XRootD
XrdSecPManager Class Reference

#include <XrdSecPManager.hh>

+ Collaboration diagram for XrdSecPManager:

Public Member Functions

 XrdSecPManager (int dbg=0, bool secproxy=false, bool fwdcreds=false)
 
 ~XrdSecPManager ()
 
XrdSecPMask_t Find (const char *pid, char **parg=0)
 
XrdSecProtocolGet (const char *hname, XrdNetAddrInfo &endPoint, const char *pname, XrdOucErrInfo *erp)
 
XrdSecProtocolGet (const char *hname, XrdNetAddrInfo &netaddr, XrdSecParameters &secparm)
 
XrdSecProtocolGet (const char *hname, XrdNetAddrInfo &netaddr, XrdSecParameters &secparm, XrdOucErrInfo *erp)
 
int Load (XrdOucErrInfo *eMsg, const char pmode, const char *pid, const char *parg, const char *path)
 
const char * protTLS ()
 
void setDebug (int dbg)
 
void setErrP (XrdSysError *eP)
 

Detailed Description

Definition at line 47 of file XrdSecPManager.hh.

Constructor & Destructor Documentation

◆ XrdSecPManager()

XrdSecPManager::XrdSecPManager ( int  dbg = 0,
bool  secproxy = false,
bool  fwdcreds = false 
)
inline

Definition at line 82 of file XrdSecPManager.hh.

84  : protnum(1), First(0), Last(0), errP(0),
85  tlsProt(0), DebugON(dbg), isProxy(secproxy),
86  fwdCreds(fwdcreds) {}

◆ ~XrdSecPManager()

XrdSecPManager::~XrdSecPManager ( )
inline

Definition at line 87 of file XrdSecPManager.hh.

87 {}

Member Function Documentation

◆ Find()

XrdSecPMask_t XrdSecPManager::Find ( const char *  pid,
char **  parg = 0 
)

Definition at line 110 of file XrdSecPManager.cc.

111 {
112  XrdSecProtList *plp;
113 
114  if ((plp = Lookup(pid)))
115  {if (parg) *parg = plp->protargs;
116  return plp->protnum;
117  }
118  return 0;
119 }
XrdSecPMask_t protnum

References XrdSecProtList::protargs, and XrdSecProtList::protnum.

Referenced by XrdSecServer::getProtocol().

+ Here is the caller graph for this function:

◆ Get() [1/3]

XrdSecProtocol * XrdSecPManager::Get ( const char *  hname,
XrdNetAddrInfo endPoint,
const char *  pname,
XrdOucErrInfo erp 
)

Definition at line 125 of file XrdSecPManager.cc.

129 {
130  XrdSecProtList *pl;
131  const char *msgv[2];
132 
133 // Find the protocol and get an instance of the protocol object
134 //
135  if ((pl = Lookup(pname)))
136  {DEBUG("Using " <<pname <<" protocol, args='"
137  <<(pl->protargs ? pl->protargs : "") <<"'");
138  return pl->ep('s', hname, endPoint, 0, erp);
139  }
140 
141 // Protocol is not supported
142 //
143  msgv[0] = pname;
144  msgv[1] = " security protocol is not supported.";
145  erp->setErrInfo(EPROTONOSUPPORT, msgv, 2);
146  return 0;
147 }
#define DEBUG(x)
int setErrInfo(int code, const char *emsg)
XrdSecProtocol *(* ep)(PROTPARMS)

References DEBUG, XrdSecProtList::ep, XrdSecProtList::protargs, and XrdOucErrInfo::setErrInfo().

Referenced by Get(), XrdSecServer::getProtocol(), and XrdSecGetProtocol().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ Get() [2/3]

XrdSecProtocol* XrdSecPManager::Get ( const char *  hname,
XrdNetAddrInfo netaddr,
XrdSecParameters secparm 
)
inline

Definition at line 59 of file XrdSecPManager.hh.

62  {return Get(hname, netaddr, secparm, (XrdOucErrInfo *)0);}
XrdSecProtocol * Get(const char *hname, XrdNetAddrInfo &endPoint, const char *pname, XrdOucErrInfo *erp)

References Get().

+ Here is the call graph for this function:

◆ Get() [3/3]

XrdSecProtocol * XrdSecPManager::Get ( const char *  hname,
XrdNetAddrInfo netaddr,
XrdSecParameters secparm,
XrdOucErrInfo erp 
)

Definition at line 149 of file XrdSecPManager.cc.

153 {
154  char secbuff[4096], *nscan, *pname, *pargs, *bp = secbuff;
155  char pcomp[XrdSecPROTOIDSIZE+4], *compProt;
156  XrdSecProtList *pl;
157  XrdSecProtocol *pp;
158  XrdOucErrInfo ei;
159  XrdOucErrInfo *erp;
160  char *wp;
161  int i;
162 
163 // We support passing the list of protocols via Url parameter unless this is
164 // a proxy server as the url should be merely passed hrough. If the proxy is
165 // not forwarding creds, then we use our error object to prevent security
166 // yet from using anything but the proxy's credentials.
167 // to become more clever
168 //
169  if (isProxy)
170  {wp = 0;
171  if (!fwdCreds) eri = 0;
172  } else {
173  XrdOucEnv *envP;
174  if (!eri || (envP = eri->getEnv()) == 0) wp = 0;
175  else wp = envP->Get("xrd.wantprot");
176  }
177 
178 // Get the appropriate protocol list as well as the right error object
179 //
180  const char *wantProt = wp ? (const char *)wp : getenv("XrdSecPROTOCOL");
181  erp = (eri) ? eri : &ei;
182 
183 // We only scan the buffer once
184 //
185  if (secparm.size <= 0) return (XrdSecProtocol *)0;
186 
187 // Copy out the wanted protocols and frame them for easy comparison
188 //
189  if (wantProt)
190  {i = strlen(wantProt);
191  compProt = (char *)malloc(i+3);
192  *compProt = ',';
193  strcpy(compProt+1, wantProt);
194  compProt[i+1] = ','; compProt[i+2] = 0; *pcomp = ',';
195  } else compProt = 0;
196 
197 // Copy the string into a local buffer so that we can simplify some comparisons
198 // and isolate ourselves from server protocol errors.
199 //
200  if (secparm.size < (int)sizeof(secbuff)) i = secparm.size;
201  else i = sizeof(secbuff)-1;
202  strncpy(secbuff, secparm.buffer, i);
203  secbuff[i] = '\0';
204 
205 // Find a protocol marker in the info block and check if acceptable
206 //
207  while(*bp)
208  {if (*bp != '&') {bp++; continue;}
209  else if (!*(++bp) || *bp != 'P' || !*(++bp) || *bp != '=') continue;
210  bp++; pname = bp; pargs = 0;
211  while(*bp && *bp != ',' && *bp != '&') bp++;
212  if (!*bp) nscan = 0;
213  else {if (*bp == '&') {*bp = '\0'; pargs = 0; nscan = bp;}
214  else {*bp = '\0'; pargs = ++bp;
215  while (*bp && *bp != '&') bp++;
216  if (*bp) {*bp ='\0'; nscan = bp;}
217  else nscan = 0;
218  }
219  }
220  if (wantProt)
221  {strncpy(pcomp+1, pname, XrdSecPROTOIDSIZE);
222  pcomp[XrdSecPROTOIDSIZE+1] = 0;
223  strcat(pcomp, ",");
224  }
225  if (!wantProt || strstr(compProt, pcomp))
226  {XrdSysMutexHelper pmHelper(pmMutex);
227  if ((pl = Lookup(pname)) || (pl = ldPO(erp, 'c', pname)))
228  {DEBUG("Using " <<pname <<" protocol, args='"
229  <<(pargs ? pargs : "") <<"'");
230  if ((pp = pl->ep('c', hname, endPoint, pargs, erp)))
231  {if (nscan) {i = nscan - secbuff;
232  secparm.buffer += i; secparm.size -= i;
233  } else secparm.size = -1;
234  if (compProt) free(compProt);
235  return pp;
236  }
237  }
238  if (erp->getErrInfo() != ENOENT) std::cerr <<erp->getErrText() <<std::endl;
239  } else {DEBUG("Skipping " <<pname <<" only want " <<wantProt);}
240  if (!nscan) break;
241  *nscan = '&'; bp = nscan;
242  }
243  secparm.size = -1;
244  if (compProt) free(compProt);
245  return (XrdSecProtocol *)0;
246 }
#define XrdSecPROTOIDSIZE
Definition: XrdSecEntity.hh:47
char * Get(const char *varname)
Definition: XrdOucEnv.hh:69
const char * getErrText()
XrdOucEnv * envP
Definition: XrdPss.cc:109
char * buffer
Pointer to the buffer.
int size
Size of the buffer or length of data in the buffer.

References XrdSecBuffer::buffer, DEBUG, XrdProxy::envP, XrdSecProtList::ep, XrdOucEnv::Get(), XrdOucErrInfo::getEnv(), XrdOucErrInfo::getErrInfo(), XrdOucErrInfo::getErrText(), XrdSecBuffer::size, and XrdSecPROTOIDSIZE.

+ Here is the call graph for this function:

◆ Load()

int XrdSecPManager::Load ( XrdOucErrInfo eMsg,
const char  pmode,
const char *  pid,
const char *  parg,
const char *  path 
)
inline

Definition at line 69 of file XrdSecPManager.hh.

74  {return (0 != ldPO(eMsg, pmode, pid, parg, path));}
#define eMsg(x)

References eMsg.

◆ protTLS()

const char* XrdSecPManager::protTLS ( )
inline

Definition at line 80 of file XrdSecPManager.hh.

80 {return tlsProt;}

Referenced by XrdSecServer::protTLS().

+ Here is the caller graph for this function:

◆ setDebug()

void XrdSecPManager::setDebug ( int  dbg)
inline

Definition at line 76 of file XrdSecPManager.hh.

76 {DebugON = dbg;}

Referenced by XrdSecServer::XrdSecServer().

+ Here is the caller graph for this function:

◆ setErrP()

void XrdSecPManager::setErrP ( XrdSysError eP)
inline

Definition at line 78 of file XrdSecPManager.hh.

78 {errP = eP;}

Referenced by XrdSecServer::XrdSecServer().

+ Here is the caller graph for this function:

The documentation for this class was generated from the following files: