xrootd
Public Member Functions | Static Public Member Functions | Private Member Functions | Static Private Member Functions | Private Attributes | Static Private Attributes | Friends | List of all members
XrdSecProtocolgsi Class Reference

#include <XrdSecProtocolgsi.hh>

Inheritance diagram for XrdSecProtocolgsi:
Inheritance graph
[legend]
Collaboration diagram for XrdSecProtocolgsi:
Collaboration graph
[legend]

Public Member Functions

int Authenticate (XrdSecCredentials *cred, XrdSecParameters **parms, XrdOucErrInfo *einfo=0)
XrdSecCredentialsgetCredentials (XrdSecParameters *parm=0, XrdOucErrInfo *einfo=0)
 XrdSecProtocolgsi (int opts, const char *hname, const struct sockaddr *ipadd, const char *parms=0)
virtual ~XrdSecProtocolgsi ()
void Delete ()
int Encrypt (const char *inbuf, int inlen, XrdSecBuffer **outbuf)
int Decrypt (const char *inbuf, int inlen, XrdSecBuffer **outbuf)
int Sign (const char *inbuf, int inlen, XrdSecBuffer **outbuf)
int Verify (const char *inbuf, int inlen, const char *sigbuf, int siglen)
int getKey (char *kbuf=0, int klen=0)
int setKey (char *kbuf, int klen)
- Public Member Functions inherited from XrdSecProtocol
 XrdSecProtocol (const char *pName)

Static Public Member Functions

static char * Init (gsiOptions o, XrdOucErrInfo *erp)
static XrdOucTraceEnableTracing ()

Private Member Functions

int ParseClientInput (XrdSutBuffer *br, XrdSutBuffer **bm, String &emsg)
int ClientDoInit (XrdSutBuffer *br, XrdSutBuffer **bm, String &cmsg)
int ClientDoCert (XrdSutBuffer *br, XrdSutBuffer **bm, String &cmsg)
int ClientDoPxyreq (XrdSutBuffer *br, XrdSutBuffer **bm, String &cmsg)
int ParseServerInput (XrdSutBuffer *br, XrdSutBuffer **bm, String &cmsg)
int ServerDoCertreq (XrdSutBuffer *br, XrdSutBuffer **bm, String &cmsg)
int ServerDoCert (XrdSutBuffer *br, XrdSutBuffer **bm, String &cmsg)
int ServerDoSigpxy (XrdSutBuffer *br, XrdSutBuffer **bm, String &cmsg)
int ParseCrypto (String cryptlist)
int ParseCAlist (String calist)
bool ServerCertNameOK (const char *subject, String &e)
XrdSecCredentialsErrC (XrdOucErrInfo *einfo, XrdSutBuffer *b1, XrdSutBuffer *b2, XrdSutBuffer *b3, kXR_int32 ecode, const char *msg1=0, const char *msg2=0, const char *msg3=0)
int ErrS (String ID, XrdOucErrInfo *einfo, XrdSutBuffer *b1, XrdSutBuffer *b2, XrdSutBuffer *b3, kXR_int32 ecode, const char *msg1=0, const char *msg2=0, const char *msg3=0)
bool CheckTimeStamp (XrdSutBuffer *b, int skew, String &emsg)
bool CheckRtag (XrdSutBuffer *bm, String &emsg)
int AddSerialized (char opt, kXR_int32 step, String ID, XrdSutBuffer *bls, XrdSutBuffer *buf, kXR_int32 type, XrdCryptoCipher *cip)
void CopyEntity (XrdSecEntity *in, XrdSecEntity *out, int *lout=0)
void FreeEntity (XrdSecEntity *in)
void ExtractVOMS (X509Chain *c, XrdSecEntity &ent)

Static Private Member Functions

static int GetCA (const char *cahash, XrdCryptoFactory *cryptof, gsiHSVars *hs=0)
static String GetCApath (const char *cahash)
static bool VerifyCA (int opt, X509Chain *cca, XrdCryptoFactory *cf)
static XrdSutPFEntryGetSrvCertEnt (XrdCryptoFactory *cf, int timestamp, String &cal)
static XrdCryptoX509CrlLoadCRL (XrdCryptoX509 *xca, XrdCryptoFactory *CF, int dwld)
static int QueryProxy (bool checkcache, XrdSutCache *cache, const char *tag, XrdCryptoFactory *cf, int timestamp, ProxyIn_t *pi, ProxyOut_t *po)
static int InitProxy (ProxyIn_t *pi, X509Chain *ch=0, XrdCryptoRSA **key=0)
static void ErrF (XrdOucErrInfo *einfo, kXR_int32 ecode, const char *msg1, const char *msg2=0, const char *msg3=0)
static int LoadGMAP (int now)
static XrdSecgsiGMAP_t LoadGMAPFun (const char *plugin, const char *parms)
static XrdSecgsiAuthz_t LoadAuthzFun (const char *plugin, const char *parms, int &fmt)
static void QueryGMAP (XrdCryptoX509Chain *chain, int now, String &name)

Private Attributes

int options
struct sockaddr hostaddr
XrdCryptoFactorysessionCF
XrdCryptoCiphersessionKey
XrdSutBucketbucketKey
XrdCryptoMsgDigestsessionMD
XrdCryptoRSAsessionKsig
XrdCryptoRSAsessionKver
X509ChainproxyChain
bool srvMode
gsiHSVarshs

Static Private Attributes

static XrdSysMutex gsiContext
static String CAdir = "/etc/grid-security/certificates/"
static String CRLdir = "/etc/grid-security/certificates/"
static String DefCRLext = ".r0"
static String SrvCert = "/etc/grid-security/xrd/xrdcert.pem"
static String SrvKey = "/etc/grid-security/xrd/xrdkey.pem"
static String UsrProxy
static String UsrCert = "/.globus/usercert.pem"
static String UsrKey = "/.globus/userkey.pem"
static String PxyValid = "12:00"
static int DepLength = 0
static int DefBits = 512
static int CACheck = 1
static int CRLCheck = 1
static int CRLDownload = 0
static int CRLRefresh = 86400
static String DefCrypto = "ssl"
static String DefCipher = "aes-128-cbc:bf-cbc:des-ede3-cbc"
static String DefMD = "sha1:md5"
static String DefError = "invalid credentials "
static String GMAPFile = "/etc/grid-security/grid-mapfile"
static int GMAPOpt = 1
static bool GMAPuseDNname = 0
static int GMAPCacheTimeOut = -1
static XrdSysPluginGMAPPlugin = 0
static XrdSecgsiGMAP_t GMAPFun = 0
static XrdSysPluginAuthzPlugin = 0
static XrdSecgsiAuthz_t AuthzFun = 0
static XrdSecgsiAuthzKey_t AuthzKey = 0
static int AuthzCertFmt = -1
static int AuthzCacheTimeOut = 43200
static int PxyReqOpts = 0
static int AuthzPxyWhat = -1
static int AuthzPxyWhere = -1
static String SrvAllowedNames
static int VOMSAttrOpt = 1
static int MonInfoOpt = 0
static int ncrypt = 0
static XrdCryptoFactorycryptF [XrdCryptoMax] = {0}
static int cryptID [XrdCryptoMax] = {0}
static String cryptName [XrdCryptoMax] = {0}
static XrdCryptoCipherrefcip [XrdCryptoMax] = {0}
static XrdSutCache cacheCA
static XrdSutCache cacheCert
static XrdSutCache cachePxy
static XrdSutCache cacheGMAP
static XrdSutCache cacheGMAPFun
static XrdSutCache cacheAuthzFun
static int lastGMAPCheck = -1
static XrdSysMutex mutexGMAP
static int Debug = 0
static bool Server = 1
static int TimeSkew = 300
static XrdSysLogger Logger
static XrdSysError eDest
static XrdOucTraceGSITrace = 0

Friends

class gsiOptions

Additional Inherited Members

- Public Attributes inherited from XrdSecProtocol
XrdSecEntity Entity
- Protected Member Functions inherited from XrdSecProtocol
virtual ~XrdSecProtocol ()

Constructor & Destructor Documentation

XrdSecProtocolgsi::XrdSecProtocolgsi ( int  opts,
const char *  hname,
const struct sockaddr *  ipadd,
const char *  parms = 0 
)

References bucketKey, XrdOucString::c_str(), DEBUG, XrdSecProtocol::Entity, EPNAME, XrdSysDNS::getHostName(), XrdSecEntity::host, hostaddr, hs, XrdOucString::insert(), XrdOucString::length(), options, opts, gsiHSVars::Parms, PRINT, proxyChain, QTRACE, Server, sessionCF, sessionKey, sessionKsig, sessionKver, sessionMD, srvMode, gsiHSVars::TimeStamp, gsiHSVars::Tty, Version, XrdSecPROTOIDENT, and XrdSecPROTOIDLEN.

virtual XrdSecProtocolgsi::~XrdSecProtocolgsi ( )
inlinevirtual

Member Function Documentation

int XrdSecProtocolgsi::AddSerialized ( char  opt,
kXR_int32  step,
String  ID,
XrdSutBuffer bls,
XrdSutBuffer buf,
kXR_int32  type,
XrdCryptoCipher cip 
)
private

References XrdSutBuffer::AddBucket(), XrdSutPFEntry::buf1, XrdSutBucket::buffer, gsiHSVars::Cref, DEBUG, XrdCryptoCipher::Encrypt(), XrdCryptoRSA::EncryptPrivate(), EPNAME, XrdSutBuffer::GetBucket(), XrdSutRndm::GetRndmTag(), hs, kXRS_rtag, kXRS_signed_rtag, gsiHSVars::LastStep, XrdSutPFEntry::mtime, XrdSutBuffer::Serialized(), sessionKsig, XrdSutPFBuf::SetBuf(), XrdSutBuffer::SetStep(), XrdSutBucket::size, gsiHSVars::TimeStamp, XrdSutBucket::type, XrdSutBucket::Update(), and XrdSutBuckStr().

Referenced by Authenticate(), and getCredentials().

int XrdSecProtocolgsi::Authenticate ( XrdSecCredentials cred,
XrdSecParameters **  parms,
XrdOucErrInfo einfo = 0 
)
virtual

Implements XrdSecProtocol.

References XrdSutCache::Add(), XrdSutBuffer::AddBucket(), AddSerialized(), AuthzCacheTimeOut, AuthzCertFmt, AuthzFun, AuthzKey, AuthzPxyWhat, AuthzPxyWhere, XrdSutPFBuf::buf, XrdSutPFEntry::buf1, XrdSutPFEntry::buf2, XrdSecBuffer::buffer, XrdOucString::c_str(), cacheAuthzFun, gsiHSVars::Cbck, gsiHSVars::Chain, CheckRtag(), ClientStepStr(), XrdSutPFEntry::cnt, CopyEntity(), XrdSecEntity::creds, XrdSecEntity::credslen, CryptList, XrdSutBuffer::Deactivate(), DEBUG, DefCipher, DefMD, XrdSutBuffer::Dump(), XrdCryptoX509Chain::EEChash(), XrdCryptoX509Chain::EECname(), XrdCryptoX509Chain::End(), XrdSecEntity::endorsements, XrdSecProtocol::Entity, EPNAME, XrdOucString::erase(), ErrS(), XrdCryptoX509::Export(), ExtractVOMS(), XrdOucString::find(), FreeEntity(), XrdSutCache::Get(), XrdSutBuffer::GetBucket(), XrdSutBuffer::GetProtocol(), XrdSutBuffer::GetStep(), GMAPOpt, GMAPuseDNname, XrdSecEntity::grps, hs, gsiHSVars::ID, kGSErrAddBucket, kGSErrBadOpt, kGSErrBadProtocol, kGSErrBadRndmTag, kGSErrDecodeBuffer, kGSErrError, kGSErrNoPublic, kGSErrParseBuffer, kGSErrSerialBuffer, kgST_error, kgST_more, kgST_ok, kPFE_ok, kXGC_cert, kXGC_certreq, kXGC_sigpxy, kXGS_cert, kXGS_none, kXGS_pxyreq, kXRS_cipher_alg, kXRS_main, kXRS_md_alg, kXRS_message, kXRS_puk, kXRS_user, XrdSutPFBuf::len, XrdOucString::length(), XrdSecEntity::moninfo, MonInfoOpt, XrdSutPFEntry::mtime, XrdSecEntity::name, XrdCryptoX509::NotAfter(), gsiHSVars::Options, ParseServerInput(), PRINT, XrdSecEntity::prot, XrdCryptoCipher::Public(), gsiHSVars::PxyChain, QTRACE, QueryGMAP(), gsiHSVars::Rcip, XrdSutCache::Rehash(), REL2, XrdSutBuffer::Remove(), XrdSutCache::Remove(), gsiHSVars::RemVers, XrdOucString::replace(), XrdSecEntity::role, SafeDelArray, SafeDelete, SafeFree, XrdSutBuffer::Serialized(), ServerStepStr(), sessionKey, XrdSecBuffer::size, XrdSutPFEntry::status, STR_NPOS, XrdSecEntity::tident, gsiHSVars::TimeStamp, XrdOucString::tokenize(), XrdSutBucket::ToString(), VOMSAttrOpt, XrdSecEntity::vorg, XrdCryptosslX509ExportChain(), XrdSecPROTOIDENT, XrdSecPROTOIDLEN, and XrdSutBuckStr().

bool XrdSecProtocolgsi::CheckRtag ( XrdSutBuffer bm,
String emsg 
)
private

References XrdSutPFBuf::buf, XrdSutPFEntry::buf1, XrdSutBucket::buffer, gsiHSVars::Cref, XrdSutBuffer::Deactivate(), DEBUG, XrdCryptoRSA::DecryptPublic(), EPNAME, XrdSutBuffer::GetBucket(), hs, kXRS_signed_rtag, XrdSutPFBuf::len, gsiHSVars::RtagOK, SafeDelete, sessionKver, and XrdSutPFBuf::SetBuf().

Referenced by Authenticate(), and getCredentials().

bool XrdSecProtocolgsi::CheckTimeStamp ( XrdSutBuffer b,
int  skew,
String emsg 
)
private
int XrdSecProtocolgsi::ClientDoCert ( XrdSutBuffer br,
XrdSutBuffer **  bm,
String cmsg 
)
private

References XrdSutBucket::buffer, XrdOucString::c_str(), gsiHSVars::Chain, XrdCryptoFactory::Cipher(), gsiHSVars::Cref, gsiHSVars::Crl, XrdSutBuffer::Deactivate(), DEBUG, emsg(), XrdCryptoX509Chain::End(), EPNAME, XrdSutBuffer::GetBucket(), hs, XrdCryptoRSA::IsValid(), XrdCryptoX509Chain::kNone, kOptsDelChn, kXRS_cipher_alg, kXRS_main, kXRS_md_alg, kXRS_puk, kXRS_x509, XrdCryptoX509Chain::LastError(), XrdOucString::length(), XrdCryptoFactory::MsgDigest(), XrdSutPFEntry::mtime, gsiHSVars::Options, XrdCryptoX509::PKI(), gsiHSVars::RemVers, XrdCryptoFactory::RSA(), SafeDelete, ServerCertNameOK(), sessionCF, sessionKey, sessionKver, sessionMD, XrdSutBucket::size, XrdSutPFEntry::status, XrdCryptoX509::Subject(), XrdCryptoFactory::SupportedCipher(), XrdCryptoFactory::SupportedMsgDigest(), TimeSkew, gsiHSVars::TimeStamp, XrdOucString::tokenize(), XrdSutBucket::ToString(), XrdSutBuffer::UpdateBucket(), XrdCryptosslgsiX509Chain::Verify(), and XrdCryptoFactory::X509ParseBucket().

Referenced by ParseClientInput().

int XrdSecProtocolgsi::ClientDoInit ( XrdSutBuffer br,
XrdSutBuffer **  bm,
String cmsg 
)
private

References XrdOucString::assign(), XrdOucString::c_str(), cachePxy, CAdir, gsiHSVars::Cbck, ProxyOut_t::cbck, gsiHSVars::Chain, ProxyOut_t::chain, gsiHSVars::Cref, DEBUG, DefBits, DefCrypto, DepLength, XrdSecProtocol::Entity, EPNAME, XrdOucString::erase(), XrdOucString::find(), XrdSutBuffer::GetOptions(), XrdSutBuffer::GetProtocol(), XrdSecEntity::grps, XrdSecEntity::host, hs, ProxyOut_t::ksig, XrdSecEntity::name, gsiHSVars::Options, opts, ParseCAlist(), ParseCrypto(), gsiHSVars::PxyChain, PxyReqOpts, PxyValid, QueryProxy(), gsiHSVars::RemVers, XrdCryptoFactory::RSA(), sessionCF, sessionKsig, XrdSutPFEntry::status, gsiHSVars::TimeStamp, UsrCert, UsrKey, UsrProxy, Version, XrdSecEntity::vorg, and XrdSutResolve().

Referenced by ParseClientInput().

int XrdSecProtocolgsi::ClientDoPxyreq ( XrdSutBuffer br,
XrdSutBuffer **  bm,
String cmsg 
)
private

References XrdSutBucket::buffer, XrdCryptoCipher::Decrypt(), XrdCryptoX509Chain::End(), XrdCryptoX509::Export(), XrdCryptoRSA::ExportPrivate(), XrdSutBuffer::GetBucket(), hs, kOptsFwdPxy, kOptsSigReq, kXRS_main, kXRS_x509, kXRS_x509_req, gsiHSVars::Options, XrdCryptoX509::PKI(), gsiHSVars::PxyChain, gsiHSVars::RemVers, sessionCF, sessionKey, XrdCryptoX509Req::SetVersion(), XrdSutBucket::size, XrdCryptoFactory::X509Req(), and XrdSslgsiX509SignProxyReq().

Referenced by ParseClientInput().

void XrdSecProtocolgsi::CopyEntity ( XrdSecEntity in,
XrdSecEntity out,
int *  lout = 0 
)
private

References XrdSecEntity::creds, XrdSecEntity::credslen, XrdSecEntity::endorsements, XrdSecEntity::grps, XrdSecEntity::host, XrdSecEntity::moninfo, XrdSecEntity::name, XrdSecEntity::role, and XrdSecEntity::vorg.

Referenced by Authenticate().

int XrdSecProtocolgsi::Decrypt ( const char *  inbuf,
int  inlen,
XrdSecBuffer **  outbuf 
)
virtual

Reimplemented from XrdSecProtocol.

References DEBUG, XrdCryptoCipher::DecOutLength(), XrdCryptoCipher::Decrypt(), EPNAME, SafeFree, and sessionKey.

void XrdSecProtocolgsi::Delete ( )
virtual

Implements XrdSecProtocol.

References bucketKey, XrdSecEntity::creds, XrdSecEntity::credslen, XrdSecEntity::endorsements, XrdSecProtocol::Entity, XrdSecEntity::grps, XrdSecEntity::host, hs, XrdSecEntity::moninfo, XrdSecEntity::name, proxyChain, XrdSecEntity::role, SafeDelete, SafeFree, sessionKey, sessionKsig, sessionKver, sessionMD, and XrdSecEntity::vorg.

XrdOucTrace * XrdSecProtocolgsi::EnableTracing ( )
static

References eDest, EPNAME, GSITrace, XrdSysError::logger(), and Logger.

Referenced by XrdSecProtocolgsiInit().

int XrdSecProtocolgsi::Encrypt ( const char *  inbuf,
int  inlen,
XrdSecBuffer **  outbuf 
)
virtual

Reimplemented from XrdSecProtocol.

References DEBUG, XrdCryptoCipher::EncOutLength(), XrdCryptoCipher::Encrypt(), EPNAME, SafeFree, and sessionKey.

XrdSecCredentials * XrdSecProtocolgsi::ErrC ( XrdOucErrInfo einfo,
XrdSutBuffer b1,
XrdSutBuffer b2,
XrdSutBuffer b3,
kXR_int32  ecode,
const char *  msg1 = 0,
const char *  msg2 = 0,
const char *  msg3 = 0 
)
private

References ErrF(), and REL3.

Referenced by getCredentials().

void XrdSecProtocolgsi::ErrF ( XrdOucErrInfo einfo,
kXR_int32  ecode,
const char *  msg1,
const char *  msg2 = 0,
const char *  msg3 = 0 
)
staticprivate

References DEBUG, Debug, EPNAME, gGSErrStr, kGSErrError, kGSErrParseBuffer, QTRACE, and XrdOucErrInfo::setErrInfo().

Referenced by ErrC(), ErrS(), and Init().

int XrdSecProtocolgsi::ErrS ( String  ID,
XrdOucErrInfo einfo,
XrdSutBuffer b1,
XrdSutBuffer b2,
XrdSutBuffer b3,
kXR_int32  ecode,
const char *  msg1 = 0,
const char *  msg2 = 0,
const char *  msg3 = 0 
)
private

References ErrF(), kgST_error, and REL3.

Referenced by Authenticate().

void XrdSecProtocolgsi::ExtractVOMS ( X509Chain c,
XrdSecEntity ent 
)
private

References XrdOucString::assign(), XrdOucString::c_str(), DEBUG, XrdCryptoX509Chain::End(), XrdSecEntity::endorsements, EPNAME, XrdOucString::erase(), XrdOucString::find(), XrdSecEntity::grps, XrdCryptoX509::Issuer(), XrdOucString::length(), PRINT, XrdSecEntity::role, SafeFree, XrdCryptoX509Chain::SearchBySubject(), STR_NPOS, XrdCryptoX509::Subject(), XrdOucString::tokenize(), XrdSecEntity::vorg, and XrdSslgsiX509GetVOMSAttr().

Referenced by Authenticate().

void XrdSecProtocolgsi::FreeEntity ( XrdSecEntity in)
private

References XrdSecEntity::creds, XrdSecEntity::credslen, XrdSecEntity::endorsements, XrdSecEntity::grps, XrdSecEntity::host, XrdSecEntity::moninfo, XrdSecEntity::name, XrdSecEntity::role, SafeFree, and XrdSecEntity::vorg.

Referenced by Authenticate().

int XrdSecProtocolgsi::GetCA ( const char *  cahash,
XrdCryptoFactory cryptof,
gsiHSVars hs = 0 
)
staticprivate

References XrdSutCache::Add(), XrdCryptoX509Chain::Begin(), XrdSutPFBuf::buf, XrdSutPFEntry::buf1, XrdSutPFEntry::buf2, XrdOucString::c_str(), cacheCA, CACheck, gsiHSVars::Chain, XrdSutPFEntry::cnt, gsiHSVars::Crl, CRLCheck, CRLDownload, CRLRefresh, DEBUG, EPNAME, XrdSutCache::Get(), GetCApath(), hs, XrdCryptoFactory::ID(), XrdCryptoX509Crl::IsExpired(), kPFE_ok, XrdSutPFBuf::len, LoadCRL(), XrdSutPFEntry::mtime, PRINT, XrdSutCache::Rehash(), XrdSutCache::Remove(), XrdSutPFEntry::status, gsiHSVars::TimeStamp, VerifyCA(), and XrdCryptoFactory::X509ParseFile().

Referenced by GetSrvCertEnt(), and ParseCAlist().

String XrdSecProtocolgsi::GetCApath ( const char *  cahash)
staticprivate

References access(), XrdOucString::c_str(), CAdir, XrdOucString::endswith(), XrdOucString::length(), and XrdOucString::tokenize().

Referenced by GetCA(), and VerifyCA().

XrdSecCredentials * XrdSecProtocolgsi::getCredentials ( XrdSecParameters parm = 0,
XrdOucErrInfo einfo = 0 
)
virtual

Implements XrdSecProtocol.

References XrdSutBuffer::AddBucket(), AddSerialized(), XrdCryptoX509Chain::Begin(), XrdSutBucket::buffer, XrdSecBuffer::buffer, XrdOucString::c_str(), gsiHSVars::Cbck, CheckRtag(), ClientStepStr(), CryptList, gsiHSVars::CryptoMod, DEBUG, XrdSutBuffer::Dump(), XrdSecProtocol::Entity, EPNAME, ErrC(), XrdSutBuffer::GetProtocol(), XrdSutBuffer::GetStep(), hs, gsiHSVars::ID, XrdCryptoX509::IssuerHash(), gsiHSVars::Iter, XrdCryptoX509::kCA, kGSErrAddBucket, kGSErrBadOpt, kGSErrBadProtocol, kGSErrBadRndmTag, kGSErrCreateBucket, kGSErrDecodeBuffer, kGSErrError, kGSErrNoBuffer, kGSErrNoCipher, kGSErrNoPublic, kGSErrParseBuffer, kGSErrSerialBuffer, kXGC_cert, kXGC_certreq, kXGC_none, kXGC_sigpxy, kXGS_cert, kXGS_init, kXGS_pxyreq, kXRS_clnt_opts, kXRS_cryptomod, kXRS_issuer_hash, kXRS_main, kXRS_message, kXRS_puk, kXRS_user, kXRS_version, XrdOucString::length(), XrdSutBuffer::MarshalBucket(), XrdSecEntity::name, XrdCryptoX509Chain::Next(), gsiHSVars::Options, gsiHSVars::Parms, ParseClientInput(), proxyChain, XrdCryptoCipher::Public(), gsiHSVars::PxyChain, QTRACE, REL2, XrdSutBuffer::Remove(), gsiHSVars::RemVers, XrdOucString::replace(), XrdSutBuffer::Serialized(), ServerStepStr(), sessionCF, sessionKey, XrdSutBuffer::SetStep(), XrdSutBucket::size, XrdSecBuffer::size, srvMode, XrdCryptoX509::SubjectHash(), gsiHSVars::TimeStamp, XrdCryptoX509::type, XrdSutBuffer::UpdateBucket(), Version, XrdCryptoFactory::X509ExportChain(), XrdSecPROTOIDENT, and XrdSutBuckStr().

int XrdSecProtocolgsi::getKey ( char *  kbuf = 0,
int  klen = 0 
)
virtual

Reimplemented from XrdSecProtocol.

References XrdCryptoCipher::AsBucket(), bucketKey, XrdSutBucket::buffer, DEBUG, EPNAME, sessionKey, and XrdSutBucket::size.

XrdSutPFEntry * XrdSecProtocolgsi::GetSrvCertEnt ( XrdCryptoFactory cf,
int  timestamp,
String cal 
)
staticprivate

References XrdSutCache::Add(), XrdSutPFBuf::buf, XrdSutPFEntry::buf1, XrdSutPFEntry::buf2, XrdSutPFEntry::buf3, XrdOucString::c_str(), cacheCert, CAdir, XrdSutPFEntry::cnt, DEBUG, EPNAME, XrdCryptoX509::Export(), XrdOucString::find(), XrdSutCache::Get(), GetCA(), XrdCryptoX509::IssuerHash(), XrdCryptoX509::IsValid(), XrdCryptoRSA::kComplete, XrdCryptoX509::kEEC, kPFE_ok, kPFE_special, XrdSutPFBuf::len, XrdOucString::length(), XrdSutPFEntry::mtime, XrdCryptoFactory::Name(), XrdCryptoX509::NotAfter(), XrdCryptoX509::PKI(), PRINT, PxyValid, QueryProxy(), XrdSutPFEntry::Reset(), SafeDelete, SrvCert, SrvKey, stat(), XrdCryptoRSA::status, XrdSutPFEntry::status, STR_NPOS, XrdCryptoX509::type, XrdCryptoX509::Type(), UsrProxy, XrdSysPrivGuard::Valid(), and XrdCryptoFactory::X509().

Referenced by Init(), and ServerDoCertreq().

char * XrdSecProtocolgsi::Init ( gsiOptions  o,
XrdOucErrInfo erp 
)
static

References access(), AuthzCacheTimeOut, AuthzCertFmt, gsiOptions::authzfun, AuthzFun, gsiOptions::authzfunparms, gsiOptions::authzpxy, AuthzPxyWhat, AuthzPxyWhere, gsiOptions::authzto, gsiOptions::bits, XrdOucString::c_str(), gsiOptions::ca, cacheAuthzFun, cacheCA, cacheCert, CACheck, cacheGMAP, cacheGMAPFun, cachePxy, CAdir, gsiOptions::cert, gsiOptions::certdir, XrdCryptoFactory::Cipher(), gsiOptions::cipher, gsiOptions::clist, gsiOptions::crl, CRLCheck, gsiOptions::crldir, CRLdir, CRLDownload, gsiOptions::crlext, gsiOptions::crlrefresh, CRLRefresh, cryptF, cryptID, cryptName, cryptoTRACE_Debug, cryptoTRACE_Dump, DEBUG, gsiOptions::debug, Debug, DefBits, DefCipher, DefCRLext, DefCrypto, DefMD, gsiOptions::deplen, DepLength, gsiOptions::dlgpxy, XrdSutCache::Dump(), XrdSutCache::Empty(), XrdOucString::endswith(), EPNAME, XrdOucString::erase(), ErrF(), gsiOptions::exppxy, XrdCryptoFactory::GetCryptoFactory(), XrdOucErrInfo::getErrText(), GetSrvCertEnt(), GMAPCacheTimeOut, GMAPFile, gsiOptions::gmapfun, GMAPFun, gsiOptions::gmapfunparms, GMAPOpt, gsiOptions::gmapto, GMAPuseDNname, gsiOptions::gridmap, GSITrace, gUsrPxyDef, XrdCryptoFactory::ID(), XrdSutCache::Init(), XrdOucString::insert(), gsiOptions::key, kGSErrError, kGSErrInit, kOptsDlgPxy, kOptsFwdPxy, kOptsPxFile, kOptsSigReq, kOptsSrvReq, XrdOucString::length(), LoadAuthzFun(), LoadGMAP(), LoadGMAPFun(), gsiOptions::md, gsiOptions::mode, gsiOptions::moninfo, MonInfoOpt, XrdCryptoFactory::Name(), ncrypt, gsiOptions::ogmap, PRINT, gsiOptions::proxy, PxyReqOpts, PxyValid, QTRACE, refcip, XrdSutCache::Rehash(), XrdSutCache::Reset(), Server, XrdCryptoFactory::SetTrace(), gsiOptions::sigpxy, SrvAllowedNames, SrvCert, SrvKey, gsiOptions::srvnames, stat(), XrdOucString::tokenize(), TRACE, TRACE_ALL, TRACE_Authen, TRACE_Debug, UsrCert, UsrKey, UsrProxy, gsiOptions::valid, Version, gsiOptions::vomsat, VOMSAttrOpt, XrdOucTrace::What, XrdCryptoMax, XrdCryptoSetTrace(), XrdSutExpand(), XrdSutHome(), and XrdSutSetTrace().

Referenced by XrdSecProtocolgsiInit().

int XrdSecProtocolgsi::InitProxy ( ProxyIn_t pi,
X509Chain ch = 0,
XrdCryptoRSA **  key = 0 
)
staticprivate

References ProxyIn_t::bits, XrdOucString::c_str(), ProxyIn_t::cert, ProxyIn_t::certdir, DEBUG, ProxyIn_t::deplen, EPNAME, XrdOucString::erase(), XrdOucString::find(), ProxyIn_t::key, kMAXBUFLEN, ProxyIn_t::out, PRINT, stat(), ProxyIn_t::valid, XrdSslgsiX509CreateProxy(), and XrdSutParseTime().

Referenced by QueryProxy().

XrdSecgsiAuthz_t XrdSecProtocolgsi::LoadAuthzFun ( const char *  plugin,
const char *  parms,
int &  fmt 
)
staticprivate

References AuthzKey, AuthzPlugin, XrdOucString::c_str(), DEBUG, eDest, EPNAME, XrdSysPlugin::getPlugin(), XrdOucString::length(), and PRINT.

Referenced by Init().

XrdCryptoX509Crl * XrdSecProtocolgsi::LoadCRL ( XrdCryptoX509 xca,
XrdCryptoFactory CF,
int  dwld 
)
staticprivate

References XrdOucString::c_str(), closedir(), CRLCheck, CRLdir, DEBUG, DefCRLext, EPNAME, XrdOucString::find(), fopen, XrdCryptoX509Crl::IssuerHash(), XrdOucString::length(), opendir(), PRINT, readdir(), SafeDelete, XrdCryptoX509::SubjectHash(), XrdOucString::tokenize(), XrdCryptoX509Crl::Verify(), XrdCryptoFactory::X509(), and XrdCryptoFactory::X509Crl().

Referenced by GetCA().

int XrdSecProtocolgsi::LoadGMAP ( int  now)
staticprivate

References XrdSutCache::Add(), XrdSutPFBuf::buf, XrdSutPFEntry::buf1, XrdOucString::c_str(), cacheGMAP, XrdSutPFEntry::cnt, DEBUG, XrdSutCache::Empty(), EPNAME, fclose(), fopen, GMAPFile, XrdSutCache::Init(), kPFE_ok, lastGMAPCheck, XrdSutPFBuf::len, XrdOucString::length(), XrdSutPFEntry::mtime, mutexGMAP, PRINT, XrdSutCache::Rehash(), XrdSutCache::Reset(), SafeDelArray, stat(), and XrdSutPFEntry::status.

Referenced by Init(), and QueryGMAP().

XrdSecgsiGMAP_t XrdSecProtocolgsi::LoadGMAPFun ( const char *  plugin,
const char *  parms 
)
staticprivate

References XrdOucString::c_str(), DEBUG, eDest, EPNAME, XrdSysPlugin::getPlugin(), GMAPPlugin, XrdOucString::length(), and PRINT.

Referenced by Init().

int XrdSecProtocolgsi::ParseCAlist ( String  calist)
private

References XrdOucString::c_str(), gsiHSVars::Chain, DEBUG, EPNAME, GetCA(), hs, XrdOucString::length(), sessionCF, and XrdOucString::tokenize().

Referenced by ClientDoInit(), and ServerDoCertreq().

int XrdSecProtocolgsi::ParseClientInput ( XrdSutBuffer br,
XrdSutBuffer **  bm,
String emsg 
)
private

References ClientDoCert(), ClientDoInit(), ClientDoPxyreq(), DEBUG, EPNAME, XrdSutBuffer::GetStep(), kXGS_cert, kXGS_init, and kXGS_pxyreq.

Referenced by getCredentials().

int XrdSecProtocolgsi::ParseCrypto ( String  cryptlist)
private

References XrdOucString::c_str(), cryptF, cryptID, gsiHSVars::CryptoMod, DEBUG, EPNAME, XrdCryptoFactory::GetCryptoFactory(), GSITrace, hs, XrdCryptoFactory::ID(), XrdOucString::length(), ncrypt, gsiHSVars::Rcip, refcip, sessionCF, XrdCryptoFactory::SetTrace(), XrdOucString::tokenize(), XrdOucTrace::What, and XrdCryptoMax.

Referenced by ClientDoInit(), and ServerDoCertreq().

int XrdSecProtocolgsi::ParseServerInput ( XrdSutBuffer br,
XrdSutBuffer **  bm,
String cmsg 
)
private

References DEBUG, EPNAME, XrdSutBuffer::GetStep(), kXGC_cert, kXGC_certreq, kXGC_sigpxy, ServerDoCert(), ServerDoCertreq(), and ServerDoSigpxy().

Referenced by Authenticate().

void XrdSecProtocolgsi::QueryGMAP ( XrdCryptoX509Chain chain,
int  now,
String name 
)
staticprivate

References XrdSutCache::Add(), XrdSutPFBuf::buf, XrdSutPFEntry::buf1, cacheGMAP, cacheGMAPFun, XrdSutPFEntry::cnt, DEBUG, XrdCryptoX509Chain::EECname(), EPNAME, XrdSutCache::Get(), GMAPCacheTimeOut, GMAPFun, kPFE_allowed, kPFE_ok, XrdSutPFBuf::len, XrdOucString::length(), LoadGMAP(), XrdSutPFEntry::mtime, PRINT, XrdSutCache::Rehash(), XrdSutCache::Remove(), SafeDelArray, and XrdSutPFEntry::status.

Referenced by Authenticate().

int XrdSecProtocolgsi::QueryProxy ( bool  checkcache,
XrdSutCache cache,
const char *  tag,
XrdCryptoFactory cf,
int  timestamp,
ProxyIn_t pi,
ProxyOut_t po 
)
staticprivate

References XrdSutCache::Add(), XrdSutPFBuf::buf, XrdSutPFEntry::buf1, XrdSutPFEntry::buf2, XrdSutPFEntry::buf3, CACheck, ProxyOut_t::cbck, ProxyOut_t::chain, XrdCryptoX509Chain::CheckCA(), XrdCryptoX509Chain::CheckValidity(), XrdCryptoX509Chain::Cleanup(), XrdSutPFEntry::cnt, DEBUG, XrdCryptoX509Chain::End(), EPNAME, XrdSutCache::Get(), InitProxy(), XrdCryptoRSA::kComplete, kPFE_special, ProxyOut_t::ksig, kXRS_x509, XrdSutPFBuf::len, XrdSutPFEntry::mtime, XrdCryptoX509::NotAfter(), ProxyIn_t::out, XrdCryptoX509::PKI(), XrdSutCache::Rehash(), XrdCryptoX509Chain::Reorder(), SafeDelete, XrdSutBucket::SetBuf(), XrdCryptoRSA::status, XrdSutPFEntry::status, XrdCryptoFactory::X509ExportChain(), XrdCryptoFactory::X509ParseBucket(), and XrdCryptoFactory::X509ParseFile().

Referenced by ClientDoInit(), and GetSrvCertEnt().

bool XrdSecProtocolgsi::ServerCertNameOK ( const char *  subject,
String e 
)
private

References XrdOucString::assign(), XrdOucString::beginswith(), XrdOucString::c_str(), XrdSecProtocol::Entity, XrdOucString::erasefromstart(), XrdOucString::find(), XrdSecEntity::host, XrdOucString::length(), XrdOucString::matches(), XrdOucString::replace(), SrvAllowedNames, STR_NPOS, and XrdOucString::tokenize().

Referenced by ClientDoCert().

int XrdSecProtocolgsi::ServerDoCert ( XrdSutBuffer br,
XrdSutBuffer **  bm,
String cmsg 
)
private

References XrdSutPFBuf::buf, XrdSutPFEntry::buf4, XrdSutBucket::buffer, XrdOucString::c_str(), gsiHSVars::Chain, XrdCryptoFactory::Cipher(), gsiHSVars::Cref, gsiHSVars::Crl, XrdSutBuffer::Deactivate(), DEBUG, XrdCryptoCipher::Decrypt(), DefCipher, DefMD, XrdCryptoX509Chain::End(), EPNAME, XrdCryptoX509Req::Export(), XrdCryptoCipher::Finalize(), XrdOucString::find(), XrdSutBuffer::GetBucket(), hs, XrdCryptoRSA::IsValid(), XrdCryptoX509Chain::kNone, kOptsDelChn, kOptsDlgPxy, kOptsFwdPxy, kOptsSigReq, kOptsSrvReq, kXRS_cipher_alg, kXRS_main, kXRS_md_alg, kXRS_puk, kXRS_version, kXRS_x509, XrdCryptoX509Chain::LastError(), XrdCryptoFactory::MsgDigest(), XrdSutPFEntry::mtime, gsiHSVars::Options, XrdCryptoX509::PKI(), gsiHSVars::PxyChain, PxyReqOpts, gsiHSVars::Rcip, gsiHSVars::RemVers, XrdCryptoX509Chain::Reorder(), XrdCryptoFactory::RSA(), SafeDelete, sessionCF, sessionKey, sessionKver, sessionMD, XrdSutBucket::size, TimeSkew, gsiHSVars::TimeStamp, XrdSutBucket::ToString(), XrdCryptosslgsiX509Chain::Verify(), Version, XrdCryptoFactory::X509ParseBucket(), and XrdSslgsiX509CreateProxyReq().

Referenced by ParseServerInput().

int XrdSecProtocolgsi::ServerDoCertreq ( XrdSutBuffer br,
XrdSutBuffer **  bm,
String cmsg 
)
private

References XrdSutPFBuf::buf, XrdSutPFEntry::buf2, XrdSutPFEntry::buf3, XrdSutBucket::buffer, XrdOucString::c_str(), gsiHSVars::Cbck, gsiHSVars::Cref, XrdSutBuffer::Deactivate(), XrdSutBuffer::GetBucket(), GetSrvCertEnt(), hs, gsiHSVars::ID, kXRS_clnt_opts, kXRS_cryptomod, kXRS_issuer_hash, kXRS_main, kXRS_version, gsiHSVars::Options, ParseCAlist(), ParseCrypto(), gsiHSVars::RemVers, XrdCryptoFactory::RSA(), sessionCF, sessionKsig, XrdSutBucket::size, gsiHSVars::TimeStamp, XrdSutBucket::ToString(), XrdSutBuffer::UnmarshalBucket(), and Version.

Referenced by ParseServerInput().

int XrdSecProtocolgsi::ServerDoSigpxy ( XrdSutBuffer br,
XrdSutBuffer **  bm,
String cmsg 
)
private

References XrdSutPFBuf::buf, XrdSutPFEntry::buf4, XrdSutBucket::buffer, XrdOucString::c_str(), gsiHSVars::Cref, DEBUG, XrdCryptoCipher::Decrypt(), XrdCryptoX509Chain::Dump(), XrdCryptoX509Chain::EECname(), XrdCryptoX509Chain::End(), XrdSecProtocol::Entity, EPNAME, XrdOucString::find(), XrdSutBuffer::GetBucket(), XrdSecEntity::grps, XrdSecEntity::host, hs, XrdCryptoRSA::ImportPrivate(), kOptsFwdPxy, kOptsPxFile, kXRS_main, kXRS_message, kXRS_user, kXRS_x509, XrdOucString::length(), XrdSecEntity::name, XrdCryptoRSA::Opaque(), gsiHSVars::Options, XrdCryptoX509::PKI(), proxyChain, XrdCryptoX509Chain::PushBack(), gsiHSVars::PxyChain, PxyReqOpts, QTRACE, XrdOucString::replace(), XrdCryptoX509Chain::SearchBySubject(), sessionCF, sessionKey, XrdCryptoX509::SetPKI(), XrdSutBucket::size, STR_NPOS, XrdCryptoX509::SubjectHash(), XrdSutBucket::ToString(), UsrProxy, XrdSecEntity::vorg, XrdCryptoFactory::X509(), XrdCryptoFactory::X509ChainToFile(), and XrdSutResolve().

Referenced by ParseServerInput().

int XrdSecProtocolgsi::setKey ( char *  kbuf,
int  klen 
)
virtual

Reimplemented from XrdSecProtocol.

References XrdCryptoFactory::Cipher(), DEBUG, EPNAME, SafeDelete, sessionCF, sessionKey, and XrdSutBucket::SetBuf().

int XrdSecProtocolgsi::Sign ( const char *  inbuf,
int  inlen,
XrdSecBuffer **  outbuf 
)
virtual

Reimplemented from XrdSecProtocol.

References XrdCryptoBasic::Buffer(), DEBUG, XrdCryptoRSA::EncryptPrivate(), EPNAME, XrdCryptoMsgDigest::Final(), XrdCryptoRSA::GetOutlen(), XrdCryptoBasic::Length(), XrdCryptoMsgDigest::Reset(), SafeFree, sessionKsig, sessionMD, and XrdCryptoMsgDigest::Update().

int XrdSecProtocolgsi::Verify ( const char *  inbuf,
int  inlen,
const char *  sigbuf,
int  siglen 
)
virtual

Reimplemented from XrdSecProtocol.

References XrdCryptoBasic::Buffer(), DEBUG, XrdCryptoRSA::DecryptPublic(), EPNAME, XrdCryptoMsgDigest::Final(), XrdCryptoRSA::GetOutlen(), XrdCryptoBasic::Length(), XrdCryptoMsgDigest::Reset(), sessionKver, sessionMD, and XrdCryptoMsgDigest::Update().

bool XrdSecProtocolgsi::VerifyCA ( int  opt,
X509Chain cca,
XrdCryptoFactory cf 
)
staticprivate

References XrdCryptoX509Chain::Begin(), XrdOucString::c_str(), CACheck, XrdCryptoX509Chain::CheckCA(), DEBUG, EPNAME, GetCApath(), XrdCryptoX509::IssuerHash(), XrdCryptoX509Chain::kUnknown, XrdCryptoX509Chain::kValid, XrdOucString::length(), XrdCryptoX509Chain::Next(), PRINT, XrdCryptoX509Chain::PutInFront(), XrdCryptoX509Chain::Remove(), SafeDelete, XrdCryptoX509Chain::SetStatusCA(), XrdCryptoX509::SubjectHash(), XrdCryptosslgsiX509Chain::Verify(), and XrdCryptoFactory::X509ParseFile().

Referenced by GetCA().

Friends And Related Function Documentation

friend class gsiOptions
friend

Member Data Documentation

int XrdSecProtocolgsi::AuthzCacheTimeOut = 43200
staticprivate

Referenced by Authenticate(), and Init().

int XrdSecProtocolgsi::AuthzCertFmt = -1
staticprivate

Referenced by Authenticate(), and Init().

XrdSecgsiAuthz_t XrdSecProtocolgsi::AuthzFun = 0
staticprivate

Referenced by Authenticate(), and Init().

XrdSecgsiAuthzKey_t XrdSecProtocolgsi::AuthzKey = 0
staticprivate

Referenced by Authenticate(), and LoadAuthzFun().

XrdSysPlugin * XrdSecProtocolgsi::AuthzPlugin = 0
staticprivate

Referenced by LoadAuthzFun().

int XrdSecProtocolgsi::AuthzPxyWhat = -1
staticprivate

Referenced by Authenticate(), and Init().

int XrdSecProtocolgsi::AuthzPxyWhere = -1
staticprivate

Referenced by Authenticate(), and Init().

XrdSutBucket* XrdSecProtocolgsi::bucketKey
private

Referenced by Delete(), getKey(), and XrdSecProtocolgsi().

XrdSutCache XrdSecProtocolgsi::cacheAuthzFun
staticprivate

Referenced by Authenticate(), and Init().

XrdSutCache XrdSecProtocolgsi::cacheCA
staticprivate

Referenced by GetCA(), and Init().

XrdSutCache XrdSecProtocolgsi::cacheCert
staticprivate

Referenced by GetSrvCertEnt(), and Init().

int XrdSecProtocolgsi::CACheck = 1
staticprivate

Referenced by GetCA(), Init(), QueryProxy(), and VerifyCA().

XrdSutCache XrdSecProtocolgsi::cacheGMAP
staticprivate

Referenced by Init(), LoadGMAP(), and QueryGMAP().

XrdSutCache XrdSecProtocolgsi::cacheGMAPFun
staticprivate

Referenced by Init(), and QueryGMAP().

XrdSutCache XrdSecProtocolgsi::cachePxy
staticprivate

Referenced by ClientDoInit(), and Init().

String XrdSecProtocolgsi::CAdir = "/etc/grid-security/certificates/"
staticprivate

Referenced by ClientDoInit(), GetCApath(), GetSrvCertEnt(), and Init().

int XrdSecProtocolgsi::CRLCheck = 1
staticprivate

Referenced by GetCA(), Init(), and LoadCRL().

String XrdSecProtocolgsi::CRLdir = "/etc/grid-security/certificates/"
staticprivate

Referenced by Init(), and LoadCRL().

int XrdSecProtocolgsi::CRLDownload = 0
staticprivate

Referenced by GetCA(), and Init().

int XrdSecProtocolgsi::CRLRefresh = 86400
staticprivate

Referenced by GetCA(), and Init().

XrdCryptoFactory * XrdSecProtocolgsi::cryptF = {0}
staticprivate

Referenced by Init(), and ParseCrypto().

int XrdSecProtocolgsi::cryptID = {0}
staticprivate

Referenced by Init(), and ParseCrypto().

String XrdSecProtocolgsi::cryptName = {0}
staticprivate

Referenced by Init().

int XrdSecProtocolgsi::Debug = 0
staticprivate

Referenced by ErrF(), and Init().

int XrdSecProtocolgsi::DefBits = 512
staticprivate

Referenced by ClientDoInit(), and Init().

String XrdSecProtocolgsi::DefCipher = "aes-128-cbc:bf-cbc:des-ede3-cbc"
staticprivate

Referenced by Authenticate(), Init(), and ServerDoCert().

String XrdSecProtocolgsi::DefCRLext = ".r0"
staticprivate

Referenced by Init(), and LoadCRL().

String XrdSecProtocolgsi::DefCrypto = "ssl"
staticprivate

Referenced by ClientDoInit(), and Init().

String XrdSecProtocolgsi::DefError = "invalid credentials "
staticprivate
String XrdSecProtocolgsi::DefMD = "sha1:md5"
staticprivate

Referenced by Authenticate(), Init(), and ServerDoCert().

int XrdSecProtocolgsi::DepLength = 0
staticprivate

Referenced by ClientDoInit(), and Init().

XrdSysError XrdSecProtocolgsi::eDest
staticprivate

Referenced by EnableTracing(), LoadAuthzFun(), and LoadGMAPFun().

int XrdSecProtocolgsi::GMAPCacheTimeOut = -1
staticprivate

Referenced by Init(), and QueryGMAP().

String XrdSecProtocolgsi::GMAPFile = "/etc/grid-security/grid-mapfile"
staticprivate

Referenced by Init(), and LoadGMAP().

XrdSecgsiGMAP_t XrdSecProtocolgsi::GMAPFun = 0
staticprivate

Referenced by Init(), and QueryGMAP().

int XrdSecProtocolgsi::GMAPOpt = 1
staticprivate

Referenced by Authenticate(), and Init().

XrdSysPlugin * XrdSecProtocolgsi::GMAPPlugin = 0
staticprivate

Referenced by LoadGMAPFun().

bool XrdSecProtocolgsi::GMAPuseDNname = 0
staticprivate

Referenced by Authenticate(), and Init().

XrdSysMutex XrdSecProtocolgsi::gsiContext
staticprivate
XrdOucTrace * XrdSecProtocolgsi::GSITrace = 0
staticprivate

Referenced by EnableTracing(), Init(), and ParseCrypto().

struct sockaddr XrdSecProtocolgsi::hostaddr
private

Referenced by XrdSecProtocolgsi().

gsiHSVars* XrdSecProtocolgsi::hs
private

Referenced by AddSerialized(), Authenticate(), CheckRtag(), ClientDoCert(), ClientDoInit(), ClientDoPxyreq(), Delete(), GetCA(), getCredentials(), ParseCAlist(), ParseCrypto(), ServerDoCert(), ServerDoCertreq(), ServerDoSigpxy(), and XrdSecProtocolgsi().

int XrdSecProtocolgsi::lastGMAPCheck = -1
staticprivate

Referenced by LoadGMAP().

XrdSysLogger XrdSecProtocolgsi::Logger
staticprivate

Referenced by EnableTracing().

int XrdSecProtocolgsi::MonInfoOpt = 0
staticprivate

Referenced by Authenticate(), and Init().

XrdSysMutex XrdSecProtocolgsi::mutexGMAP
staticprivate

Referenced by LoadGMAP().

int XrdSecProtocolgsi::ncrypt = 0
staticprivate

Referenced by Init(), and ParseCrypto().

int XrdSecProtocolgsi::options
private

Referenced by XrdSecProtocolgsi().

X509Chain* XrdSecProtocolgsi::proxyChain
private

Referenced by Delete(), getCredentials(), ServerDoSigpxy(), and XrdSecProtocolgsi().

int XrdSecProtocolgsi::PxyReqOpts = 0
staticprivate

Referenced by ClientDoInit(), Init(), ServerDoCert(), and ServerDoSigpxy().

String XrdSecProtocolgsi::PxyValid = "12:00"
staticprivate

Referenced by ClientDoInit(), GetSrvCertEnt(), and Init().

XrdCryptoCipher * XrdSecProtocolgsi::refcip = {0}
staticprivate

Referenced by Init(), and ParseCrypto().

bool XrdSecProtocolgsi::Server = 1
staticprivate

Referenced by Init(), and XrdSecProtocolgsi().

XrdCryptoFactory* XrdSecProtocolgsi::sessionCF
private

Referenced by ClientDoCert(), ClientDoInit(), ClientDoPxyreq(), getCredentials(), ParseCAlist(), ParseCrypto(), ServerDoCert(), ServerDoCertreq(), ServerDoSigpxy(), setKey(), and XrdSecProtocolgsi().

XrdCryptoCipher* XrdSecProtocolgsi::sessionKey
private

Referenced by Authenticate(), ClientDoCert(), ClientDoPxyreq(), Decrypt(), Delete(), Encrypt(), getCredentials(), getKey(), ServerDoCert(), ServerDoSigpxy(), setKey(), and XrdSecProtocolgsi().

XrdCryptoRSA* XrdSecProtocolgsi::sessionKsig
private

Referenced by AddSerialized(), ClientDoInit(), Delete(), ServerDoCertreq(), Sign(), and XrdSecProtocolgsi().

XrdCryptoRSA* XrdSecProtocolgsi::sessionKver
private

Referenced by CheckRtag(), ClientDoCert(), Delete(), ServerDoCert(), Verify(), and XrdSecProtocolgsi().

XrdCryptoMsgDigest* XrdSecProtocolgsi::sessionMD
private

Referenced by ClientDoCert(), Delete(), ServerDoCert(), Sign(), Verify(), and XrdSecProtocolgsi().

String XrdSecProtocolgsi::SrvAllowedNames
staticprivate

Referenced by Init(), and ServerCertNameOK().

String XrdSecProtocolgsi::SrvCert = "/etc/grid-security/xrd/xrdcert.pem"
staticprivate

Referenced by GetSrvCertEnt(), and Init().

String XrdSecProtocolgsi::SrvKey = "/etc/grid-security/xrd/xrdkey.pem"
staticprivate

Referenced by GetSrvCertEnt(), and Init().

bool XrdSecProtocolgsi::srvMode
private

Referenced by getCredentials(), and XrdSecProtocolgsi().

int XrdSecProtocolgsi::TimeSkew = 300
staticprivate

Referenced by ClientDoCert(), and ServerDoCert().

String XrdSecProtocolgsi::UsrCert = "/.globus/usercert.pem"
staticprivate

Referenced by ClientDoInit(), and Init().

String XrdSecProtocolgsi::UsrKey = "/.globus/userkey.pem"
staticprivate

Referenced by ClientDoInit(), and Init().

String XrdSecProtocolgsi::UsrProxy
staticprivate

Referenced by ClientDoInit(), GetSrvCertEnt(), Init(), and ServerDoSigpxy().

int XrdSecProtocolgsi::VOMSAttrOpt = 1
staticprivate

Referenced by Authenticate(), and Init().

The documentation for this class was generated from the following files:
Generated by   doxygen 1.8.1.2