XRootD
XrdHttpProtocol Class Reference

#include <XrdHttpProtocol.hh>

+ Inheritance diagram for XrdHttpProtocol:
+ Collaboration diagram for XrdHttpProtocol:

Classes

struct  StaticPreloadInfo
 

Public Member Functions

 XrdHttpProtocol (bool imhttps)
 
 XrdHttpProtocol (const XrdHttpProtocol &)=default
 Ctor, dtors and copy ctor. More...
 
 ~XrdHttpProtocol ()
 
int doChksum (const XrdOucString &fname)
 Perform a checksum request. More...
 
void DoIt ()
 Override from the base class. More...
 
int doStat (char *fname)
 Perform a Stat request. More...
 
bool isHTTPS ()
 called via https More...
 
XrdProtocolMatch (XrdLink *lp)
 Tells if the oustanding bytes on the socket match this protocol implementation. More...
 
XrdHttpProtocol operator= (const XrdHttpProtocol &rhs)
 
int Process (XrdLink *lp)
 Process data incoming from the socket. More...
 
void Recycle (XrdLink *lp, int consec, const char *reason)
 Recycle this instance. More...
 
int Stats (char *buff, int blen, int do_sync=0)
 Get activity stats. More...
 
- Public Member Functions inherited from XrdProtocol
 XrdProtocol (const char *jname)
 
virtual ~XrdProtocol ()
 
- Public Member Functions inherited from XrdJob
 XrdJob (const char *desc="")
 
virtual ~XrdJob ()
 

Static Public Member Functions

static int Configure (char *parms, XrdProtocol_Config *pi)
 Read and apply the configuration. More...
 
static int parseHeader2CGI (XrdOucStream &Config, XrdSysError &err, std::map< std::string, std::string > &header2cgi)
 Use this function to parse header2cgi configurations. More...
 

Public Attributes

XrdObject< XrdHttpProtocolProtLink
 
XrdSecEntity SecEntity
 Authentication area. More...
 
- Public Attributes inherited from XrdJob
const char * Comment
 
XrdJobNextJob
 

Static Public Attributes

static XrdHttpChecksumHandler cksumHandler = XrdHttpChecksumHandler()
 
static XrdObjectQ< XrdHttpProtocolProtStack
 
static XrdHttpReadRangeHandler::Configuration ReadRangeConfig
 configuration for the read range handler More...
 

Protected Attributes

char * Addr_str
 
XrdXrootd::BridgeBridge
 The Bridge that we use to exercise the xrootd internals. More...
 
XrdHttpReq CurrentReq
 
XrdLinkLink
 The link we are bound to. More...
 

Static Protected Attributes

static XrdBuffManagerBPool = 0
 
static XrdSecServiceCIA = 0
 
static bool compatNameGeneration = false
 
static int crlRefIntervalSec = XrdTlsContext::DEFAULT_CRL_REF_INT_SEC
 CRL thread refresh interval. More...
 
static XrdSysError eDest = 0
 
static bool embeddedstatic = true
 If true, use the embedded css and icons. More...
 
static char * gridmap = 0
 Gridmap file location. The same used by XrdSecGsi. More...
 
static int hailWait = 60000
 Timeout for reading the handshake. More...
 
static std::map< std::string, std::string > hdr2cgimap
 Rules that turn HTTP headers to cgi tokens in the URL, for internal comsumption. More...
 
static bool isdesthttps = false
 True if the redirections must be towards https targets. More...
 
static bool isRequiredGridmap = false
 
static bool listdeny = false
 If true, any form of listing is denied. More...
 
static char * listredir = 0
 Url to redirect to in the case a listing is requested. More...
 
static BIO_METHOD * m_bio_method = NULL
 C-style vptr table for our custom BIO objects. More...
 
static int m_bio_type = 0
 Type identifier for our custom BIO objects. More...
 
static std::unordered_map< std::string, std::vector< std::pair< std::string, std::string > > > m_staticheader_map
 The static headers to always return; map is from verb to a list of (header, val) pairs. More...
 
static std::unordered_map< std::string, std::string > m_staticheaders
 
static kXR_int32 myRole = kXR_isManager
 Our role. More...
 
static XrdNetPMarkpmarkHandle = nullptr
 Packet marking handler pointer (assigned from the environment during the Config() call) More...
 
static int Port = 1094
 Our port. More...
 
static char * Port_str = 0
 Our port, as a string. More...
 
static int readWait = 300000
 Timeout for reading data. More...
 
static XrdSchedulerSched = 0
 
static char * secretkey = 0
 The key used to calculate the url hashes. More...
 
static bool selfhttps2http = false
 If client is HTTPS, self-redirect with HTTP+token. More...
 
static XrdOucGMapservGMap = 0
 The instance of the DN mapper. Created only when a valid path is given. More...
 
static char * sslcadir = 0
 
static char * sslcafile = 0
 
static char * sslcert = 0
 OpenSSL stuff. More...
 
static char * sslcipherfilter = 0
 
static char * sslkey = 0
 
static int sslverifydepth = 9
 Depth of verification of a certificate chain. More...
 
static XrdOucHash< StaticPreloadInfo > * staticpreload = 0
 
static char * staticredir = 0
 
static bool tpcForwardCreds = false
 If set to true, the HTTP TPC transfers will forward the credentials to redirected hosts. More...
 
static char * xrd_cslist = nullptr
 The list of checksums that were configured via the xrd.cksum parameter on the server config file. More...
 

Friends

class XrdHttpExtReq
 
class XrdHttpReq
 

Detailed Description

Definition at line 80 of file XrdHttpProtocol.hh.


Class Documentation

◆ XrdHttpProtocol::StaticPreloadInfo

struct XrdHttpProtocol::StaticPreloadInfo

Definition at line 430 of file XrdHttpProtocol.hh.

+ Collaboration diagram for XrdHttpProtocol::StaticPreloadInfo:
Class Members
char * data
int len

Constructor & Destructor Documentation

◆ XrdHttpProtocol() [1/2]

XrdHttpProtocol::XrdHttpProtocol ( const XrdHttpProtocol )
default

Ctor, dtors and copy ctor.

Referenced by Match().

+ Here is the caller graph for this function:

◆ XrdHttpProtocol() [2/2]

XrdHttpProtocol::XrdHttpProtocol ( bool  imhttps)

Definition at line 196 of file XrdHttpProtocol.cc.

197 : XrdProtocol("HTTP protocol handler"), ProtLink(this),
199  myBuff = 0;
200  Addr_str = 0;
201  Reset();
202  ishttps = imhttps;
203 
204 }
XrdObject< XrdHttpProtocol > ProtLink
XrdHttpReq CurrentReq
static XrdHttpReadRangeHandler::Configuration ReadRangeConfig
configuration for the read range handler
XrdSecEntity SecEntity
Authentication area.
XrdProtocol(const char *jname)
Definition: XrdProtocol.hh:156

References Addr_str.

◆ ~XrdHttpProtocol()

XrdHttpProtocol::~XrdHttpProtocol ( )
inline

Definition at line 124 of file XrdHttpProtocol.hh.

124  {
125  Cleanup();
126  }

Member Function Documentation

◆ Configure()

int XrdHttpProtocol::Configure ( char *  parms,
XrdProtocol_Config pi 
)
static

Read and apply the configuration.

Definition at line 1728 of file XrdHttpProtocol.cc.

1728  {
1729  /*
1730  Function: Establish configuration at load time.
1731 
1732  Input: None.
1733 
1734  Output: 0 upon success or !0 otherwise.
1735  */
1736 
1737  char *rdf;
1738 
1739  // Copy out the special info we want to use at top level
1740  //
1741  eDest.logger(pi->eDest->logger());
1743  // SI = new XrdXrootdStats(pi->Stats);
1744  Sched = pi->Sched;
1745  BPool = pi->BPool;
1746  xrd_cslist = getenv("XRD_CSLIST");
1747 
1748  Port = pi->Port;
1749 
1750  // Copy out the current TLS context
1751  //
1752  xrdctx = pi->tlsCtx;
1753 
1754  {
1755  char buf[16];
1756  sprintf(buf, "%d", Port);
1757  Port_str = strdup(buf);
1758  }
1759 
1760  // Now process and configuration parameters
1761  //
1762  rdf = (parms && *parms ? parms : pi->ConfigFN);
1763  if (rdf && Config(rdf, pi->theEnv)) return 0;
1764  if (pi->DebugON) XrdHttpTrace.What = TRACE_ALL;
1765 
1766  // Set the redirect flag if we are a pure redirector
1767  myRole = kXR_isServer;
1768  if ((rdf = getenv("XRDROLE"))) {
1769  eDest.Emsg("Config", "XRDROLE: ", rdf);
1770 
1771  if (!strcasecmp(rdf, "manager") || !strcasecmp(rdf, "supervisor")) {
1773  eDest.Emsg("Config", "Configured as HTTP(s) redirector.");
1774  } else {
1775 
1776  eDest.Emsg("Config", "Configured as HTTP(s) data server.");
1777  }
1778 
1779  } else {
1780  eDest.Emsg("Config", "No XRDROLE specified.");
1781  }
1782 
1783  // Schedule protocol object cleanup
1784  //
1786  (XrdHttpTrace.What & TRACE_MEM ? TRACE_MEM : 0));
1787  ProtStack.Set((pi->ConnMax / 3 ? pi->ConnMax / 3 : 30), 60 * 60);
1788 
1789  // Return success
1790  //
1791 
1792  return 1;
1793 }
#define kXR_isManager
Definition: XProtocol.hh:1156
#define kXR_isServer
Definition: XProtocol.hh:1157
XrdSysTrace XrdHttpTrace("http")
#define TRACE_MEM
Definition: XrdTrace.hh:38
#define TRACE_ALL
Definition: XrdTrace.hh:35
static XrdScheduler * Sched
static kXR_int32 myRole
Our role.
static char * Port_str
Our port, as a string.
static XrdSysError eDest
static char * xrd_cslist
The list of checksums that were configured via the xrd.cksum parameter on the server config file.
static XrdObjectQ< XrdHttpProtocol > ProtStack
static int Port
Our port.
static XrdBuffManager * BPool
void Set(int inQMax, time_t agemax=1800)
Definition: XrdObject.icc:90
XrdBuffManager * BPool
Definition: XrdProtocol.hh:63
XrdScheduler * Sched
Definition: XrdProtocol.hh:64
XrdTlsContext * tlsCtx
Definition: XrdProtocol.hh:99
XrdSysError * eDest
Definition: XrdProtocol.hh:61
XrdOucEnv * theEnv
Definition: XrdProtocol.hh:66
int Emsg(const char *esfx, int ecode, const char *text1, const char *text2=0)
Definition: XrdSysError.cc:95
XrdSysLogger * logger(XrdSysLogger *lp=0)
Definition: XrdSysError.hh:141
void SetLogger(XrdSysLogger *logp)
Definition: XrdSysTrace.cc:65
XrdTlsContext * xrdctx

References XrdProtocol_Config::BPool, BPool, XrdCms::Config, XrdProtocol_Config::ConfigFN, XrdProtocol_Config::ConnMax, XrdProtocol_Config::DebugON, XrdProtocol_Config::eDest, eDest, XrdSysError::Emsg(), kXR_isManager, kXR_isServer, XrdSysError::logger(), myRole, XrdProtocol_Config::Port, Port, Port_str, ProtStack, XrdProtocol_Config::Sched, Sched, XrdObjectQ< T >::Set(), XrdSysTrace::SetLogger(), XrdProtocol_Config::theEnv, XrdProtocol_Config::tlsCtx, TRACE_ALL, TRACE_MEM, XrdSysTrace::What, xrd_cslist, XrdHttpProtoInfo::xrdctx, and XrdHttpTrace.

Referenced by XrdgetProtocol().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ doChksum()

int XrdHttpProtocol::doChksum ( const XrdOucString fname)

Perform a checksum request.

Definition at line 3068 of file XrdHttpProtocol.cc.

3068  {
3069  size_t length;
3070  memset(&CurrentReq.xrdreq, 0, sizeof (ClientRequest));
3074  memset(CurrentReq.xrdreq.query.fhandle, '\0', sizeof(CurrentReq.xrdreq.query.fhandle));
3076  length = fname.length() + 1;
3077  CurrentReq.xrdreq.query.dlen = htonl(length);
3078 
3079  if (!Bridge) return -1;
3080 
3081  return Bridge->Run(reinterpret_cast<char *>(&CurrentReq.xrdreq), const_cast<char *>(fname.c_str()), length) ? 0 : -1;
3082 }
kXR_unt16 requestid
Definition: XProtocol.hh:630
kXR_char reserved1[2]
Definition: XProtocol.hh:632
kXR_unt16 infotype
Definition: XProtocol.hh:631
kXR_char reserved2[8]
Definition: XProtocol.hh:634
kXR_char fhandle[4]
Definition: XProtocol.hh:633
@ kXR_query
Definition: XProtocol.hh:113
struct ClientQueryRequest query
Definition: XProtocol.hh:866
@ kXR_Qcksum
Definition: XProtocol.hh:617
XrdXrootd::Bridge * Bridge
The Bridge that we use to exercise the xrootd internals.
ClientRequest xrdreq
The last issued xrd request, often pending.
Definition: XrdHttpReq.hh:296
const char * c_str() const
int length() const
virtual bool Run(const char *xreqP, char *xdataP=0, int xdataL=0)=0

References Bridge, XrdOucString::c_str(), CurrentReq, ClientQueryRequest::dlen, ClientQueryRequest::fhandle, ClientQueryRequest::infotype, kXR_Qcksum, kXR_query, XrdOucString::length(), ClientRequest::query, ClientQueryRequest::requestid, ClientQueryRequest::reserved1, ClientQueryRequest::reserved2, XrdXrootd::Bridge::Run(), and XrdHttpReq::xrdreq.

Referenced by XrdHttpReq::ProcessHTTPReq().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ DoIt()

void XrdHttpProtocol::DoIt ( )
inlinevirtual

Override from the base class.

Implements XrdJob.

Definition at line 91 of file XrdHttpProtocol.hh.

91  {
92  if (Resume) (*this.*Resume)();
93  }

◆ doStat()

int XrdHttpProtocol::doStat ( char *  fname)

Perform a Stat request.

Definition at line 3040 of file XrdHttpProtocol.cc.

3040  {
3041  int l;
3042  bool b;
3043  CurrentReq.filesize = 0;
3044  CurrentReq.fileflags = 0;
3045  CurrentReq.filemodtime = 0;
3046 
3047  memset(&CurrentReq.xrdreq, 0, sizeof (ClientRequest));
3049  memset(CurrentReq.xrdreq.stat.reserved, 0,
3050  sizeof (CurrentReq.xrdreq.stat.reserved));
3051  l = strlen(fname) + 1;
3052  CurrentReq.xrdreq.stat.dlen = htonl(l);
3053 
3054  if (!Bridge) return -1;
3055  b = Bridge->Run((char *) &CurrentReq.xrdreq, fname, l);
3056  if (!b) {
3057  return -1;
3058  }
3059 
3060 
3061  return 0;
3062 }
kXR_char reserved[11]
Definition: XProtocol.hh:770
@ kXR_stat
Definition: XProtocol.hh:129
kXR_unt16 requestid
Definition: XProtocol.hh:768
struct ClientStatRequest stat
Definition: XProtocol.hh:873
kXR_int32 dlen
Definition: XProtocol.hh:772
long fileflags
Definition: XrdHttpReq.hh:312
long filemodtime
Definition: XrdHttpReq.hh:313
long long filesize
Definition: XrdHttpReq.hh:311

References Bridge, CurrentReq, ClientStatRequest::dlen, XrdHttpReq::fileflags, XrdHttpReq::filemodtime, XrdHttpReq::filesize, kXR_stat, ClientStatRequest::requestid, ClientStatRequest::reserved, XrdXrootd::Bridge::Run(), ClientRequest::stat, and XrdHttpReq::xrdreq.

Referenced by XrdHttpReq::ProcessHTTPReq().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ isHTTPS()

bool XrdHttpProtocol::isHTTPS ( )
inline

called via https

Definition at line 142 of file XrdHttpProtocol.hh.

142 { return ishttps; }

Referenced by XrdHttpExtReq::XrdHttpExtReq().

+ Here is the caller graph for this function:

◆ Match()

XrdProtocol * XrdHttpProtocol::Match ( XrdLink lp)
virtual

Tells if the oustanding bytes on the socket match this protocol implementation.

Implements XrdProtocol.

Definition at line 222 of file XrdHttpProtocol.cc.

222  {
223  char mybuf[16], mybuf2[1024];
224  XrdHttpProtocol *hp;
225  int dlen;
226  bool myishttps = false;
227 
228  // Peek at the first 20 bytes of data
229  //
230  if ((dlen = lp->Peek(mybuf, (int) sizeof (mybuf), hailWait)) < (int) sizeof (mybuf)) {
231  if (dlen <= 0) lp->setEtext("handshake not received");
232  return (XrdProtocol *) 0;
233  }
234  mybuf[dlen - 1] = '\0';
235 
236  // Trace the data
237  //
238 
239  TRACEI(DEBUG, "received dlen: " << dlen);
240  //TRACEI(REQ, "received buf: " << mybuf);
241  mybuf2[0] = '\0';
242  for (int i = 0; i < dlen; i++) {
243  char mybuf3[16];
244  sprintf(mybuf3, "%.02d ", mybuf[i]);
245  strcat(mybuf2, mybuf3);
246 
247  }
248  TRACEI(DEBUG, "received dump: " << mybuf2);
249 
250  // Decide if it looks http or not. For now we are happy if all the received characters are alphanumeric
251  bool ismine = true;
252  for (int i = 0; i < dlen - 1; i++)
253  if (!isprint(mybuf[i]) && (mybuf[i] != '\r') && (mybuf[i] != '\n')) {
254  ismine = false;
255  TRACEI(DEBUG, "This does not look like http at pos " << i);
256  break;
257  }
258 
259  // If it does not look http then look if it looks like https
260  if ((!ismine) && (dlen >= 4)) {
261  char check[4] = {00, 00, 00, 00};
262  if (memcmp(mybuf, check, 4)) {
263 
264  if (httpsmode) {
265  ismine = true;
266  myishttps = true;
267  TRACEI(DEBUG, "This may look like https");
268  } else {
269  TRACEI(ALL, "This may look like https, but https is not configured");
270  }
271 
272  }
273  }
274 
275  if (!ismine) {
276  TRACEI(DEBUG, "This does not look like https. Protocol not matched.");
277  return (XrdProtocol *) 0;
278  }
279 
280  // It does look http or https...
281  // Get a protocol object off the stack (if none, allocate a new one)
282  //
283 
284  TRACEI(REQ, "Protocol matched. https: " << myishttps);
285  if (!(hp = ProtStack.Pop())) hp = new XrdHttpProtocol(myishttps);
286  else
287  hp->ishttps = myishttps;
288 
289  // We now have to do some work arounds to tell the underlying framework
290  // that is is https without invoking TLS on the actual link. Eventually,
291  // we should just use the link's TLS native implementation.
292  //
293  hp->SecEntity.addrInfo = lp->AddrInfo();
294  XrdNetAddr *netP = const_cast<XrdNetAddr*>(lp->NetAddr());
295  netP->SetDialect("https");
296  netP->SetTLS(true);
297 
298  // Allocate 1MB buffer from pool
299  if (!hp->myBuff) {
300  hp->myBuff = BPool->Obtain(1024 * 1024);
301  }
302  hp->myBuffStart = hp->myBuffEnd = hp->myBuff->buff;
303 
304  // Bind the protocol to the link and return the protocol
305  //
306  hp->Link = lp;
307  return (XrdProtocol *) hp;
308 }
#define DEBUG(x)
Definition: XrdBwmTrace.hh:54
#define TRACEI(act, x)
Definition: XrdTrace.hh:66
XrdBuffer * Obtain(int bsz)
Definition: XrdBuffer.cc:140
char * buff
Definition: XrdBuffer.hh:45
static int hailWait
Timeout for reading the handshake.
XrdLink * Link
The link we are bound to.
XrdHttpProtocol(const XrdHttpProtocol &)=default
Ctor, dtors and copy ctor.
void SetDialect(const char *dP)
Definition: XrdNetAddr.hh:205
void SetTLS(bool val)
Definition: XrdNetAddr.cc:590
T * Pop()
Definition: XrdObject.hh:93
XrdNetAddrInfo * addrInfo
Entity's connection details.
Definition: XrdSecEntity.hh:80

References XrdHttpProtocol(), XrdLink::AddrInfo(), XrdSecEntity::addrInfo, BPool, XrdBuffer::buff, DEBUG, hailWait, XrdHttpProtoInfo::httpsmode, Link, XrdLink::NetAddr(), XrdBuffManager::Obtain(), XrdLink::Peek(), XrdObjectQ< T >::Pop(), ProtStack, SecEntity, XrdNetAddr::SetDialect(), XrdLink::setEtext(), XrdNetAddr::SetTLS(), and TRACEI.

+ Here is the call graph for this function:

◆ operator=()

XrdHttpProtocol XrdHttpProtocol::operator= ( const XrdHttpProtocol rhs)

Definition at line 211 of file XrdHttpProtocol.cc.

211  {
212 
213  return *this;
214 }

◆ parseHeader2CGI()

int XrdHttpProtocol::parseHeader2CGI ( XrdOucStream Config,
XrdSysError err,
std::map< std::string, std::string > &  header2cgi 
)
static

Use this function to parse header2cgi configurations.

Definition at line 1798 of file XrdHttpProtocol.cc.

1798  {
1799  char *val, keybuf[1024], parmbuf[1024];
1800  char *parm;
1801 
1802  // Get the header key
1803  val = Config.GetWord();
1804  if (!val || !val[0]) {
1805  err.Emsg("Config", "No headerkey specified.");
1806  return 1;
1807  } else {
1808 
1809  // Trim the beginning, in place
1810  while ( *val && !isalnum(*val) ) val++;
1811  strcpy(keybuf, val);
1812 
1813  // Trim the end, in place
1814  char *pp;
1815  pp = keybuf + strlen(keybuf) - 1;
1816  while ( (pp >= keybuf) && (!isalnum(*pp)) ) {
1817  *pp = '\0';
1818  pp--;
1819  }
1820 
1821  parm = Config.GetWord();
1822 
1823  // Avoids segfault in case a key is given without value
1824  if(!parm || !parm[0]) {
1825  err.Emsg("Config", "No header2cgi value specified. key: '", keybuf, "'");
1826  return 1;
1827  }
1828 
1829  // Trim the beginning, in place
1830  while ( *parm && !isalnum(*parm) ) parm++;
1831  strcpy(parmbuf, parm);
1832 
1833  // Trim the end, in place
1834  pp = parmbuf + strlen(parmbuf) - 1;
1835  while ( (pp >= parmbuf) && (!isalnum(*pp)) ) {
1836  *pp = '\0';
1837  pp--;
1838  }
1839 
1840  // Add this mapping to the map that will be used
1841  try {
1842  header2cgi[keybuf] = parmbuf;
1843  } catch ( ... ) {
1844  err.Emsg("Config", "Can't insert new header2cgi rule. key: '", keybuf, "'");
1845  return 1;
1846  }
1847 
1848  }
1849  return 0;
1850 }
XrdCmsConfig Config

References XrdCms::Config, and XrdSysError::Emsg().

+ Here is the call graph for this function:

◆ Process()

int XrdHttpProtocol::Process ( XrdLink lp)
virtual

Process data incoming from the socket.

Implements XrdProtocol.

Definition at line 484 of file XrdHttpProtocol.cc.

485 {
486  int rc = 0;
487 
488  TRACEI(DEBUG, " Process. lp:"<<(void *)lp<<" reqstate: "<<CurrentReq.reqstate);
489 
490  if (!myBuff || !myBuff->buff || !myBuff->bsize) {
491  TRACE(ALL, " Process. No buffer available. Internal error.");
492  return -1;
493  }
494 
495 
496  if (!SecEntity.host) {
497  char *nfo = GetClientIPStr();
498  if (nfo) {
499  TRACEI(REQ, " Setting host: " << nfo);
500  SecEntity.host = nfo;
501  strcpy(SecEntity.prot, "http");
502  }
503  }
504 
505 
506 
507  // If https then check independently for the ssl handshake
508  if (ishttps && !ssldone) {
509 
510  if (!ssl) {
511  sbio = CreateBIO(Link);
512  BIO_set_nbio(sbio, 1);
514  TRACE(ALL, "Failed to configure the TLS client authentication; invalid configuration");
515  return -1;
516  }
517  ssl = (SSL*)xrdctx->Session();
518  }
519 
520  if (!ssl) {
521  TRACEI(DEBUG, " SSL_new returned NULL");
522  ERR_print_errors(sslbio_err);
523  return -1;
524  }
525 
526  // If a secxtractor has been loaded
527  // maybe it wants to add its own initialization bits
528  if (secxtractor)
529  secxtractor->InitSSL(ssl, sslcadir);
530 
531  SSL_set_bio(ssl, sbio, sbio);
532  //SSL_set_connect_state(ssl);
533 
534  //SSL_set_fd(ssl, Link->FDnum());
535  struct timeval tv;
536  tv.tv_sec = 10;
537  tv.tv_usec = 0;
538  setsockopt(Link->FDnum(), SOL_SOCKET, SO_RCVTIMEO, (struct timeval *)&tv, sizeof(struct timeval));
539  setsockopt(Link->FDnum(), SOL_SOCKET, SO_SNDTIMEO, (struct timeval *)&tv, sizeof(struct timeval));
540 
541  TRACEI(DEBUG, " Entering SSL_accept...");
542  int res = SSL_accept(ssl);
543  TRACEI(DEBUG, " SSL_accept returned :" << res);
544  if ((res == -1) && (SSL_get_error(ssl, res) == SSL_ERROR_WANT_READ)) {
545  TRACEI(DEBUG, " SSL_accept wants to read more bytes... err:" << SSL_get_error(ssl, res));
546  return 1;
547  }
548 
549  if(res <= 0) {
550  ERR_print_errors(sslbio_err);
551  if (res < 0) {
552 
553  SSL_free(ssl);
554  ssl = 0;
555  return -1;
556  }
557  }
558 
559  BIO_set_nbio(sbio, 0);
560 
561  strcpy(SecEntity.prot, "https");
562 
563  // Get the voms string and auth information
564  if (tlsClientAuth == XrdTlsContext::ClientAuthSetting::kOn && HandleAuthentication(Link)) {
565  SSL_free(ssl);
566  ssl = 0;
567  return -1;
568  }
569 
570  ssldone = true;
571  if (TRACING(TRACE_AUTH)) {
573  }
574  }
575 
576 
577 
578  if (!DoingLogin) {
579  // Re-invocations triggered by the bridge have lp==0
580  // In this case we keep track of a different request state
581  if (lp) {
582 
583  // This is an invocation that was triggered by a socket event
584  // Read all the data that is available, throw it into the buffer
585  if ((rc = getDataOneShot(BuffAvailable())) < 0) {
586  // Error -> exit
587  return -1;
588  }
589 
590  // If we need more bytes, let's wait for another invokation
591  if (BuffUsed() < ResumeBytes) return 1;
592 
593 
594  } else
596  } else if (!DoneSetInfo && !CurrentReq.userAgent().empty()) { // DoingLogin is true, meaning the login finished.
597  std::string mon_info = "monitor info " + CurrentReq.userAgent();
598  DoneSetInfo = true;
599  if (mon_info.size() >= 1024) {
600  TRACEI(ALL, "User agent string too long");
601  } else if (!Bridge) {
602  TRACEI(ALL, "Internal logic error: Bridge is null after login");
603  } else {
604  TRACEI(DEBUG, "Setting " << mon_info);
605  memset(&CurrentReq.xrdreq, 0, sizeof (ClientRequest));
607  CurrentReq.xrdreq.set.modifier = '\0';
608  memset(CurrentReq.xrdreq.set.reserved, '\0', sizeof(CurrentReq.xrdreq.set.reserved));
609  CurrentReq.xrdreq.set.dlen = htonl(mon_info.size());
610  if (!Bridge->Run((char *) &CurrentReq.xrdreq, (char *) mon_info.c_str(), mon_info.size())) {
611  SendSimpleResp(500, nullptr, nullptr, "Could not set user agent.", 0, false);
612  return -1;
613  }
614  return 0;
615  }
616  } else {
617  DoingLogin = false;
618  }
619 
620  // Read the next request header, that is, read until a double CRLF is found
621 
622 
623  if (!CurrentReq.headerok) {
624 
625  // Read as many lines as possible into the buffer. An empty line breaks
626  while ((rc = BuffgetLine(tmpline)) > 0) {
627  std::string traceLine = tmpline.c_str();
628  if (TRACING(TRACE_DEBUG)) {
629  traceLine = obfuscateAuth(traceLine);
630  }
631  TRACE(DEBUG, " rc:" << rc << " got hdr line: " << traceLine);
632  if ((rc == 2) && (tmpline.length() > 1) && (tmpline[rc - 1] == '\n')) {
633  CurrentReq.headerok = true;
634  TRACE(DEBUG, " rc:" << rc << " detected header end.");
635  break;
636  }
637 
638 
640  TRACE(DEBUG, " Parsing first line: " << traceLine.c_str());
641  int result = CurrentReq.parseFirstLine((char *)tmpline.c_str(), rc);
642  if (result < 0) {
643  TRACE(DEBUG, " Parsing of first line failed with " << result);
644  return -1;
645  }
646  } else {
647  int result = CurrentReq.parseLine((char *) tmpline.c_str(), rc);
648  if(result < 0) {
649  TRACE(DEBUG, " Parsing of header line failed with " << result)
650  SendSimpleResp(400,NULL,NULL,"Malformed header line. Hint: ensure the line finishes with \"\\r\\n\"", 0, false);
651  return -1;
652  }
653  }
654 
655 
656  }
657 
658  // Here we have CurrentReq loaded with the header, or its relevant fields
659 
660  if (!CurrentReq.headerok) {
661  TRACEI(REQ, " rc:" << rc << "Header not yet complete.");
662 
663  // Here a subtle error condition. IF we failed reading a line AND the buffer
664  // has a reasonable amount of data available THEN we consider the header
665  // as corrupted and shutdown the client
666  if ((rc <= 0) && (BuffUsed() >= 16384)) {
667  TRACEI(ALL, "Corrupted header detected, or line too long. Disconnecting client.");
668  return -1;
669  }
670 
671 
672  if (CurrentReq.reqstate > 0)
674  // Waiting for more data
675  return 1;
676  }
677 
678  }
679 
680  // If we are in self-redirect mode, then let's do it
681  // Do selfredirect only with 'simple' requests, otherwise poor clients may misbehave
682  if (ishttps && ssldone && selfhttps2http &&
685  char hash[512];
686  time_t timenow = time(0);
687 
688 
690  &SecEntity,
691  timenow,
692  secretkey);
693 
694 
695 
696  if (hash[0]) {
697 
698  // Workaround... delete the previous opaque information
699  if (CurrentReq.opaque) {
700  delete CurrentReq.opaque;
701  CurrentReq.opaque = 0;
702  }
703 
704  TRACEI(REQ, " rc:" << rc << " self-redirecting to http with security token.");
705 
706  XrdOucString dest = "Location: http://";
707  // Here I should put the IP addr of the server
708 
709  // We have to recompute it here because we don't know to which
710  // interface the client had connected to
711  struct sockaddr_storage sa;
712  socklen_t sl = sizeof(sa);
713  getsockname(this->Link->AddrInfo()->SockFD(), (struct sockaddr*)&sa, &sl);
714 
715  // now get it back and print it
716  char buf[256];
717  bool ok = false;
718 
719  switch (sa.ss_family) {
720  case AF_INET:
721  if (inet_ntop(AF_INET, &(((sockaddr_in*)&sa)->sin_addr), buf, INET_ADDRSTRLEN)) {
722  if (Addr_str) free(Addr_str);
723  Addr_str = strdup(buf);
724  ok = true;
725  }
726  break;
727  case AF_INET6:
728  if (inet_ntop(AF_INET6, &(((sockaddr_in6*)&sa)->sin6_addr), buf, INET6_ADDRSTRLEN)) {
729  if (Addr_str) free(Addr_str);
730  Addr_str = (char *)malloc(strlen(buf)+3);
731  strcpy(Addr_str, "[");
732  strcat(Addr_str, buf);
733  strcat(Addr_str, "]");
734  ok = true;
735  }
736  break;
737  default:
738  TRACEI(REQ, " Can't recognize the address family of the local host.");
739  }
740 
741  if (ok) {
742  dest += Addr_str;
743  dest += ":";
744  dest += Port_str;
745  dest += CurrentReq.resource.c_str();
746  TRACEI(REQ," rc:"<<rc<<" self-redirecting to http with security token: '"
747  << dest.c_str() << "'");
748 
749 
750  CurrentReq.appendOpaque(dest, &SecEntity, hash, timenow);
751  SendSimpleResp(302, NULL, (char *) dest.c_str(), 0, 0, true);
752  CurrentReq.reset();
753  return -1;
754  }
755 
756  TRACEI(REQ, " rc:" << rc << " Can't perform self-redirection.");
757 
758  }
759  else {
760  TRACEI(ALL, " Could not calculate self-redirection hash");
761  }
762  }
763 
764  // If this is not https, then extract the signed information from the url
765  // and fill the SecEntity structure as if we were using https
766  if (!ishttps && !ssldone) {
767 
768 
769  if (CurrentReq.opaque) {
770  char * tk = CurrentReq.opaque->Get("xrdhttptk");
771  // If there is a hash then we use it as authn info
772  if (tk) {
773 
774  time_t tim = 0;
775  char * t = CurrentReq.opaque->Get("xrdhttptime");
776  if (t) tim = atoi(t);
777  if (!t) {
778  TRACEI(REQ, " xrdhttptime not specified. Authentication failed.");
779  return -1;
780  }
781  if (abs(time(0) - tim) > XRHTTP_TK_GRACETIME) {
782  TRACEI(REQ, " Token expired. Authentication failed.");
783  return -1;
784  }
785 
786  // Fill the Secentity from the fields in the URL:name, vo, host
787  char *nfo;
788 
789  nfo = CurrentReq.opaque->Get("xrdhttpvorg");
790  if (nfo) {
791  TRACEI(DEBUG, " Setting vorg: " << nfo);
792  SecEntity.vorg = strdup(nfo);
793  TRACEI(REQ, " Setting vorg: " << SecEntity.vorg);
794  }
795 
796  nfo = CurrentReq.opaque->Get("xrdhttpname");
797  if (nfo) {
798  TRACEI(DEBUG, " Setting name: " << nfo);
799  SecEntity.name = unquote(nfo);
800  TRACEI(REQ, " Setting name: " << SecEntity.name);
801  }
802 
803  nfo = CurrentReq.opaque->Get("xrdhttphost");
804  if (nfo) {
805  TRACEI(DEBUG, " Setting host: " << nfo);
806  if (SecEntity.host) free(SecEntity.host);
807  SecEntity.host = unquote(nfo);
808  TRACEI(REQ, " Setting host: " << SecEntity.host);
809  }
810 
811  nfo = CurrentReq.opaque->Get("xrdhttpdn");
812  if (nfo) {
813  TRACEI(DEBUG, " Setting dn: " << nfo);
814  SecEntity.moninfo = unquote(nfo);
815  TRACEI(REQ, " Setting dn: " << SecEntity.moninfo);
816  }
817 
818  nfo = CurrentReq.opaque->Get("xrdhttprole");
819  if (nfo) {
820  TRACEI(DEBUG, " Setting role: " << nfo);
821  SecEntity.role = unquote(nfo);
822  TRACEI(REQ, " Setting role: " << SecEntity.role);
823  }
824 
825  nfo = CurrentReq.opaque->Get("xrdhttpgrps");
826  if (nfo) {
827  TRACEI(DEBUG, " Setting grps: " << nfo);
828  SecEntity.grps = unquote(nfo);
829  TRACEI(REQ, " Setting grps: " << SecEntity.grps);
830  }
831 
832  nfo = CurrentReq.opaque->Get("xrdhttpendorsements");
833  if (nfo) {
834  TRACEI(DEBUG, " Setting endorsements: " << nfo);
836  TRACEI(REQ, " Setting endorsements: " << SecEntity.endorsements);
837  }
838 
839  nfo = CurrentReq.opaque->Get("xrdhttpcredslen");
840  if (nfo) {
841  TRACEI(DEBUG, " Setting credslen: " << nfo);
842  char *s1 = unquote(nfo);
843  if (s1 && s1[0]) {
844  SecEntity.credslen = atoi(s1);
845  TRACEI(REQ, " Setting credslen: " << SecEntity.credslen);
846  }
847  if (s1) free(s1);
848  }
849 
850  if (SecEntity.credslen) {
851  nfo = CurrentReq.opaque->Get("xrdhttpcreds");
852  if (nfo) {
853  TRACEI(DEBUG, " Setting creds: " << nfo);
854  SecEntity.creds = unquote(nfo);
855  TRACEI(REQ, " Setting creds: " << SecEntity.creds);
856  }
857  }
858 
859  char hash[512];
860 
862  &SecEntity,
863  tim,
864  secretkey);
865 
866  if (compareHash(hash, tk)) {
867  TRACEI(REQ, " Invalid tk '" << tk << "' != '" << hash << "'(calculated). Authentication failed.");
868  return -1;
869  }
870 
871  } else {
872  // Client is plain http. If we have a secret key then we reject it
873  if (secretkey) {
874  TRACEI(ALL, " Rejecting plain http with no valid token as we have a secretkey.");
875  return -1;
876  }
877  }
878 
879  } else {
880  // Client is plain http. If we have a secret key then we reject it
881  if (secretkey) {
882  TRACEI(ALL, " Rejecting plain http with no valid token as we have a secretkey.");
883  return -1;
884  }
885  }
886 
887  ssldone = true;
888  }
889 
890 
891 
892  // Now we have everything that is needed to try the login
893  // Remember that if there is an exthandler then it has the responsibility
894  // for authorization in the paths that it manages
895  if (!Bridge && !FindMatchingExtHandler(CurrentReq)) {
896  if (SecEntity.name)
897  Bridge = XrdXrootd::Bridge::Login(&CurrentReq, Link, &SecEntity, SecEntity.name, ishttps ? "https" : "http");
898  else
899  Bridge = XrdXrootd::Bridge::Login(&CurrentReq, Link, &SecEntity, "unknown", ishttps ? "https" : "http");
900 
901  if (!Bridge) {
902  TRACEI(REQ, " Authorization failed.");
903  return -1;
904  }
905 
906  // Let the bridge process the login, and then reinvoke us
907  DoingLogin = true;
908  return 0;
909  }
910 
911  // Compute and send the response. This may involve further reading from the socket
912  rc = CurrentReq.ProcessHTTPReq();
913  if (rc < 0)
914  CurrentReq.reset();
915 
916 
917 
918  TRACEI(REQ, "Process is exiting rc:" << rc);
919  return rc;
920 }
struct ClientSetRequest set
Definition: XProtocol.hh:871
@ kXR_set
Definition: XProtocol.hh:130
kXR_unt16 requestid
Definition: XProtocol.hh:719
kXR_int32 dlen
Definition: XProtocol.hh:722
kXR_char modifier
Definition: XProtocol.hh:721
kXR_char reserved[15]
Definition: XProtocol.hh:720
short kXR_int16
Definition: XPtypes.hh:66
#define XRHTTP_TK_GRACETIME
#define TRACE_AUTH
Definition: XrdHttpTrace.hh:48
int compareHash(const char *h1, const char *h2)
char * unquote(char *str)
void calcHashes(char *hash, const char *fn, kXR_int16 request, XrdSecEntity *secent, time_t tim, const char *key)
std::string obfuscateAuth(const std::string &input)
#define TRACE_DEBUG
Definition: XrdTrace.hh:36
#define TRACE(act, x)
Definition: XrdTrace.hh:63
#define TRACING(x)
Definition: XrdTrace.hh:70
int bsize
Definition: XrdBuffer.hh:46
static char * secretkey
The key used to calculate the url hashes.
static bool selfhttps2http
If client is HTTPS, self-redirect with HTTP+token.
static char * sslcadir
int reqstate
State machine to talk to the bridge.
Definition: XrdHttpReq.hh:322
XrdOucString resource
The resource specified by the request, stripped of opaque data.
Definition: XrdHttpReq.hh:244
bool headerok
Tells if we have finished reading the header.
Definition: XrdHttpReq.hh:252
ReqType request
The request we got.
Definition: XrdHttpReq.hh:236
int ProcessHTTPReq()
Definition: XrdHttpReq.cc:928
XrdOucEnv * opaque
The opaque data, after parsing.
Definition: XrdHttpReq.hh:246
int parseFirstLine(char *line, int len)
Parse the first line of the header.
Definition: XrdHttpReq.cc:256
int parseLine(char *line, int len)
Parse the header.
Definition: XrdHttpReq.cc:116
void appendOpaque(XrdOucString &s, XrdSecEntity *secent, char *hash, time_t tnow)
Definition: XrdHttpReq.cc:629
const std::string & userAgent() const
Definition: XrdHttpReq.hh:210
virtual void reset()
Definition: XrdHttpReq.cc:2757
virtual int InitSSL(SSL *, char *)
char * Get(const char *varname)
Definition: XrdOucEnv.hh:69
char * vorg
Entity's virtual organization(s)
Definition: XrdSecEntity.hh:71
int credslen
Length of the 'creds' data.
Definition: XrdSecEntity.hh:78
char prot[XrdSecPROTOIDSIZE]
Auth protocol used (e.g. krb5)
Definition: XrdSecEntity.hh:67
char * creds
Raw entity credentials or cert.
Definition: XrdSecEntity.hh:77
char * grps
Entity's group name(s)
Definition: XrdSecEntity.hh:73
char * name
Entity's name.
Definition: XrdSecEntity.hh:69
char * role
Entity's role(s)
Definition: XrdSecEntity.hh:72
char * endorsements
Protocol specific endorsements.
Definition: XrdSecEntity.hh:75
void Display(XrdSysError &mDest)
Definition: XrdSecEntity.cc:58
char * moninfo
Information for monitoring.
Definition: XrdSecEntity.hh:76
char * host
Entity's host name dnr dependent.
Definition: XrdSecEntity.hh:70
bool SetTlsClientAuth(ClientAuthSetting setting)
void * Session()
static Bridge * Login(Result *rsltP, XrdLink *linkP, XrdSecEntity *seceP, const char *nameP, const char *protP)
XrdTlsContext::ClientAuthSetting tlsClientAuth

References Addr_str, XrdLink::AddrInfo(), XrdHttpReq::appendOpaque(), Bridge, XrdBuffer::bsize, XrdBuffer::buff, XrdOucString::c_str(), calcHashes(), compareHash(), XrdSecEntity::creds, XrdSecEntity::credslen, CurrentReq, DEBUG, XrdSecEntity::Display(), ClientSetRequest::dlen, eDest, XrdSecEntity::endorsements, XrdLink::FDnum(), XrdOucEnv::Get(), XrdSecEntity::grps, XrdHttpReq::headerok, XrdSecEntity::host, XrdHttpSecXtractor::InitSSL(), kXR_set, XrdOucString::length(), Link, XrdXrootd::Bridge::Login(), ClientSetRequest::modifier, XrdSecEntity::moninfo, XrdSecEntity::name, obfuscateAuth(), XrdHttpReq::opaque, XrdHttpReq::parseFirstLine(), XrdHttpReq::parseLine(), Port_str, XrdHttpReq::ProcessHTTPReq(), XrdSecEntity::prot, XrdHttpReq::reqstate, XrdHttpReq::request, ClientSetRequest::requestid, ClientSetRequest::reserved, XrdHttpReq::reset(), XrdHttpReq::resource, XrdSecEntity::role, XrdHttpReq::rtGET, XrdHttpReq::rtPROPFIND, XrdHttpReq::rtPUT, XrdHttpReq::rtUnset, XrdXrootd::Bridge::Run(), SecEntity, secretkey, selfhttps2http, XrdTlsContext::Session(), ClientRequest::set, XrdTlsContext::SetTlsClientAuth(), XrdNetAddrInfo::SockFD(), sslcadir, XrdHttpProtoInfo::tlsClientAuth, TRACE, TRACE_AUTH, TRACE_DEBUG, TRACEI, TRACING, unquote(), XrdHttpReq::userAgent(), XrdSecEntity::vorg, XrdHttpProtoInfo::xrdctx, XrdHttpReq::xrdreq, and XRHTTP_TK_GRACETIME.

+ Here is the call graph for this function:

◆ Recycle()

void XrdHttpProtocol::Recycle ( XrdLink lp,
int  consec,
const char *  reason 
)
virtual

Recycle this instance.

Implements XrdProtocol.

Definition at line 928 of file XrdHttpProtocol.cc.

928  {
929 
930  // Release all appendages
931  //
932 
933  Cleanup();
934 
935 
936  // Set fields to starting point (debugging mostly)
937  //
938  Reset();
939 
940  // Push ourselves on the stack
941  //
943 }
void Push(XrdObject< T > *Node)
Definition: XrdObject.hh:101

References ProtLink, ProtStack, and XrdObjectQ< T >::Push().

+ Here is the call graph for this function:

◆ Stats()

int XrdHttpProtocol::Stats ( char *  buff,
int  blen,
int  do_sync = 0 
)
virtual

Get activity stats.

Implements XrdProtocol.

Definition at line 945 of file XrdHttpProtocol.cc.

945  {
946  // Synchronize statistics if need be
947  //
948  // if (do_sync) {
949  //
950  // SI->statsMutex.Lock();
951  // SI->readCnt += numReads;
952  // cumReads += numReads;
953  // numReads = 0;
954  // SI->prerCnt += numReadP;
955  // cumReadP += numReadP;
956  // numReadP = 0;
957  // SI->rvecCnt += numReadV;
958  // cumReadV += numReadV;
959  // numReadV = 0;
960  // SI->rsegCnt += numSegsV;
961  // cumSegsV += numSegsV;
962  // numSegsV = 0;
963  // SI->writeCnt += numWrites;
964  // cumWrites += numWrites;
965  // numWrites = 0;
966  // SI->statsMutex.UnLock();
967  // }
968  //
969  // // Now return the statistics
970  // //
971  // return SI->Stats(buff, blen, do_sync);
972 
973  return 0;
974 }

Friends And Related Function Documentation

◆ XrdHttpExtReq

friend class XrdHttpExtReq
friend

Definition at line 83 of file XrdHttpProtocol.hh.

◆ XrdHttpReq

friend class XrdHttpReq
friend

Definition at line 82 of file XrdHttpProtocol.hh.

Member Data Documentation

◆ Addr_str

char* XrdHttpProtocol::Addr_str
protected

Our IP address, as a string. Please remember that this may not be unique for a given machine, hence we need to keep it here and recompute ad every new connection.

Definition at line 364 of file XrdHttpProtocol.hh.

Referenced by XrdHttpProtocol(), and Process().

◆ BPool

XrdBuffManager * XrdHttpProtocol::BPool = 0
staticprotected

Definition at line 355 of file XrdHttpProtocol.hh.

Referenced by Configure(), and Match().

◆ Bridge

XrdXrootd::Bridge* XrdHttpProtocol::Bridge
protected

The Bridge that we use to exercise the xrootd internals.

Definition at line 370 of file XrdHttpProtocol.hh.

Referenced by doChksum(), doStat(), Process(), and XrdHttpReq::ProcessHTTPReq().

◆ CIA

XrdSecService * XrdHttpProtocol::CIA = 0
staticprotected

Definition at line 357 of file XrdHttpProtocol.hh.

◆ cksumHandler

XrdHttpChecksumHandler XrdHttpProtocol::cksumHandler = XrdHttpChecksumHandler()
static

Definition at line 136 of file XrdHttpProtocol.hh.

Referenced by XrdHttpReq::ProcessHTTPReq().

◆ compatNameGeneration

bool XrdHttpProtocol::compatNameGeneration = false
staticprotected

Definition at line 403 of file XrdHttpProtocol.hh.

◆ crlRefIntervalSec

int XrdHttpProtocol::crlRefIntervalSec = XrdTlsContext::DEFAULT_CRL_REF_INT_SEC
staticprotected

CRL thread refresh interval.

Definition at line 398 of file XrdHttpProtocol.hh.

◆ CurrentReq

XrdHttpReq XrdHttpProtocol::CurrentReq
protected

Area for coordinating request and responses to/from the bridge This also can process HTTP/DAV stuff

Definition at line 375 of file XrdHttpProtocol.hh.

Referenced by doChksum(), doStat(), and Process().

◆ eDest

XrdSysError XrdHttpProtocol::eDest = 0
staticprotected

Definition at line 356 of file XrdHttpProtocol.hh.

Referenced by Configure(), and Process().

◆ embeddedstatic

bool XrdHttpProtocol::embeddedstatic = true
staticprotected

If true, use the embedded css and icons.

Definition at line 424 of file XrdHttpProtocol.hh.

Referenced by XrdHttpReq::ProcessHTTPReq().

◆ gridmap

char * XrdHttpProtocol::gridmap = 0
staticprotected

Gridmap file location. The same used by XrdSecGsi.

Definition at line 401 of file XrdHttpProtocol.hh.

◆ hailWait

int XrdHttpProtocol::hailWait = 60000
staticprotected

Timeout for reading the handshake.

Definition at line 383 of file XrdHttpProtocol.hh.

Referenced by Match().

◆ hdr2cgimap

std::map< std::string, std::string > XrdHttpProtocol::hdr2cgimap
staticprotected

Rules that turn HTTP headers to cgi tokens in the URL, for internal comsumption.

Definition at line 440 of file XrdHttpProtocol.hh.

Referenced by XrdHttpReq::parseLine().

◆ isdesthttps

bool XrdHttpProtocol::isdesthttps = false
staticprotected

True if the redirections must be towards https targets.

Definition at line 412 of file XrdHttpProtocol.hh.

Referenced by XrdHttpReq::Redir().

◆ isRequiredGridmap

bool XrdHttpProtocol::isRequiredGridmap = false
staticprotected

Definition at line 402 of file XrdHttpProtocol.hh.

◆ Link

XrdLink* XrdHttpProtocol::Link
protected

The link we are bound to.

Definition at line 360 of file XrdHttpProtocol.hh.

Referenced by XrdHttpExtReq::GetClientID(), Match(), and Process().

◆ listdeny

bool XrdHttpProtocol::listdeny = false
staticprotected

If true, any form of listing is denied.

Definition at line 418 of file XrdHttpProtocol.hh.

Referenced by XrdHttpReq::ProcessHTTPReq().

◆ listredir

char * XrdHttpProtocol::listredir = 0
staticprotected

Url to redirect to in the case a listing is requested.

Definition at line 415 of file XrdHttpProtocol.hh.

Referenced by XrdHttpReq::ProcessHTTPReq().

◆ m_bio_method

BIO_METHOD * XrdHttpProtocol::m_bio_method = NULL
staticprotected

C-style vptr table for our custom BIO objects.

Definition at line 446 of file XrdHttpProtocol.hh.

◆ m_bio_type

int XrdHttpProtocol::m_bio_type = 0
staticprotected

Type identifier for our custom BIO objects.

Definition at line 443 of file XrdHttpProtocol.hh.

◆ m_staticheader_map

std::unordered_map<std::string, std::vector<std::pair<std::string, std::string> > > XrdHttpProtocol::m_staticheader_map
staticprotected

The static headers to always return; map is from verb to a list of (header, val) pairs.

Definition at line 458 of file XrdHttpProtocol.hh.

◆ m_staticheaders

std::unordered_map<std::string, std::string> XrdHttpProtocol::m_staticheaders
staticprotected

The static string version of m_staticheader_map. After config parsing is done, this is computed and we won't need to reference m_staticheader_map in the response path.

Definition at line 462 of file XrdHttpProtocol.hh.

◆ myRole

kXR_int32 XrdHttpProtocol::myRole = kXR_isManager
staticprotected

Our role.

Definition at line 437 of file XrdHttpProtocol.hh.

Referenced by Configure(), and XrdHttpReq::ProcessHTTPReq().

◆ pmarkHandle

XrdNetPMark * XrdHttpProtocol::pmarkHandle = nullptr
staticprotected

Packet marking handler pointer (assigned from the environment during the Config() call)

Definition at line 452 of file XrdHttpProtocol.hh.

Referenced by XrdHttpExtReq::XrdHttpExtReq(), and XrdHttpReq::parseLine().

◆ Port

int XrdHttpProtocol::Port = 1094
staticprotected

Our port.

Definition at line 389 of file XrdHttpProtocol.hh.

Referenced by Configure().

◆ Port_str

char * XrdHttpProtocol::Port_str = 0
staticprotected

Our port, as a string.

Definition at line 392 of file XrdHttpProtocol.hh.

Referenced by Configure(), and Process().

◆ ProtLink

XrdObject<XrdHttpProtocol> XrdHttpProtocol::ProtLink

Definition at line 129 of file XrdHttpProtocol.hh.

Referenced by Recycle().

◆ ProtStack

XrdObjectQ< XrdHttpProtocol > XrdHttpProtocol::ProtStack
static

Definition at line 128 of file XrdHttpProtocol.hh.

Referenced by Configure(), Match(), and Recycle().

◆ ReadRangeConfig

XrdHttpReadRangeHandler::Configuration XrdHttpProtocol::ReadRangeConfig
static

configuration for the read range handler

Definition at line 139 of file XrdHttpProtocol.hh.

◆ readWait

int XrdHttpProtocol::readWait = 300000
staticprotected

Timeout for reading data.

Definition at line 386 of file XrdHttpProtocol.hh.

◆ Sched

XrdScheduler * XrdHttpProtocol::Sched = 0
staticprotected

Definition at line 354 of file XrdHttpProtocol.hh.

Referenced by Configure().

◆ SecEntity

XrdSecEntity XrdHttpProtocol::SecEntity

Authentication area.

Definition at line 133 of file XrdHttpProtocol.hh.

Referenced by XrdHttpExtReq::XrdHttpExtReq(), XrdHttpExtReq::GetSecEntity(), Match(), Process(), and XrdHttpReq::Redir().

◆ secretkey

char * XrdHttpProtocol::secretkey = 0
staticprotected

The key used to calculate the url hashes.

Definition at line 406 of file XrdHttpProtocol.hh.

Referenced by Process(), and XrdHttpReq::Redir().

◆ selfhttps2http

bool XrdHttpProtocol::selfhttps2http = false
staticprotected

If client is HTTPS, self-redirect with HTTP+token.

Definition at line 421 of file XrdHttpProtocol.hh.

Referenced by Process().

◆ servGMap

XrdOucGMap * XrdHttpProtocol::servGMap = 0
staticprotected

The instance of the DN mapper. Created only when a valid path is given.

Definition at line 367 of file XrdHttpProtocol.hh.

◆ sslcadir

char * XrdHttpProtocol::sslcadir = 0
staticprotected

Definition at line 395 of file XrdHttpProtocol.hh.

Referenced by Process().

◆ sslcafile

char * XrdHttpProtocol::sslcafile = 0
staticprotected

Definition at line 395 of file XrdHttpProtocol.hh.

◆ sslcert

char * XrdHttpProtocol::sslcert = 0
staticprotected

OpenSSL stuff.

Definition at line 395 of file XrdHttpProtocol.hh.

◆ sslcipherfilter

char * XrdHttpProtocol::sslcipherfilter = 0
staticprotected

Definition at line 395 of file XrdHttpProtocol.hh.

◆ sslkey

char * XrdHttpProtocol::sslkey = 0
staticprotected

Definition at line 395 of file XrdHttpProtocol.hh.

◆ sslverifydepth

int XrdHttpProtocol::sslverifydepth = 9
staticprotected

Depth of verification of a certificate chain.

Definition at line 409 of file XrdHttpProtocol.hh.

◆ staticpreload

XrdOucHash< XrdHttpProtocol::StaticPreloadInfo > * XrdHttpProtocol::staticpreload = 0
staticprotected

Definition at line 434 of file XrdHttpProtocol.hh.

Referenced by XrdHttpReq::ProcessHTTPReq().

◆ staticredir

char * XrdHttpProtocol::staticredir = 0
staticprotected

Definition at line 427 of file XrdHttpProtocol.hh.

Referenced by XrdHttpReq::ProcessHTTPReq().

◆ tpcForwardCreds

bool XrdHttpProtocol::tpcForwardCreds = false
staticprotected

If set to true, the HTTP TPC transfers will forward the credentials to redirected hosts.

Definition at line 455 of file XrdHttpProtocol.hh.

Referenced by XrdHttpExtReq::XrdHttpExtReq().

◆ xrd_cslist

char * XrdHttpProtocol::xrd_cslist = nullptr
staticprotected

The list of checksums that were configured via the xrd.cksum parameter on the server config file.

Definition at line 449 of file XrdHttpProtocol.hh.

Referenced by Configure().


The documentation for this class was generated from the following files: