifyFail | |
kInvalidSign | |
kCANotAutoSigned | |
kNoEEC | |
kTooManyEEC | |
kInvalidProxy |
Definition at line 93 of file XrdCryptoX509Chain.hh.
XrdCryptoX509Chain::XrdCryptoX509Chain | ( | XrdCryptoX509 * | c = 0 | ) |
Definition at line 66 of file XrdCryptoX509Chain.cc.
References begin, cahash, caname, current, eechash, eecname, effca, end, XrdCryptoX509::kCA, kInvalid, kNone, kUnknown, kValid, lastError, previous, SetEffectiveCA(), size, statusCA, XrdCryptoX509::Subject(), XrdCryptoX509::SubjectHash(), XrdCryptoX509::type, and Verify().
XrdCryptoX509Chain::XrdCryptoX509Chain | ( | XrdCryptoX509Chain * | ch | ) |
Definition at line 104 of file XrdCryptoX509Chain.cc.
References Begin(), begin, CAhash(), cahash, CAname(), caname, current, EEChash(), eechash, EECname(), eecname, EffCA(), effca, end, LastError(), lastError, Next(), previous, XrdCryptoX509ChainNode::SetNext(), size, StatusCA(), and statusCA.
|
virtual |
Definition at line 137 of file XrdCryptoX509Chain.cc.
References begin, and XrdCryptoX509ChainNode::Next().
XrdCryptoX509 * XrdCryptoX509Chain::Begin | ( | ) |
Definition at line 380 of file XrdCryptoX509Chain.cc.
References begin, XrdCryptoX509ChainNode::Cert(), current, and previous.
Referenced by XrdCryptoX509Chain(), XrdSecProtocolgsi::getCredentials(), main(), XrdVomsFun::VOMSFun(), XrdCryptosslX509ExportChain(), XrdCryptosslX509ParseBucket(), XrdCryptosslX509ParseFile(), and XrdCryptosslX509VerifyChain().
const char * XrdCryptoX509Chain::CAhash | ( | ) |
Definition at line 891 of file XrdCryptoX509Chain.cc.
References XrdOucString::c_str(), cahash, CheckCA(), DEBUG, EPNAME, kUnknown, XrdOucString::length(), and statusCA.
Referenced by XrdCryptoX509Chain().
const char * XrdCryptoX509Chain::CAname | ( | ) |
Definition at line 845 of file XrdCryptoX509Chain.cc.
References XrdOucString::c_str(), caname, CheckCA(), DEBUG, EPNAME, kUnknown, XrdOucString::length(), and statusCA.
Referenced by XrdCryptoX509Chain(), and Dump().
bool XrdCryptoX509Chain::CheckCA | ( | bool | checkselfsigned = 1 | ) |
Definition at line 183 of file XrdCryptoX509Chain.cc.
References begin, cahash, caname, XrdCryptoX509ChainNode::Cert(), end, XrdCryptoX509::kCA, kInvalid, kNone, kValid, kVerifyFail, lastError, XrdCryptoX509ChainNode::Next(), XrdCryptoX509ChainNode::SetNext(), statusCA, XrdCryptoX509::Subject(), XrdCryptoX509::SubjectHash(), XrdCryptoX509::type, Verify(), and X509ChainError().
Referenced by CAhash(), CAname(), and Verify().
|
virtual |
Definition at line 747 of file XrdCryptoX509Chain.cc.
References begin, XrdCryptoX509ChainNode::Cert(), DEBUG, EPNAME, XrdCryptoX509::IsValid(), XrdCryptoX509ChainNode::Next(), and size.
Referenced by GetCACheck(), and QueryProxyCheck().
void XrdCryptoX509Chain::Cleanup | ( | bool | keepCA = 0 | ) |
Definition at line 151 of file XrdCryptoX509Chain.cc.
References begin, cahash, caname, XrdCryptoX509ChainNode::Cert(), current, eechash, eecname, effca, end, XrdCryptoX509::kCA, kUnknown, lastError, XrdCryptoX509ChainNode::Next(), previous, size, statusCA, and XrdCryptoX509::type.
Referenced by gsiHSVars::~gsiHSVars(), and XrdSecProtocolgsi::Delete().
void XrdCryptoX509Chain::Dump | ( | ) |
Definition at line 523 of file XrdCryptoX509Chain.cc.
References begin, CAname(), XrdCryptoX509ChainNode::Cert(), EECname(), EPNAME, XrdCryptoX509::IssuerHash(), LOCDUMP, XrdCryptoX509ChainNode::Next(), Size(), XrdCryptoX509::SubjectHash(), and XrdCryptoX509::Type().
Referenced by main(), and XrdCryptogsiX509Chain::Verify().
const char * XrdCryptoX509Chain::EEChash | ( | ) |
Definition at line 910 of file XrdCryptoX509Chain.cc.
References begin, XrdOucString::c_str(), XrdCryptoX509ChainNode::Cert(), DEBUG, eechash, EPNAME, XrdCryptoX509::kEEC, XrdOucString::length(), XrdCryptoX509ChainNode::Next(), XrdCryptoX509::SubjectHash(), and XrdCryptoX509::type.
Referenced by XrdCryptoX509Chain(), and XrdSecProtocolgsi::Authenticate().
const char * XrdCryptoX509Chain::EECname | ( | ) |
Definition at line 864 of file XrdCryptoX509Chain.cc.
References begin, XrdOucString::c_str(), XrdCryptoX509ChainNode::Cert(), DEBUG, eecname, EPNAME, XrdCryptoX509::kEEC, XrdOucString::length(), XrdCryptoX509ChainNode::Next(), XrdCryptoX509::Subject(), and XrdCryptoX509::type.
Referenced by XrdCryptoX509Chain(), XrdSecProtocolgsi::Authenticate(), and Dump().
|
inline |
Definition at line 114 of file XrdCryptoX509Chain.hh.
References XrdCryptoX509ChainNode::Cert(), and effca.
Referenced by XrdCryptoX509Chain().
|
inline |
Definition at line 108 of file XrdCryptoX509Chain.hh.
References XrdCryptoX509ChainNode::Cert(), and end.
Referenced by XrdSecProtocolgsi::Authenticate(), main(), XrdVomsFun::VOMSFun(), XrdCryptosslX509ChainToFile(), XrdCryptosslX509ExportChain(), and XrdSecgsiAuthzKey().
|
protected |
Definition at line 237 of file XrdCryptoX509Chain.cc.
References begin, XrdCryptoX509ChainNode::Cert(), and XrdCryptoX509ChainNode::Next().
Referenced by InsertAfter(), PushBack(), and PutInFront().
|
protected |
Definition at line 433 of file XrdCryptoX509Chain.cc.
References begin, XrdCryptoX509ChainNode::Cert(), XrdCryptoX509::Issuer(), and XrdCryptoX509ChainNode::Next().
Referenced by SearchByIssuer().
|
protected |
Definition at line 479 of file XrdCryptoX509Chain.cc.
References begin, XrdCryptoX509ChainNode::Cert(), XrdCryptoX509ChainNode::Next(), and XrdCryptoX509::Subject().
Referenced by Reorder(), and SearchBySubject().
void XrdCryptoX509Chain::InsertAfter | ( | XrdCryptoX509 * | c, |
XrdCryptoX509 * | cp | ||
) |
Definition at line 268 of file XrdCryptoX509Chain.cc.
References end, Find(), XrdCryptoX509ChainNode::Next(), PushBack(), SetEffectiveCA(), XrdCryptoX509ChainNode::SetNext(), and size.
|
inline |
Definition at line 101 of file XrdCryptoX509Chain.hh.
References XrdOucString::c_str(), and lastError.
Referenced by XrdCryptoX509Chain(), and main().
XrdCryptoX509 * XrdCryptoX509Chain::Next | ( | ) |
Definition at line 392 of file XrdCryptoX509Chain.cc.
References XrdCryptoX509ChainNode::Cert(), current, XrdCryptoX509ChainNode::Next(), and previous.
Referenced by XrdCryptoX509Chain(), XrdSecProtocolgsi::getCredentials(), XrdVomsFun::VOMSFun(), XrdCryptosslX509ParseBucket(), XrdCryptosslX509ParseFile(), and XrdCryptosslX509VerifyChain().
void XrdCryptoX509Chain::PushBack | ( | XrdCryptoX509 * | c | ) |
Definition at line 298 of file XrdCryptoX509Chain.cc.
References begin, end, Find(), SetEffectiveCA(), XrdCryptoX509ChainNode::SetNext(), and size.
Referenced by InsertAfter(), main(), XrdCryptosslX509ParseBucket(), XrdCryptosslX509ParseFile(), and XrdCryptosslX509ParseStack().
void XrdCryptoX509Chain::PutInFront | ( | XrdCryptoX509 * | c | ) |
Definition at line 250 of file XrdCryptoX509Chain.cc.
References begin, end, Find(), SetEffectiveCA(), and size.
void XrdCryptoX509Chain::Remove | ( | XrdCryptoX509 * | c | ) |
Definition at line 320 of file XrdCryptoX509Chain.cc.
References begin, cahash, caname, XrdCryptoX509ChainNode::Cert(), current, end, XrdCryptoX509::kCA, kUnknown, XrdCryptoX509ChainNode::Next(), previous, SetEffectiveCA(), XrdCryptoX509ChainNode::SetNext(), size, statusCA, and XrdCryptoX509::type.
|
virtual |
Definition at line 561 of file XrdCryptoX509Chain.cc.
References begin, cahash, caname, XrdCryptoX509ChainNode::Cert(), DEBUG, eechash, eecname, end, EPNAME, FindSubject(), XrdCryptoX509::Issuer(), kAbsent, XrdCryptoX509::kCA, XrdCryptoX509::kEEC, kUnknown, XrdOucString::length(), XrdCryptoX509ChainNode::Next(), SetEffectiveCA(), XrdCryptoX509ChainNode::SetNext(), size, statusCA, and XrdCryptoX509::Subject().
Referenced by main(), XrdCryptogsiX509Chain::Verify(), Verify(), XrdCryptosslX509ChainToFile(), XrdCryptosslX509ExportChain(), XrdCryptosslX509ParseStack(), and XrdSecgsiAuthzKey().
XrdCryptoX509 * XrdCryptoX509Chain::SearchByIssuer | ( | const char * | issuer, |
ESearchMode | mode = kExact |
||
) |
Definition at line 406 of file XrdCryptoX509Chain.cc.
References XrdCryptoX509ChainNode::Cert(), and FindIssuer().
XrdCryptoX509 * XrdCryptoX509Chain::SearchBySubject | ( | const char * | subject, |
ESearchMode | mode = kExact |
||
) |
Definition at line 419 of file XrdCryptoX509Chain.cc.
References XrdCryptoX509ChainNode::Cert(), and FindSubject().
Referenced by XrdCryptosslX509ChainToFile(), and XrdCryptosslX509ExportChain().
|
protected |
Definition at line 655 of file XrdCryptoX509Chain.cc.
References begin, cahash, caname, XrdCryptoX509ChainNode::Cert(), effca, XrdCryptoX509::IssuerHash(), XrdCryptoX509::kCA, XrdCryptoX509ChainNode::Next(), XrdCryptoX509::Subject(), XrdCryptoX509::SubjectHash(), and XrdCryptoX509::type.
Referenced by XrdCryptoX509Chain(), InsertAfter(), PushBack(), PutInFront(), Remove(), and Reorder().
|
inline |
|
inline |
Definition at line 107 of file XrdCryptoX509Chain.hh.
References size.
Referenced by Dump(), XrdCryptosslX509ExportChain(), XrdCryptosslX509ParseBucket(), XrdCryptosslX509ParseFile(), and XrdCryptosslX509VerifyChain().
|
inline |
Definition at line 109 of file XrdCryptoX509Chain.hh.
References statusCA.
Referenced by XrdCryptoX509Chain().
|
protected |
Definition at line 789 of file XrdCryptoX509Chain.cc.
References XrdOucString::c_str(), XrdCryptoX509Crl::IsRevoked(), XrdCryptoX509::IsValid(), kExpired, kInvalidType, kNoCertificate, kRevoked, XrdCryptoX509::kUnknown, kVerifyFail, lastError, XrdCryptoX509::SerialNumberString(), XrdCryptoX509::type, XrdCryptoX509::Verify(), and X509ChainError().
|
virtual |
Reimplemented in XrdCryptogsiX509Chain.
Definition at line 678 of file XrdCryptoX509Chain.cc.
References begin, XrdCryptoX509ChainNode::Cert(), CheckCA(), DEBUG, EPNAME, kInconsistent, kNoCA, kNone, kOptsCheckSelfSigned, kTooMany, XrdCryptoX509::kUnknown, lastError, XrdCryptoX509ChainNode::Next(), x509ChainVerifyOpt_t::opt, x509ChainVerifyOpt_t::pathlen, Reorder(), size, x509ChainVerifyOpt_t::when, and X509ChainError().
Referenced by XrdCryptoX509Chain(), CheckCA(), main(), and XrdCryptogsiX509Chain::Verify().
const char * XrdCryptoX509Chain::X509ChainError | ( | EX509ChainErr | e | ) |
Definition at line 229 of file XrdCryptoX509Chain.cc.
References X509ChainErrStr.
Referenced by CheckCA(), XrdCryptogsiX509Chain::Verify(), and Verify().
|
protected |
Definition at line 147 of file XrdCryptoX509Chain.hh.
Referenced by XrdCryptoX509Chain(), ~XrdCryptoX509Chain(), Begin(), CheckCA(), CheckValidity(), Cleanup(), Dump(), EEChash(), EECname(), Find(), FindIssuer(), FindSubject(), PushBack(), PutInFront(), Remove(), Reorder(), SetEffectiveCA(), XrdCryptogsiX509Chain::Verify(), and Verify().
|
protected |
Definition at line 156 of file XrdCryptoX509Chain.hh.
Referenced by XrdCryptoX509Chain(), CAhash(), CheckCA(), Cleanup(), Remove(), Reorder(), and SetEffectiveCA().
|
protected |
Definition at line 154 of file XrdCryptoX509Chain.hh.
Referenced by XrdCryptoX509Chain(), CAname(), CheckCA(), Cleanup(), Remove(), Reorder(), and SetEffectiveCA().
|
protected |
Definition at line 148 of file XrdCryptoX509Chain.hh.
Referenced by XrdCryptoX509Chain(), Begin(), Cleanup(), Next(), and Remove().
|
protected |
Definition at line 157 of file XrdCryptoX509Chain.hh.
Referenced by XrdCryptoX509Chain(), Cleanup(), EEChash(), and Reorder().
|
protected |
Definition at line 155 of file XrdCryptoX509Chain.hh.
Referenced by XrdCryptoX509Chain(), Cleanup(), EECname(), and Reorder().
|
protected |
Definition at line 151 of file XrdCryptoX509Chain.hh.
Referenced by XrdCryptoX509Chain(), Cleanup(), EffCA(), and SetEffectiveCA().
|
protected |
Definition at line 149 of file XrdCryptoX509Chain.hh.
Referenced by XrdCryptoX509Chain(), CheckCA(), Cleanup(), End(), InsertAfter(), PushBack(), PutInFront(), Remove(), and Reorder().
|
protected |
Definition at line 153 of file XrdCryptoX509Chain.hh.
Referenced by XrdCryptoX509Chain(), CheckCA(), Cleanup(), LastError(), XrdCryptogsiX509Chain::Verify(), and Verify().
|
protected |
Definition at line 150 of file XrdCryptoX509Chain.hh.
Referenced by XrdCryptoX509Chain(), Begin(), Cleanup(), Next(), and Remove().
|
protected |
Definition at line 152 of file XrdCryptoX509Chain.hh.
Referenced by XrdCryptoX509Chain(), CheckValidity(), Cleanup(), InsertAfter(), PushBack(), PutInFront(), Remove(), Reorder(), Size(), XrdCryptogsiX509Chain::Verify(), and Verify().
|
protected |
Definition at line 158 of file XrdCryptoX509Chain.hh.
Referenced by XrdCryptoX509Chain(), CAhash(), CAname(), CheckCA(), Cleanup(), Remove(), Reorder(), SetStatusCA(), StatusCA(), and XrdCryptogsiX509Chain::Verify().