xrootd
XrdSecProtect.hh
Go to the documentation of this file.
1 #ifndef __XRDSECPROTECT_H__
2 #define __XRDSECPROTECT_H__
3 /******************************************************************************/
4 /* */
5 /* X r d S e c P r o t e c t . h h */
6 /* */
7 /* (c) 2016 by the Board of Trustees of the Leland Stanford, Jr., University */
8 /* Produced by Andrew Hanushevsky for Stanford University under contract */
9 /* DE-AC02-76-SFO0515 with the Department of Energy */
10 /* */
11 /* This file is part of the XRootD software suite. */
12 /* */
13 /* XRootD is free software: you can redistribute it and/or modify it under */
14 /* the terms of the GNU Lesser General Public License as published by the */
15 /* Free Software Foundation, either version 3 of the License, or (at your */
16 /* option) any later version. */
17 /* */
18 /* XRootD is distributed in the hope that it will be useful, but WITHOUT */
19 /* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or */
20 /* FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public */
21 /* License for more details. */
22 /* */
23 /* You should have received a copy of the GNU Lesser General Public License */
24 /* along with XRootD in a file called COPYING.LESSER (LGPL license) and file */
25 /* COPYING (GPL license). If not, see <http://www.gnu.org/licenses/>. */
26 /* */
27 /* The copyright holder's institutional names and contributor's names may not */
28 /* be used to endorse or promote products derived from this software without */
29 /* specific prior written permission of the institution or contributor. */
30 /******************************************************************************/
31 
32 #include "XProtocol/XProtocol.hh"
33 
34 //------------------------------------------------------------------------------
36 //------------------------------------------------------------------------------
37 //------------------------------------------------------------------------------
43 //------------------------------------------------------------------------------
44 
45 #define NEED2SECURE(protP) protP && ((*protP).*(protP->Need2Secure))
46 
47 /******************************************************************************/
48 /* X r d S e c P r o t e c t */
49 /******************************************************************************/
50 
51 struct iovec;
52 class XrdSecProtectParms;
53 class XrdSecProtocol;
54 
56 {
57 public:
58 friend class XrdSecProtector;
59 
60 //------------------------------------------------------------------------------
62 //------------------------------------------------------------------------------
63 
64 virtual void Delete() {delete this;}
65 
66 //------------------------------------------------------------------------------
74 //------------------------------------------------------------------------------
75 
77 
78 //------------------------------------------------------------------------------
102 //------------------------------------------------------------------------------
103 
104 virtual int Secure(SecurityRequest *&newreq,
105  ClientRequest &thereq,
106  const char *thedata
107  );
108 
109 //------------------------------------------------------------------------------
121 //------------------------------------------------------------------------------
122 
123 virtual const char *Verify(SecurityRequest &secreq,
124  ClientRequest &thereq,
125  const char *thedata
126  );
127 
128 //------------------------------------------------------------------------------
130 //------------------------------------------------------------------------------
131 
132 virtual ~XrdSecProtect() {}
133 
134 protected:
135 
136  XrdSecProtect(XrdSecProtocol *aprot=0, bool edok=true) // Client!
138  authProt(aprot), secVec(0), lastSeqno(1),
139  edOK(edok), secVerData(false)
140  {}
141 
142  XrdSecProtect(XrdSecProtocol *aprot, XrdSecProtect &pRef, // Server!
143  bool edok=true)
145  authProt(aprot), secVec(pRef.secVec),
146  lastSeqno(0), edOK(edok),
147  secVerData(pRef.secVerData) {}
148 
149 void SetProtection(const ServerResponseReqs_Protocol &inReqs);
150 
151 private:
152 bool GetSHA2(unsigned char *hBuff, struct iovec *iovP, int iovN);
153 bool Screen(ClientRequest &thereq);
154 
156 const char *secVec;
158 union {kXR_unt64 lastSeqno; // Used by Secure()
159  kXR_unt64 nextSeqno; // Used by Verify()
160  };
161 bool edOK;
163 static const unsigned int maxRIX = kXR_REQFENCE-kXR_auth;
164 char myVec[maxRIX];
165 };
166 #endif
bool Screen(ClientRequest &thereq)
bool GetSHA2(unsigned char *hBuff, struct iovec *iovP, int iovN)
ServerResponseReqs_Protocol myReqs
Definition: XrdSecProtect.hh:157
bool(XrdSecProtect::* Need2Secure)(ClientRequest &thereq)
Definition: XrdSecProtect.hh:76
virtual const char * Verify(SecurityRequest &secreq, ClientRequest &thereq, const char *thedata)
Definition: XProtocol.hh:1084
const char * secVec
Definition: XrdSecProtect.hh:156
Definition: XProtocol.hh:143
Definition: XrdSecInterface.hh:130
XrdSecProtect(XrdSecProtocol *aprot, XrdSecProtect &pRef, bool edok=true)
Definition: XrdSecProtect.hh:142
void SetProtection(const ServerResponseReqs_Protocol &inReqs)
Definition: XrdSecProtect.hh:55
virtual ~XrdSecProtect()
Destructor.
Definition: XrdSecProtect.hh:132
Definition: XProtocol.hh:111
Definition: XrdSecProtector.hh:38
unsigned long long kXR_unt64
Definition: XPtypes.hh:99
kXR_unt64 lastSeqno
Definition: XrdSecProtect.hh:158
Definition: XrdSecProtector.hh:72
Definition: XProtocol.hh:871
static const unsigned int maxRIX
Definition: XrdSecProtect.hh:163
char myVec[maxRIX]
Definition: XrdSecProtect.hh:164
XrdSecProtocol * authProt
Definition: XrdSecProtect.hh:155
XrdSecProtect(XrdSecProtocol *aprot=0, bool edok=true)
Definition: XrdSecProtect.hh:136
kXR_unt64 nextSeqno
Definition: XrdSecProtect.hh:159
virtual int Secure(SecurityRequest *&newreq, ClientRequest &thereq, const char *thedata)
Definition: XProtocol.hh:836
virtual void Delete()
Delete this object. Use this method as opposed to operator delete.
Definition: XrdSecProtect.hh:64
bool edOK
Definition: XrdSecProtect.hh:161
bool secVerData
Definition: XrdSecProtect.hh:162