Main Page | Namespace List | Class Hierarchy | Class List | Directories | File List | Namespace Members | Class Members | File Members

XrdSecProtocolgsi Class Reference

#include <XrdSecProtocolgsi.hh>

Inheritance diagram for XrdSecProtocolgsi:

Inheritance graph
[legend]
Collaboration diagram for XrdSecProtocolgsi:

Collaboration graph
[legend]
List of all members.

Public Member Functions

int Authenticate (XrdSecCredentials *cred, XrdSecParameters **parms, XrdOucErrInfo *einfo=0)
XrdSecCredentialsgetCredentials (XrdSecParameters *parm=0, XrdOucErrInfo *einfo=0)
 XrdSecProtocolgsi (int opts, const char *hname, const struct sockaddr *ipadd, const char *parms=0)
virtual ~XrdSecProtocolgsi ()
void Delete ()
int Encrypt (const char *inbuf, int inlen, XrdSecBuffer **outbuf)
int Decrypt (const char *inbuf, int inlen, XrdSecBuffer **outbuf)
int Sign (const char *inbuf, int inlen, XrdSecBuffer **outbuf)
int Verify (const char *inbuf, int inlen, const char *sigbuf, int siglen)
int getKey (char *kbuf=0, int klen=0)
int setKey (char *kbuf, int klen)

Static Public Member Functions

char * Init (gsiOptions o, XrdOucErrInfo *erp)

Private Member Functions

int ParseClientInput (XrdSutBuffer *br, XrdSutBuffer **bm, String &emsg)
int ClientDoInit (XrdSutBuffer *br, XrdSutBuffer **bm, String &cmsg)
int ClientDoCert (XrdSutBuffer *br, XrdSutBuffer **bm, String &cmsg)
int ClientDoPxyreq (XrdSutBuffer *br, XrdSutBuffer **bm, String &cmsg)
int ParseServerInput (XrdSutBuffer *br, XrdSutBuffer **bm, String &cmsg)
int ServerDoCertreq (XrdSutBuffer *br, XrdSutBuffer **bm, String &cmsg)
int ServerDoCert (XrdSutBuffer *br, XrdSutBuffer **bm, String &cmsg)
int ServerDoSigpxy (XrdSutBuffer *br, XrdSutBuffer **bm, String &cmsg)
int ParseCrypto (String cryptlist)
int ParseCAlist (String calist)
int GetCA (const char *cahash)
bool ServerCertNameOK (const char *subject, String &e)
XrdSecCredentialsErrC (XrdOucErrInfo *einfo, XrdSutBuffer *b1, XrdSutBuffer *b2, XrdSutBuffer *b3, kXR_int32 ecode, const char *msg1=0, const char *msg2=0, const char *msg3=0)
int ErrS (String ID, XrdOucErrInfo *einfo, XrdSutBuffer *b1, XrdSutBuffer *b2, XrdSutBuffer *b3, kXR_int32 ecode, const char *msg1=0, const char *msg2=0, const char *msg3=0)
bool CheckTimeStamp (XrdSutBuffer *b, int skew, String &emsg)
bool CheckRtag (XrdSutBuffer *bm, String &emsg)
int AddSerialized (char opt, kXR_int32 step, String ID, XrdSutBuffer *bls, XrdSutBuffer *buf, kXR_int32 type, XrdCryptoCipher *cip)

Static Private Member Functions

int LoadCADir (int timestamp)
String GetCApath (const char *cahash)
bool VerifyCA (int opt, X509Chain *cca, XrdCryptoFactory *cf)
XrdCryptoX509CrlLoadCRL (XrdCryptoX509 *xca, XrdCryptoFactory *CF)
int QueryProxy (bool checkcache, XrdSutCache *cache, const char *tag, XrdCryptoFactory *cf, int timestamp, ProxyIn_t *pi, ProxyOut_t *po)
int InitProxy (ProxyIn_t *pi, X509Chain *ch=0, XrdCryptoRSA **key=0)
void ErrF (XrdOucErrInfo *einfo, kXR_int32 ecode, const char *msg1, const char *msg2=0, const char *msg3=0)
int LoadGMAP (int now)
XrdSecgsiGMAP_t LoadGMAPFun (const char *plugin, const char *parms)
XrdSecgsiAuthz_t LoadAuthzFun (const char *plugin, const char *parms)
void QueryGMAP (XrdCryptoX509Chain *chain, int now, String &name)

Private Attributes

int options
sockaddr hostaddr
XrdCryptoFactorysessionCF
XrdCryptoCiphersessionKey
XrdSutBucketbucketKey
XrdCryptoMsgDigestsessionMD
XrdCryptoRSAsessionKsig
XrdCryptoRSAsessionKver
X509ChainproxyChain
bool srvMode
gsiHSVarshs

Static Private Attributes

XrdSysMutex gsiContext
String CAdir = "/etc/grid-security/certificates/"
String CRLdir = "/etc/grid-security/certificates/"
String DefCRLext = ".r0"
String SrvCert = "/etc/grid-security/xrd/xrdcert.pem"
String SrvKey = "/etc/grid-security/xrd/xrdkey.pem"
String UsrProxy
String UsrCert = "/.globus/usercert.pem"
String UsrKey = "/.globus/userkey.pem"
String PxyValid = "12:00"
int DepLength = 0
int DefBits = 512
int CACheck = 1
int CRLCheck = 1
String DefCrypto = "ssl"
String DefCipher = "aes-128-cbc:bf-cbc:des-ede3-cbc"
String DefMD = "sha1:md5"
String DefError = "invalid credentials "
String GMAPFile = "/etc/grid-security/grid-mapfile"
int GMAPOpt = 1
bool GMAPuseDNname = 0
int GMAPCacheTimeOut = -1
XrdSysPluginGMAPPlugin = 0
XrdSecgsiGMAP_t GMAPFun = 0
XrdSysPluginAuthzPlugin = 0
XrdSecgsiAuthz_t AuthzFun = 0
int PxyReqOpts = 0
int AuthzPxyWhat = -1
int AuthzPxyWhere = -1
String SrvAllowedNames
int ncrypt = 0
XrdCryptoFactorycryptF [XrdCryptoMax] = {0}
int cryptID [XrdCryptoMax] = {0}
String cryptName [XrdCryptoMax] = {0}
XrdCryptoCipherrefcip [XrdCryptoMax] = {0}
XrdSutCache cacheCA
XrdSutCache cacheCert
XrdSutCache cachePxy
XrdSutCache cacheGMAP
XrdSutCache cacheGMAPFun
int Debug = 0
bool Server = 1
int TimeSkew = 300
XrdSysLogger Logger
XrdSysError eDest
XrdOucTraceGSITrace = 0

Constructor & Destructor Documentation

XrdSecProtocolgsi::XrdSecProtocolgsi int  opts,
const char *  hname,
const struct sockaddr *  ipadd,
const char *  parms = 0
 

virtual XrdSecProtocolgsi::~XrdSecProtocolgsi  )  [inline, virtual]
 

Member Function Documentation

int XrdSecProtocolgsi::AddSerialized char  opt,
kXR_int32  step,
String  ID,
XrdSutBuffer bls,
XrdSutBuffer buf,
kXR_int32  type,
XrdCryptoCipher cip
[private]
 

int XrdSecProtocolgsi::Authenticate XrdSecCredentials cred,
XrdSecParameters **  parms,
XrdOucErrInfo einfo = 0
[virtual]
 

Implements XrdSecProtocol.

bool XrdSecProtocolgsi::CheckRtag XrdSutBuffer bm,
String emsg
[private]
 

bool XrdSecProtocolgsi::CheckTimeStamp XrdSutBuffer b,
int  skew,
String emsg
[private]
 

int XrdSecProtocolgsi::ClientDoCert XrdSutBuffer br,
XrdSutBuffer **  bm,
String cmsg
[private]
 

int XrdSecProtocolgsi::ClientDoInit XrdSutBuffer br,
XrdSutBuffer **  bm,
String cmsg
[private]
 

int XrdSecProtocolgsi::ClientDoPxyreq XrdSutBuffer br,
XrdSutBuffer **  bm,
String cmsg
[private]
 

int XrdSecProtocolgsi::Decrypt const char *  inbuf,
int  inlen,
XrdSecBuffer **  outbuf
[virtual]
 

Reimplemented from XrdSecProtocol.

void XrdSecProtocolgsi::Delete  )  [virtual]
 

Implements XrdSecProtocol.

int XrdSecProtocolgsi::Encrypt const char *  inbuf,
int  inlen,
XrdSecBuffer **  outbuf
[virtual]
 

Reimplemented from XrdSecProtocol.

XrdSecCredentials * XrdSecProtocolgsi::ErrC XrdOucErrInfo einfo,
XrdSutBuffer b1,
XrdSutBuffer b2,
XrdSutBuffer b3,
kXR_int32  ecode,
const char *  msg1 = 0,
const char *  msg2 = 0,
const char *  msg3 = 0
[private]
 

void XrdSecProtocolgsi::ErrF XrdOucErrInfo einfo,
kXR_int32  ecode,
const char *  msg1,
const char *  msg2 = 0,
const char *  msg3 = 0
[static, private]
 

int XrdSecProtocolgsi::ErrS String  ID,
XrdOucErrInfo einfo,
XrdSutBuffer b1,
XrdSutBuffer b2,
XrdSutBuffer b3,
kXR_int32  ecode,
const char *  msg1 = 0,
const char *  msg2 = 0,
const char *  msg3 = 0
[private]
 

int XrdSecProtocolgsi::GetCA const char *  cahash  )  [private]
 

String XrdSecProtocolgsi::GetCApath const char *  cahash  )  [static, private]
 

XrdSecCredentials * XrdSecProtocolgsi::getCredentials XrdSecParameters parm = 0,
XrdOucErrInfo einfo = 0
[virtual]
 

Implements XrdSecProtocol.

int XrdSecProtocolgsi::getKey char *  kbuf = 0,
int  klen = 0
[virtual]
 

Reimplemented from XrdSecProtocol.

char * XrdSecProtocolgsi::Init gsiOptions  o,
XrdOucErrInfo erp
[static]
 

int XrdSecProtocolgsi::InitProxy ProxyIn_t pi,
X509Chain ch = 0,
XrdCryptoRSA **  key = 0
[static, private]
 

XrdSecgsiAuthz_t XrdSecProtocolgsi::LoadAuthzFun const char *  plugin,
const char *  parms
[static, private]
 

int XrdSecProtocolgsi::LoadCADir int  timestamp  )  [static, private]
 

XrdCryptoX509Crl * XrdSecProtocolgsi::LoadCRL XrdCryptoX509 xca,
XrdCryptoFactory CF
[static, private]
 

int XrdSecProtocolgsi::LoadGMAP int  now  )  [static, private]
 

XrdSecgsiGMAP_t XrdSecProtocolgsi::LoadGMAPFun const char *  plugin,
const char *  parms
[static, private]
 

int XrdSecProtocolgsi::ParseCAlist String  calist  )  [private]
 

int XrdSecProtocolgsi::ParseClientInput XrdSutBuffer br,
XrdSutBuffer **  bm,
String emsg
[private]
 

int XrdSecProtocolgsi::ParseCrypto String  cryptlist  )  [private]
 

int XrdSecProtocolgsi::ParseServerInput XrdSutBuffer br,
XrdSutBuffer **  bm,
String cmsg
[private]
 

void XrdSecProtocolgsi::QueryGMAP XrdCryptoX509Chain chain,
int  now,
String name
[static, private]
 

int XrdSecProtocolgsi::QueryProxy bool  checkcache,
XrdSutCache cache,
const char *  tag,
XrdCryptoFactory cf,
int  timestamp,
ProxyIn_t pi,
ProxyOut_t po
[static, private]
 

bool XrdSecProtocolgsi::ServerCertNameOK const char *  subject,
String e
[private]
 

int XrdSecProtocolgsi::ServerDoCert XrdSutBuffer br,
XrdSutBuffer **  bm,
String cmsg
[private]
 

int XrdSecProtocolgsi::ServerDoCertreq XrdSutBuffer br,
XrdSutBuffer **  bm,
String cmsg
[private]
 

int XrdSecProtocolgsi::ServerDoSigpxy XrdSutBuffer br,
XrdSutBuffer **  bm,
String cmsg
[private]
 

int XrdSecProtocolgsi::setKey char *  kbuf,
int  klen
[virtual]
 

Reimplemented from XrdSecProtocol.

int XrdSecProtocolgsi::Sign const char *  inbuf,
int  inlen,
XrdSecBuffer **  outbuf
[virtual]
 

Reimplemented from XrdSecProtocol.

int XrdSecProtocolgsi::Verify const char *  inbuf,
int  inlen,
const char *  sigbuf,
int  siglen
[virtual]
 

Reimplemented from XrdSecProtocol.

bool XrdSecProtocolgsi::VerifyCA int  opt,
X509Chain cca,
XrdCryptoFactory cf
[static, private]
 

Member Data Documentation

XrdSecgsiAuthz_t XrdSecProtocolgsi::AuthzFun = 0 [static, private]
 

XrdSysPlugin * XrdSecProtocolgsi::AuthzPlugin = 0 [static, private]
 

int XrdSecProtocolgsi::AuthzPxyWhat = -1 [static, private]
 

int XrdSecProtocolgsi::AuthzPxyWhere = -1 [static, private]
 

XrdSutBucket* XrdSecProtocolgsi::bucketKey [private]
 

XrdSutCache XrdSecProtocolgsi::cacheCA [static, private]
 

XrdSutCache XrdSecProtocolgsi::cacheCert [static, private]
 

int XrdSecProtocolgsi::CACheck = 1 [static, private]
 

XrdSutCache XrdSecProtocolgsi::cacheGMAP [static, private]
 

XrdSutCache XrdSecProtocolgsi::cacheGMAPFun [static, private]
 

XrdSutCache XrdSecProtocolgsi::cachePxy [static, private]
 

String XrdSecProtocolgsi::CAdir = "/etc/grid-security/certificates/" [static, private]
 

int XrdSecProtocolgsi::CRLCheck = 1 [static, private]
 

String XrdSecProtocolgsi::CRLdir = "/etc/grid-security/certificates/" [static, private]
 

XrdCryptoFactory * XrdSecProtocolgsi::cryptF = {0} [static, private]
 

int XrdSecProtocolgsi::cryptID = {0} [static, private]
 

String XrdSecProtocolgsi::cryptName = {0} [static, private]
 

int XrdSecProtocolgsi::Debug = 0 [static, private]
 

int XrdSecProtocolgsi::DefBits = 512 [static, private]
 

String XrdSecProtocolgsi::DefCipher = "aes-128-cbc:bf-cbc:des-ede3-cbc" [static, private]
 

String XrdSecProtocolgsi::DefCRLext = ".r0" [static, private]
 

String XrdSecProtocolgsi::DefCrypto = "ssl" [static, private]
 

String XrdSecProtocolgsi::DefError = "invalid credentials " [static, private]
 

String XrdSecProtocolgsi::DefMD = "sha1:md5" [static, private]
 

int XrdSecProtocolgsi::DepLength = 0 [static, private]
 

XrdSysError XrdSecProtocolgsi::eDest [static, private]
 

int XrdSecProtocolgsi::GMAPCacheTimeOut = -1 [static, private]
 

String XrdSecProtocolgsi::GMAPFile = "/etc/grid-security/grid-mapfile" [static, private]
 

XrdSecgsiGMAP_t XrdSecProtocolgsi::GMAPFun = 0 [static, private]
 

int XrdSecProtocolgsi::GMAPOpt = 1 [static, private]
 

XrdSysPlugin * XrdSecProtocolgsi::GMAPPlugin = 0 [static, private]
 

bool XrdSecProtocolgsi::GMAPuseDNname = 0 [static, private]
 

XrdSysMutex XrdSecProtocolgsi::gsiContext [static, private]
 

XrdOucTrace * XrdSecProtocolgsi::GSITrace = 0 [static, private]
 

struct sockaddr XrdSecProtocolgsi::hostaddr [private]
 

gsiHSVars* XrdSecProtocolgsi::hs [private]
 

XrdSysLogger XrdSecProtocolgsi::Logger [static, private]
 

int XrdSecProtocolgsi::ncrypt = 0 [static, private]
 

int XrdSecProtocolgsi::options [private]
 

X509Chain* XrdSecProtocolgsi::proxyChain [private]
 

int XrdSecProtocolgsi::PxyReqOpts = 0 [static, private]
 

String XrdSecProtocolgsi::PxyValid = "12:00" [static, private]
 

XrdCryptoCipher * XrdSecProtocolgsi::refcip = {0} [static, private]
 

bool XrdSecProtocolgsi::Server = 1 [static, private]
 

XrdCryptoFactory* XrdSecProtocolgsi::sessionCF [private]
 

XrdCryptoCipher* XrdSecProtocolgsi::sessionKey [private]
 

XrdCryptoRSA* XrdSecProtocolgsi::sessionKsig [private]
 

XrdCryptoRSA* XrdSecProtocolgsi::sessionKver [private]
 

XrdCryptoMsgDigest* XrdSecProtocolgsi::sessionMD [private]
 

String XrdSecProtocolgsi::SrvAllowedNames [static, private]
 

String XrdSecProtocolgsi::SrvCert = "/etc/grid-security/xrd/xrdcert.pem" [static, private]
 

String XrdSecProtocolgsi::SrvKey = "/etc/grid-security/xrd/xrdkey.pem" [static, private]
 

bool XrdSecProtocolgsi::srvMode [private]
 

int XrdSecProtocolgsi::TimeSkew = 300 [static, private]
 

String XrdSecProtocolgsi::UsrCert = "/.globus/usercert.pem" [static, private]
 

String XrdSecProtocolgsi::UsrKey = "/.globus/userkey.pem" [static, private]
 

String XrdSecProtocolgsi::UsrProxy [static, private]
 

The documentation for this class was generated from the following files:
Generated on Sun Nov 6 13:37:16 2011 for xrootd by  doxygen 1.3.9.1