XRootD
XrdSecProtect.hh
Go to the documentation of this file.
1 #ifndef __XRDSECPROTECT_H__
2 #define __XRDSECPROTECT_H__
3 /******************************************************************************/
4 /* */
5 /* X r d S e c P r o t e c t . h h */
6 /* */
7 /* (c) 2016 by the Board of Trustees of the Leland Stanford, Jr., University */
8 /* Produced by Andrew Hanushevsky for Stanford University under contract */
9 /* DE-AC02-76-SFO0515 with the Department of Energy */
10 /* */
11 /* This file is part of the XRootD software suite. */
12 /* */
13 /* XRootD is free software: you can redistribute it and/or modify it under */
14 /* the terms of the GNU Lesser General Public License as published by the */
15 /* Free Software Foundation, either version 3 of the License, or (at your */
16 /* option) any later version. */
17 /* */
18 /* XRootD is distributed in the hope that it will be useful, but WITHOUT */
19 /* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or */
20 /* FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public */
21 /* License for more details. */
22 /* */
23 /* You should have received a copy of the GNU Lesser General Public License */
24 /* along with XRootD in a file called COPYING.LESSER (LGPL license) and file */
25 /* COPYING (GPL license). If not, see <http://www.gnu.org/licenses/>. */
26 /* */
27 /* The copyright holder's institutional names and contributor's names may not */
28 /* be used to endorse or promote products derived from this software without */
29 /* specific prior written permission of the institution or contributor. */
30 /******************************************************************************/
31 
32 #include "XProtocol/XProtocol.hh"
33 
34 //------------------------------------------------------------------------------
36 //------------------------------------------------------------------------------
37 //------------------------------------------------------------------------------
43 //------------------------------------------------------------------------------
44 
45 #define NEED2SECURE(protP) protP && ((*protP).*(protP->Need2Secure))
46 
47 /******************************************************************************/
48 /* X r d S e c P r o t e c t */
49 /******************************************************************************/
50 
51 struct iovec;
52 class XrdSecProtectParms;
53 class XrdSecProtocol;
54 
56 {
57 public:
58 friend class XrdSecProtector;
59 
60 //------------------------------------------------------------------------------
62 //------------------------------------------------------------------------------
63 
64 virtual void Delete() {delete this;}
65 
66 //------------------------------------------------------------------------------
74 //------------------------------------------------------------------------------
75 
77 
78 //------------------------------------------------------------------------------
102 //------------------------------------------------------------------------------
103 
104 virtual int Secure(SecurityRequest *&newreq,
105  ClientRequest &thereq,
106  const char *thedata
107  );
108 
109 //------------------------------------------------------------------------------
121 //------------------------------------------------------------------------------
122 
123 virtual const char *Verify(SecurityRequest &secreq,
124  ClientRequest &thereq,
125  const char *thedata
126  );
127 
128 //------------------------------------------------------------------------------
130 //------------------------------------------------------------------------------
131 
132 virtual ~XrdSecProtect() {}
133 
134 protected:
135 
136  XrdSecProtect(XrdSecProtocol *aprot=0, bool edok=true) // Client!
137  : Need2Secure(&XrdSecProtect::Screen),
138  authProt(aprot), secVec(0), lastSeqno(1),
139  edOK(edok), secVerData(false)
140  {}
141 
142  XrdSecProtect(XrdSecProtocol *aprot, XrdSecProtect &pRef, // Server!
143  bool edok=true)
144  : Need2Secure(&XrdSecProtect::Screen),
145  authProt(aprot), secVec(pRef.secVec),
146  lastSeqno(0), edOK(edok),
147  secVerData(pRef.secVerData) {}
148 
149 void SetProtection(const ServerResponseReqs_Protocol &inReqs);
150 
151 private:
152 bool GetSHA2(unsigned char *hBuff, struct iovec *iovP, int iovN);
153 bool Screen(ClientRequest &thereq);
154 
155 XrdSecProtocol *authProt;
156 const char *secVec;
158 union {kXR_unt64 lastSeqno; // Used by Secure()
159  kXR_unt64 nextSeqno; // Used by Verify()
160  };
161 bool edOK;
162 bool secVerData;
163 static const unsigned int maxRIX = kXR_REQFENCE-kXR_auth;
164 char myVec[maxRIX];
165 };
166 #endif
@ kXR_REQFENCE
Definition: XProtocol.hh:144
@ kXR_auth
Definition: XProtocol.hh:112
unsigned long long kXR_unt64
Definition: XPtypes.hh:99
virtual const char * Verify(SecurityRequest &secreq, ClientRequest &thereq, const char *thedata)
XrdSecProtect(XrdSecProtocol *aprot, XrdSecProtect &pRef, bool edok=true)
virtual void Delete()
Delete this object. Use this method as opposed to operator delete.
bool(XrdSecProtect::* Need2Secure)(ClientRequest &thereq)
XrdSecProtect(XrdSecProtocol *aprot=0, bool edok=true)
void SetProtection(const ServerResponseReqs_Protocol &inReqs)
virtual ~XrdSecProtect()
Destructor.
virtual int Secure(SecurityRequest *&newreq, ClientRequest &thereq, const char *thedata)