xrootd
XrdSecgsiOpts.hh
Go to the documentation of this file.
1 #ifndef __XRD_GSIOPTS_H__
2 #define __XRD_GSIOPTS_H__
3 /******************************************************************************/
4 /* */
5 /* X r d S e c g s i O p t s . h h */
6 /* */
7 /* (c) 2020 by the Board of Trustees of the Leland Stanford, Jr., University */
8 /* Produced by Andrew Hanushevsky for Stanford University under contract */
9 /* DE-AC02-76-SFO0515 with the Department of Energy */
10 /* */
11 /* This file is part of the XRootD software suite. */
12 /* */
13 /* XRootD is free software: you can redistribute it and/or modify it under */
14 /* the terms of the GNU Lesser General Public License as published by the */
15 /* Free Software Foundation, either version 3 of the License, or (at your */
16 /* option) any later version. */
17 /* */
18 /* XRootD is distributed in the hope that it will be useful, but WITHOUT */
19 /* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or */
20 /* FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public */
21 /* License for more details. */
22 /* */
23 /* You should have received a copy of the GNU Lesser General Public License */
24 /* along with XRootD in a file called COPYING.LESSER (LGPL license) and file */
25 /* COPYING (GPL license). If not, see <http://www.gnu.org/licenses/>. */
26 /* */
27 /* The copyright holder's institutional names and contributor's names may not */
28 /* be used to endorse or promote products derived from this software without */
29 /* specific prior written permission of the institution or contributor. */
30 /******************************************************************************/
31 
32 namespace
33 {
34 /******************************************************************************/
35 /* D e f i n e s a n d S t r u c t s */
36 /******************************************************************************/
37 
38 #define WARN(x) std::cerr <<"Secgsi warning: " << x <<'\n' <<std::flush
39 
40 #define OTINIT(a,b,x) {a, b, sizeof(x)/sizeof(x [0]), x}
41 
42 #define LIB_XRDVOMS "libXrdVoms.so"
43 
44 struct OptsMap
45  {const char *optKey;
46  int optVal;
47  };
48 
49 struct OptsTab
50  {const char *opName;
51  int opDflt;
52  int numMap;
53  struct OptsMap *mapOpts;
54  };
55 
56 /******************************************************************************/
57 /* - a u t h z c a l l */
58 /******************************************************************************/
59 
60 static const int azAlways = 1;
61 static const int azNoVoms = 0;
62 
63 OptsMap azCallKV[] = {{"always", 1},
64  {"novoms", 0}
65  };
66 
67 OptsTab azCallOpts = OTINIT("-authzcall",1,azCallKV);
68 
69 /******************************************************************************/
70 /* - a u t h z p x y */
71 /******************************************************************************/
72 
73 static const int azFull = 0;
74 static const int azLast = 1;
75 static const int azCred = 1;
76 static const int azEndo = 2;
77 
78 OptsMap azPxyKV[] = {{"creds=fullchain", azCred+(10*azFull)},
79  {"creds=lastcert", azCred+(10*azLast)},
80  {"endor=fullchain", azEndo+(10*azFull)},
81  {"endor=lastcert", azEndo+(10*azLast)}
82  };
83 
84 OptsTab azPxyOpts = OTINIT("-authz",0,azPxyKV);
85 
86 /******************************************************************************/
87 /* - c a */
88 /******************************************************************************/
89 
90 static const int caNoVerify = 0;
91 static const int caVerifyss = 1;
92 static const int caVerify = 2;
93 
94 OptsMap caVerKV[] = {{"noverify", caNoVerify},
95  {"verifyss", caVerifyss},
96  {"verify", caVerify}
97  };
98 
99 OptsTab caVerOpts = OTINIT("-ca",caVerifyss,caVerKV);
100 
101 /******************************************************************************/
102 /* - c r l */
103 /******************************************************************************/
104 
105 static const int crlIgnore = 0;
106 static const int crlTry = 1;
107 static const int crlUse = 2;
108 static const int crlRequire = 3;
109 static const int crlUpdate = 10;
110 static const int crlNoUpdt = 0;
111 
112 OptsMap crl1KV[] = {{"ignore", crlIgnore},
113  {"try", crlTry},
114  {"use", crlUse},
115  {"use,updt", crlUse+crlUpdate},
116  {"require", crlRequire},
117  {"require,updt", crlRequire+crlUpdate}
118  };
119 
120 OptsTab crlOpts = OTINIT("-crl",crlTry,crl1KV);
121 
122 /******************************************************************************/
123 /* - d l g p x y */
124 /******************************************************************************/
125 
126 static const int dlgIgnore = 0;
127 static const int dlgReqSign = 1;
128 static const int dlgSendpxy = 2; // Only client can set this!
129 
130 OptsMap sDlgKV[] = {{"ignore", dlgIgnore},
131  {"request", dlgReqSign}
132  };
133 
134 OptsTab sDlgOpts = OTINIT("-dlgpxy",dlgIgnore,sDlgKV);
135 
136 /******************************************************************************/
137 /* - g m a p o p t */
138 /******************************************************************************/
139 
140 static const int gmoNoMap = 0;
141 static const int gmoTryMap = 1;
142 static const int gmoUseMap = 2;
143 static const int gmoEntDN = 10;
144 static const int gmoEntDNHash = 0;
145 
146 OptsMap gmoKV[] = {{"nomap", gmoNoMap},
147  {"nomap,usedn", gmoNoMap+gmoEntDN},
148  {"trymap", gmoTryMap},
149  {"trymap,usedn", gmoTryMap+gmoEntDN},
150  {"usemap", gmoUseMap}
151  };
152 
153 OptsTab gmoOpts = OTINIT("-gmopts",gmoTryMap,gmoKV);
154 
155 /******************************************************************************/
156 /* - t r u s t d n s */
157 /******************************************************************************/
158 
159 OptsMap tdnsKV[] = {{"false", 0},
160  {"true", 1}
161  };
162 
163 OptsTab tdnsOpts = OTINIT("-trustdns",0,tdnsKV);
164 
165 /******************************************************************************/
166 /* - v o m s a t */
167 /******************************************************************************/
168 
169 static const int vatIgnore = 0;
170 static const int vatExtract = 1;
171 static const int vatRequire = 2;
172 
173 OptsMap vomsatKV[] = {{"ignore", vatIgnore},
174  {"extract", vatExtract},
175  {"require", vatRequire}
176  };
177 
178 OptsTab vomsatOpts = OTINIT("-vomsat",vatIgnore,vomsatKV);
179 
180 /******************************************************************************/
181 /* g e t O p t N a m e */
182 /******************************************************************************/
183 
184 const char *getOptName(OptsTab &oTab, int opval)
185 {
186  for (int i = 0; i < oTab.numMap; i++)
187  if (opval == oTab.mapOpts[i].optVal) return oTab.mapOpts[i].optKey;
188  return "nothing";
189 }
190 
191 /******************************************************************************/
192 /* g e t O p t V a l */
193 /******************************************************************************/
194 
195 int getOptVal(OptsTab &oTab, const char *oVal)
196 {
197  if (isdigit(*oVal))
198  {int n = atoi(oVal);
199  for (int i = 0; i < oTab.numMap; i++)
200  if (n == oTab.mapOpts[i].optVal) return n;
201  } else {
202  for (int i = 0; i < oTab.numMap; i++)
203  if (!strcmp(oVal, oTab.mapOpts[i].optKey))
204  return oTab.mapOpts[i].optVal;
205  }
206 
207  if (oTab.opDflt >= 0)
208  {WARN("invalid " <<oTab.opName <<" argument '" <<oVal <<
209  "'; using '" <<getOptName(oTab, oTab.opDflt) <<"' instead!");
210  }
211  return oTab.opDflt;
212 }
213 
214 /******************************************************************************/
215 /*
216 int getOptVal(OptsTab &oTab1, OptsTab &oTab2, char *oVal)
217 {
218 // Check if this is a two-factor option
219 //
220  char *comma = index(oVal, ',');
221  if (comma) *comma = 0;
222 
223 // Handle the first part
224 //
225  int flag = getOptVal(oTab1, oVal);
226 
227 // Get the second part
228 //
229  if (comma)
230  {flag += getOptVal(oTab2, comma+1);
231  *comma = ',';
232  }
233  return flag;
234 }
235 */
236 }
237 #endif
#define OTINIT(a, b, x)
Definition: XrdSecgsiOpts.hh:40
#define WARN(x)
Definition: XrdSecgsiOpts.hh:38