33 #include <sys/types.h>
37 #include "XrdVersion.hh"
68 static const int nidMax = 64;
84 const char *eText = 0;
85 char *authName, authBuff[4096];
86 int rc, myDlen, abLen =
sizeof(authBuff);
91 {
Say.
Emsg(
"Auth",Link->
Host(),
"authentication failed;",eText);
102 if (myHdr.
rrCode !=
kYR_xauth) {eText =
"invalid auth response";
break;}
108 {
if (!DHS || !(AuthProt=DHS->getProtocol(Link->
Host(),
110 {eText =
eMsg.getErrText(rc);
break;}
117 && DHS->PostProcess(AuthProt->
Entity,
eMsg))
break;
118 if (rc < 0) {eText =
eMsg.getErrText(rc);
break;}
123 }
else {eText =
"auth interface violation";
break;}
130 {
if (!(authName = AuthProt->
Entity.
name)) eText =
"entity name missing";
131 else {Link->
setID(authName,0);
132 Say.
Emsg(
"Auth",Link->
Host(),
"authenticated as", authName);
138 if (eText)
Say.
Emsg(
"Auth",Link->
Host(),
"authentication failed;",eText);
142 if (AuthProt) AuthProt->
Delete();
153 int n = strlen(vnid);
158 {
eDest.
Emsg(
"Config", what,
"a too long vnid -", vnid);
165 {
eDest.
Emsg(
"Config", what,
"a null vnid.");
171 const char *cP = vnid;
172 while(*cP && (isalnum(*cP) || ispunct(*cP)) && *cP !=
'&' && *cP !=
' ') cP++;
174 {
eDest.
Emsg(
"Config", what,
"an invalid vnid -", vnid);
194 if (!Cfn && getProtocol)
return 1;
200 {
Say.
Emsg(
"Config",
"Unable to create security service object via",Lib);
214 const char *nidarg,
const char *nidparm,
224 {
char buff[nidMax+8];
225 int nfd = XrdSysFD_Open(nidarg+1, O_RDONLY);
227 {
eDest.
Emsg(
"Config", errno,
"open vnid file", nidarg+1);
230 int n =
read(nfd, buff,
sizeof(buff)-1);
232 {
eDest.
Emsg(
"Config", errno,
"read vnid file", nidarg+1);
237 while(n && buff[n-1] ==
'\n') n--;
239 return chkVnId(
eDest, buff,
"vnid file contains");
244 if (*nidarg ==
'=')
return chkVnId(
eDest, nidarg+1,
"vnid value is");
249 {
eDest.
Emsg(
"Config",
"vnid specification is invalid -", nidarg);
261 nidName = ep(
eDest, std::string(cfgFN), std::string(nidparm ? nidparm :
""),
270 return chkVnId(
eDest, nidName.c_str(),
"vnid plugin returned");
282 if (!DHS) {size = 0;
return 0;}
286 return DHS->getParms(size, endPoint);
294 char *authBuff,
int abLen)
297 const char *hName = Link->
Host();
302 const char *eText = 0;
307 if (!getProtocol && !Configure(
"libXrdSec.so"))
308 {
Say.
Emsg(
"Auth", hName ,
"authentication configuration failed.");
314 AuthParm.
buffer = (
char *)authBuff; AuthParm.
size = strlen(authBuff);
315 if (!(AuthProt = getProtocol(hName,*(Link->
AddrInfo()),AuthParm,&
eMsg)))
316 {
Say.
Emsg(
"Auth", hName,
"getProtocol() failed;",
eMsg.getErrText(rc));
327 {eText =
eMsg.getErrText(rc);
break;}
338 AuthParm.
size = myDlen; AuthParm.
buffer = authBuff; AuthP = &AuthParm;
344 if (eText)
Say.
Emsg(
"Auth", hName,
"authentication failed;", eText);
348 if (AuthProt) AuthProt->
Delete();
364 const char *iTag,
char iType)
367 char sidbuff[8192], *sidend = sidbuff+
sizeof(sidbuff)-32;
368 char *cP, *sp = sidbuff;
369 char *fMan, *fp, *xp;
374 const char *instP = getenv(
"XRDINSTANCE");
375 if (instP) instP = index(instP,
' ');
376 if (!instP)
return (
char *)
"!envar XRDINSTANCE undefined.";
377 while(*instP && *instP ==
' ') instP++;
378 if (!(*instP))
return (
char *)
"!envar XRDINSTANCE invalid.";
385 {*sp++ =
'*'; *sp++ = iType; *sp++ =
'-';
389 *sp++ = iType; *sp++ =
'-';
398 *sp++ =
' '; cP = sp;
402 if (iTag) sp += sprintf(sp,
"%s.", iTag);
406 if (!tp) sp += sprintf(sp,
"%s", instP);
408 fMan = tp->
text + strlen(tp->
text) - 1;
409 while((tp = tp->
next))
410 {fp = fMan; xp = tp->
text + strlen(tp->
text) - 1;
411 do {
if (*fp != *xp)
break;
413 }
while(fp-- != tpF->
text);
414 if ((n = xp - tp->
text + 1) > 0)
415 {sp += sprintf(sp,
"%d", tp->val);
416 if (sp+n >= sidend)
return (
char *)0;
417 strncpy(sp, tp->
text, n); sp += n;
420 sp += sprintf(sp,
"%d", tpF->val);
421 n = strlen(tpF->
text);
422 if (sp+n >= sidend)
return (
char *)0;
423 strcpy(sp, tpF->
text); sp += n;
437 return strdup(sidbuff);
#define XrdCmsgetVnIdArgs
static XrdSysError eDest(0,"crypto_")
ssize_t read(int fildes, void *buf, size_t nbyte)
XrdSecProtocol *(* XrdSecGetProt_t)(const char *hostname, XrdNetAddrInfo &endPoint, XrdSecParameters §oken, XrdOucErrInfo *einfo)
Typedef to simplify the encoding of methods returning XrdSecProtocol.
XrdSecService * XrdSecLoadSecService(XrdSysError *eDest, const char *cfn, const char *seclib, XrdSecGetProt_t *getP, XrdSecProtector **proP)
static const char * getToken(int &size, XrdNetAddrInfo *endPoint)
static char * getVnId(XrdSysError &eDest, const char *cfgFN, const char *nidlib, const char *nidparm, char nidType)
static char * setSystemID(XrdOucTList *tp, const char *iVNID, const char *iTag, char iType)
static int Authenticate(XrdLink *Link, const char *Token, int tlen)
static int Configure(const char *Lib, const char *Cfn=0)
static int Identify(XrdLink *Link, XrdCms::CmsRRHdr &inHdr, char *authBuff, int abLen)
static void setSecFunc(void *secfP)
static const char * Attend(XrdLink *Link, XrdCms::CmsRRHdr &Hdr, char *buff, int blen, int &rlen, int tmo=5000)
static const char * Request(XrdLink *Link, XrdCms::CmsRRHdr &Hdr, char *buff, int blen)
const char * Host() const
void setID(const char *userid, int procid)
XrdNetAddrInfo * AddrInfo()
static int Export(const char *Var, const char *Val)
void * Resolve(const char *symbl, int mcnt=1)
void Unload(bool dodel=false)
XrdNetAddrInfo * addrInfo
Entity's connection details.
char * name
Entity's name.
virtual XrdSecCredentials * getCredentials(XrdSecParameters *parm=0, XrdOucErrInfo *einfo=0)=0
virtual void Delete()=0
Delete the protocol object. DO NOT use C++ delete() on this object.
virtual int Authenticate(XrdSecCredentials *cred, XrdSecParameters **parms, XrdOucErrInfo *einfo=0)=0
int Emsg(const char *esfx, int ecode, const char *text1, const char *text2=0)
XrdVERSIONINFODEF(myVersion, cmsclient, XrdVNUMBER, XrdVERSION)
Generic structure to pass security information back and forth.
char * buffer
Pointer to the buffer.
int size
Size of the buffer or length of data in the buffer.