XRootD
XrdSecsssRR.hh
Go to the documentation of this file.
1 #ifndef __SecsssRR__
2 #define __SecsssRR__
3 /******************************************************************************/
4 /* */
5 /* X r d S e c s s s R R . h h */
6 /* */
7 /* (c) 2008 by the Board of Trustees of the Leland Stanford, Jr., University */
8 /* All Rights Reserved */
9 /* Produced by Andrew Hanushevsky for Stanford University under contract */
10 /* DE-AC02-76-SFO0515 with the Department of Energy */
11 /* */
12 /* This file is part of the XRootD software suite. */
13 /* */
14 /* XRootD is free software: you can redistribute it and/or modify it under */
15 /* the terms of the GNU Lesser General Public License as published by the */
16 /* Free Software Foundation, either version 3 of the License, or (at your */
17 /* option) any later version. */
18 /* */
19 /* XRootD is distributed in the hope that it will be useful, but WITHOUT */
20 /* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or */
21 /* FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public */
22 /* License for more details. */
23 /* */
24 /* You should have received a copy of the GNU Lesser General Public License */
25 /* along with XRootD in a file called COPYING.LESSER (LGPL license) and file */
26 /* COPYING (GPL license). If not, see <http://www.gnu.org/licenses/>. */
27 /* */
28 /* The copyright holder's institutional names and contributor's names may not */
29 /* be used to endorse or promote products derived from this software without */
30 /* specific prior written permission of the institution or contributor. */
31 /******************************************************************************/
32 
33 #include <cstdint>
34 #include <cstring>
35 #include <ctime>
36 
37 #include "XrdSecsss/XrdSecsssKT.hh"
38 
39 // The following is the packet header and is always unencrypted.
40 //
42 {
43 char ProtID[4]; // Protocol ID ("sss")
44 char Pad[2]; // Padding bytes
45 uint8_t knSize; // Appended keyname size w/ null byte
46 char EncType; // Encryption type as one of:
47 static const char etBFish32 = '0'; // Blowfish
48 
49 long long KeyID; // Key ID for encryption
50 };
51 
52 // Following this struct extends the original V1 struct with the keyname. V2
53 // clients send the extended header to v2 servers. It must be a multiple of
54 // 8 bytes and end with a null byte. Keynames have a maximum size as defined
55 // in XrdSecsssKT. The keyname qualifies the lookup of the KeyID.
56 //
58 {
60 };
61 
62 // The data portion of the packet is encrypted with the private shared key
63 // It immediately follows the header and has a maximum size (defined here).
64 //
66 {
67 char Rand[32]; // 256-bit random string (avoid text attacks)
68 int GenTime; // Time data generated (time(0) - BaseTime)
69 char Pad[3]; // Reserved
70 char Options; // One of the following:
71 static const char UseData= 0x00; // Use the ID data as authenticated name
72 static const char SndLID = 0x01; // Server to send login ID
73 static const char Ask4Mor= 0x02; // Ask for additional data (future)
74 // Note: A variable length data portion follows the header
75 };
76 
77 static const int XrdSecsssRR_Data_HdrLen = sizeof(XrdSecsssRR_DataHdr);
78 
80 {
81 static const int MaxCSz = 2048; // Maximum size of returned credentials
82 static const int MaxDSz =16344; // Maximum size of v2 inline data
83 static const int MinDSz = 128; // Minimum size for the data segment
84 static const int DataSz = 4040; // Maximum size of V1 inline data
85 char Data[DataSz]; // Optional V1 data (only for back compat)
86 
87 // (<Flag><packed null terminated string>)+
88 //
89 static const char theName = 0x01; // V1 and V2
90 static const char theVorg = 0x02; // V1 and V2
91 static const char theRole = 0x03; // V1 and V2
92 static const char theGrps = 0x04; // V1 and V2
93 static const char theEndo = 0x05; // V1 and V2
94 static const char theCred = 0x06; // V2: Actual credentials
95 static const char theRand = 0x07; // V1 and V2: Random string (ignored)
96 
97 static const char theAuth = 0x08; // V2: original authentication protocol
98 static const char theTID = 0x09; // V2: The trace ID
99 static const char theAKey = 0x0a; // V2: attribute key
100 static const char theAVal = 0x0b; // V2: attribute value for preceding key
101 static const char theUser = 0x0c; // V2: the Unix user name (original)
102 static const char theGrup = 0x0d; // V2: the Unix group name (original)
103 static const char theCaps = 0x0e; // V2: the x509 capabilities
104 
105 static const char theLgid = 0x10; // from server only
106 static const char theHost = 0x20; // from client only (required)
107 };
108 
109 // Struct used to effect a short response from the server
110 //
112 {
114 };
115 #endif
static const int XrdSecsssRR_Data_HdrLen
Definition: XrdSecsssRR.hh:77
static const int NameSZ
Definition: XrdSecsssKT.hh:49
static const char Ask4Mor
Definition: XrdSecsssRR.hh:73
static const char SndLID
Definition: XrdSecsssRR.hh:72
static const char UseData
Definition: XrdSecsssRR.hh:71
char Data[XrdSecsssRR_Data::MinDSz+16]
Definition: XrdSecsssRR.hh:113
static const char theHost
Definition: XrdSecsssRR.hh:106
static const int MaxCSz
Definition: XrdSecsssRR.hh:81
static const char theUser
Definition: XrdSecsssRR.hh:101
static const char theAKey
Definition: XrdSecsssRR.hh:99
static const char theCaps
Definition: XrdSecsssRR.hh:103
char Data[DataSz]
Definition: XrdSecsssRR.hh:85
static const char theAuth
Definition: XrdSecsssRR.hh:97
static const char theRole
Definition: XrdSecsssRR.hh:91
static const char theName
Definition: XrdSecsssRR.hh:89
static const int MinDSz
Definition: XrdSecsssRR.hh:83
static const int DataSz
Definition: XrdSecsssRR.hh:84
static const char theLgid
Definition: XrdSecsssRR.hh:105
static const char theGrps
Definition: XrdSecsssRR.hh:92
static const char theRand
Definition: XrdSecsssRR.hh:95
static const char theEndo
Definition: XrdSecsssRR.hh:93
static const char theAVal
Definition: XrdSecsssRR.hh:100
static const char theVorg
Definition: XrdSecsssRR.hh:90
static const char theGrup
Definition: XrdSecsssRR.hh:102
static const char theTID
Definition: XrdSecsssRR.hh:98
static const int MaxDSz
Definition: XrdSecsssRR.hh:82
static const char theCred
Definition: XrdSecsssRR.hh:94
char keyName[XrdSecsssKT::ktEnt::NameSZ]
Definition: XrdSecsssRR.hh:59
long long KeyID
Definition: XrdSecsssRR.hh:49
static const char etBFish32
Definition: XrdSecsssRR.hh:47