Logo ROOT  
Reference Guide
 
Loading...
Searching...
No Matches
TRootSecContext.cxx
Go to the documentation of this file.
1// @(#)root/auth:$Id$
2// Author: G. Ganis 08/07/2005
3
4/*************************************************************************
5 * Copyright (C) 1995-2005, Rene Brun and Fons Rademakers. *
6 * All rights reserved. *
7 * *
8 * For the licensing terms see $ROOTSYS/LICENSE. *
9 * For the list of contributors see $ROOTSYS/README/CREDITS. *
10 *************************************************************************/
11
12//////////////////////////////////////////////////////////////////////////
13// //
14// TRootSecContext //
15// //
16// Special implementation of TSecContext //
17// //
18//////////////////////////////////////////////////////////////////////////
19
20#include "RConfigure.h"
21
22#include <cstdlib>
23
24#include "TError.h"
25#include "TRootSecContext.h"
26#include "TROOT.h"
27#include "TSocket.h"
28#include "TUrl.h"
29#include "TVirtualMutex.h"
30
31
32////////////////////////////////////////////////////////////////////////////////
33/// Ctor for SecContext object.
34
35 TRootSecContext::TRootSecContext(const char *user, const char *host, Int_t meth,
36 Int_t offset, const char *id,
37 const char *token, TDatime expdate,
38 void *ctx, Int_t key)
39 : TSecContext(user, host, meth, offset, id, token, expdate, ctx)
40{
42
43 fRSAKey = key;
45}
46
47////////////////////////////////////////////////////////////////////////////////
48/// Ctor for SecContext object.
49/// User and host from url = `user@host` .
50
52 const char *id, const char *token,
53 TDatime expdate, void *ctx, Int_t key)
54 : TSecContext(url, meth, offset, id, token, expdate, ctx)
55{
57
58 fRSAKey = key;
60}
61
62////////////////////////////////////////////////////////////////////////////////
63/// Dtor: delete (deActivate, local/remote cleanup, list removal)
64/// all what is still active
65
70
71////////////////////////////////////////////////////////////////////////////////
72/// Set OffSet to -1 and expiring Date to default
73/// Remove from the list
74/// If Opt contains "C" or "c", ask for remote cleanup
75/// If Opt contains "R" or "r", remove from the list
76/// Default Opt="CR"
77
79{
80 // Ask remote cleanup of this context
81 Bool_t clean = (strstr(Opt,"C") || strstr(Opt,"c"));
82 if (clean && fOffSet > -1)
84
85 // Cleanup TPwdCtx object fro UsrPwd
87 if (fContext) {
88 delete (TPwdCtx *)fContext;
89 fContext = 0;
90 }
91
92 Bool_t remove = (strstr(Opt,"R") || strstr(Opt,"r"));
93 if (remove && fOffSet > -1){
95 // Remove from the global list
96 gROOT->GetListOfSecContexts()->Remove(this);
97 // Remove also from local lists in THostAuth objects
99 }
100
101 // Set inactive
102 fOffSet = -1;
104
105}
106
107////////////////////////////////////////////////////////////////////////////////
108/// Ask remote client to cleanup security context 'ctx'
109/// If 'all', all sec context with the same host as ctx
110/// are cleaned.
111
113{
115
116 // Nothing to do if inactive ...
117 if (!IsActive())
118 return kTRUE;
119
120 // Contact remote services that used this context,
121 // starting from the last ...
124 while ((nscc = (TSecContextCleanup *)last()) && !cleaned) {
125
126 // First check if remote daemon supports cleaning
127 Int_t srvtyp = nscc->GetType();
128 Int_t rproto = nscc->GetProtocol();
129 Int_t level = 2;
130 if ((srvtyp == TSocket::kROOTD && rproto < 10))
131 level = 1;
132 if ((srvtyp == TSocket::kROOTD && rproto < 8))
133 level = 0;
134 if (level) {
135 Int_t port = nscc->GetPort();
136
137 TSocket *news = new TSocket(fHost.Data(),port,-1);
138
139 if (news && news->IsValid()) {
140 news->SetOption(kNoDelay, 0);
141
142 // Backward compatibility: send socket size
143 if (srvtyp == TSocket::kROOTD && level == 1)
144 news->Send((Int_t)0, (Int_t)0);
145
146 if (all || level == 1) {
148 cleaned = kTRUE;
149 } else {
150 news->Send(Form("%d %d %d %s", TAuthenticate::fgProcessID, fMethod,
153 (char *)(fToken.Data())) == -1) {
154 Info("CleanupSecContext", "problems secure-sending token");
155 } else {
156 cleaned = kTRUE;
157 }
158 }
159 if (cleaned && gDebug > 2) {
160 char srvname[3][10] = {"sockd", "rootd"};
161 Info("CleanupSecContext",
162 "remote %s notified for cleanup (%s,%d)",
163 srvname[srvtyp],fHost.Data(),port);
164 }
165 }
167 }
168 }
169
170 if (!cleaned)
171 if (gDebug > 2)
172 Info("CleanupSecContext",
173 "unable to open valid socket for cleanup for %s", fHost.Data());
174
175 return cleaned;
176}
177
178////////////////////////////////////////////////////////////////////////////////
179/// If opt is "F" (default) print object content.
180/// If opt is "<number>" print in special form for calls within THostAuth
181/// with cardinality "<number>"
182/// If opt is "S" prints short in-line form for calls within TFTP,
183/// TSlave ...
184
186{
187 // Check if option is numeric
188 Int_t ord = -1, i = 0;
189 for (; i < (Int_t)strlen(opt); i++) {
190 if (opt[i] < 48 || opt[i] > 57) {
191 ord = -2;
192 break;
193 }
194 }
195 // If numeric get the cardinality and prepare the strings
196 if (ord == -1)
197 ord = atoi(opt);
198
199 if (!strncasecmp(opt,"F",1)) {
200 Info("Print",
201 "+------------------------------------------------------+");
202 Info("Print",
203 "+ Host:%s Method:%d (%s) User:'%s'",
205 fUser.Data());
206 Info("Print",
207 "+ OffSet:%d Id: '%s'", fOffSet, fID.Data());
208 if (fOffSet > -1)
209 Info("Print",
210 "+ Expiration time: %s",fExpDate.AsString());
211 Info("Print",
212 "+------------------------------------------------------+");
213 } else if (!strncasecmp(opt,"S",1)) {
214 if (fOffSet > -1) {
215 if (fID.BeginsWith("AFS"))
216 Printf("Security context: Method: AFS, not reusable");
217 else
218 Printf("Security context: Method: %d (%s) expiring on %s",
221 } else {
222 Printf("Security context: Method: %d (%s) not reusable",
224 }
225 } else {
226 // special printing form for THostAuth
227 Info("PrintEstblshed","+ %d \t h:%s met:%d (%s) us:'%s'",
229 fUser.Data());
230 Info("PrintEstblshed","+ \t offset:%d id: '%s'", fOffSet, fID.Data());
231 if (fOffSet > -1)
232 Info("PrintEstblshed","+ \t expiring: %s",fExpDate.AsString());
233 }
234}
235
236////////////////////////////////////////////////////////////////////////////////
237/// Returns short string with relevant information about this
238/// security context
239
241{
242 if (fOffSet > -1) {
243 if (fID.BeginsWith("AFS"))
244 out = Form("Method: AFS, not reusable");
245 else {
246 char expdate[32];
247 out = Form("Method: %d (%s) expiring on %s",
249 }
250 } else {
251 if (fOffSet == -1)
252 out = Form("Method: %d (%s) not reusable", fMethod, GetMethodName());
253 else if (fOffSet == -3)
254 out = Form("Method: %d (%s) authorized by /etc/hosts.equiv or $HOME/.rhosts",
256 else if (fOffSet == -4)
257 out = Form("No authentication required remotely");
258 }
259 return out.Data();
260}
@ kROOTD_CLEANUP
#define SafeDelete(p)
Definition RConfig.hxx:533
int Int_t
Signed integer 4 bytes (int)
Definition RtypesCore.h:59
constexpr Bool_t kFALSE
Definition RtypesCore.h:108
constexpr Bool_t kTRUE
Definition RtypesCore.h:107
const char Option_t
Option string (const char)
Definition RtypesCore.h:80
const Bool_t kIterBackward
Definition TCollection.h:43
ROOT::Detail::TRangeCast< T, true > TRangeDynCast
TRangeDynCast is an adapter class that allows the typed iteration through a TCollection.
#define R__ASSERT(e)
Checks condition e and reports a fatal error if it's false.
Definition TError.h:125
Option_t Option_t TPoint TPoint const char GetTextMagnitude GetFillStyle GetLineColor GetLineWidth GetMarkerStyle GetTextAlign GetTextColor GetTextSize void char Point_t Rectangle_t WindowAttributes_t Float_t Float_t Float_t Int_t Int_t UInt_t UInt_t Rectangle_t Int_t Int_t Window_t TString Int_t GCValues_t GetPrimarySelectionOwner GetDisplay GetScreen GetColormap GetNativeEvent const char const char dpyName wid window const char font_name cursor keysym reg const char only_if_exist regb h Point_t winding char text const char depth char const char Int_t count const char ColorStruct_t color const char Pixmap_t Pixmap_t PictureAttributes_t attr const char char ret_data h unsigned char height h offset
Int_t gDebug
Global variable setting the debug level. Set to 0 to disable, increase it in steps of 1 to increase t...
Definition TROOT.cxx:627
R__EXTERN TVirtualMutex * gROOTMutex
Definition TROOT.h:63
#define gROOT
Definition TROOT.h:411
R__EXTERN const TDatime kROOTTZERO
Definition TSecContext.h:30
char * Form(const char *fmt,...)
Formats a string in a circular formatting buffer.
Definition TString.cxx:2495
void Printf(const char *fmt,...)
Formats a string in a circular formatting buffer and prints the string.
Definition TString.cxx:2509
@ kNoDelay
Definition TSystem.h:235
#define R__LOCKGUARD(mutex)
static Int_t fgProcessID
static Int_t SecureSend(TSocket *Socket, Int_t enc, Int_t KeyType, const char *In)
Encode null terminated str using the session private key indicated by enc and sends it over the netwo...
static void RemoveSecContext(TRootSecContext *ctx)
Tool for removing SecContext ctx from THostAuth listed in fgAuthInfo.
static const char * GetAuthMethod(Int_t idx)
Static method returning the method corresponding to idx.
This class stores the date and time with a precision of one second in an unsigned 32 bit word (950130...
Definition TDatime.h:37
const char * AsString() const
Return the date & time as a string (ctime() format).
Definition TDatime.cxx:101
virtual void Info(const char *method, const char *msgfmt,...) const
Issue info message.
Definition TObject.cxx:1045
Bool_t CleanupSecContext(Bool_t all) override
Ask remote client to cleanup security context 'ctx' If 'all', all sec context with the same host as c...
void DeActivate(Option_t *opt="CR") override
Set OffSet to -1 and expiring Date to default Remove from the list If Opt contains "C" or "c",...
void Print(Option_t *option="F") const override
If opt is "F" (default) print object content.
const char * AsString(TString &out) override
Returns short string with relevant information about this security context.
virtual ~TRootSecContext()
Dtor: delete (deActivate, local/remote cleanup, list removal) all what is still active.
Bool_t IsActive() const
Check remote OffSet and expiring Date.
TString fMethodName
Definition TSecContext.h:47
void Cleanup()
Cleanup what is still active.
const char * GetHost() const
Definition TSecContext.h:75
const char * GetMethodName() const
Definition TSecContext.h:78
TString fID
Definition TSecContext.h:45
void * fContext
Definition TSecContext.h:41
TDatime fExpDate
Definition TSecContext.h:43
Int_t fMethod
Definition TSecContext.h:46
TString fUser
Definition TSecContext.h:50
friend class TRootSecContext
Definition TSecContext.h:38
Int_t fOffSet
Definition TSecContext.h:48
TString fToken
Definition TSecContext.h:49
TList * fCleanup
Definition TSecContext.h:42
TString fHost
Definition TSecContext.h:44
@ kROOTD
Definition TSocket.h:50
Basic string class.
Definition TString.h:138
const char * Data() const
Definition TString.h:384
Bool_t BeginsWith(const char *s, ECaseCompare cmp=kExact) const
Definition TString.h:631