Logo ROOT   6.16/01
Reference Guide
List of all members | Public Types | Public Member Functions | Static Public Member Functions | Private Member Functions | Static Private Member Functions | Private Attributes | Static Private Attributes | Friends | List of all members
TAuthenticate Class Reference

Definition at line 53 of file TAuthenticate.h.

Public Types

enum  ESecurity {
  kClear , kSRP , kKrb5 , kGlobus ,
  kSSH , kRfio
}
 
- Public Types inherited from TObject
enum  {
  kIsOnHeap = 0x01000000 , kNotDeleted = 0x02000000 , kZombie = 0x04000000 , kInconsistent = 0x08000000 ,
  kBitMask = 0x00ffffff
}
 
enum  { kSingleKey = BIT(0) , kOverwrite = BIT(1) , kWriteDelete = BIT(2) }
 
enum  EDeprecatedStatusBits { kObjInCanvas = BIT(3) }
 
enum  EStatusBits {
  kCanDelete = BIT(0) , kMustCleanup = BIT(3) , kIsReferenced = BIT(4) , kHasUUID = BIT(5) ,
  kCannotPick = BIT(6) , kNoContextMenu = BIT(8) , kInvalidObject = BIT(13)
}
 

Public Member Functions

 TAuthenticate (TSocket *sock, const char *remote, const char *proto, const char *user="")
 Create authentication object. More...
 
virtual ~TAuthenticate ()
 
Bool_t Authenticate ()
 Authenticate to remote rootd or proofd server. More...
 
Int_t AuthExists (TString User, Int_t method, const char *Options, Int_t *Message, Int_t *Rflag, CheckSecCtx_t funcheck)
 Check if we have a valid established sec context in memory Retrieves relevant info and negotiates with server. More...
 
void CatchTimeOut ()
 Called in connection with a timer timeout. More...
 
Bool_t CheckNetrc (TString &user, TString &passwd)
 Try to get user name and passwd from the ~/.rootnetrc or ~/.netrc files. More...
 
Bool_t CheckNetrc (TString &user, TString &passwd, Bool_t &pwhash, Bool_t srppwd)
 Try to get user name and passwd from the ~/.rootnetrc or ~/.netrc files. More...
 
THostAuthGetHostAuth () const
 
const char * GetProtocol () const
 
const char * GetRemoteHost () const
 
Int_t GetRSAKeyType () const
 
TRootSecContextGetSecContext () const
 
TSocketGetSocket () const
 
const char * GetUser () const
 
Int_t HasTimedOut () const
 
void SetRSAKeyType (Int_t key)
 
void SetSecContext (TRootSecContext *ctx)
 
- Public Member Functions inherited from TObject
 TObject ()
 TObject constructor. More...
 
 TObject (const TObject &object)
 TObject copy ctor. More...
 
virtual ~TObject ()
 TObject destructor. More...
 
void AbstractMethod (const char *method) const
 Use this method to implement an "abstract" method that you don't want to leave purely abstract. More...
 
virtual void AppendPad (Option_t *option="")
 Append graphics object to current pad. More...
 
virtual void Browse (TBrowser *b)
 Browse object. May be overridden for another default action. More...
 
ULong_t CheckedHash ()
 Check and record whether this class has a consistent Hash/RecursiveRemove setup (*) and then return the regular Hash value for this object. More...
 
virtual const char * ClassName () const
 Returns name of class to which the object belongs. More...
 
virtual void Clear (Option_t *="")
 
virtual TObjectClone (const char *newname="") const
 Make a clone of an object using the Streamer facility. More...
 
virtual Int_t Compare (const TObject *obj) const
 Compare abstract method. More...
 
virtual void Copy (TObject &object) const
 Copy this to obj. More...
 
virtual void Delete (Option_t *option="")
 Delete this object. More...
 
virtual Int_t DistancetoPrimitive (Int_t px, Int_t py)
 Computes distance from point (px,py) to the object. More...
 
virtual void Draw (Option_t *option="")
 Default Draw method for all objects. More...
 
virtual void DrawClass () const
 Draw class inheritance tree of the class to which this object belongs. More...
 
virtual TObjectDrawClone (Option_t *option="") const
 Draw a clone of this object in the current selected pad for instance with: gROOT->SetSelectedPad(gPad). More...
 
virtual void Dump () const
 Dump contents of object on stdout. More...
 
virtual void Error (const char *method, const char *msgfmt,...) const
 Issue error message. More...
 
virtual void Execute (const char *method, const char *params, Int_t *error=0)
 Execute method on this object with the given parameter string, e.g. More...
 
virtual void Execute (TMethod *method, TObjArray *params, Int_t *error=0)
 Execute method on this object with parameters stored in the TObjArray. More...
 
virtual void ExecuteEvent (Int_t event, Int_t px, Int_t py)
 Execute action corresponding to an event at (px,py). More...
 
virtual void Fatal (const char *method, const char *msgfmt,...) const
 Issue fatal error message. More...
 
virtual TObjectFindObject (const char *name) const
 Must be redefined in derived classes. More...
 
virtual TObjectFindObject (const TObject *obj) const
 Must be redefined in derived classes. More...
 
virtual Option_tGetDrawOption () const
 Get option used by the graphics system to draw this object. More...
 
virtual const char * GetIconName () const
 Returns mime type name of object. More...
 
virtual const char * GetName () const
 Returns name of object. More...
 
virtual char * GetObjectInfo (Int_t px, Int_t py) const
 Returns string containing info about the object at position (px,py). More...
 
virtual Option_tGetOption () const
 
virtual const char * GetTitle () const
 Returns title of object. More...
 
virtual UInt_t GetUniqueID () const
 Return the unique object id. More...
 
virtual Bool_t HandleTimer (TTimer *timer)
 Execute action in response of a timer timing out. More...
 
virtual ULong_t Hash () const
 Return hash value for this object. More...
 
Bool_t HasInconsistentHash () const
 Return true is the type of this object is known to have an inconsistent setup for Hash and RecursiveRemove (i.e. More...
 
virtual void Info (const char *method, const char *msgfmt,...) const
 Issue info message. More...
 
virtual Bool_t InheritsFrom (const char *classname) const
 Returns kTRUE if object inherits from class "classname". More...
 
virtual Bool_t InheritsFrom (const TClass *cl) const
 Returns kTRUE if object inherits from TClass cl. More...
 
virtual void Inspect () const
 Dump contents of this object in a graphics canvas. More...
 
void InvertBit (UInt_t f)
 
virtual Bool_t IsEqual (const TObject *obj) const
 Default equal comparison (objects are equal if they have the same address in memory). More...
 
virtual Bool_t IsFolder () const
 Returns kTRUE in case object contains browsable objects (like containers or lists of other objects). More...
 
R__ALWAYS_INLINE Bool_t IsOnHeap () const
 
virtual Bool_t IsSortable () const
 
R__ALWAYS_INLINE Bool_t IsZombie () const
 
virtual void ls (Option_t *option="") const
 The ls function lists the contents of a class on stdout. More...
 
void MayNotUse (const char *method) const
 Use this method to signal that a method (defined in a base class) may not be called in a derived class (in principle against good design since a child class should not provide less functionality than its parent, however, sometimes it is necessary). More...
 
virtual Bool_t Notify ()
 This method must be overridden to handle object notification. More...
 
void Obsolete (const char *method, const char *asOfVers, const char *removedFromVers) const
 Use this method to declare a method obsolete. More...
 
void operator delete (void *ptr)
 Operator delete. More...
 
void operator delete[] (void *ptr)
 Operator delete []. More...
 
voidoperator new (size_t sz)
 
voidoperator new (size_t sz, void *vp)
 
voidoperator new[] (size_t sz)
 
voidoperator new[] (size_t sz, void *vp)
 
TObjectoperator= (const TObject &rhs)
 TObject assignment operator. More...
 
virtual void Paint (Option_t *option="")
 This method must be overridden if a class wants to paint itself. More...
 
virtual void Pop ()
 Pop on object drawn in a pad to the top of the display list. More...
 
virtual void Print (Option_t *option="") const
 This method must be overridden when a class wants to print itself. More...
 
virtual Int_t Read (const char *name)
 Read contents of object with specified name from the current directory. More...
 
virtual void RecursiveRemove (TObject *obj)
 Recursively remove this object from a list. More...
 
void ResetBit (UInt_t f)
 
virtual void SaveAs (const char *filename="", Option_t *option="") const
 Save this object in the file specified by filename. More...
 
virtual void SavePrimitive (std::ostream &out, Option_t *option="")
 Save a primitive as a C++ statement(s) on output stream "out". More...
 
void SetBit (UInt_t f)
 
void SetBit (UInt_t f, Bool_t set)
 Set or unset the user status bits as specified in f. More...
 
virtual void SetDrawOption (Option_t *option="")
 Set drawing option for object. More...
 
virtual void SetUniqueID (UInt_t uid)
 Set the unique object id. More...
 
virtual void SysError (const char *method, const char *msgfmt,...) const
 Issue system error message. More...
 
R__ALWAYS_INLINE Bool_t TestBit (UInt_t f) const
 
Int_t TestBits (UInt_t f) const
 
virtual void UseCurrentStyle ()
 Set current style settings in this object This function is called when either TCanvas::UseCurrentStyle or TROOT::ForceStyle have been invoked. More...
 
virtual void Warning (const char *method, const char *msgfmt,...) const
 Issue warning message. More...
 
virtual Int_t Write (const char *name=0, Int_t option=0, Int_t bufsize=0)
 Write this object to the current directory. More...
 
virtual Int_t Write (const char *name=0, Int_t option=0, Int_t bufsize=0) const
 Write this object to the current directory. More...
 

Static Public Member Functions

static void AuthError (const char *where, Int_t error)
 Print error string depending on error code. More...
 
static Bool_t CheckProofAuth (Int_t cSec, TString &det)
 Check if the authentication method can be attempted for the client. More...
 
static Int_t DecodeRSAPublic (const char *rsapubexport, R__rsa_NUMBER &n, R__rsa_NUMBER &d, char **rsassl=0)
 Store RSA public keys from export string rsaPubExport. More...
 
static TListGetAuthInfo ()
 Static method returning the list with authentication details. More...
 
static const char * GetAuthMethod (Int_t idx)
 Static method returning the method corresponding to idx. More...
 
static Int_t GetAuthMethodIdx (const char *meth)
 Static method returning the method index (which can be used to find the method in GetAuthMethod()). More...
 
static Bool_t GetAuthReUse ()
 Static method returning the authentication reuse settings. More...
 
static Int_t GetClientProtocol ()
 Static method returning supported client protocol. More...
 
static char * GetDefaultDetails (Int_t method, Int_t opt, const char *user)
 Determine default authentication details for method 'sec' and user 'usr'. More...
 
static const char * GetDefaultUser ()
 Static method returning the default user information. More...
 
static TDatime GetGlobalExpDate ()
 Static method returning default expiring date for new validity contexts. More...
 
static Bool_t GetGlobalPwHash ()
 Static method returning the global password hash flag. More...
 
static Bool_t GetGlobalSRPPwd ()
 Static method returning the global SRP password flag. More...
 
static const char * GetGlobalUser ()
 Static method returning the global user. More...
 
static GlobusAuth_t GetGlobusAuthHook ()
 Static method returning the globus authorization hook. More...
 
static THostAuthGetHostAuth (const char *host, const char *user="", Option_t *opt="R", Int_t *Exact=0)
 Sets fUser=user and search fgAuthInfo for the entry pertaining to (host,user), setting fHostAuth accordingly. More...
 
static const char * GetKrb5Principal ()
 Static method returning the principal to be used to init Krb5 tickets. More...
 
static Bool_t GetPromptUser ()
 Static method returning the prompt user settings. More...
 
static TListGetProofAuthInfo ()
 Static method returning the list with authentication directives to be sent to proof. More...
 
static Int_t GetRSAInit ()
 Static method returning the RSA initialization flag. More...
 
static const char * GetRSAPubExport (Int_t key=0)
 Static method returning the RSA public keys. More...
 
static THostAuthHasHostAuth (const char *host, const char *user, Option_t *opt="R")
 Checks if a THostAuth with exact match for {host,user} exists in the fgAuthInfo list If opt = "P" use ProofAuthInfo list instead Returns pointer to it or 0. More...
 
static void InitRandom ()
 Initialize random machine using seed from /dev/urandom (or current time if /dev/urandom not available). More...
 
static void MergeHostAuthList (TList *Std, TList *New, Option_t *Opt="")
 Tool for updating fgAuthInfo or fgProofAuthInfo 'nin' contains list of last input information through (re)reading of a rootauthrc-alike file. More...
 
static char * PromptPasswd (const char *prompt="Password: ")
 Static method to prompt for the user's passwd to be used for authentication to rootd or proofd. More...
 
static char * PromptUser (const char *remote)
 Static method to prompt for the user name to be used for authentication to rootd or proofd. More...
 
static Int_t ReadRootAuthrc ()
 Read authentication directives from $ROOTAUTHRC, $HOME/.rootauthrc or <Root_etc_dir>/system.rootauthrc and create related THostAuth objects. More...
 
static void RemoveHostAuth (THostAuth *ha, Option_t *opt="")
 Remove THostAuth instance from the list. More...
 
static Int_t SecureRecv (TSocket *Socket, Int_t dec, Int_t KeyType, char **Out)
 Receive str from sock and decode it using key indicated by key type Return number of received bytes or -1 in case of error. More...
 
static Int_t SecureSend (TSocket *Socket, Int_t enc, Int_t KeyType, const char *In)
 Encode null terminated str using the session private key indicated by enc and sends it over the network Returns number of bytes sent, or -1 in case of error. More...
 
static Int_t SendRSAPublicKey (TSocket *Socket, Int_t key=0)
 Receives server RSA Public key Sends local RSA public key encoded. More...
 
static void SetAuthReUse (Bool_t authreuse)
 Set global AuthReUse flag. More...
 
static void SetDefaultRSAKeyType (Int_t key)
 Static method setting the default type of RSA key. More...
 
static void SetDefaultUser (const char *defaultuser)
 Set default user name. More...
 
static void SetGlobalExpDate (TDatime expdate)
 Set default expiring date for new validity contexts. More...
 
static void SetGlobalPasswd (const char *passwd)
 Set global passwd to be used for authentication to rootd or proofd. More...
 
static void SetGlobalPwHash (Bool_t pwhash)
 Set global passwd hash flag to be used for authentication to rootd or proofd. More...
 
static void SetGlobalSRPPwd (Bool_t srppwd)
 Set global SRP passwd flag to be used for authentication to rootd or proofd. More...
 
static void SetGlobalUser (const char *user)
 Set global user name to be used for authentication to rootd or proofd. More...
 
static void SetGlobusAuthHook (GlobusAuth_t func)
 Set Globus authorization function. More...
 
static void SetKrb5AuthHook (Krb5Auth_t func)
 Set kerberos5 authorization function. More...
 
static void SetPromptUser (Bool_t promptuser)
 Set global PromptUser flag. More...
 
static void SetReadHomeAuthrc (Bool_t readhomeauthrc)
 Set flag controlling the reading of $HOME/.rootauthrc. More...
 
static void SetRSAInit (Int_t init=1)
 Static method setting RSA initialization flag. More...
 
static Int_t SetRSAPublic (const char *rsapubexport, Int_t klen)
 Store RSA public keys from export string rsaPubExport. More...
 
static void SetSecureAuthHook (SecureAuth_t func)
 Set secure authorization function. More...
 
static void SetTimeOut (Int_t to)
 Set timeout (active if > 0) More...
 
static void Show (Option_t *opt="S")
 Print info about the authentication sector. More...
 
- Static Public Member Functions inherited from TObject
static Long_t GetDtorOnly ()
 Return destructor only flag. More...
 
static Bool_t GetObjectStat ()
 Get status of object stat flag. More...
 
static void SetDtorOnly (void *obj)
 Set destructor only flag. More...
 
static void SetObjectStat (Bool_t stat)
 Turn on/off tracking of objects in the TObjectTable. More...
 

Private Member Functions

Int_t ClearAuth (TString &user, TString &passwd, Bool_t &pwhash)
 UsrPwd client authentication code. More...
 
Int_t GenRSAKeys ()
 Generate a valid pair of private/public RSA keys to protect for authentication token exchange. More...
 
Bool_t GetPwHash () const
 
char * GetRandString (Int_t Opt, Int_t Len)
 Allocates and fills a 0 terminated buffer of length len+1 with len random characters. More...
 
Int_t GetRSAKey () const
 
ESecurity GetSecurity () const
 
Bool_t GetSRPPwd () const
 
const char * GetSshUser (TString user) const
 Method returning the user to be used for the ssh login. More...
 
Bool_t GetUserPasswd (TString &user, TString &passwd, Bool_t &pwhash, Bool_t srppwd)
 Try to get user name and passwd from several sources. More...
 
Int_t GetVersion () const
 
Int_t ProofAuthSetup ()
 Authentication related stuff setup in TProofServ. More...
 
Int_t RfioAuth (TString &user)
 UidGid client authentication code. More...
 
void SetEnvironment ()
 Set default authentication environment. More...
 
Int_t SshAuth (TString &user)
 SSH client authentication code. More...
 
Int_t SshError (const char *errfile)
 SSH error parsing: returns 0 : no error or fatal 1 : should retry (eg 'connection closed by remote host') More...
 

Static Private Member Functions

static Bool_t CheckHost (const char *Host, const char *host)
 Check if 'host' matches 'href': this means either equal or "containing" it, even with wild cards * in the first field (in the case 'href' is a name, ie not IP address) Returns kTRUE if the two matches. More...
 
static void FileExpand (const char *fin, FILE *ftmp)
 Expands include directives found in fexp files The expanded, temporary file, is pointed to by 'ftmp' and should be already open. More...
 
static Int_t ProofAuthSetup (TSocket *sock, Bool_t client)
 Setup of authetication related stuff in PROOF run after a successful authentication. More...
 
static void RemoveSecContext (TRootSecContext *ctx)
 Tool for removing SecContext ctx from THostAuth listed in fgAuthInfo or fgProofAuthInfo. More...
 

Private Attributes

TString fDetails
 
THostAuthfHostAuth
 
TString fPasswd
 
TString fProtocol
 
Bool_t fPwHash
 
TString fRemote
 
Int_t fRSAKey
 
TRootSecContextfSecContext
 
ESecurity fSecurity
 
TSocketfSocket
 
Bool_t fSRPPwd
 
Int_t fTimeOut
 
TString fUser
 
Int_t fVersion
 

Static Private Attributes

static TListfgAuthInfo = 0
 
static TString fgAuthMeth [kMAXSEC]
 
static Bool_t fgAuthReUse
 
static Int_t fgAuthTO = -2
 
static TString fgDefaultUser
 
static TDatime fgExpDate
 
static GlobusAuth_t fgGlobusAuthHook
 
static Krb5Auth_t fgKrb5AuthHook
 
static TString fgKrb5Principal
 
static TDatime fgLastAuthrc
 
static Int_t fgLastError = -1
 
static TString fgPasswd
 
static TPluginHandlerfgPasswdDialog = (TPluginHandler *)(-1)
 
static Int_t fgProcessID = -1
 
static Bool_t fgPromptUser
 
static TListfgProofAuthInfo = 0
 
static Bool_t fgPwHash
 
static Bool_t fgReadHomeAuthrc = kTRUE
 
static TString fgRootAuthrc
 
static Int_t fgRSAInit = 0
 
static Int_t fgRSAKey = -1
 
static R__rsa_KEY fgRSAPriKey
 
static R__rsa_KEY_export * fgRSAPubExport = R__fgRSAPubExport
 
static R__rsa_KEY fgRSAPubKey
 
static SecureAuth_t fgSecAuthHook
 
static Bool_t fgSRPPwd
 
static TString fgUser
 
static Bool_t fgUsrPwdCrypt
 

Friends

class TRootAuth
 
class TRootSecContext
 
class TSocket
 

Additional Inherited Members

- Protected Member Functions inherited from TObject
virtual void DoError (int level, const char *location, const char *fmt, va_list va) const
 Interface to ErrorHandler (protected). More...
 
void MakeZombie ()
 

#include <TAuthenticate.h>

Inheritance diagram for TAuthenticate:
[legend]

Member Enumeration Documentation

◆ ESecurity

Enumerator
kClear 
kSRP 
kKrb5 
kGlobus 
kSSH 
kRfio 

Definition at line 60 of file TAuthenticate.h.

Constructor & Destructor Documentation

◆ TAuthenticate()

TAuthenticate::TAuthenticate ( TSocket sock,
const char *  remote,
const char *  proto,
const char *  user = "" 
)

Create authentication object.

Definition at line 171 of file TAuthenticate.cxx.

◆ ~TAuthenticate()

virtual TAuthenticate::~TAuthenticate ( )
inlinevirtual

Definition at line 133 of file TAuthenticate.h.

Member Function Documentation

◆ Authenticate()

Bool_t TAuthenticate::Authenticate ( )

Authenticate to remote rootd or proofd server.

Return kTRUE if authentication succeeded.

Definition at line 377 of file TAuthenticate.cxx.

◆ AuthError()

void TAuthenticate::AuthError ( const char *  where,
Int_t  error 
)
static

Print error string depending on error code.

Definition at line 1455 of file TAuthenticate.cxx.

◆ AuthExists()

Int_t TAuthenticate::AuthExists ( TString  username,
Int_t  method,
const char *  options,
Int_t message,
Int_t rflag,
CheckSecCtx_t  checksecctx 
)

Check if we have a valid established sec context in memory Retrieves relevant info and negotiates with server.

options = "Opt,strlen(username),username.Data()" message = kROOTD_USER, ...

Definition at line 3122 of file TAuthenticate.cxx.

◆ CatchTimeOut()

void TAuthenticate::CatchTimeOut ( )

Called in connection with a timer timeout.

Definition at line 361 of file TAuthenticate.cxx.

◆ CheckHost()

Bool_t TAuthenticate::CheckHost ( const char *  Host,
const char *  host 
)
staticprivate

Check if 'host' matches 'href': this means either equal or "containing" it, even with wild cards * in the first field (in the case 'href' is a name, ie not IP address) Returns kTRUE if the two matches.

Definition at line 2162 of file TAuthenticate.cxx.

◆ CheckNetrc() [1/2]

Bool_t TAuthenticate::CheckNetrc ( TString user,
TString passwd 
)

Try to get user name and passwd from the ~/.rootnetrc or ~/.netrc files.

For more info see the version with 4 arguments. This version is maintained for backward compatability reasons.

Definition at line 1067 of file TAuthenticate.cxx.

◆ CheckNetrc() [2/2]

Bool_t TAuthenticate::CheckNetrc ( TString user,
TString passwd,
Bool_t pwhash,
Bool_t  srppwd 
)

Try to get user name and passwd from the ~/.rootnetrc or ~/.netrc files.

First ~/.rootnetrc is tried, after that ~/.netrc. These files will only be used when their access masks are 0600. Returns kTRUE if user and passwd were found for the machine specified in the URL. If kFALSE, user and passwd are "". If srppwd == kTRUE then a SRP ('secure') pwd is searched for in the files. The boolean pwhash is set to kTRUE if the returned passwd is to be understood as password hash, i.e. if the 'password-hash' keyword is found in the 'machine' lines; not implemented for 'secure' and the .netrc file. The format of these files are:

this is a comment line

machine <machine fqdn> login <user> password <passwd> machine <machine fqdn> login <user> password-hash <passwd>

and in addition ~/.rootnetrc also supports:

secure <machine fqdn> login <user> password <passwd>

<machine fqdn> may be a domain name or contain the wild card '*'.

for the secure protocols. All lines must start in the first column.

Definition at line 1103 of file TAuthenticate.cxx.

◆ CheckProofAuth()

Bool_t TAuthenticate::CheckProofAuth ( Int_t  cSec,
TString det 
)
static

Check if the authentication method can be attempted for the client.

Definition at line 4382 of file TAuthenticate.cxx.

◆ ClearAuth()

Int_t TAuthenticate::ClearAuth ( TString user,
TString passwd,
Bool_t pwdhash 
)
private

UsrPwd client authentication code.

Returns 0 in case authentication failed 1 in case of success

Definition at line 2316 of file TAuthenticate.cxx.

◆ DecodeRSAPublic()

Int_t TAuthenticate::DecodeRSAPublic ( const char *  rsapubexport,
R__rsa_NUMBER &  n,
R__rsa_NUMBER &  d,
char **  rsassl = 0 
)
static

Store RSA public keys from export string rsaPubExport.

Definition at line 3777 of file TAuthenticate.cxx.

◆ FileExpand()

void TAuthenticate::FileExpand ( const char *  fexp,
FILE *  ftmp 
)
staticprivate

Expands include directives found in fexp files The expanded, temporary file, is pointed to by 'ftmp' and should be already open.

To be called recursively.

Definition at line 2902 of file TAuthenticate.cxx.

◆ GenRSAKeys()

Int_t TAuthenticate::GenRSAKeys ( )
private

Generate a valid pair of private/public RSA keys to protect for authentication token exchange.

Definition at line 3347 of file TAuthenticate.cxx.

◆ GetAuthInfo()

TList * TAuthenticate::GetAuthInfo ( )
static

Static method returning the list with authentication details.

Definition at line 1430 of file TAuthenticate.cxx.

◆ GetAuthMethod()

const char * TAuthenticate::GetAuthMethod ( Int_t  idx)
static

Static method returning the method corresponding to idx.

Definition at line 1261 of file TAuthenticate.cxx.

◆ GetAuthMethodIdx()

Int_t TAuthenticate::GetAuthMethodIdx ( const char *  meth)
static

Static method returning the method index (which can be used to find the method in GetAuthMethod()).

Returns -1 in case meth is not found.

Definition at line 1276 of file TAuthenticate.cxx.

◆ GetAuthReUse()

Bool_t TAuthenticate::GetAuthReUse ( )
static

Static method returning the authentication reuse settings.

Definition at line 1245 of file TAuthenticate.cxx.

◆ GetClientProtocol()

Int_t TAuthenticate::GetClientProtocol ( )
static

Static method returning supported client protocol.

Definition at line 4815 of file TAuthenticate.cxx.

◆ GetDefaultDetails()

char * TAuthenticate::GetDefaultDetails ( Int_t  method,
Int_t  opt,
const char *  usr 
)
static

Determine default authentication details for method 'sec' and user 'usr'.

Checks .rootrc family files. Returned string must be deleted by the user.

Definition at line 2981 of file TAuthenticate.cxx.

◆ GetDefaultUser()

const char * TAuthenticate::GetDefaultUser ( )
static

Static method returning the default user information.

Definition at line 1229 of file TAuthenticate.cxx.

◆ GetGlobalExpDate()

TDatime TAuthenticate::GetGlobalExpDate ( )
static

Static method returning default expiring date for new validity contexts.

Definition at line 1221 of file TAuthenticate.cxx.

◆ GetGlobalPwHash()

Bool_t TAuthenticate::GetGlobalPwHash ( )
static

Static method returning the global password hash flag.

Definition at line 1205 of file TAuthenticate.cxx.

◆ GetGlobalSRPPwd()

Bool_t TAuthenticate::GetGlobalSRPPwd ( )
static

Static method returning the global SRP password flag.

Definition at line 1213 of file TAuthenticate.cxx.

◆ GetGlobalUser()

const char * TAuthenticate::GetGlobalUser ( )
static

Static method returning the global user.

Definition at line 1197 of file TAuthenticate.cxx.

◆ GetGlobusAuthHook()

GlobusAuth_t TAuthenticate::GetGlobusAuthHook ( )
static

Static method returning the globus authorization hook.

Definition at line 1388 of file TAuthenticate.cxx.

◆ GetHostAuth() [1/2]

THostAuth * TAuthenticate::GetHostAuth ( ) const
inline

Definition at line 142 of file TAuthenticate.h.

◆ GetHostAuth() [2/2]

THostAuth * TAuthenticate::GetHostAuth ( const char *  host,
const char *  user = "",
Option_t opt = "R",
Int_t exact = 0 
)
static

Sets fUser=user and search fgAuthInfo for the entry pertaining to (host,user), setting fHostAuth accordingly.

If opt = "P" use fgProofAuthInfo list instead If no entry is found fHostAuth is not changed

Definition at line 2781 of file TAuthenticate.cxx.

◆ GetKrb5Principal()

const char * TAuthenticate::GetKrb5Principal ( )
static

Static method returning the principal to be used to init Krb5 tickets.

Definition at line 1237 of file TAuthenticate.cxx.

◆ GetPromptUser()

Bool_t TAuthenticate::GetPromptUser ( )
static

Static method returning the prompt user settings.

Definition at line 1253 of file TAuthenticate.cxx.

◆ GetProofAuthInfo()

TList * TAuthenticate::GetProofAuthInfo ( )
static

Static method returning the list with authentication directives to be sent to proof.

Definition at line 1443 of file TAuthenticate.cxx.

◆ GetProtocol()

const char * TAuthenticate::GetProtocol ( ) const
inline

Definition at line 143 of file TAuthenticate.h.

◆ GetPwHash()

Bool_t TAuthenticate::GetPwHash ( ) const
inlineprivate

Definition at line 79 of file TAuthenticate.h.

◆ GetRandString()

char * TAuthenticate::GetRandString ( Int_t  opt,
Int_t  len 
)
private

Allocates and fills a 0 terminated buffer of length len+1 with len random characters.

Returns pointer to the buffer (to be deleted by the caller) opt = 0 any non dangerous char 1 letters and numbers (upper and lower case) 2 hex characters (upper and lower case)

Definition at line 3591 of file TAuthenticate.cxx.

◆ GetRemoteHost()

const char * TAuthenticate::GetRemoteHost ( ) const
inline

Definition at line 144 of file TAuthenticate.h.

◆ GetRSAInit()

Int_t TAuthenticate::GetRSAInit ( )
static

Static method returning the RSA initialization flag.

Definition at line 1405 of file TAuthenticate.cxx.

◆ GetRSAKey()

Int_t TAuthenticate::GetRSAKey ( ) const
inlineprivate

Definition at line 80 of file TAuthenticate.h.

◆ GetRSAKeyType()

Int_t TAuthenticate::GetRSAKeyType ( ) const
inline

Definition at line 145 of file TAuthenticate.h.

◆ GetRSAPubExport()

const char * TAuthenticate::GetRSAPubExport ( Int_t  key = 0)
static

Static method returning the RSA public keys.

Definition at line 1396 of file TAuthenticate.cxx.

◆ GetSecContext()

TRootSecContext * TAuthenticate::GetSecContext ( ) const
inline

Definition at line 146 of file TAuthenticate.h.

◆ GetSecurity()

ESecurity TAuthenticate::GetSecurity ( ) const
inlineprivate

Definition at line 81 of file TAuthenticate.h.

◆ GetSocket()

TSocket * TAuthenticate::GetSocket ( ) const
inline

Definition at line 147 of file TAuthenticate.h.

◆ GetSRPPwd()

Bool_t TAuthenticate::GetSRPPwd ( ) const
inlineprivate

Definition at line 82 of file TAuthenticate.h.

◆ GetSshUser()

const char * TAuthenticate::GetSshUser ( TString  user) const
private

Method returning the user to be used for the ssh login.

Looks first at SSH.Login and finally at env USER. If SSH.LoginPrompt is set to 'yes' it prompts for the 'login name'

Definition at line 2130 of file TAuthenticate.cxx.

◆ GetUser()

const char * TAuthenticate::GetUser ( ) const
inline

Definition at line 148 of file TAuthenticate.h.

◆ GetUserPasswd()

Bool_t TAuthenticate::GetUserPasswd ( TString user,
TString passwd,
Bool_t pwhash,
Bool_t  srppwd 
)
private

Try to get user name and passwd from several sources.

Definition at line 999 of file TAuthenticate.cxx.

◆ GetVersion()

Int_t TAuthenticate::GetVersion ( ) const
inlineprivate

Definition at line 84 of file TAuthenticate.h.

◆ HasHostAuth()

THostAuth * TAuthenticate::HasHostAuth ( const char *  host,
const char *  user,
Option_t opt = "R" 
)
static

Checks if a THostAuth with exact match for {host,user} exists in the fgAuthInfo list If opt = "P" use ProofAuthInfo list instead Returns pointer to it or 0.

Definition at line 2858 of file TAuthenticate.cxx.

◆ HasTimedOut()

Int_t TAuthenticate::HasTimedOut ( ) const
inline

Definition at line 149 of file TAuthenticate.h.

◆ InitRandom()

void TAuthenticate::InitRandom ( )
static

Initialize random machine using seed from /dev/urandom (or current time if /dev/urandom not available).

Definition at line 3319 of file TAuthenticate.cxx.

◆ MergeHostAuthList()

void TAuthenticate::MergeHostAuthList ( TList std,
TList nin,
Option_t opt = "" 
)
static

Tool for updating fgAuthInfo or fgProofAuthInfo 'nin' contains list of last input information through (re)reading of a rootauthrc-alike file.

'nin' info has priority. 'std' is cleaned from inactive members. 'nin' members used to update existing members in 'std' are removed from 'nin', do that they do not leak opt = "P" for proofauthinfo.

Definition at line 4522 of file TAuthenticate.cxx.

◆ PromptPasswd()

char * TAuthenticate::PromptPasswd ( const char *  prompt = "Password: ")
static

Static method to prompt for the user's passwd to be used for authentication to rootd or proofd.

Uses non-echoing command line to get passwd. Returns passwd (which must de deleted by caller) or 0. If non-interactive run (eg ProofServ) returns -1

Definition at line 1336 of file TAuthenticate.cxx.

◆ PromptUser()

char * TAuthenticate::PromptUser ( const char *  remote)
static

Static method to prompt for the user name to be used for authentication to rootd or proofd.

User is asked to type user name. Returns user name (which must be deleted by caller) or 0. If non-interactive run (eg ProofServ) returns default user.

Definition at line 1296 of file TAuthenticate.cxx.

◆ ProofAuthSetup() [1/2]

Int_t TAuthenticate::ProofAuthSetup ( )
private

Authentication related stuff setup in TProofServ.

This is the place where the buffer send by the client / master is decoded. It contains also password information, if the case requires. Return 0 on success, -1 on failure.

Definition at line 4610 of file TAuthenticate.cxx.

◆ ProofAuthSetup() [2/2]

Int_t TAuthenticate::ProofAuthSetup ( TSocket sock,
Bool_t  client 
)
staticprivate

Setup of authetication related stuff in PROOF run after a successful authentication.

Return 0 on success, -1 on failure.

Definition at line 4732 of file TAuthenticate.cxx.

◆ ReadRootAuthrc()

Int_t TAuthenticate::ReadRootAuthrc ( )
static

Read authentication directives from $ROOTAUTHRC, $HOME/.rootauthrc or <Root_etc_dir>/system.rootauthrc and create related THostAuth objects.

Files are read only if they changed since last reading If 'proofconf' is defined, check also file proofconf for directives

Definition at line 4053 of file TAuthenticate.cxx.

◆ RemoveHostAuth()

void TAuthenticate::RemoveHostAuth ( THostAuth ha,
Option_t opt = "" 
)
static

Remove THostAuth instance from the list.

Definition at line 3049 of file TAuthenticate.cxx.

◆ RemoveSecContext()

void TAuthenticate::RemoveSecContext ( TRootSecContext ctx)
staticprivate

Tool for removing SecContext ctx from THostAuth listed in fgAuthInfo or fgProofAuthInfo.

Definition at line 4572 of file TAuthenticate.cxx.

◆ RfioAuth()

Int_t TAuthenticate::RfioAuth ( TString username)
private

UidGid client authentication code.

Returns 0 in case authentication failed 1 in case of success <0 in case of system error

Definition at line 2223 of file TAuthenticate.cxx.

◆ SecureRecv()

Int_t TAuthenticate::SecureRecv ( TSocket sock,
Int_t  dec,
Int_t  key,
char **  str 
)
static

Receive str from sock and decode it using key indicated by key type Return number of received bytes or -1 in case of error.

dec = 1 for private decoding, dec = 2 for public decoding

Definition at line 3710 of file TAuthenticate.cxx.

◆ SecureSend()

Int_t TAuthenticate::SecureSend ( TSocket sock,
Int_t  enc,
Int_t  key,
const char *  str 
)
static

Encode null terminated str using the session private key indicated by enc and sends it over the network Returns number of bytes sent, or -1 in case of error.

enc = 1 for private encoding, enc = 2 for public encoding

Definition at line 3649 of file TAuthenticate.cxx.

◆ SendRSAPublicKey()

Int_t TAuthenticate::SendRSAPublicKey ( TSocket Socket,
Int_t  key = 0 
)
static

Receives server RSA Public key Sends local RSA public key encoded.

Definition at line 3958 of file TAuthenticate.cxx.

◆ SetAuthReUse()

void TAuthenticate::SetAuthReUse ( Bool_t  authreuse)
static

Set global AuthReUse flag.

Definition at line 1571 of file TAuthenticate.cxx.

◆ SetDefaultRSAKeyType()

void TAuthenticate::SetDefaultRSAKeyType ( Int_t  key)
static

Static method setting the default type of RSA key.

Definition at line 1413 of file TAuthenticate.cxx.

◆ SetDefaultUser()

void TAuthenticate::SetDefaultUser ( const char *  defaultuser)
static

Set default user name.

Definition at line 1551 of file TAuthenticate.cxx.

◆ SetEnvironment()

void TAuthenticate::SetEnvironment ( )
private

Set default authentication environment.

The values are inferred from fSecurity and fDetails.

Definition at line 812 of file TAuthenticate.cxx.

◆ SetGlobalExpDate()

void TAuthenticate::SetGlobalExpDate ( TDatime  expdate)
static

Set default expiring date for new validity contexts.

Definition at line 1543 of file TAuthenticate.cxx.

◆ SetGlobalPasswd()

void TAuthenticate::SetGlobalPasswd ( const char *  passwd)
static

Set global passwd to be used for authentication to rootd or proofd.

Definition at line 1503 of file TAuthenticate.cxx.

◆ SetGlobalPwHash()

void TAuthenticate::SetGlobalPwHash ( Bool_t  pwhash)
static

Set global passwd hash flag to be used for authentication to rootd or proofd.

Definition at line 1517 of file TAuthenticate.cxx.

◆ SetGlobalSRPPwd()

void TAuthenticate::SetGlobalSRPPwd ( Bool_t  srppwd)
static

Set global SRP passwd flag to be used for authentication to rootd or proofd.

Definition at line 1525 of file TAuthenticate.cxx.

◆ SetGlobalUser()

void TAuthenticate::SetGlobalUser ( const char *  user)
static

Set global user name to be used for authentication to rootd or proofd.

Definition at line 1489 of file TAuthenticate.cxx.

◆ SetGlobusAuthHook()

void TAuthenticate::SetGlobusAuthHook ( GlobusAuth_t  func)
static

Set Globus authorization function.

Automatically called when libGlobusAuth is loaded.

Definition at line 1606 of file TAuthenticate.cxx.

◆ SetKrb5AuthHook()

void TAuthenticate::SetKrb5AuthHook ( Krb5Auth_t  func)
static

Set kerberos5 authorization function.

Automatically called when libKrb5Auth is loaded.

Definition at line 1597 of file TAuthenticate.cxx.

◆ SetPromptUser()

void TAuthenticate::SetPromptUser ( Bool_t  promptuser)
static

Set global PromptUser flag.

Definition at line 1579 of file TAuthenticate.cxx.

◆ SetReadHomeAuthrc()

void TAuthenticate::SetReadHomeAuthrc ( Bool_t  readhomeauthrc)
static

Set flag controlling the reading of $HOME/.rootauthrc.

In PROOF the administrator may want to switch off private settings. Always true, may only be set false via option to proofd.

Definition at line 1535 of file TAuthenticate.cxx.

◆ SetRSAInit()

void TAuthenticate::SetRSAInit ( Int_t  init = 1)
static

Static method setting RSA initialization flag.

Definition at line 1422 of file TAuthenticate.cxx.

◆ SetRSAKeyType()

void TAuthenticate::SetRSAKeyType ( Int_t  key)
inline

Definition at line 150 of file TAuthenticate.h.

◆ SetRSAPublic()

Int_t TAuthenticate::SetRSAPublic ( const char *  rsaPubExport,
Int_t  klen 
)
static

Store RSA public keys from export string rsaPubExport.

Returns type of stored key, or -1 is not recognized

Definition at line 3880 of file TAuthenticate.cxx.

◆ SetSecContext()

void TAuthenticate::SetSecContext ( TRootSecContext ctx)
inline

Definition at line 151 of file TAuthenticate.h.

◆ SetSecureAuthHook()

void TAuthenticate::SetSecureAuthHook ( SecureAuth_t  func)
static

Set secure authorization function.

Automatically called when libSRPAuth is loaded.

Definition at line 1588 of file TAuthenticate.cxx.

◆ SetTimeOut()

void TAuthenticate::SetTimeOut ( Int_t  to)
static

Set timeout (active if > 0)

Definition at line 1563 of file TAuthenticate.cxx.

◆ Show()

void TAuthenticate::Show ( Option_t opt = "S")
static

Print info about the authentication sector.

If 'opt' contains 's' or 'S' prints information about established TSecContext, else prints information about THostAuth (if 'opt' is 'p' or 'P', prints Proof related information)

Definition at line 3065 of file TAuthenticate.cxx.

◆ SshAuth()

Int_t TAuthenticate::SshAuth ( TString user)
private

SSH client authentication code.

Definition at line 1667 of file TAuthenticate.cxx.

◆ SshError()

Int_t TAuthenticate::SshError ( const char *  errfile)
private

SSH error parsing: returns 0 : no error or fatal 1 : should retry (eg 'connection closed by remote host')

Definition at line 1616 of file TAuthenticate.cxx.

Friends And Related Function Documentation

◆ TRootAuth

friend class TRootAuth
friend

Definition at line 55 of file TAuthenticate.h.

◆ TRootSecContext

friend class TRootSecContext
friend

Definition at line 56 of file TAuthenticate.h.

◆ TSocket

friend class TSocket
friend

Definition at line 57 of file TAuthenticate.h.

Member Data Documentation

◆ fDetails

TString TAuthenticate::fDetails
private

Definition at line 63 of file TAuthenticate.h.

◆ fgAuthInfo

TList * TAuthenticate::fgAuthInfo = 0
staticprivate

Definition at line 95 of file TAuthenticate.h.

◆ fgAuthMeth

TString TAuthenticate::fgAuthMeth
staticprivate
Initial value:
= { "UsrPwd", "SRP", "Krb5",
"Globus", "SSH", "UidGid" }

Definition at line 96 of file TAuthenticate.h.

◆ fgAuthReUse

Bool_t TAuthenticate::fgAuthReUse
staticprivate

Definition at line 97 of file TAuthenticate.h.

◆ fgAuthTO

Int_t TAuthenticate::fgAuthTO = -2
staticprivate

Definition at line 121 of file TAuthenticate.h.

◆ fgDefaultUser

TString TAuthenticate::fgDefaultUser
staticprivate

Definition at line 98 of file TAuthenticate.h.

◆ fgExpDate

TDatime TAuthenticate::fgExpDate
staticprivate

Definition at line 99 of file TAuthenticate.h.

◆ fgGlobusAuthHook

GlobusAuth_t TAuthenticate::fgGlobusAuthHook
staticprivate

Definition at line 100 of file TAuthenticate.h.

◆ fgKrb5AuthHook

Krb5Auth_t TAuthenticate::fgKrb5AuthHook
staticprivate

Definition at line 101 of file TAuthenticate.h.

◆ fgKrb5Principal

TString TAuthenticate::fgKrb5Principal
staticprivate

Definition at line 102 of file TAuthenticate.h.

◆ fgLastAuthrc

TDatime TAuthenticate::fgLastAuthrc
staticprivate

Definition at line 103 of file TAuthenticate.h.

◆ fgLastError

Int_t TAuthenticate::fgLastError = -1
staticprivate

Definition at line 120 of file TAuthenticate.h.

◆ fgPasswd

TString TAuthenticate::fgPasswd
staticprivate

Definition at line 104 of file TAuthenticate.h.

◆ fgPasswdDialog

TPluginHandler * TAuthenticate::fgPasswdDialog = (TPluginHandler *)(-1)
staticprivate

Definition at line 105 of file TAuthenticate.h.

◆ fgProcessID

Int_t TAuthenticate::fgProcessID = -1
staticprivate

Definition at line 122 of file TAuthenticate.h.

◆ fgPromptUser

Bool_t TAuthenticate::fgPromptUser
staticprivate

Definition at line 106 of file TAuthenticate.h.

◆ fgProofAuthInfo

TList * TAuthenticate::fgProofAuthInfo = 0
staticprivate

Definition at line 107 of file TAuthenticate.h.

◆ fgPwHash

Bool_t TAuthenticate::fgPwHash
staticprivate

Definition at line 108 of file TAuthenticate.h.

◆ fgReadHomeAuthrc

Bool_t TAuthenticate::fgReadHomeAuthrc = kTRUE
staticprivate

Definition at line 109 of file TAuthenticate.h.

◆ fgRootAuthrc

TString TAuthenticate::fgRootAuthrc
staticprivate

Definition at line 110 of file TAuthenticate.h.

◆ fgRSAInit

Int_t TAuthenticate::fgRSAInit = 0
staticprivate

Definition at line 112 of file TAuthenticate.h.

◆ fgRSAKey

Int_t TAuthenticate::fgRSAKey = -1
staticprivate

Definition at line 111 of file TAuthenticate.h.

◆ fgRSAPriKey

R__rsa_KEY TAuthenticate::fgRSAPriKey
staticprivate

Definition at line 113 of file TAuthenticate.h.

◆ fgRSAPubExport

R__rsa_KEY_export * TAuthenticate::fgRSAPubExport = R__fgRSAPubExport
staticprivate

Definition at line 115 of file TAuthenticate.h.

◆ fgRSAPubKey

R__rsa_KEY TAuthenticate::fgRSAPubKey
staticprivate

Definition at line 114 of file TAuthenticate.h.

◆ fgSecAuthHook

SecureAuth_t TAuthenticate::fgSecAuthHook
staticprivate

Definition at line 116 of file TAuthenticate.h.

◆ fgSRPPwd

Bool_t TAuthenticate::fgSRPPwd
staticprivate

Definition at line 117 of file TAuthenticate.h.

◆ fgUser

TString TAuthenticate::fgUser
staticprivate

Definition at line 118 of file TAuthenticate.h.

◆ fgUsrPwdCrypt

Bool_t TAuthenticate::fgUsrPwdCrypt
staticprivate

Definition at line 119 of file TAuthenticate.h.

◆ fHostAuth

THostAuth* TAuthenticate::fHostAuth
private

Definition at line 64 of file TAuthenticate.h.

◆ fPasswd

TString TAuthenticate::fPasswd
private

Definition at line 65 of file TAuthenticate.h.

◆ fProtocol

TString TAuthenticate::fProtocol
private

Definition at line 66 of file TAuthenticate.h.

◆ fPwHash

Bool_t TAuthenticate::fPwHash
private

Definition at line 67 of file TAuthenticate.h.

◆ fRemote

TString TAuthenticate::fRemote
private

Definition at line 68 of file TAuthenticate.h.

◆ fRSAKey

Int_t TAuthenticate::fRSAKey
private

Definition at line 69 of file TAuthenticate.h.

◆ fSecContext

TRootSecContext* TAuthenticate::fSecContext
private

Definition at line 70 of file TAuthenticate.h.

◆ fSecurity

ESecurity TAuthenticate::fSecurity
private

Definition at line 71 of file TAuthenticate.h.

◆ fSocket

TSocket* TAuthenticate::fSocket
private

Definition at line 72 of file TAuthenticate.h.

◆ fSRPPwd

Bool_t TAuthenticate::fSRPPwd
private

Definition at line 73 of file TAuthenticate.h.

◆ fTimeOut

Int_t TAuthenticate::fTimeOut
private

Definition at line 76 of file TAuthenticate.h.

◆ fUser

TString TAuthenticate::fUser
private

Definition at line 75 of file TAuthenticate.h.

◆ fVersion

Int_t TAuthenticate::fVersion
private

Definition at line 74 of file TAuthenticate.h.

Libraries for TAuthenticate:
[legend]

The documentation for this class was generated from the following files: