XRootD
XrdSecProtocolunix.cc
Go to the documentation of this file.
1 /******************************************************************************/
2 /* */
3 /* X r d S e c P r o t o c o l u n i x . c c */
4 /* */
5 /* (c) 2007 by the Board of Trustees of the Leland Stanford, Jr., University */
6 /* All Rights Reserved */
7 /* Produced by Andrew Hanushevsky for Stanford University under contract */
8 /* DE-AC02-76-SFO0515 with the Department of Energy */
9 /* */
10 /* This file is part of the XRootD software suite. */
11 /* */
12 /* XRootD is free software: you can redistribute it and/or modify it under */
13 /* the terms of the GNU Lesser General Public License as published by the */
14 /* Free Software Foundation, either version 3 of the License, or (at your */
15 /* option) any later version. */
16 /* */
17 /* XRootD is distributed in the hope that it will be useful, but WITHOUT */
18 /* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or */
19 /* FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public */
20 /* License for more details. */
21 /* */
22 /* You should have received a copy of the GNU Lesser General Public License */
23 /* along with XRootD in a file called COPYING.LESSER (LGPL license) and file */
24 /* COPYING (GPL license). If not, see <http://www.gnu.org/licenses/>. */
25 /* */
26 /* The copyright holder's institutional names and contributor's names may not */
27 /* be used to endorse or promote products derived from this software without */
28 /* specific prior written permission of the institution or contributor. */
29 /******************************************************************************/
30 
31 #include <unistd.h>
32 #include <cctype>
33 #include <cerrno>
34 #include <cstdlib>
35 #include <strings.h>
36 #include <sys/types.h>
37 
38 #include "XrdVersion.hh"
39 
40 #include "XrdNet/XrdNetAddrInfo.hh"
41 #include "XrdOuc/XrdOucErrInfo.hh"
42 #include "XrdOuc/XrdOucUtils.hh"
43 #include "XrdSys/XrdSysHeaders.hh"
44 #include "XrdSys/XrdSysPthread.hh"
46 
47 /******************************************************************************/
48 /* X r d S e c P r o t o c o l u n i x C l a s s */
49 /******************************************************************************/
50 
52 {
53 public:
54 friend class XrdSecProtocolDummy; // Avoid stupid gcc warnings about destructor
55 
56 
58  XrdSecParameters **parms,
59  XrdOucErrInfo *einfo=0);
60 
62  XrdOucErrInfo *einfo=0);
63 
64  XrdSecProtocolunix(const char *hname, XrdNetAddrInfo &endPoint)
65  : XrdSecProtocol("unix")
66  {Entity.host = strdup(hname);
67  Entity.name = (char *)"?";
68  epAddr = endPoint;
69  Entity.addrInfo = &epAddr;
70  credBuff = 0;
71  }
72 
73  void Delete() {delete this;}
74 
75 private:
76 
77  ~XrdSecProtocolunix() {if (credBuff) free(credBuff);
78  if (Entity.host) free(Entity.host);
79  } // via Delete()
80 
81 XrdNetAddrInfo epAddr;
82 char *credBuff; // Credentials buffer (server)
83 };
84 
85 /******************************************************************************/
86 /* C l i e n t O r i e n t e d F u n c t i o n s */
87 /******************************************************************************/
88 /******************************************************************************/
89 /* g e t C r e d e n t i a l s */
90 /******************************************************************************/
91 
92 
94  XrdOucErrInfo *error)
95 {
96  char Buff[512], *Bp;
97  int Blen, n;
98 
99 // Set protocol ID in the buffer
100 //
101  strcpy(Buff, "unix"); Bp = Buff + 5;
102 
103 // Get the username
104 //
105  if (XrdOucUtils::UserName(geteuid(), Bp, 256)) strcpy(Bp, "*");
106  Bp += strlen(Bp); Blen = (Bp - Buff) + 1;
107 
108 // Get the group name
109 //
110  if ((n = XrdOucUtils::GroupName(getegid(), Bp+1, sizeof(Buff)-Blen)))
111  {*Bp = ' '; Blen += (n+1);}
112 
113 // Return the credentials
114 //
115  Bp = (char *)malloc(Blen);
116  memcpy(Bp, Buff, Blen);
117  return new XrdSecCredentials(Bp, Blen);
118 }
119 
120 /******************************************************************************/
121 /* S e r v e r O r i e n t e d M e t h o d s */
122 /******************************************************************************/
123 /******************************************************************************/
124 /* A u t h e n t i c a t e */
125 /******************************************************************************/
126 
128  XrdSecParameters **parms,
129  XrdOucErrInfo *erp)
130 {
131  char *bp, *ep;
132 
133 // Check if we have any credentials or if no credentials really needed.
134 // In either case, use host name as client name
135 //
136  if (cred->size <= int(4) || !cred->buffer)
137  {strncpy(Entity.prot, "host", sizeof(Entity.prot));
138  Entity.name = (char *)"?";
139  return 0;
140  }
141 
142 // Check if this is our protocol
143 //
144  if (strcmp(cred->buffer, "unix"))
145  {char msg[256];
146  snprintf(msg, sizeof(msg),
147  "Secunix: Authentication protocol id mismatch (unix != %.4s).",
148  cred->buffer);
149  if (erp) erp->setErrInfo(EINVAL, msg);
150  else std::cerr <<msg <<std::endl;
151  return -1;
152  }
153 
154 // Skip over the protocol ID and copy the buffer
155 //
156  bp = credBuff = strdup((cred->buffer)+5);
157  ep = bp + strlen(bp);
158 
159 // Extract out username
160 //
161  while(*bp && *bp == ' ') bp++;
162  Entity.name = bp;
163  while(*bp && *bp != ' ') bp++;
164  *bp++ = '\0';
165 
166 // Extract out the group name
167 //
168  if (bp >= ep) return 0;
169  while(*bp && *bp == ' ') bp++;
170  Entity.grps = bp;
171 
172 // All done
173 //
174  return 0;
175 }
176 
177 /******************************************************************************/
178 /* X r d S e c p r o t o c o l u n i x I n i t */
179 /******************************************************************************/
180 
181 extern "C"
182 {
183 char *XrdSecProtocolunixInit(const char mode,
184  const char *parms,
185  XrdOucErrInfo *erp)
186 {
187  return (char *)"";
188 }
189 }
190 
191 /******************************************************************************/
192 /* X r d S e c P r o t o c o l u n i x O b j e c t */
193 /******************************************************************************/
194 
196 
197 extern "C"
198 {
200  const char *hostname,
201  XrdNetAddrInfo &endPoint,
202  const char *parms,
203  XrdOucErrInfo *erp)
204 {
205  XrdSecProtocolunix *prot;
206 
207 // Return a new protocol object
208 //
209  if (!(prot = new XrdSecProtocolunix(hostname, endPoint)))
210  {const char *msg = "Seckunix: Insufficient memory for protocol.";
211  if (erp) erp->setErrInfo(ENOMEM, msg);
212  else std::cerr <<msg <<std::endl;
213  return (XrdSecProtocol *)0;
214  }
215 
216 // All done
217 //
218  return prot;
219 }
220 }
XrdSecBuffer XrdSecCredentials
XrdSecProtocol * XrdSecProtocolunixObject(const char mode, const char *hostname, XrdNetAddrInfo &endPoint, const char *parms, XrdOucErrInfo *erp)
XrdVERSIONINFO(XrdSecProtocolunixObject, secunix)
char * XrdSecProtocolunixInit(const char mode, const char *parms, XrdOucErrInfo *erp)
int setErrInfo(int code, const char *emsg)
static int UserName(uid_t uID, char *uName, int uNsz)
static int GroupName(gid_t gID, char *gName, int gNsz)
Definition: XrdOucUtils.cc:596
XrdNetAddrInfo * addrInfo
Entity's connection details.
Definition: XrdSecEntity.hh:80
char prot[XrdSecPROTOIDSIZE]
Auth protocol used (e.g. krb5)
Definition: XrdSecEntity.hh:67
char * grps
Entity's group name(s)
Definition: XrdSecEntity.hh:73
char * name
Entity's name.
Definition: XrdSecEntity.hh:69
char * host
Entity's host name dnr dependent.
Definition: XrdSecEntity.hh:70
XrdSecEntity Entity
int Authenticate(XrdSecCredentials *cred, XrdSecParameters **parms, XrdOucErrInfo *einfo=0)
XrdSecCredentials * getCredentials(XrdSecParameters *parm=0, XrdOucErrInfo *einfo=0)
void Delete()
Delete the protocol object. DO NOT use C++ delete() on this object.
friend class XrdSecProtocolDummy
XrdSecProtocolunix(const char *hname, XrdNetAddrInfo &endPoint)
Generic structure to pass security information back and forth.
char * buffer
Pointer to the buffer.
int size
Size of the buffer or length of data in the buffer.