XRootD
XrdOfsTPC Class Reference

#include <XrdOfsTPC.hh>

+ Inheritance diagram for XrdOfsTPC:
+ Collaboration diagram for XrdOfsTPC:

Classes

struct  Facts
 

Public Member Functions

 XrdOfsTPC ()
 
 XrdOfsTPC (const char *Url, const char *Org, const char *Lfn, const char *Pfn, const char *Cks=0, const char *Spr=0, const char *Tpr=0)
 
virtual ~XrdOfsTPC ()
 
virtual void Del ()
 
virtual int Sync (XrdOucErrInfo *error)
 

Static Public Member Functions

static const char * AddAuth (const char *auth, const char *avar)
 
static void Allow (char *vDN, char *vGN, char *vHN, char *vVO)
 
static int Authorize (XrdOfsTPC **theTPC, Facts &Args, int isPLE=0)
 
static const char * credPath ()
 
static void Init ()
 
static void Init (XrdAccAuthorize *accP)
 
static void Require (const char *Auth, int RType)
 
static int Restrict (const char *Path)
 
static int Start ()
 
static int Validate (XrdOfsTPC **theTPC, Facts &Args)
 

Public Attributes

XrdOfsTPCInfo Info
 

Static Public Attributes

static const int reqALL = 0
 
static const int reqDST = 1
 
static const int reqORG = 2
 

Static Protected Member Functions

static int Death (Facts &Args, const char *eMsg, int eCode, int nomsg=0)
 
static int Fatal (Facts &Args, const char *eMsg, int eCode, int nomsg=0)
 
static int genOrg (const XrdSecEntity *client, char *Buff, int Blen)
 
static int getTTL (XrdOucEnv *Env)
 
static int Screen (Facts &Args, XrdOucTList *tP, int wasEnc=0)
 
static char * Verify (const char *Who, const char *Name, char *Buf, int Blen)
 

Protected Attributes

char inQ
 
char Refs
 

Static Protected Attributes

static XrdOfsTPCAllowALList = 0
 
static XrdOucTListAuthDst = 0
 
static XrdOucTListAuthOrg = 0
 
static char * cPath = 0
 
static XrdAccAuthorizefsAuth = 0
 
static XrdOucPListAnchorRPList
 

Detailed Description

Definition at line 47 of file XrdOfsTPC.hh.

Constructor & Destructor Documentation

◆ XrdOfsTPC() [1/2]

XrdOfsTPC::XrdOfsTPC ( )
inline

Definition at line 99 of file XrdOfsTPC.hh.

99 : Refs(1), inQ(0) {}
char Refs
Definition: XrdOfsTPC.hh:129
char inQ
Definition: XrdOfsTPC.hh:130

◆ XrdOfsTPC() [2/2]

XrdOfsTPC::XrdOfsTPC ( const char *  Url,
const char *  Org,
const char *  Lfn,
const char *  Pfn,
const char *  Cks = 0,
const char *  Spr = 0,
const char *  Tpr = 0 
)
inline

Definition at line 101 of file XrdOfsTPC.hh.

104  : Info(Url, Org, Lfn, Pfn, Cks, Spr, Tpr),
105  Refs(1), inQ(0) {}
XrdOfsTPCInfo Info
Definition: XrdOfsTPC.hh:109

◆ ~XrdOfsTPC()

virtual XrdOfsTPC::~XrdOfsTPC ( )
inlinevirtual

Definition at line 107 of file XrdOfsTPC.hh.

107 {}

Member Function Documentation

◆ AddAuth()

const char * XrdOfsTPC::AddAuth ( const char *  auth,
const char *  avar 
)
static

Definition at line 164 of file XrdOfsTPC.cc.

165 {
166  bool aOpt, aGSI;
167 
168 // Check if credentials are optional
169 //
170  if (*auth != '?') aOpt = false;
171  else {aOpt = true;
172  auth++;
173  }
174  aGSI = strcmp("gsi", auth) == 0;
175 
176 // Verify that the authname is not too long
177 //
178  if (strlen(auth) >= XrdSecPROTOIDSIZE) return "Invalid auth";
179 
180 // Check if auth is already in the table
181 //
182  for (int i = 0; i < fcNum; i++)
183  if (!strcmp(auth, fcAuth[i].aProt))
184  {if (fcAuth[i].aVar) free(fcAuth[i].aVar);
185  fcAuth[i].aVar = strdup(avar);
186  fcAuth[i].aOpt = aOpt;
187  fcAuth[i].aGSI = aGSI;
188  return 0;
189  }
190 
191 // Check if we have room to add an auth
192 //
193  if (fcNum >= fcMax) return "Too many fcred auths";
194 
195 // Add an auth
196 //
197  strcpy(fcAuth[fcNum].aProt, auth);
198  fcAuth[fcNum].aVar = strdup(avar);
199  fcAuth[fcNum].aOpt = aOpt;
200  fcAuth[fcNum].aGSI = aGSI;
201  fcNum++;
202  return 0;
203 }
#define XrdSecPROTOIDSIZE
Definition: XrdSecEntity.hh:47
static const int fcMax
Definition: XrdOfsTPC.cc:70
struct XrdOfsTPCParms::fcTb fcAuth[fcMax]

References XrdOfsTPCParms::fcTb::aGSI, XrdOfsTPCParms::fcTb::aOpt, XrdOfsTPCParms::fcTb::aVar, XrdOfsTPCParms::fcAuth, XrdOfsTPCParms::fcMax, XrdOfsTPCParms::fcNum, and XrdSecPROTOIDSIZE.

◆ Allow()

void XrdOfsTPC::Allow ( char *  vDN,
char *  vGN,
char *  vHN,
char *  vVO 
)
static

Definition at line 209 of file XrdOfsTPC.cc.

210 {
211 
212 // Add the entry
213 //
214  ALList = new XrdOfsTPCAllow(vDN, vGN, vHN, vVO, ALList);
215 }
static XrdOfsTPCAllow * ALList
Definition: XrdOfsTPC.hh:126

◆ Authorize()

int XrdOfsTPC::Authorize ( XrdOfsTPC **  theTPC,
XrdOfsTPC::Facts Args,
int  isPLE = 0 
)
static

Definition at line 221 of file XrdOfsTPC.cc.

224 {
225  XrdOfsTPCAuth *myTPC;
226  const char *dstHost;
227  int rc, NoGo = 0;
228 
229 // Determine if we can handle any TPC requests
230 //
231  if (!tpcOK || !Args.Usr)
232  return Fatal(Args, "tpc not supported", ENOTSUP);
233 
234 // If we are restricting paths, make sure this meets the restriction
235 //
236  if (RPList && !(RPList->Find(Args.Lfn)))
237  return Fatal(Args, "tpc not allowed for path", EACCES);
238 
239 // The origin and the destination in the arguments
240 //
241  Args.Org = Args.Env->Get(XrdOucTPC::tpcOrg);
242  Args.Dst = Args.Env->Get(XrdOucTPC::tpcDst);
243 
244 // Determine if this is the origin or the destination.
245 // Origin: dst and key required but org may not be specified
246 // Dest: org and key required but dst may not be specified
247 //
248  if (Args.Dst && !Args.Org)
249  {if (fsAuth && !fsAuth->Access(Args.Usr, Args.Lfn, AOP_Read, Args.Env))
250  return Fatal(Args, "permission denied", EACCES);
251  if (AuthOrg && !Screen(Args, AuthOrg, isPLE)) return SFS_ERROR;
252  if (!(myTPC = new XrdOfsTPCAuth(getTTL(Args.Env))))
253  return Fatal(Args, "insufficient memory", ENOMEM);
254  if (!(myTPC->Add(Args))) {delete myTPC; return SFS_ERROR;}
255  *pTPC = (XrdOfsTPC *)myTPC;
256  return SFS_OK;
257  }
258  else if (!Args.Org || Args.Dst)
259  return Fatal(Args, "conflicting tpc cgi", EINVAL);
260 
261 // If we need to enforce authentication, do so now
262 //
263  if (AuthDst && !Screen(Args, AuthDst, isPLE)) return SFS_ERROR;
264 
265 // Avoid nodnr manglement of the host name, we always will need one. If we have
266 // see if we should restrict the destinations and if so, do it.
267 //
268  if (!(dstHost = Args.Usr->addrInfo->Name())) NoGo = 1;
269  else if (ALList)
270  {XrdOfsTPCAllow *aP = ALList;
271  while(aP && !aP->Match(Args.Usr, dstHost)) aP = aP->Next;
272  if (!aP) NoGo = 1;
273  }
274 
275 // Check if this destination is actually authorized
276 //
277  if (NoGo)
278  {OfsEroute.Emsg("TPC", Args.eRR->getErrUser(),
279  "denied tpc access to", Args.Lfn);
281  return Fatal(Args, "dest not authorized for tpc" ,EACCES, 1);
282  }
283 
284 // This is the destination trying to open a source file. We must make sure
285 // that the origin has authorized this action for this destination.
286 //
287  Args.Dst = dstHost;
288  if ((rc = XrdOfsTPCAuth::Get(Args, &myTPC))) return rc;
289 
290 // Check if entry already expired
291 //
292  if (myTPC->Expired())
293  {myTPC->Expired(Args.Usr->tident);
294  myTPC->Del();
295  return Fatal(Args, "authorization expired", EACCES, 1);
296  }
297 
298 // Log the grant if so wanted
299 //
300  if (Cfg.LogOK)
301  {char Buff[1024];
302  snprintf(Buff, sizeof(Buff), "%s granted tpc access by %s to",
303  Args.Usr->tident, Args.Org);
304  Buff[sizeof(Buff)-1] = 0;
305  OfsEroute.Emsg("TPC", Buff, Args.Lfn);
306  }
307 
308 // All done
309 //
311  *pTPC = (XrdOfsTPC *)myTPC;
312  return SFS_OK;
313 }
@ AOP_Read
open() r/o, prepare()
XrdOfsStats OfsStats
Definition: XrdOfs.cc:113
XrdSysError OfsEroute
#define SFS_ERROR
#define SFS_OK
virtual XrdAccPrivs Access(const XrdSecEntity *Entity, const char *path, const Access_Operation oper, XrdOucEnv *Env=0)=0
const char * Name(const char *eName=0, const char **eText=0)
struct XrdOfsStats::StatsData Data
void Add(int &Cntr)
Definition: XrdOfsStats.hh:62
XrdOfsTPCAllow * Next
Definition: XrdOfsTPC.cc:101
int Match(const XrdSecEntity *Who, const char *Host)
Definition: XrdOfsTPC.cc:122
static int Get(Facts &Args, XrdOfsTPCAuth **theTPC)
int Add(Facts &Args)
static XrdOucTList * AuthOrg
Definition: XrdOfsTPC.hh:123
static int getTTL(XrdOucEnv *Env)
Definition: XrdOfsTPC.cc:396
static XrdAccAuthorize * fsAuth
Definition: XrdOfsTPC.hh:120
static int Fatal(Facts &Args, const char *eMsg, int eCode, int nomsg=0)
Definition: XrdOfsTPC.cc:334
static XrdOucTList * AuthDst
Definition: XrdOfsTPC.hh:122
static int Screen(Facts &Args, XrdOucTList *tP, int wasEnc=0)
Definition: XrdOfsTPC.cc:497
static XrdOucPListAnchor * RPList
Definition: XrdOfsTPC.hh:127
char * Get(const char *varname)
Definition: XrdOucEnv.hh:69
const char * getErrUser()
unsigned long long Find(const char *pathname)
Definition: XrdOucPList.hh:112
static const char * tpcDst
Definition: XrdOucTPC.hh:57
static const char * tpcOrg
Definition: XrdOucTPC.hh:60
XrdNetAddrInfo * addrInfo
Entity's connection details.
Definition: XrdSecEntity.hh:80
const char * tident
Trace identifier always preset.
Definition: XrdSecEntity.hh:81
int Emsg(const char *esfx, int ecode, const char *text1, const char *text2=0)
Definition: XrdSysError.cc:95
const XrdSecEntity * Usr
Definition: XrdOfsTPC.hh:57
XrdOucEnv * Env
Definition: XrdOfsTPC.hh:59
const char * Org
Definition: XrdOfsTPC.hh:55
const char * Lfn
Definition: XrdOfsTPC.hh:53
XrdOucErrInfo * eRR
Definition: XrdOfsTPC.hh:58
const char * Dst
Definition: XrdOfsTPC.hh:56

References XrdOfsTPCAuth::Add(), XrdOfsStats::Add(), XrdSecEntity::addrInfo, AOP_Read, XrdOfsTPCParms::Cfg, XrdOfsStats::Data, XrdOfsTPCAuth::Del(), XrdOfsTPC::Facts::Dst, XrdSysError::Emsg(), XrdOfsTPC::Facts::Env, XrdOfsTPC::Facts::eRR, XrdOfsTPCAuth::Expired(), Fatal(), XrdOucEnv::Get(), XrdOfsTPCAuth::Get(), XrdOucErrInfo::getErrUser(), XrdOfsTPC::Facts::Lfn, XrdOfsTPCConfig::LogOK, XrdOfsTPCAllow::Match(), XrdNetAddrInfo::Name(), XrdOfsTPCAllow::Next, XrdOfsStats::StatsData::numTPCdeny, XrdOfsStats::StatsData::numTPCgrant, OfsEroute, OfsStats, XrdOfsTPC::Facts::Org, SFS_ERROR, SFS_OK, XrdSecEntity::tident, XrdOucTPC::tpcDst, XrdOfsTPCParms::tpcOK, XrdOucTPC::tpcOrg, and XrdOfsTPC::Facts::Usr.

Referenced by XrdOfsFile::open().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ credPath()

static const char* XrdOfsTPC::credPath ( )
inlinestatic

Definition at line 77 of file XrdOfsTPC.hh.

77 {return cPath;}
static char * cPath
Definition: XrdOfsTPC.hh:124

References cPath.

◆ Death()

int XrdOfsTPC::Death ( XrdOfsTPC::Facts Args,
const char *  eMsg,
int  eCode,
int  nomsg = 0 
)
staticprotected

Definition at line 319 of file XrdOfsTPC.cc.

320 {
321 // If automatc removal is wanted, remove the file.
322 //
323  if (Cfg.autoRM && Args.Pfn) XrdOfsOss->Unlink(Args.Lfn);
324 
325 // Return error information
326 //
327  return Fatal(Args, eMsg, eCode, nomsg);
328 }
XrdOss * XrdOfsOss
Definition: XrdOfs.cc:163
#define eMsg(x)
virtual int Unlink(const char *path, int Opts=0, XrdOucEnv *envP=0)=0
const char * Pfn
Definition: XrdOfsTPC.hh:54

References XrdOfsTPCConfig::autoRM, XrdOfsTPCParms::Cfg, eMsg, Fatal(), XrdOfsTPC::Facts::Lfn, XrdOfsTPC::Facts::Pfn, XrdOss::Unlink(), and XrdOfsOss.

+ Here is the call graph for this function:

◆ Del()

virtual void XrdOfsTPC::Del ( )
inlinevirtual

Reimplemented in XrdOfsTPCJob, and XrdOfsTPCAuth.

Definition at line 79 of file XrdOfsTPC.hh.

79 {}

Referenced by XrdOfsFile::close(), and XrdOfsFile::fctl().

+ Here is the caller graph for this function:

◆ Fatal()

int XrdOfsTPC::Fatal ( XrdOfsTPC::Facts Args,
const char *  eMsg,
int  eCode,
int  nomsg = 0 
)
staticprotected

Definition at line 334 of file XrdOfsTPC.cc.

335 {
336  char Buff[2048];
337 
338 // Format the error message
339 //
340  snprintf(Buff, sizeof(Buff), "Unable to open %s; %s", Args.Lfn, eMsg);
341 
342 // Print it out if debugging is enabled
343 //
344 #ifndef NODEBUG
345  if (!nomsg) OfsEroute.Emsg("TPC", Args.eRR->getErrUser(), Buff);
346 #endif
347 
348 // Place the error message in the error object and return
349 //
350  Args.eRR->setErrInfo(eCode, Buff);
352  return SFS_ERROR;
353 }
int setErrInfo(int code, const char *emsg)

References XrdOfsStats::Add(), XrdOfsStats::Data, XrdSysError::Emsg(), eMsg, XrdOfsTPC::Facts::eRR, XrdOucErrInfo::getErrUser(), XrdOfsTPC::Facts::Lfn, XrdOfsStats::StatsData::numTPCerrs, OfsEroute, OfsStats, XrdOucErrInfo::setErrInfo(), and SFS_ERROR.

+ Here is the call graph for this function:

◆ genOrg()

int XrdOfsTPC::genOrg ( const XrdSecEntity client,
char *  Buff,
int  Blen 
)
staticprotected

Definition at line 359 of file XrdOfsTPC.cc.

360 {
361  const char *Colon, *cOrg = client->tident;
362  char *Name;
363  int n;
364 
365 // Extract out the login name and pid
366 //
367  if (!(Colon = index(cOrg, ':'))) return 0;
368  n = (Colon - cOrg);
369 
370 // Expand out client's full name
371 //
372  if (!(Name = Verify("origin", client->host, Buff, Blen))) return 0;
373 
374 // Make sure this all fits
375 //
376  if (((n + 1) + int(strlen(Name))) >= Blen)
377  {strncpy(Buff, "origin ID too long", Blen);
378  Buff[Blen-1] = 0;
379  free(Name);
380  return 0;
381  }
382 
383 // Construct the origin information
384 //
385  strncpy(Buff, cOrg, n);
386  Buff += n; *Buff++ = '@';
387  strcpy(Buff, Name);
388  free(Name);
389  return 1;
390 }
static char * Verify(const char *Who, const char *Name, char *Buf, int Blen)
Definition: XrdOfsTPC.cc:683
char * host
Entity's host name dnr dependent.
Definition: XrdSecEntity.hh:70

References XrdSecEntity::host, and XrdSecEntity::tident.

◆ getTTL()

int XrdOfsTPC::getTTL ( XrdOucEnv Env)
staticprotected

Definition at line 396 of file XrdOfsTPC.cc.

397 {
398  const char *vTTL = Env->Get(XrdOucTPC::tpcTtl);
399 
400  if (vTTL)
401  {char *ePtr;
402  int n;
403  n = strtol(vTTL, &ePtr, 10);
404  if (n < 0 || *ePtr) return Cfg.dflTTL;
405  return (n > Cfg.maxTTL ? Cfg.maxTTL : n);
406  }
407  return Cfg.dflTTL;
408 }
static const char * tpcTtl
Definition: XrdOucTPC.hh:67

References XrdOfsTPCParms::Cfg, XrdOfsTPCConfig::dflTTL, XrdOucEnv::Get(), XrdOfsTPCConfig::maxTTL, and XrdOucTPC::tpcTtl.

+ Here is the call graph for this function:

◆ Init() [1/2]

void XrdOfsTPC::Init ( )
static

Definition at line 414 of file XrdOfsTPC.cc.

415 {
416  std::string aStr;
417 
418 // Create credential forwarding template, if cred path specified. It is
419 // gauranteed to end with a slash (it better be).
420 //
421  if (Cfg.cPath && Cfg.fCreds) cPath = Cfg.cPath;
422  else cPath = 0;
423 
424 // Check for streams option
425 //
426  if (Cfg.tcpSTRM > 15) Cfg.tcpSTRM = 15;
427  if (Cfg.tcpSMax > 15) Cfg.tcpSMax = 15;
428 
429 
430 // Record all delegated auths
431 //
432  for (int i = 0; i < fcNum; i++)
433  {aStr += ' '; aStr += fcAuth[i].aProt;}
434 
435 // Export the delegated auths
436 //
437  if (aStr.length())
438  XrdOucEnv::Export("XRDTPCDLG", strdup(aStr.c_str()+1));
439 }
static int Export(const char *Var, const char *Val)
Definition: XrdOucEnv.cc:188
char aProt[XrdSecPROTOIDSIZE]
Definition: XrdOfsTPC.cc:73

References XrdOfsTPCParms::fcTb::aProt, XrdOfsTPCParms::Cfg, XrdOfsTPCConfig::cPath, XrdOucEnv::Export(), XrdOfsTPCParms::fcAuth, XrdOfsTPCParms::fcNum, XrdOfsTPCConfig::fCreds, XrdOfsTPCConfig::tcpSMax, and XrdOfsTPCConfig::tcpSTRM.

Referenced by XrdOfs::Configure().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ Init() [2/2]

static void XrdOfsTPC::Init ( XrdAccAuthorize accP)
inlinestatic

Definition at line 83 of file XrdOfsTPC.hh.

83 {fsAuth = accP;}

References fsAuth.

◆ Require()

void XrdOfsTPC::Require ( const char *  Auth,
int  RType 
)
static

Definition at line 445 of file XrdOfsTPC.cc.

446 {
447  int n = strlen(Auth), doEnc = (Auth[n-1] == '+');
448 
449  if (!rType || rType == reqDST)
450  {AuthDst = new XrdOucTList(Auth, doEnc, AuthDst);
451  if (doEnc) AuthDst->text[n-1] = 0;
452  }
453 
454  if (!rType || rType == reqORG)
455  {AuthOrg = new XrdOucTList(Auth, doEnc, AuthOrg);
456  if (doEnc) AuthOrg->text[n-1] = 0;
457  }
458  encTPC |= doEnc;
459 }
static const int reqDST
Definition: XrdOfsTPC.hh:86
static const int reqORG
Definition: XrdOfsTPC.hh:87
char * text
Definition: XrdOucTList.hh:46
XrdDigAuth Auth
Definition: XrdDigAuth.cc:63

References XrdDig::Auth, and XrdOfsTPCParms::encTPC.

◆ Restrict()

int XrdOfsTPC::Restrict ( const char *  Path)
static

Definition at line 465 of file XrdOfsTPC.cc.

466 {
467  XrdOucPList *plp;
468 
469  char pBuff[MAXPATHLEN];
470  int n = strlen(Path);
471 
472  if (n >= MAXPATHLEN)
473  {OfsEroute.Emsg("Config", "tpc restrict path too long");
474  return 0;
475  }
476 
477  if (Path[n-1] != '/')
478  {strcpy(pBuff, Path);
479  pBuff[n++] = '/'; pBuff[n] = 0;
480  Path = pBuff;
481  }
482 
483  if (!RPList) RPList = new XrdOucPListAnchor;
484 
485  if (!(plp = RPList->Match(pBuff)))
486  {plp = new XrdOucPList(pBuff);
487  RPList->Insert(plp);
488  }
489 
490  return 1;
491 }
XrdOucString Path
void Insert(XrdOucPList *newitem)
Definition: XrdOucPList.hh:134
XrdOucPList * Match(const char *pathname)
Definition: XrdOucPList.hh:122

References XrdSysError::Emsg(), OfsEroute, and Path.

+ Here is the call graph for this function:

◆ Screen()

int XrdOfsTPC::Screen ( XrdOfsTPC::Facts Args,
XrdOucTList tP,
int  wasEnc = 0 
)
staticprotected

Definition at line 497 of file XrdOfsTPC.cc.

498 {
499  const char *aProt = Args.Usr->prot;
500 
501  while(tP)
502  {if (!strcmp(tP->text, aProt))
503  {if (tP->val && wasEnc) return 1;
504  Fatal(Args, "unencrypted tpc disallowed", EACCES);
505  break;
506  }
507  tP = tP->next;
508  }
509 
510  if (!tP) Fatal(Args, "improper tpc authentication", EACCES);
511 
513  return 0;
514 }
XrdOucTList * next
Definition: XrdOucTList.hh:45
char prot[XrdSecPROTOIDSIZE]
Auth protocol used (e.g. krb5)
Definition: XrdSecEntity.hh:67

References XrdOfsStats::Add(), XrdOfsStats::Data, Fatal(), XrdOucTList::next, XrdOfsStats::StatsData::numTPCdeny, OfsStats, XrdSecEntity::prot, XrdOucTList::text, and XrdOfsTPC::Facts::Usr.

+ Here is the call graph for this function:

◆ Start()

int XrdOfsTPC::Start ( )
static

Definition at line 520 of file XrdOfsTPC.cc.

521 {
522 
523 // If there is a path restriction list then setup it up
524 //
525  if (RPList) RPList->Default(1);
526 
527 // If there is no copy program then we use the default one
528 //
529  if (!Cfg.XfrProg) Cfg.XfrProg = strdup("xrdcp --server");
530 
531 // Allocate copy program objects
532 //
533  if (!XrdOfsTPCProg::Init()) return 0;
534 
535 // Start the expiration thread
536 //
537  if (!XrdOfsTPCAuth::RunTTL(1)) return 0;
538 
539 // All done
540 //
541  XrdOucEnv::Export("XRDTPC", (encTPC ? "+1" : "1"));
542  tpcOK = true;
543  return 1;
544 }
static int RunTTL(int Init)
static int Init()
void Default(unsigned long long x)
Definition: XrdOucPList.hh:101

References XrdOfsTPCParms::Cfg, XrdOfsTPCParms::encTPC, XrdOucEnv::Export(), XrdOfsTPCProg::Init(), XrdOfsTPCAuth::RunTTL(), XrdOfsTPCParms::tpcOK, and XrdOfsTPCConfig::XfrProg.

+ Here is the call graph for this function:

◆ Sync()

virtual int XrdOfsTPC::Sync ( XrdOucErrInfo error)
inlinevirtual

Reimplemented in XrdOfsTPCJob.

Definition at line 95 of file XrdOfsTPC.hh.

95 {return 0;}

Referenced by XrdOfsFile::sync().

+ Here is the caller graph for this function:

◆ Validate()

int XrdOfsTPC::Validate ( XrdOfsTPC **  theTPC,
XrdOfsTPC::Facts Args 
)
static

Definition at line 550 of file XrdOfsTPC.cc.

551 {
552  XrdOfsTPCJob *myTPC;
553  const char *tpcLfn = Args.Env->Get(XrdOucTPC::tpcLfn);
554  const char *tpcSrc = Args.Env->Get(XrdOucTPC::tpcSrc);
555  const char *tpcCks = Args.Env->Get(XrdOucTPC::tpcCks);
556  const char *tpcSgi = Args.Env->Get(XrdOucTPC::tpcSgi);
557  const char *tpcStr = Args.Env->Get(XrdOucTPC::tpcStr);
558  const char *tpcSpr = Args.Env->Get(XrdOucTPC::tpcSpr);
559  const char *tpcTpr = Args.Env->Get(XrdOucTPC::tpcTpr);
560  const char *theCGI, *enVar = 0;
561  char Buff[512], myURL[4096], sVal = 0;
562  int n, doRN = 0, myURLen = sizeof(myURL);
563  short lfnLoc[2];
564 
565 // Determine if we can handle any TPC requests
566 //
567  if (!tpcOK || !Args.Usr) return Death(Args, "tpc not supported", ENOTSUP);
568 
569 // If we will be forwarding credentials, then verify that we have some
570 //
571  for (int i = 0; i < fcNum; i++)
572  {if (!strcmp(Args.Usr->prot, fcAuth[i].aProt))
573  {if (Args.Usr->creds == 0 || Args.Usr->credslen < 1
574  || (fcAuth[i].aGSI && !strstr(Args.Usr->creds, gsiPKH)))
575  {if (!fcAuth[i].aOpt)
576  return Death(Args,"no delegated credentials for tpc",EACCES);
577  } else enVar = fcAuth[i].aVar;
578  const char *tpcDlg = Args.Env->Get(XrdOucTPC::tpcDlg);
579  if (tpcDlg) tpcSrc = tpcDlg;
580  break;
581  }
582  }
583 
584 // This is a request by a writer to get data from another party. Make sure
585 // the source has been specified.
586 //
587  if (!tpcSrc) return Death(Args, "tpc source not specified", EINVAL);
588  if (!Args.Pfn) return Death(Args, "tpc pfn not specified", EINVAL);
589 
590 // If the lfn, if present, it must be absolute.
591 //
592  if (!tpcLfn) tpcLfn = Args.Lfn;
593  else if (Cfg.noids && *tpcLfn != '/')
594  return Death(Args,"source lfn not absolute",EINVAL);
595  else doRN = (strcmp(Args.Lfn, tpcLfn) != 0);
596 
597 // Validate number of streams and adjust accordingly
598 //
599  if (tpcStr)
600  {char *eP;
601  long nStrm = strtol(tpcStr, &eP, 10);
602  if (nStrm < 0 || *eP)
603  return Death(Args, "tpc streams value is invalid", EINVAL);
604  if (nStrm > Cfg.tcpSMax) nStrm = Cfg.tcpSMax;
605  sVal = static_cast<char>(nStrm);
606  } else sVal = static_cast<char>(Cfg.tcpSTRM);
607 
608 // Generate the origin id
609 //
610  if (!enVar && !genOrg(Args.Usr, Buff, sizeof(Buff)))
611  return Death(Args, Buff, EINVAL);
612 
613 // Construct the source url (it may be very big)
614 //
615  const char *xProt = (!tpcSpr || strcmp("xroots",tpcSpr) ? "xroot" : tpcSpr);
616  n = snprintf(myURL, myURLen, "%s://%s/%s?", xProt, tpcSrc, tpcLfn);
617  char *cgiP = myURL+n;
618  int cgiL = myURLen-n;
619  if (cgiL < 3) return Death(Args, "url too long", EINVAL);
620 
621 // Set lfn location in the URL but only if we need to do a rename
622 //
623  if (doRN) {lfnLoc[1] = strlen(tpcLfn); lfnLoc[0] = n - lfnLoc[1];}
624  else lfnLoc[1] = lfnLoc[0] = 0;
625 
626 // Copy user specified CGI into the source URL (omit tpc tokens)
627 //
628  if (tpcSgi)
629  {if ((int)strlen(tpcSgi) >= cgiL)
630  return Death(Args, "url too long", EINVAL);
631  n = XrdOucTPC::copyCGI(tpcSgi, cgiP, cgiL);
632  cgiP += n;
633  cgiL -= n;
634  }
635 
636 // Insert tpc tokens unless this is a delegated tpc which needs no tokens
637 //
638  if (!enVar)
639  {if (cgiL < 3) return Death(Args, "url too long", EINVAL);
640  *cgiP++ = '&'; cgiL--; *cgiP = 0;
641  theCGI = XrdOucTPC::cgiD2Src(Args.Key, Buff, cgiP, cgiL);
642  if (*theCGI == '!') return Death(Args, theCGI+1, EINVAL);
643  }
644 
645 // Create a pseudo tpc object that will contain the information we need to
646 // actually peform this copy.
647 //
648  if (!(myTPC = new XrdOfsTPCJob(myURL, Args.Usr->tident,
649  Args.Lfn, Args.Pfn, tpcCks, lfnLoc,
650  tpcSpr, tpcTpr)))
651  return Death(Args, "insufficient memory", ENOMEM);
652 
653 // Set credentials for the job if we need to
654 //
655  if (enVar && Args.Usr->credslen > 0)
656  myTPC->Info.SetCreds(enVar, Args.Usr->creds, Args.Usr->credslen);
657 
658 // Setup reproxing if this is required
659 //
660  if (Cfg.rPath)
661  {int inst = rpInst++;
662  char rpBuff[1024];
663  snprintf(rpBuff, sizeof(rpBuff), Cfg.rPath, inst);
664  myTPC->Info.SetRPath(rpBuff);
665  Args.Env->Put("tpc.reproxy", rpBuff);
666  }
667 
668 // Set number of streams to use
669 //
670  if (sVal > 0) myTPC->Info.SetStreams(sVal);
671 
672 // All done
673 //
674  myTPC->Info.isDest();
675  *theTPC = (XrdOfsTPC *)myTPC;
676  return SFS_OK;
677 }
void SetRPath(const char *rpath)
void SetStreams(char sval)
void SetCreds(const char *evar, const char *creds, int crdsz)
static int Death(Facts &Args, const char *eMsg, int eCode, int nomsg=0)
Definition: XrdOfsTPC.cc:319
static int genOrg(const XrdSecEntity *client, char *Buff, int Blen)
Definition: XrdOfsTPC.cc:359
void Put(const char *varname, const char *value)
Definition: XrdOucEnv.hh:85
static const char * tpcSpr
Definition: XrdOucTPC.hh:63
static const char * tpcTpr
Definition: XrdOucTPC.hh:66
static const char * tpcLfn
Definition: XrdOucTPC.hh:59
static int copyCGI(const char *cgi, char *Buff, int Blen)
Definition: XrdOucTPC.cc:233
static const char * tpcDlg
Definition: XrdOucTPC.hh:56
static const char * tpcSrc
Definition: XrdOucTPC.hh:64
static const char * cgiD2Src(const char *cKey, const char *cOrg, char *Buff, int Blen)
Definition: XrdOucTPC.cc:168
static const char * tpcSgi
Definition: XrdOucTPC.hh:62
static const char * tpcCks
Definition: XrdOucTPC.hh:55
static const char * tpcStr
Definition: XrdOucTPC.hh:65
int credslen
Length of the 'creds' data.
Definition: XrdSecEntity.hh:78
char * creds
Raw entity credentials or cert.
Definition: XrdSecEntity.hh:77
const char * gsiPKH
Definition: XrdOfsTPC.cc:78
const char * Key
Definition: XrdOfsTPC.hh:52

References XrdOfsTPCParms::fcTb::aGSI, XrdOfsTPCParms::fcTb::aProt, XrdOfsTPCParms::fcTb::aVar, XrdOfsTPCParms::Cfg, XrdOucTPC::cgiD2Src(), XrdOucTPC::copyCGI(), XrdSecEntity::creds, XrdSecEntity::credslen, XrdOfsTPC::Facts::Env, XrdOfsTPCParms::fcAuth, XrdOfsTPCParms::fcNum, XrdOucEnv::Get(), XrdOfsTPCParms::gsiPKH, Info, XrdOfsTPCInfo::isDest(), XrdOfsTPC::Facts::Key, XrdOfsTPC::Facts::Lfn, XrdOfsTPCConfig::noids, XrdOfsTPC::Facts::Pfn, XrdSecEntity::prot, XrdOucEnv::Put(), XrdOfsTPCConfig::rPath, XrdOfsTPCInfo::SetCreds(), XrdOfsTPCInfo::SetRPath(), XrdOfsTPCInfo::SetStreams(), SFS_OK, XrdOfsTPCConfig::tcpSMax, XrdOfsTPCConfig::tcpSTRM, XrdSecEntity::tident, XrdOucTPC::tpcCks, XrdOucTPC::tpcDlg, XrdOucTPC::tpcLfn, XrdOfsTPCParms::tpcOK, XrdOucTPC::tpcSgi, XrdOucTPC::tpcSpr, XrdOucTPC::tpcSrc, XrdOucTPC::tpcStr, XrdOucTPC::tpcTpr, and XrdOfsTPC::Facts::Usr.

Referenced by XrdOfsFile::open().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ Verify()

char * XrdOfsTPC::Verify ( const char *  Who,
const char *  Name,
char *  Buf,
int  Blen 
)
staticprotected

Definition at line 683 of file XrdOfsTPC.cc.

685 {
686  XrdNetAddr vAddr;
687  const char *etext, *Host;
688 
689 // Obtain full host name and return it if successful
690 //
691  if (!(etext = vAddr.Set(Name,0)) && (Host = vAddr.Name(0, &etext)))
692  return strdup(Host);
693 
694 // Generate error
695 //
696  snprintf(Buf, Blen, "unable to verify %s %s (%s)", Who, Name, etext);
697  Buf[Blen-1] = 0;
698  return 0;
699 }
const char * Set(const char *hSpec, int pNum=PortInSpec)
Definition: XrdNetAddr.cc:216

References XrdNetAddrInfo::Name(), and XrdNetAddr::Set().

+ Here is the call graph for this function:

Member Data Documentation

◆ ALList

XrdOfsTPCAllow * XrdOfsTPC::ALList = 0
staticprotected

Definition at line 126 of file XrdOfsTPC.hh.

◆ AuthDst

XrdOucTList * XrdOfsTPC::AuthDst = 0
staticprotected

Definition at line 122 of file XrdOfsTPC.hh.

◆ AuthOrg

XrdOucTList * XrdOfsTPC::AuthOrg = 0
staticprotected

Definition at line 123 of file XrdOfsTPC.hh.

◆ cPath

char * XrdOfsTPC::cPath = 0
staticprotected

Definition at line 124 of file XrdOfsTPC.hh.

Referenced by credPath().

◆ fsAuth

XrdAccAuthorize * XrdOfsTPC::fsAuth = 0
staticprotected

Definition at line 120 of file XrdOfsTPC.hh.

Referenced by Init().

◆ Info

◆ inQ

char XrdOfsTPC::inQ
protected

Definition at line 130 of file XrdOfsTPC.hh.

Referenced by XrdOfsTPCJob::Del(), XrdOfsTPCJob::Done(), and XrdOfsTPCJob::Sync().

◆ Refs

char XrdOfsTPC::Refs
protected

Definition at line 129 of file XrdOfsTPC.hh.

Referenced by XrdOfsTPCJob::Del(), XrdOfsTPCJob::Done(), and XrdOfsTPCJob::Sync().

◆ reqALL

const int XrdOfsTPC::reqALL = 0
static

Definition at line 85 of file XrdOfsTPC.hh.

◆ reqDST

const int XrdOfsTPC::reqDST = 1
static

Definition at line 86 of file XrdOfsTPC.hh.

◆ reqORG

const int XrdOfsTPC::reqORG = 2
static

Definition at line 87 of file XrdOfsTPC.hh.

◆ RPList

XrdOucPListAnchor * XrdOfsTPC::RPList
staticprotected

Definition at line 127 of file XrdOfsTPC.hh.


The documentation for this class was generated from the following files: