21#include "RConfigure.h"
51#if !defined(R__WIN32) && !defined(R__MACOSX) && !defined(R__FBSD) && \
58#if defined(R__LINUX) || defined(R__FBSD) || defined(R__OBSD)
67extern "C" char *crypt(
const char *,
const char *);
72# include <openssl/bio.h>
73# include <openssl/err.h>
74# include <openssl/pem.h>
75# include <openssl/rand.h>
76# include <openssl/rsa.h>
77# include <openssl/ssl.h>
78# include <openssl/blowfish.h>
86 static BF_KEY fgBFKey;
92 "Unsupported",
"Unsupported",
"Unsupported" };
133 int frnd =
open(
"/dev/urandom", O_RDONLY);
134 if (frnd < 0) frnd =
open(
"/dev/random", O_RDONLY);
137 ssize_t rs = read(frnd, (
void *) &
r,
sizeof(
int));
140 if (rs ==
sizeof(
int))
return r;
142 Printf(
"+++ERROR+++ : auth_rand: neither /dev/urandom nor /dev/random are available or readable!");
144 if (gettimeofday(&tv,0) == 0) {
146 memcpy((
void *)&
t1, (
void *)&tv.tv_sec,
sizeof(
int));
147 memcpy((
void *)&t2, (
void *)&tv.tv_usec,
sizeof(
int));
163 const char *
proto,
const char *user)
170 if (
gROOT->IsProofServ())
187 Info(
"TAuthenticate",
"Enter: local host: %s, user is: %s (proto: %s)",
196 if ((pdd = strstr(sproto,
":")) != 0) {
197 int rproto = atoi(pdd + 1);
199 if (strstr(sproto,
"root") != 0) {
216 if (strstr(sproto,
"proof") != 0) {
231 Info(
"TAuthenticate",
232 "service: %s (remote protocol: %d): fVersion: %d", sproto,
242 if (user && strlen(user) > 0) {
248 checkUser = u->
fUser;
267 Info(
"TAuthenticate",
"RSA key: default type %d",
fgRSAKey);
281 fqdnsrv.
Form(
"%s:%d",fqdn.
Data(),servtype);
287 Info(
"TAuthenticate",
288 "number of HostAuth Instantiations in memory: %d",
315 if (!strncmp(tmp.
Data(),
"up",2))
317 else if (!strncmp(tmp.
Data(),
"s",1))
319 else if (!strncmp(tmp.
Data(),
"k",1))
321 else if (!strncmp(tmp.
Data(),
"g",1))
323 else if (!strncmp(tmp.
Data(),
"h",1))
325 else if (!strncmp(tmp.
Data(),
"ug",2))
327 if (sec > -1 && sec <
kMAXSEC) {
353 Info(
"CatchTimeOut",
"%d sec timeout expired (protocol: %s)",
377 char noSupport[80] = { 0 };
378 char triedMeth[80] = { 0 };
394 alarm->
Connect(
"Timeout()",
"TAuthenticate",
this,
"CatchTimeOut()");
402 Info(
"Authenticate",
"try #: %d", ntry);
413 "trying authentication: method:%d, default details:%s",
417 if (triedMeth[0] !=
'\0')
418 (
void) strlcat(triedMeth,
" ",
sizeof(triedMeth) - 1);
459 Error(
"Authenticate",
460 "unable to get user name for UsrPwd authentication");
466 if (alarm) alarm->
Stop();
478 Int_t remloc = nmet - ntry;
480 Info(
"Authenticate",
"remloc: %d, ntry: %d, meth: %d, fSecurity: %d",
506 "negotiation not supported remotely: try next method, if any");
507 if (meth < nmet - 1) {
524 "after failed attempt: kind= %d, stat= %d", kind, stat);
531 char *answer =
new char[len];
540 "strings with accepted methods not received (%d:%d)",
543 sscanf(answer,
"%d %d %d %d %d %d", &rMth[0], &rMth[1],
544 &rMth[2], &rMth[3], &rMth[4], &rMth[5]);
545 if (
gDebug > 0 && remloc > 0)
547 "remotely allowed methods not yet tried: %s",
550 }
else if (stat == 0) {
552 "no more methods accepted remotely to be tried");
565 std::string available{};
567 for (i = 0; i < remMeth; i++) {
568 for (j = 0; j < nmet; j++) {
578 if (methfound)
break;
580 if (methfound)
break;
584 Warning(
"Authenticate",
"no match with those locally available: %s", available.c_str());
601 "method not even started: insufficient or wrong info: %s",
602 "try with next method, if any");
619 "status code -2 not expected from old daemons");
631 Info(
"Authenticate",
"got a timeout");
633 if (meth < nmet - 1) {
643 Info(
"Authenticate",
"unknown status code: %d - assume failure",st);
657 if (strlen(noSupport) > 0)
658 Info(
"Authenticate",
"attempted methods %s are not supported"
659 " by remote server version", noSupport);
661 "failure: list of attempted methods: %s", triedMeth);
685 Info(
"SetEnvironment",
686 "setting environment: fSecurity:%d, fDetails:%s",
fSecurity,
697 char pt[5] = { 0 }, ru[5] = { 0 };
703 if ((ptr = strstr(
fDetails,
"pt:")) != 0) {
704 sscanf(ptr + 3,
"%4s %8191s",
pt, usdef);
706 if (!strncasecmp(
gEnv->
GetValue(usrPromptDef,
""),
"no",2) ||
713 if ((ptr = strstr(
fDetails,
"ru:")) != 0) {
714 sscanf(ptr + 3,
"%4s %8191s", ru, usdef);
716 if (!strncasecmp(
gEnv->
GetValue(usrReUseDef,
""),
"no",2) ||
725 if ((pd = hours.
Index(
":")) > -1) {
729 hh = atoi(hours.
Data());
730 mm = atoi(minutes.
Data());
732 hh = atoi(hours.
Data());
738 if ((ptr = strstr(
fDetails,
"us:")) != 0)
739 sscanf(ptr + 3,
"%8191s %8191s",
us, usdef);
740 if ((ptr = strstr(
fDetails,
"cp:")) != 0)
741 sscanf(ptr + 3,
"%8191s %8191s", cp, usdef);
743 Info(
"SetEnvironment",
"details:%s, pt:%s, ru:%s, us:%s cp:%s",
746 if ((ptr = strstr(
fDetails,
"us:")) != 0)
747 sscanf(ptr + 3,
"%8191s %8191s",
us, usdef);
749 Info(
"SetEnvironment",
"details:%s, pt:%s, ru:%s, us:%s",
754 if (!strncasecmp(
pt,
"yes",3) || !strncmp(
pt,
"1", 1))
758 if (!
gROOT->IsProofServ()) {
760 if (!strncasecmp(ru,
"no",2) || !strncmp(ru,
"0",1))
771 if (!strncmp(cp,
"no", 2) || !strncmp(cp,
"0", 1))
783 if (strlen(usdef) > 0) {
813 Error(
"GetUserPasswd",
"SRP no longer supported by ROOT");
818 Info(
"GetUserPasswd",
"Enter: User: '%s' Hash:%d SRP:%d",
822 if (user ==
"" &&
fgUser !=
"")
833 Info(
"GetUserPasswd",
"In memory: User: '%s' Hash:%d",
843 Info(
"GetUserPasswd",
"In memory: User: '%s' Hash:%d",
849 if (user ==
"" ||
passwd ==
"") {
851 Info(
"GetUserPasswd",
"Checking .netrc family ...");
855 Info(
"GetUserPasswd",
"From .netrc family: User: '%s' Hash:%d",
864 Error(
"GetUserPasswd",
"user name not set");
911 Error(
"CheckNetrc",
"SRP no longer supported by ROOT");
936 bool mode0600 =
true;
941 FILE *fd = fopen(net,
"r");
943 while (fgets(
line,
sizeof(
line), fd) != 0) {
947 int nword = sscanf(
line,
"%63s %63s %63s %63s %63s %63s",
948 word[0], word[1], word[2], word[3], word[4], word[5]);
951 if (strcmp(word[0],
"machine"))
953 if (strcmp(word[2],
"login"))
955 if (strcmp(word[4],
"password") && strcmp(word[4],
"password-hash"))
967 if (!strcmp(word[4],
"password-hash"))
972 if (!strcmp(word[3], user.
Data())) {
974 if (!strcmp(word[4],
"password-hash"))
985 "file %s exists but has not 0600 permission", net);
989 if (
first && !result) {
1043 ::Error(
"Krb5Auth",
"Kerberos5 is no longer supported by ROOT");
1070 if (idx < 0 || idx >
kMAXSEC-1) {
1071 ::Error(
"Authenticate::GetAuthMethod",
"idx out of bounds (%d)", idx);
1085 if (meth && meth[0]) {
1114 if (isatty(0) == 0 || isatty(1) == 0) {
1116 "not tty: cannot prompt for user, returning default");
1123 const char *usrIn = Getline(
Form(
"Name (%s:%s): ", remote, user));
1143 if (isatty(0) == 0 || isatty(1) == 0) {
1144 ::Warning(
"TAuthenticate::PromptPasswd",
1145 "not tty: cannot prompt for passwd, returning -1");
1146 static char noint[4] = {
"-1"};
1151 const char *pw = buf;
1156 gROOT->GetPluginManager()->FindHandler(
"TGPasswdDialog"))) {
1160 "could not load plugin for the password dialog box");
1170 while (
gROOT->IsInterrupted())
1174 Gl_config(
"noecho", 1);
1175 pw = Getline(prompt);
1176 Gl_config(
"noecho", 0);
1203 key = (key >= 0 && key <= 1) ? key : 0;
1220 if (key >= 0 && key <= 1)
1273 lasterr =
"(last error only; re-run with gDebug > 0 for more details)";
1277 if (
gDebug > 0 || forceprint) {
1279 ::Error(
Form(
"TAuthenticate::%s", where),
"%s %s",
1283 "unknown error code: server must be running a newer ROOT version %s",
1301 if (user && user[0])
1332 ::Error(
"SetGlobalSRPPwd",
"SRP no longer supported by ROOT");
1361 if (defaultuser && defaultuser[0])
1403 ::Error(
"Krb5Auth",
"Kerberos5 is no longer supported by ROOT");
1412 ::Error(
"GlobusAuth",
"Globus is no longer supported by ROOT");
1420 ::Error(
"SshAuth",
"SSH is no longer supported by ROOT");
1429 ::Error(
"GetSshUser",
"SSH is no longer supported by ROOT");
1450 if (!strcmp(href,
"*"))
1459 if (rename.
Index(href,&len) != -1 || strstr(href,
"-"))
1464 if (strstr(href,
"*"))
1476 ::Info(
"TAuthenticate::CheckHost",
"checking host IP: %s", theHost.
Data());
1487 if (pos > 0 && pos != (
Ssiz_t)(theHost.
Length()-strlen(href)))
1499 ::Error(
"RfioAuth",
"RfioAuth is no longer supported by ROOT");
1513 Info(
"ClearAuth",
"enter: user: %s (passwd hashed?: %d)",
1525 Info(
"ClearAuth",
"ru:%d pt:%d cp:%d ns:%d rk:%d",
1554 options.
Form(
"%d %ld %s %ld %s", opt,
1576 Info(
"ClearAuth",
"anonymous user");
1585 char ctag[11] = {0};
1586 if (anon == 0 && cryptopt == 1) {
1593 "problems recvn RSA key flag: got message %d, flag: %d",
1599 Info(
"ClearAuth",
"get key request ...");
1613 Warning(
"ClearAuth",
"problems secure-receiving salt -"
1614 " may result in corrupted salt");
1615 Warning(
"ClearAuth",
"switch off reuse for this session");
1623 while (ltmp && tmpsalt[ltmp-1] !=
'#') ltmp--;
1625 if (tmpsalt[ltmp-1] ==
'#' &&
1626 tmpsalt[ltmp-10] ==
'#') {
1627 strlcpy(ctag,&tmpsalt[ltmp-10],11);
1646 Info(
"ClearAuth",
"got salt: '%s' (len: %d)", salt.
Data(), slen);
1649 Info(
"ClearAuth",
"Salt not required");
1652 Warning(
"ClearAuth",
"problems secure-receiving rndmtag -"
1653 " may result in corrupted rndmtag");
1656 strlcpy(ctag, tmptag, 11);
1682 if (localFQDN ==
"") {
1690 "automatically generated anonymous passwd: %s",
1696 if (prompt == 1 || pashash.
Length() == 0) {
1705 Error(
"ClearAuth",
"password not set");
1710 if (needsalt && !pwdhash) {
1736 if (anon == 0 && cryptopt == 1) {
1748 Warning(
"ClearAuth",
"problems secure-sending pass hash"
1749 " - may result in authentication failure");
1756 for (
int i = 0; i <
passwd.Length(); i++) {
1770 Info(
"ClearAuth",
"after kROOTD_PASS: kind= %d, stat= %d", kind,
1782 "problems recvn (user,offset) length (%d:%d bytes:%d)",
1787 int reclen = (stat+1 > 256) ? 256 : stat+1;
1788 if ((nrec =
fSocket->
Recv(answer, reclen, kind)) < 0)
1792 "username and offset not received (%d:%d)", kind,
1798 sscanf(answer,
"%127s %d", lUser, &offset);
1801 "received from server: user: %s, offset: %d (%s)", lUser,
1808 if (reuse == 1 && offset > -1) {
1810 if (cryptopt == 1) {
1813 "problems secure-receiving token -"
1814 " may result in corrupted token");
1819 token =
new char[tlen];
1825 Warning(
"ClearAuth",
"token not received (%d:%d)", kind,
1828 for (
int i = 0; i < (int) strlen(token); i++) {
1829 token[i] = ~token[i];
1834 Info(
"ClearAuth",
"received from server: token: '%s' ",
1896 "%s@%s does not accept connections from %s@%s",
1903 "%s@%s does not accept %s authentication from %s@%s",
1920 Error(
"ClearAuth",
"password not set");
1922 if (
fUser ==
"anonymous" ||
fUser ==
"rootd") {
1923 if (!
passwd.Contains(
"@")) {
1925 "please use passwd of form: user@host.do.main");
1936 for (
int i = 0; i <
passwd.Length(); i++) {
1949 Info(
"ClearAuth",
"after kROOTD_PASS: kind= %d, stat= %d", kind,
1978 ::Info(
"TAuthenticate::GetHostAuth",
"enter ... %s ... %s", host, user);
1984 char *
ps = (
char *)strstr(host,
":");
1986 srvtyp = atoi(
ps+1);
1990 if (strncmp(host,
"default",7) && !hostFQDN.
Contains(
"*")) {
2002 if (!strncasecmp(opt,
"P",1)) {
2010 while ((ai = (
THostAuth *) (*next)())) {
2012 ai->
Print(
"Authenticate::GetHostAuth");
2015 if (!(serverOK = (ai->
GetServer() == -1) ||
2020 if (!strcmp(ai->
GetHost(),
"default") && serverOK && notFound)
2030 if (hostFQDN == ai->
GetHost() &&
2052 ::Info(
"TAuthenticate::HasHostAuth",
"enter ... %s ... %s", host, user);
2058 char *
ps = (
char *)strstr(host,
":");
2060 srvtyp = atoi(
ps+1);
2063 if (strncmp(host,
"default",7) && !hostFQDN.
Contains(
"*")) {
2070 if (!strncasecmp(opt,
"P",1)) {
2075 while ((ai = (
THostAuth *) (*next)())) {
2077 if (hostFQDN == ai->
GetHost() &&
2099 ::Info(
"TAuthenticate::FileExpand",
"enter ... '%s' ... 0x%lx", fexp, (
Long_t)ftmp);
2101 fin = fopen(fexp,
"r");
2105 while (fgets(
line,
sizeof(
line), fin) != 0) {
2109 if (
line[strlen(
line) - 1] ==
'\n')
2112 ::Info(
"TAuthenticate::FileExpand",
"read line ... '%s'",
line);
2113 int nw = sscanf(
line,
"%19s %8191s", cinc, fileinc);
2116 if (strcmp(cinc,
"include") != 0) {
2118 fprintf(ftmp,
"%s\n",
line);
2125 sscanf(ln.
Data(),
"%19s %8191s", cinc, fileinc);
2128 if (fileinc[0] ==
'$') {
2145 if (fileinc[0] ==
'~') {
2149 char *ffull =
new char[flen];
2159 "file specified by 'include' cannot be open or read (%s)",
2174 const char copt[2][5] = {
"no",
"yes" };
2177 ::Info(
"TAuthenticate::GetDefaultDetails",
2178 "enter ... %d ...pt:%d ... '%s'", sec, opt, usr);
2180 if (opt < 0 || opt > 1)
2185 if (!usr[0] || !strncmp(usr,
"*",1))
2194 ::Info(
"TAuthenticate::GetDefaultDetails",
"returning ... %s", temp);
2204 if (!strncasecmp(opt,
"P",1))
2233 " +--------------------------- BEGIN --------------------------------+");
2238 " + List fgProofAuthInfo has %4d members +",
2243 " +------------------------------------------------------------------+");
2251 " + List fgAuthInfo has %4d members +",
2256 " +------------------------------------------------------------------+");
2265 " +---------------------------- END ---------------------------------+");
2281 Info(
"AuthExists",
"%d: enter: msg: %d options: '%s'",
2282 method,*message, options);
2294 (*checksecctx)(username,secctx) == 1)
2307 (*checksecctx)(username,secctx) == 1) {
2324 "found valid TSecContext: offset: %d token: '%s'",
2325 offset, token.
Data());
2336 Int_t reuse = *rflag;
2337 if (reuse == 1 && offset > -1) {
2346 Int_t stat = 1, kind;
2351 Warning(
"AuthExists",
"protocol error: expecting %d got %d"
2357 Info(
"AuthExists",
"offset OK");
2361 Info(
"AuthExists",
"key type: %d", rsaKey);
2377 Warning(
"AuthExists",
"problems secure-sending token %s",
2378 "- may trigger problems in proofing Id ");
2383 for (
int i = 0; i < token.
Length(); i++) {
2384 char inv = ~token(i);
2392 Info(
"AuthExists",
"offset not OK - rerun authentication");
2403 Info(
"AuthExists",
"%d: after msg %d: kind= %d, stat= %d",
2404 method,*message, kind, stat);
2417 Error(
"AuthExists",
"%s@%s does not accept connections from %s@%s",
2423 "%s@%s does not accept %s authentication from %s@%s",
2441 Info(
"AuthExists",
"valid authentication exists");
2443 Info(
"AuthExists",
"valid authentication exists: offset changed");
2445 Info(
"AuthExists",
"remote access authorized by /etc/hosts.equiv");
2447 Info(
"AuthExists",
"no authentication required remotely");
2477 const char *randdev =
"/dev/urandom";
2480 if ((fd =
open(randdev, O_RDONLY)) != -1) {
2482 ::Info(
"InitRandom",
"taking seed from %s", randdev);
2483 if (read(fd, &seed,
sizeof(seed)) !=
sizeof(seed))
2484 ::Warning(
"InitRandom",
"could not read seed from %s", randdev);
2488 ::Info(
"InitRandom",
"%s not available: using time()", randdev);
2503 Info(
"GenRSAKeys",
"enter");
2507 Info(
"GenRSAKeys",
"Keys prviously generated - return");
2529 Info(
"GenRSAKeys",
"SSL: Generate Blowfish key");
2538 OpenSSL_add_all_ciphers();
2544 nbits = (nbits >= 128) ? nbits : 128;
2547 nbits = (nbits <= 15912) ? nbits : 15912;
2550 Int_t klen = nbits / 8 ;
2554 RAND_seed(rbuf,strlen(rbuf));
2563 BF_set_key(&fgBFKey, klen, (
const unsigned char *)rbuf);
2572 Int_t l_n = 0, l_d = 0;
2579 Int_t nAttempts = 0;
2585 if (
gDebug > 2 && nAttempts > 1) {
2586 Info(
"GenRSAKeys",
"retry no. %d",nAttempts);
2599 Info(
"GenRSAKeys",
"equal primes: regenerate (%d times)",nPrimes);
2607 Info(
"GenRSAKeys",
"local: p1: '%s' ", buf);
2609 Info(
"GenRSAKeys",
"local: p2: '%s' ", buf);
2614 if (
gDebug > 2 && nAttempts > 1)
2615 Info(
"GenRSAKeys",
" genrsa: unable to generate keys (%d)",
2622 l_n = strlen(buf_n);
2625 l_e = strlen(buf_e);
2628 l_d = strlen(buf_d);
2632 Info(
"GenRSAKeys",
"local: n: '%s' length: %d", buf_n, l_n);
2633 Info(
"GenRSAKeys",
"local: e: '%s' length: %d", buf_e, l_e);
2634 Info(
"GenRSAKeys",
"local: d: '%s' length: %d", buf_d, l_d);
2646 strlcpy(
test, tdum, lTes+1);
2650 Info(
"GenRSAKeys",
"local: test string: '%s' ",
test);
2653 strlcpy(buf,
test, lTes+1);
2659 "local: length of crypted string: %d bytes", lout);
2665 Info(
"GenRSAKeys",
"local: after private/public : '%s' ", buf);
2667 if (strncmp(
test, buf, lTes))
2671 strlcpy(buf,
test, lTes+1);
2676 Info(
"GenRSAKeys",
"local: length of crypted string: %d bytes ",
2683 Info(
"GenRSAKeys",
"local: after public/private : '%s' ", buf);
2685 if (strncmp(
test, buf, lTes))
2702 Info(
"GenRSAKeys",
"local: generated keys are:");
2703 Info(
"GenRSAKeys",
"local: n: '%s' length: %d", buf_n, l_n);
2704 Info(
"GenRSAKeys",
"local: e: '%s' length: %d", buf_e, l_e);
2705 Info(
"GenRSAKeys",
"local: d: '%s' length: %d", buf_d, l_d);
2746 unsigned int iimx[4][4] = {
2747 {0x0, 0xffffff08, 0xafffffff, 0x2ffffffe},
2748 {0x0, 0x3ff0000, 0x7fffffe, 0x7fffffe},
2749 {0x0, 0x3ff0000, 0x7e, 0x7e},
2750 {0x0, 0x3ffc000, 0x7fffffe, 0x7fffffe}
2753 const char *cOpt[4] = {
"Any",
"LetNum",
"Hex",
"Crypt" };
2756 if (opt < 0 || opt > 2) {
2759 Info(
"GetRandString",
"unknown option: %d : assume 0", opt);
2762 Info(
"GetRandString",
"enter ... len: %d %s", len, cOpt[opt]);
2765 char *buf =
new char[len + 1];
2775 for (
m = 7;
m < 32;
m += 7) {
2776 i = 0x7F & (frnd >>
m);
2779 if ((iimx[opt][j] & (1 <<
l))) {
2791 Info(
"GetRandString",
"got '%s' ", buf);
2803 Int_t key,
const char *str)
2809 ::Info(
"TAuthenticate::SecureSend",
"local: enter ... (enc: %d)", enc);
2811 Int_t slen = strlen(str) + 1;
2816 strlcpy(buftmp, str, slen+1);
2826 }
else if (key == 1) {
2831 ttmp = ((ttmp + 8)/8) * 8;
2832 unsigned char iv[8];
2833 memset((
void *)&iv[0],0,8);
2834 BF_cbc_encrypt((
const unsigned char *)str, (
unsigned char *)buftmp,
2835 strlen(str), &fgBFKey, iv, BF_ENCRYPT);
2838 ::Info(
"TAuthenticate::SecureSend",
"not compiled with SSL support:"
2839 " you should not have got here!");
2843 ::Info(
"TAuthenticate::SecureSend",
"unknown key type (%d)",key);
2850 nsen = sock->
SendRaw(buftmp, ttmp);
2852 ::Info(
"TAuthenticate::SecureSend",
2853 "local: sent %d bytes (expected: %d)", nsen,ttmp);
2875 if (sock->
Recv(buflen, 20, kind) < 0)
2877 Int_t len = atoi(buflen);
2879 ::Info(
"TAuthenticate::SecureRecv",
"got len '%s' %d (msg kind: %d)",
2884 if (!strncmp(buflen,
"-1", 2))
2888 if ((nrec = sock->
RecvRaw(buftmp, len)) < 0)
2899 const size_t strSize = strlen(buftmp) + 1;
2900 *str =
new char[strSize];
2901 strlcpy(*str, buftmp, strSize);
2903 }
else if (key == 1) {
2905 unsigned char iv[8];
2906 memset((
void *)&iv[0],0,8);
2907 *str =
new char[nrec + 1];
2908 BF_cbc_encrypt((
const unsigned char *)buftmp, (
unsigned char *)(*str),
2909 nrec, &fgBFKey, iv, BF_DECRYPT);
2910 (*str)[nrec] =
'\0';
2913 ::Info(
"TAuthenticate::SecureRecv",
"not compiled with SSL support:"
2914 " you should not have got here!");
2918 ::Info(
"TAuthenticate::SecureRecv",
"unknown key type (%d)",key);
2931 R__rsa_NUMBER &rsa_d,
char **rsassl)
2937 ::Info(
"TAuthenticate::DecodeRSAPublic",
2938 "enter: string length: %ld bytes", (
Long_t)strlen(rsaPubExport));
2941 Int_t klen = strlen(rsaPubExport);
2943 ::Info(
"TAuthenticate::DecodeRSAPublic",
2944 "key too long (%d): truncate to %d",klen,
kMAXPATHLEN);
2947 memcpy(str, rsaPubExport, klen);
2956 while (str[k] == 32) k++;
2958 if (str[k] ==
'#') {
2963 char *pd1 = strstr(str,
"#");
2964 char *pd2 = pd1 ? strstr(pd1 + 1,
"#") : (
char *)0;
2965 char *pd3 = pd2 ? strstr(pd2 + 1,
"#") : (
char *)0;
2966 if (pd1 && pd2 && pd3) {
2968 int l1 = (int) (pd2 - pd1 - 1);
2969 char *rsa_n_exp =
new char[l1 + 1];
2970 strlcpy(rsa_n_exp, pd1 + 1, l1+1);
2972 ::Info(
"TAuthenticate::DecodeRSAPublic",
2973 "got %ld bytes for rsa_n_exp", (
Long_t)strlen(rsa_n_exp));
2975 int l2 = (int) (pd3 - pd2 - 1);
2976 char *rsa_d_exp =
new char[l2 + 1];
2977 strlcpy(rsa_d_exp, pd2 + 1, 13);
2979 ::Info(
"TAuthenticate::DecodeRSAPublic",
2980 "got %ld bytes for rsa_d_exp", (
Long_t)strlen(rsa_d_exp));
2989 ::Info(
"TAuthenticate::DecodeRSAPublic",
"bad format for input string");
2998 BIO *bpub = BIO_new(BIO_s_mem());
3001 BIO_write(bpub,(
void *)str,strlen(str));
3004 if (!(rsatmp = PEM_read_bio_RSAPublicKey(bpub, 0, 0, 0))) {
3006 ::Info(
"TAuthenticate::DecodeRSAPublic",
3007 "unable to read pub key from bio");
3010 *rsassl = (
char *)rsatmp;
3012 ::Info(
"TAuthenticate::DecodeRSAPublic",
3013 "no space allocated for output variable");
3020 ::Info(
"TAuthenticate::DecodeRSAPublic",
"not compiled with SSL support:"
3021 " you should not have got here!");
3036 ::Info(
"TAuthenticate::SetRSAPublic",
3037 "enter: string length %ld bytes", (
Long_t)strlen(rsaPubExport));
3047 while (rsaPubExport[k0] == 32) k0++;
3056 if (rsaPubExport[k0] ==
'#' && rsaPubExport[k2] ==
'#') {
3057 char *p0 = (
char *)&rsaPubExport[k0];
3058 char *p2 = (
char *)&rsaPubExport[k2];
3059 char *p1 = strchr(p0+1,
'#');
3060 if (p1 > p0 && p1 < p2) {
3066 while (
c < p1 && ((*c < 58 && *c > 47) || (*c < 91 && *c > 64)))
3070 while (
c < p2 && ((*c < 58 && *c > 47) || (*c < 91 && *c > 64)))
3079 ::Info(
"TAuthenticate::SetRSAPublic",
" Key type: %d",rsakey);
3083 R__rsa_NUMBER rsa_n, rsa_d;
3094 BF_set_key(&fgBFKey, klen, (
const unsigned char *)rsaPubExport);
3097 ::Info(
"TAuthenticate::SetRSAPublic",
3098 "not compiled with SSL support:"
3099 " you should not have got here!");
3119 ::Info(
"TAuthenticate::SendRSAPublicKey",
3120 "received key from server %ld bytes", (
Long_t)strlen(serverPubKey));
3123 R__rsa_NUMBER rsa_n, rsa_d;
3129 RSA_free((RSA *)tmprsa);
3132 RSA *RSASSLServer = (RSA *)tmprsa;
3140 char buflen[20] = {0};
3147 }
else if (key == 1) {
3149 Int_t lcmax = RSA_size(RSASSLServer) - 11;
3155 if ((ttmp = RSA_public_encrypt(lc,
3157 (
unsigned char *)&buftmp[ke],
3158 RSASSLServer,RSA_PKCS1_PADDING)) < 0) {
3161 ::Info(
"TAuthenticate::SendRSAPublicKey",
"SSL: error: '%s' ",errstr);
3171 ::Info(
"TAuthenticate::SendRSAPublicKey",
"not compiled with SSL support:"
3172 " you should not have got here!");
3177 ::Info(
"TAuthenticate::SendRSAPublicKey",
"unknown key type (%d)",key);
3180 RSA_free(RSASSLServer);
3191 ::Info(
"TAuthenticate::SendRSAPublicKey",
3192 "local: sent %d bytes (expected: %d)", nsen,ttmp);
3195 RSA_free(RSASSLServer);
3216 if (authrc &&
gDebug > 2)
3217 ::Info(
"TAuthenticate::ReadRootAuthrc",
"Checking file: %s", authrc);
3219 if (authrc &&
gDebug > 1)
3220 ::Info(
"TAuthenticate::ReadRootAuthrc",
3221 "file %s cannot be read (errno: %d)", authrc, errno);
3225 ::Info(
"TAuthenticate::ReadRootAuthrc",
"Checking system file: %s", authrc);
3228 ::Info(
"TAuthenticate::ReadRootAuthrc",
3229 "file %s cannot be read (errno: %d)", authrc, errno);
3239 stat(tRootAuthrc, &si);
3242 ::Info(
"TAuthenticate::ReadRootAuthrc",
3243 "file %s already read", authrc);
3259 TString filetmp =
"rootauthrc";
3262 ::Info(
"TAuthenticate::ReadRootAuthrc",
"got tmp file: %s open at 0x%lx",
3275 fd = fopen(authrc,
"r");
3278 ::Info(
"TAuthenticate::ReadRootAuthrc",
3279 "file %s cannot be open (errno: %d)", authrc, errno);
3290 while (fgets(
line,
sizeof(
line), fd) != 0) {
3297 if (
line[strlen(
line) - 1] ==
'\n')
3305 const size_t tmpSize = strlen(
line) + 1;
3306 char *tmp =
new char[tmpSize];
3308 ::Error(
"TAuthenticate::ReadRootAuthrc",
3309 "could not allocate temporary buffer");
3313 strlcpy(tmp,
line, tmpSize);
3314 char *nxt = strtok(tmp,
" ");
3316 if (!strcmp(nxt,
"proofserv") || cont) {
3326 proofserv +=
TString((
const char *)ph);
3347 if (server ==
"0" || server.
BeginsWith(
"sock"))
3349 else if (server ==
"1" || server.
BeginsWith(
"root"))
3351 else if (server ==
"2" || server.
BeginsWith(
"proof"))
3358 nxt = strtok(0,
" ");
3359 if (!strncmp(nxt,
"user",4)) {
3360 nxt = strtok(0,
" ");
3361 if (strncmp(nxt,
"list",4) && strncmp(nxt,
"method",6)) {
3363 nxt = strtok(0,
" ");
3368 TIter next(&tmpAuthInfo);
3378 tmpAuthInfo.
Add(ha);
3381 if (!strncmp(nxt,
"list",4)) {
3384 char *mth = strtok(0,
" ");
3387 if (strlen(mth) > 1) {
3390 if (met == -1 &&
gDebug > 2)
3391 ::Info(
"TAuthenticate::ReadRootAuthrc",
3392 "unrecognized method (%s): ", mth);
3396 if (met > -1 && met <
kMAXSEC)
3398 mth = strtok(0,
" ");
3403 }
else if (!strncmp(nxt,
"method",6)) {
3406 char *mth = strtok(0,
" ");
3408 if (strlen(mth) > 1) {
3411 if (met == -1 &&
gDebug > 2)
3412 ::Info(
"TAuthenticate::ReadRootAuthrc",
3413 "unrecognized method (%s): ", mth);
3417 if (met > -1 && met <
kMAXSEC) {
3418 const char *det = 0;
3419 nxt = strtok(0,
" ");
3421 det = (
const char *)strstr(
line,nxt);
3430 if (tmp)
delete [] tmp;
3448 TList tmpproofauthinfo;
3449 if (proofserv.
Length() > 0) {
3450 char *tmps =
new char[proofserv.
Length()+1];
3451 strlcpy(tmps,proofserv.
Data(),proofserv.
Length()+1);
3452 char *nxt = strtok(tmps,
" ");
3454 TString tmp((
const char *)nxt);
3458 if ((pdd = tmp.
Index(
":")) == -1) {
3469 if ((pdd = tmp.
Index(
":")) == -1) {
3481 while (tmp.
Length() > 0) {
3483 if ((pdd = tmp.
Index(
":")) > -1)
3488 if (met == -1 &&
gDebug > 2)
3489 ::Info(
"TAuthenticate::ReadRootAuthrc",
3490 "unrecognized method (%s): ",meth.
Data());
3491 }
else if (meth.
Length() == 1) {
3492 met = atoi(meth.
Data());
3493 if (met > -1 && met <
kMAXSEC)
3516 tmpproofauthinfo.
Add(ha);
3518 nxt = strtok(0,
" ");
3538 const char netrc[2][20] = {
"/.netrc",
"/.rootnetrc" };
3548 "not properly logged on (getpwuid unable to find relevant info)!");
3556 for (; i < 2; i++) {
3562 out.
Form(
"pt:0 ru:1 us:%s",user.
Data());
3566 if (strlen(out) > 0)
3568 "meth: %d ... is available: details: %s", cSec, out.
Data());
3571 "meth: %d ... is NOT available", cSec);
3589 if (!strcmp(user,ctx->
GetUser()) &&
3590 strncmp(
"AFS", ctx->
GetID(), 3))
3620 while ((hanew = (
THostAuth *)nxnew())) {
3642 while ((hanew = (
THostAuth *)nxnew())) {
3706 Info(
"ProofAuthSetup",
"Buffer not found: nothing to do");
3720 *mess >> user >>
passwd >> pwhash >> srppwd >> rsakey;
3737 Info(
"ProofAuthSetup",
"List of THostAuth not found");
3758 fromProofAI =
kTRUE;
3769 if (!master || fromProofAI) {
3831 if (remoteOffSet > -1 && upwd)
3834 if (upwd && pwdctx) {
3843 mess << user <<
passwd << pwhash << srppwd << keytyp;
3849 char *mbuf = mess.
Buffer();
3854 ::Info(
"ProofAuthSetup",
"sending %d bytes", messb64.
Length());
3857 if (remoteOffSet > -1) {
3859 ::Error(
"ProofAuthSetup",
"problems secure-sending message buffer");
3867 ::Error(
"ProofAuthSetup",
"plain: problems sending message length");
3871 ::Error(
"ProofAuthSetup",
"problems sending message buffer");
3907 Error(
"SendHostAuth",
"invalid input: socket undefined");
3922 Info(
"SendHostAuth",
"sent %d bytes (%s)",
ns,buf.
Data());
3929 Info(
"SendHostAuth",
"sent %d bytes for closing",
ns);
3943 Error(
"RecvHostAuth",
"invalid input: socket undefined");
3958 Error(
"RecvHostAuth",
"received: kind: %d (%d bytes)", kind, nr);
3962 Info(
"RecvHostAuth",
"received %d bytes (%s)",nr,buf);
3964 while (strcmp(buf,
"END")) {
3984 fromProofAI =
kTRUE;
3995 if (!master || fromProofAI) {
4034 Info(
"RecvHostAuth",
"Error: received: kind: %d (%d bytes)", kind, nr);
4038 Info(
"RecvHostAuth",
"received %d bytes (%s)",nr,buf);
4071 if (remoteOffSet > -1 && upwd)
4074 if (upwd && pwdctx) {
4078 Error(
"OldAuthSetup",
"failed to send offset in RSA key");
4089 if (remoteOffSet > -1)
4090 Warning(
"OldAuthSetup",
"problems secure-sending pass hash %s",
4091 "- may result in failures");
4094 for (
int i = 0; i <
passwd.Length(); i++) {
4100 if (sock->
Send(mess) < 0) {
4101 Error(
"OldAuthSetup",
"failed to send inverted password");
4111 Error(
"OldAuthSetup",
"failed to send no offset notification in RSA key");
4118 mess << user << pwhash << srppwd << ord << conf;
4120 if (sock->
Send(mess) < 0) {
4121 Error(
"OldAuthSetup",
"failed to send ordinal and config info");
4125 if (proofdProto > 6) {
4131 Error(
"OldAuthSetup",
"failed to send HostAuth info");
4150 if (sock->
Recv(retval, kind) != 2*
sizeof(
Int_t)) {
4152 Info(
"OldProofServAuthSetup",
4153 "socket has been closed due to protocol mismatch - Exiting");
4170 if ((fKey = fopen(keyfile.
Data(),
"r"))) {
4171 Int_t klen = fread((
void *)pubkey,1,
sizeof(pubkey),fKey);
4173 Error(
"OldProofServAuthSetup",
4174 "failed to read public key from '%s'", keyfile.
Data());
4183 Error(
"OldProofServAuthSetup",
"failed to open '%s'", keyfile.
Data());
4192 Error(
"OldProofServAuthSetup",
"failed to receive password");
4198 }
else if (retval == -1) {
4202 if ((sock->
Recv(mess) <= 0) || !mess) {
4203 Error(
"OldProofServAuthSetup",
"failed to receive inverted password");
4219 if ((sock->
Recv(mess) <= 0) || !mess) {
4220 Error(
"OldProofServAuthSetup",
"failed to receive ordinal and config info");
4228 (*mess) >> user >> pwhash >> srppwd >> conf;
4231 (*mess) >> user >> pwhash >> srppwd >> ord >> conf;
4236 (*mess) >> user >> pwhash >> srppwd >> iord;
4240 (*mess) >> user >> pwhash >> srppwd >> ord >> conf;
4261 Error(
"OldProofServAuthSetup",
"failed to receive HostAuth info");
const Int_t kAUTH_SSALT_MSK
const Int_t kAUTH_CRYPT_MSK
const Int_t kAUTH_REUSE_MSK
const Int_t kAUTH_RSATY_MSK
R__EXTERN const char * gRootdErrStr[]
TVirtualMutex * gAuthenticateMutex
static Int_t SendHostAuth(TSocket *s)
Sends the list of the relevant THostAuth objects to the master or to the active slaves,...
Int_t OldProofServAuthSetup(TSocket *sock, Bool_t master, Int_t protocol, TString &user, TString &ord, TString &conf)
Authentication related setup in TProofServ run after successful startup.
Int_t StdCheckSecCtx(const char *, TRootSecContext *)
Standard version of CheckSecCtx to be passed to TAuthenticate::AuthExists Check if User is matches th...
Int_t OldSlaveAuthSetup(TSocket *sock, Bool_t, TString ord, TString conf)
Setup of authetication in PROOF run after successful opening of the socket.
static Int_t RecvHostAuth(TSocket *s, Option_t *opt)
Receive from client/master directives for authentications, create related THostAuth and add them to t...
R__rsa_KEY_export R__fgRSAPubExport[2]
static int auth_rand()
rand() implementation using /udev/random or /dev/random, if available
Int_t(* Krb5Auth_t)(TAuthenticate *auth, TString &user, TString &det, Int_t version)
Int_t(* SecureAuth_t)(TAuthenticate *auth, const char *user, const char *passwd, const char *remote, TString &det, Int_t version)
Int_t(* GlobusAuth_t)(TAuthenticate *auth, TString &user, TString &det)
Int_t(* CheckSecCtx_t)(const char *subj, TRootSecContext *ctx)
void Info(const char *location, const char *msgfmt,...)
void Error(const char *location, const char *msgfmt,...)
void Warning(const char *location, const char *msgfmt,...)
char * Form(const char *fmt,...)
void Printf(const char *fmt,...)
char * StrDup(const char *str)
Duplicate the string str.
typedef void((*Func_t)())
Bool_t R_ISREG(Int_t mode)
Bool_t R_ISDIR(Int_t mode)
R__EXTERN TSystem * gSystem
#define R__LOCKGUARD2(mutex)
#define SSL_load_error_strings
static void RemoveHostAuth(THostAuth *ha, Option_t *opt="")
Remove THostAuth instance from the list.
static Int_t SetRSAPublic(const char *rsapubexport, Int_t klen)
Store RSA public keys from export string rsaPubExport.
static TPluginHandler * fgPasswdDialog
static void SetGlobalSRPPwd(Bool_t srppwd)
Set global SRP passwd flag to be used for authentication to rootd or proofd.
static Bool_t fgPromptUser
TRootSecContext * fSecContext
static void FileExpand(const char *fin, FILE *ftmp)
Expands include directives found in fexp files The expanded, temporary file, is pointed to by 'ftmp' ...
static const char * GetGlobalUser()
Static method returning the global user.
static void SetGlobalUser(const char *user)
Set global user name to be used for authentication to rootd or proofd.
static void SetPromptUser(Bool_t promptuser)
Set global PromptUser flag.
Int_t RfioAuth(TString &user)
RFIO authentication (no longer supported)
static void Show(Option_t *opt="S")
Print info about the authentication sector.
const char * GetSshUser(TString user) const
Method returning the user to be used for the ssh login (no longer supported)
static const char * GetDefaultUser()
Static method returning the default user information.
static Bool_t GetPromptUser()
Static method returning the prompt user settings.
static Int_t SecureRecv(TSocket *Socket, Int_t dec, Int_t KeyType, char **Out)
Receive str from sock and decode it using key indicated by key type Return number of received bytes o...
static const char * GetKrb5Principal()
Static method returning the principal to be used to init Krb5 tickets.
THostAuth * GetHostAuth() const
static void SetAuthReUse(Bool_t authreuse)
Set global AuthReUse flag.
static R__rsa_KEY_export * fgRSAPubExport
char * GetRandString(Int_t Opt, Int_t Len)
Allocates and fills a 0 terminated buffer of length len+1 with len random characters.
static TList * GetProofAuthInfo()
Static method returning the list with authentication directives to be sent to proof.
Int_t SshAuth(TString &user)
SSH client authentication code (no longer supported)
static char * PromptPasswd(const char *prompt="Password: ")
Static method to prompt for the user's passwd to be used for authentication to rootd or proofd.
static void SetDefaultUser(const char *defaultuser)
Set default user name.
static void SetGlobalPwHash(Bool_t pwhash)
Set global passwd hash flag to be used for authentication to rootd or proofd.
static void SetGlobalExpDate(TDatime expdate)
Set default expiring date for new validity contexts.
static Int_t GetRSAInit()
Static method returning the RSA initialization flag.
static void SetSecureAuthHook(SecureAuth_t func)
Set secure authorization function.
static Int_t GetClientProtocol()
Static method returning supported client protocol.
static Int_t ReadRootAuthrc()
Read authentication directives from $ROOTAUTHRC, $HOME/.rootauthrc or <Root_etc_dir>/system....
static Bool_t fgReadHomeAuthrc
static Int_t SecureSend(TSocket *Socket, Int_t enc, Int_t KeyType, const char *In)
Encode null terminated str using the session private key indicated by enc and sends it over the netwo...
Int_t GenRSAKeys()
Generate a valid pair of private/public RSA keys to protect for authentication token exchange.
Bool_t CheckNetrc(TString &user, TString &passwd)
Try to get user name and passwd from the ~/.rootnetrc or ~/.netrc files.
static const char * GetRSAPubExport(Int_t key=0)
Static method returning the RSA public keys.
static Int_t DecodeRSAPublic(const char *rsapubexport, R__rsa_NUMBER &n, R__rsa_NUMBER &d, char **rsassl=0)
Store RSA public keys from export string rsaPubExport.
static void SetReadHomeAuthrc(Bool_t readhomeauthrc)
Set flag controlling the reading of $HOME/.rootauthrc.
static void InitRandom()
Initialize random machine using seed from /dev/urandom (or current time if /dev/urandom not available...
static TList * fgProofAuthInfo
static R__rsa_KEY fgRSAPubKey
static Bool_t fgAuthReUse
static Bool_t GetGlobalPwHash()
Static method returning the global password hash flag.
static void SetKrb5AuthHook(Krb5Auth_t func)
Set kerberos5 authorization function.
static void SetGlobusAuthHook(GlobusAuth_t func)
Set Globus authorization function.
static void SetRSAInit(Int_t init=1)
Static method setting RSA initialization flag.
static void SetGlobalPasswd(const char *passwd)
Set global passwd to be used for authentication to rootd or proofd.
void SetEnvironment()
Set default authentication environment.
static Int_t SendRSAPublicKey(TSocket *Socket, Int_t key=0)
Receives server RSA Public key Sends local RSA public key encoded.
static Bool_t CheckProofAuth(Int_t cSec, TString &det)
Check if the authentication method can be attempted for the client.
static TDatime fgLastAuthrc
static TList * fgAuthInfo
static TString fgAuthMeth[kMAXSEC]
void CatchTimeOut()
Called in connection with a timer timeout.
Bool_t GetUserPasswd(TString &user, TString &passwd, Bool_t &pwhash, Bool_t srppwd)
Try to get user name and passwd from several sources.
Bool_t Authenticate()
Authenticate to remote rootd or proofd server.
static R__rsa_KEY fgRSAPriKey
static TString fgRootAuthrc
Int_t AuthExists(TString User, Int_t method, const char *Options, Int_t *Message, Int_t *Rflag, CheckSecCtx_t funcheck)
Check if we have a valid established sec context in memory Retrieves relevant info and negotiates wit...
static TList * GetAuthInfo()
Static method returning the list with authentication details.
static GlobusAuth_t GetGlobusAuthHook()
Static method returning the globus authorization hook (no longer supported)
Int_t ProofAuthSetup()
Authentication related stuff setup in TProofServ.
Int_t ClearAuth(TString &user, TString &passwd, Bool_t &pwhash)
UsrPwd client authentication code.
static void AuthError(const char *where, Int_t error)
Print error string depending on error code.
static char * GetDefaultDetails(Int_t method, Int_t opt, const char *user)
Determine default authentication details for method 'sec' and user 'usr'.
static void MergeHostAuthList(TList *Std, TList *New, Option_t *Opt="")
Tool for updating fgAuthInfo or fgProofAuthInfo 'nin' contains list of last input information through...
static TString fgDefaultUser
static Int_t GetAuthMethodIdx(const char *meth)
Static method returning the method index (which can be used to find the method in GetAuthMethod()).
static void SetTimeOut(Int_t to)
Set timeout (active if > 0)
static Bool_t fgUsrPwdCrypt
TAuthenticate(TSocket *sock, const char *remote, const char *proto, const char *user="")
Create authentication object.
static void RemoveSecContext(TRootSecContext *ctx)
Tool for removing SecContext ctx from THostAuth listed in fgAuthInfo or fgProofAuthInfo.
static TDatime GetGlobalExpDate()
Static method returning default expiring date for new validity contexts.
static Bool_t GetGlobalSRPPwd()
Static method returning the global SRP password flag.
static SecureAuth_t fgSecAuthHook
static char * PromptUser(const char *remote)
Static method to prompt for the user name to be used for authentication to rootd or proofd.
static Bool_t CheckHost(const char *Host, const char *host)
Check if 'host' matches 'href': this means either equal or "containing" it, even with wild cards * in...
static void SetDefaultRSAKeyType(Int_t key)
Static method setting the default type of RSA key.
static const char * GetAuthMethod(Int_t idx)
Static method returning the method corresponding to idx.
static Bool_t GetAuthReUse()
Static method returning the authentication reuse settings.
static THostAuth * HasHostAuth(const char *host, const char *user, Option_t *opt="R")
Checks if a THostAuth with exact match for {host,user} exists in the fgAuthInfo list If opt = "P" use...
static TString Decode(const char *data)
Decode a base64 string date into a generic TString.
static TString Encode(const char *data)
Transform data into a null terminated base64 string.
TObject * ReadObject(const TClass *cl) override
Read object from I/O buffer.
void WriteObject(const TObject *obj, Bool_t cacheReuse=kTRUE) override
Write object to I/O buffer.
virtual Int_t GetSize() const
Return the capacity of the collection, i.e.
This class stores the date and time with a precision of one second in an unsigned 32 bit word (950130...
void Set()
Set Date/Time to current time as reported by the system.
UInt_t Convert(Bool_t toGMT=kFALSE) const
Convert fDatime from TDatime format to the standard time_t format.
virtual Int_t GetValue(const char *name, Int_t dflt) const
Returns the integer value for a resource.
const char * GetUser() const
const char * GetHost() const
TRootSecContext * CreateSecContext(const char *user, const char *host, Int_t meth, Int_t offset, const char *details, const char *token, TDatime expdate=kROOTTZERO, void *ctx=0, Int_t key=-1)
Create a Security context and add it to local list Return pointer to it to be stored in TAuthenticate...
void SetUser(const char *user)
void SetDetails(Int_t level, const char *details)
Set authentication details for specified level.
void SetHost(const char *host)
void SetFirst(Int_t level)
Set 'method' to be the first used (if in the list ...).
virtual void Print(Option_t *option="") const
Print object content.
void SetServer(Int_t server)
void ReOrder(Int_t nmet, Int_t *fmet)
Reorder nmet methods according fmet[nmet].
void RemoveMethod(Int_t level)
Remove method 'meth' from the list, if there ...
void AddMethod(Int_t level, const char *details=0)
Add method to the list.
void CountFailure(Int_t level)
Count failures for 'method'.
Int_t GetMethod(Int_t idx) const
void AsString(TString &out) const
Return a static string with all info in a serialized form.
Bool_t HasMethod(Int_t level, Int_t *pos=0)
Return kTRUE if method 'level' is in the list.
TList * Established() const
void AddFirst(Int_t level, const char *details=0)
Add new method in first position If already in the list, set as first method 'level' with authenticat...
void Update(THostAuth *ha)
Update info with the one in ha Remaining methods, if any, get lower priority.
const char * GetDetails(Int_t level)
Return authentication details for specified level or "" if the specified level does not exist for thi...
void SetLast(Int_t level)
Set 'method' to be the last used (if in the list ...).
void PrintEstablished() const
Print info about established authentication vis-a-vis of this Host.
void CountSuccess(Int_t level)
Count successes for 'method'.
This class represents an Internet Protocol (IP) address.
const char * GetHostName() const
const char * GetHostAddress() const
Returns the IP address string "%d.%d.%d.%d".
virtual void Add(TObject *obj)
virtual TObject * Remove(TObject *obj)
Remove object from the list.
virtual void Warning(const char *method, const char *msgfmt,...) const
Issue warning message.
virtual void Error(const char *method, const char *msgfmt,...) const
Issue error message.
virtual void Info(const char *method, const char *msgfmt,...) const
Issue info message.
Long_t ExecPlugin(int nargs, const T &... params)
Int_t LoadPlugin()
Load the plugin library for this handler.
const char * GetPasswd() const
Bool_t Connect(const char *signal, const char *receiver_class, void *receiver, const char *slot)
Non-static method is used to connect from the signal of this object to the receiver slot.
static const TString & GetEtcDir()
Get the sysconfig directory in the installation. Static utility function.
static RSA_encode_t RSA_encode()
static RSA_genprim_t RSA_genprim()
static RSA_assign_t RSA_assign()
static RSA_cmp_t RSA_cmp()
static RSA_decode_t RSA_decode()
static RSA_genrsa_t RSA_genrsa()
static RSA_num_sput_t RSA_num_sput()
static RSA_num_sget_t RSA_num_sget()
Regular expression class.
Ssiz_t Index(const TString &str, Ssiz_t *len, Ssiz_t start=0) const
Find the first occurrence of the regexp in string and return the position, or -1 if there is no match...
void DeActivate(Option_t *opt="CR")
Set OffSet to -1 and expiring Date to default Remove from the list If Opt contains "C" or "c",...
void Print(Option_t *option="F") const
If opt is "F" (default) print object content.
Bool_t IsActive() const
Check remote OffSet and expiring Date.
const char * GetID() const
void SetID(const char *id)
const char * GetHost() const
const char * GetToken() const
void AddForCleanup(Int_t port, Int_t proto, Int_t type)
Create a new TSecContextCleanup Internally is added to the list.
virtual void Print(Option_t *option="F") const
If opt is "F" (default) print object content.
Bool_t IsA(const char *methodname)
Checks if this security context is for method named 'methname' Case sensitive.
void * GetContext() const
const char * GetUser() const
void SetOffSet(Int_t offset)
virtual Int_t Recv(TMessage *&mess)
Receive a TMessage object.
static Int_t GetClientProtocol()
Static method returning supported client protocol.
Int_t GetRemoteProtocol() const
virtual void Close(Option_t *opt="")
Close the socket.
virtual Int_t RecvRaw(void *buffer, Int_t length, ESendRecvOptions opt=kDefault)
Receive a raw buffer of specified length bytes.
TSecContext * GetSecContext() const
virtual Int_t SendRaw(const void *buffer, Int_t length, ESendRecvOptions opt=kDefault)
Send a raw buffer of specified length.
Int_t GetServType() const
virtual Int_t Send(const TMessage &mess)
Send a TMessage object.
Bool_t EndsWith(const char *pat, ECaseCompare cmp=kExact) const
Return true if string ends with the specified string.
TString & Replace(Ssiz_t pos, Ssiz_t n, const char *s)
const char * Data() const
TString & ReplaceAll(const TString &s1, const TString &s2)
void Resize(Ssiz_t n)
Resize the string. Truncate or add blanks as necessary.
Bool_t BeginsWith(const char *s, ECaseCompare cmp=kExact) const
TString & Remove(Ssiz_t pos)
static TString Format(const char *fmt,...)
Static method which formats a string using a printf style format descriptor and return a TString.
void Form(const char *fmt,...)
Formats a string using a printf style format descriptor.
Bool_t Contains(const char *pat, ECaseCompare cmp=kExact) const
Ssiz_t Index(const char *pat, Ssiz_t i=0, ECaseCompare cmp=kExact) const
virtual int GetPid()
Get process id.
virtual const char * Getenv(const char *env)
Get environment variable.
virtual char * ConcatFileName(const char *dir, const char *name)
Concatenate a directory and a file name. User must delete returned string.
virtual const char * HomeDirectory(const char *userName=0)
Return the user's home directory.
virtual int Load(const char *module, const char *entry="", Bool_t system=kFALSE)
Load a shared library.
int GetPathInfo(const char *path, Long_t *id, Long_t *size, Long_t *flags, Long_t *modtime)
Get info about a file: id, size, flags, modification time.
virtual Bool_t AccessPathName(const char *path, EAccessMode mode=kFileExists)
Returns FALSE if one can access a file using the specified access mode.
virtual FILE * TempFileName(TString &base, const char *dir=0)
Create a secure temporary file by appending a unique 6 letter string to base.
virtual void DispatchOneEvent(Bool_t pendingOnly=kFALSE)
Dispatch a single event.
virtual const char * HostName()
Return the system's host name.
virtual Int_t GetEffectiveUid()
Returns the effective user id.
virtual TInetAddress GetHostByName(const char *server)
Get Internet Protocol (IP) address of host.
virtual int Unlink(const char *name)
Unlink, i.e.
virtual UserGroup_t * GetUserInfo(Int_t uid)
Returns all user info in the UserGroup_t structure.
char * DynamicPathName(const char *lib, Bool_t quiet=kFALSE)
Find a dynamic library called lib using the system search paths.
Handles synchronous and a-synchronous timer events.
virtual void Start(Long_t milliSec=-1, Bool_t singleShot=kFALSE)
Starts the timer with a milliSec timeout.
void SetInterruptSyscalls(Bool_t set=kTRUE)
When the argument is true the a-synchronous timer (SIGALRM) signal handler is set so that interrupted...
This class implements a mutex interface.
EvaluateInfo init(std::vector< RooRealProxy > parameters, std::vector< ArrayWrapper * > wrappers, std::vector< double * > arrays, size_t begin, size_t batchSize)
static constexpr double nm
static constexpr double us
static constexpr double s
static constexpr double mm
static constexpr double ns
static constexpr double ps
void inv(rsa_NUMBER *, rsa_NUMBER *, rsa_NUMBER *)