XRootD
XrdCmsLogin Class Reference

#include <XrdCmsLogin.hh>

+ Collaboration diagram for XrdCmsLogin:

Public Member Functions

 XrdCmsLogin (char *Buff=0, int Blen=0)
 
 ~XrdCmsLogin ()
 
int Admit (XrdLink *Link, XrdCms::CmsLoginData &Data, const char *sid, const char *envP)
 

Static Public Member Functions

static int Login (XrdLink *Link, XrdCms::CmsLoginData &Data, int timeout=-1)
 

Detailed Description

Definition at line 40 of file XrdCmsLogin.hh.

Constructor & Destructor Documentation

◆ XrdCmsLogin()

XrdCmsLogin::XrdCmsLogin ( char *  Buff = 0,
int  Blen = 0 
)
inline

Definition at line 49 of file XrdCmsLogin.hh.

49 {myBuff = Buff; myBlen = Blen;}

◆ ~XrdCmsLogin()

XrdCmsLogin::~XrdCmsLogin ( )
inline

Definition at line 51 of file XrdCmsLogin.hh.

51 {}

Member Function Documentation

◆ Admit()

int XrdCmsLogin::Admit ( XrdLink Link,
XrdCms::CmsLoginData Data,
const char *  sid,
const char *  envP 
)

Definition at line 56 of file XrdCmsLogin.cc.

58 {
59  CmsRRHdr myHdr;
60  CmsLoginData myData;
61  const char *eText, *Token;
62  int myDlen, Toksz;
63 
64 // Get complete request
65 //
66  if ((eText = XrdCmsTalk::Attend(Link, myHdr, myBuff, myBlen, myDlen)))
67  return Emsg(Link, eText, 0);
68 
69 // If we need to do authentication, do so now
70 //
71  if ((Token = XrdCmsSecurity::getToken(Toksz, Link->AddrInfo()))
72  && !XrdCmsSecurity::Authenticate(Link, Token, Toksz)) return 0;
73 
74 // Fiddle with the login data structures
75 //
76  Data.SID = Data.Paths = Data.ifList = Data.envCGI = 0;
77  memset(&myData, 0, sizeof(myData));
78  myData.Mode = Data.Mode;
79  myData.HoldTime = Data.HoldTime;
80  myData.Version = Data.Version = kYR_Version;
81 
82 // Decode the data pointers ans grab the login data
83 //
84  if (!Parser.Parse(&Data, myBuff, myBuff+myDlen))
85  return Emsg(Link, "invalid login data", 0);
86 
87 // Check if this node is blacklisted
88 //
89  if (!(Data.Mode & CmsLoginData::kYR_director))
90  {static const int rbsz = 1024;
91  char *rbP, rbuff[rbsz];
92  int rc;
93  rbP = (myData.Version <= Data.Version ? rbuff : 0);
94  rc = XrdCmsBlackList::Present(Link->Host(), 0, rbP, rbsz);
95  if (rc > 0) return SendErrorBL(Link, rbuff, rc);
96  else if (rc < 0) return SendErrorBL(Link);
97  }
98 
99 // Fill out additional information if the client can accept it
100 //
101  if (myData.Version <= Data.Version)
102  {myData.SID = (kXR_char *)sid;
103  myData.envCGI = (kXR_char *)envP;
104  }
105 
106 // Send off login reply
107 //
108  return (sendData(Link, myData) ? 0 : 1);
109 }
unsigned char kXR_char
Definition: XPtypes.hh:65
static int Present(const char *hName, XrdOucTList *bList=0, char *rbuff=0, int rblen=0)
int Parse(XrdCms::CmsLoginData *Data, const char *Aps, const char *Apt)
Definition: XrdCmsParser.hh:59
static const char * getToken(int &size, XrdNetAddrInfo *endPoint)
static int Authenticate(XrdLink *Link, const char *Token, int tlen)
static const char * Attend(XrdLink *Link, XrdCms::CmsRRHdr &Hdr, char *buff, int blen, int &rlen, int tmo=5000)
Definition: XrdCmsTalk.cc:46
static const unsigned char kYR_Version
Definition: YProtocol.hh:80
XrdCmsParser Parser
XrdOucEnv * envP
Definition: XrdPss.cc:109

References XrdLink::AddrInfo(), XrdCmsTalk::Attend(), XrdCmsSecurity::Authenticate(), XrdCms::CmsLoginData::envCGI, XrdProxy::envP, XrdCmsSecurity::getToken(), XrdCms::CmsLoginData::HoldTime, XrdLink::Host(), XrdCms::CmsLoginData::ifList, XrdCms::CmsLoginData::kYR_director, XrdCms::kYR_Version, XrdCms::CmsLoginData::Mode, XrdCmsParser::Parse(), XrdCms::Parser, XrdCms::CmsLoginData::Paths, XrdCmsBlackList::Present(), XrdCms::CmsLoginData::SID, and XrdCms::CmsLoginData::Version.

+ Here is the call graph for this function:

◆ Login()

int XrdCmsLogin::Login ( XrdLink Link,
XrdCms::CmsLoginData Data,
int  timeout = -1 
)
static

Definition at line 125 of file XrdCmsLogin.cc.

126 {
127  CmsRRHdr LIHdr;
128  char WorkBuff[4096], *hList, *wP = WorkBuff;
129  int n, dataLen;
130 
131 // We can accept permanent redirects so indicate this
132 //
133  Data.Mode |= CmsLoginData::kYR_blredir;
134 
135 // Send the data and immediately clear the data structure of pointers
136 //
137  n = sendData(Link, Data);
138  Data.Paths = Data.SID = Data.envCGI = 0;
139  if (n) return kYR_EINVAL;
140 
141 // Get the response.
142 //
143  if ((n = Link->RecvAll((char *)&LIHdr, sizeof(LIHdr), timeout)) < 0)
144  return Emsg(Link, (n == -ETIMEDOUT ? "timed out" : "rejected"));
145 
146 // Receive and decode the response. We apparently have protocol version 2.
147 //
148  if ((dataLen = static_cast<int>(ntohs(LIHdr.datalen))))
149  {if (dataLen > (int)sizeof(WorkBuff))
150  return Emsg(Link, "login reply too long");
151  if (Link->RecvAll(WorkBuff, dataLen, timeout) < 0)
152  return Emsg(Link, "login receive error");
153  }
154 
155 // Check if we are being asked to identify ourselves
156 //
157  if (LIHdr.rrCode == kYR_xauth)
158  {if (!XrdCmsSecurity::Identify(Link, LIHdr, WorkBuff, sizeof(WorkBuff)))
159  return kYR_EINVAL;
160  dataLen = static_cast<int>(ntohs(LIHdr.datalen));
161  if (dataLen > (int)sizeof(WorkBuff))
162  return Emsg(Link, "login reply too long");
163  }
164 
165 // The response can also be a login redirect (i.e., a try request).
166 //
167  if (!(Data.Mode & CmsLoginData::kYR_director)
168  && LIHdr.rrCode == kYR_try)
169  {if (!XrdOucPup::Unpack(&wP, wP+dataLen, &hList, n))
170  return Emsg(Link, "malformed try host data");
171  Data.Paths = (kXR_char *)strdup(n ? hList : "");
172  if (!(LIHdr.modifier & CmsTryRequest::kYR_permtop))
173  Data.Mode &= ~CmsLoginData::kYR_blredir;
174  return kYR_redirect;
175  }
176 
177 // Process error reply
178 //
179  if (LIHdr.rrCode == kYR_error)
180  {unsigned int eRC;
181  if (dataLen < (int)sizeof(kXR_unt32)+8)
182  return Emsg(Link, "invalid error reply");
183  Emsg(Link, WorkBuff+sizeof(kXR_unt32));
184  memcpy(&eRC, WorkBuff, sizeof(eRC));
185  eRC = ntohl(eRC);
186  return (eRC == kYR_EPERM ? -1 : kYR_EINVAL);
187  }
188 
189 // Process normal reply
190 //
191  if (LIHdr.rrCode != kYR_login
192  || !Parser.Parse(&Data, WorkBuff, WorkBuff+dataLen))
193  return Emsg(Link, "invalid login response");
194 
195 // Copy any strings that we are exporting
196 //
197  if (Data.SID) Data.SID = (kXR_char *)strdup((const char *)Data.SID);
198  if (Data.envCGI) Data.envCGI = (kXR_char *)strdup((const char *)Data.envCGI);
199  return 0;
200 }
unsigned int kXR_unt32
Definition: XPtypes.hh:90
static int Identify(XrdLink *Link, XrdCms::CmsRRHdr &inHdr, char *authBuff, int abLen)
static int Unpack(char **buff, const char *bend, char **data, int &dlen)
Definition: XrdOucPup.cc:250
@ kYR_EINVAL
Definition: YProtocol.hh:153
@ kYR_EPERM
Definition: YProtocol.hh:151
@ kYR_redirect
Definition: YProtocol.hh:143
@ kYR_error
Definition: YProtocol.hh:142
@ kYR_xauth
Definition: YProtocol.hh:117
@ kYR_login
Definition: YProtocol.hh:90
@ kYR_try
Definition: YProtocol.hh:114

References XrdCms::CmsRRHdr::datalen, XrdCms::CmsLoginData::envCGI, XrdCmsSecurity::Identify(), XrdCms::CmsLoginData::kYR_blredir, XrdCms::CmsLoginData::kYR_director, XrdCms::kYR_EINVAL, XrdCms::kYR_EPERM, XrdCms::kYR_error, XrdCms::kYR_login, XrdCms::CmsTryRequest::kYR_permtop, XrdCms::kYR_redirect, XrdCms::kYR_try, XrdCms::kYR_xauth, XrdCms::CmsLoginData::Mode, XrdCms::CmsRRHdr::modifier, XrdCmsParser::Parse(), XrdCms::Parser, XrdCms::CmsLoginData::Paths, XrdLink::RecvAll(), XrdCms::CmsRRHdr::rrCode, XrdCms::CmsLoginData::SID, and XrdOucPup::Unpack().

+ Here is the call graph for this function:

The documentation for this class was generated from the following files: