21#include "RConfigure.h"
51#if !defined(R__WIN32) && !defined(R__MACOSX) && !defined(R__FBSD) && \
58#if defined(R__LINUX) || defined(R__FBSD) || defined(R__OBSD)
67extern "C" char *crypt(
const char *,
const char *);
72# include <openssl/bio.h>
73# include <openssl/err.h>
74# include <openssl/pem.h>
75# include <openssl/rand.h>
76# include <openssl/rsa.h>
77# include <openssl/ssl.h>
78# include <openssl/blowfish.h>
86 static BF_KEY fgBFKey;
92 "Unsupported",
"Unsupported",
"Unsupported" };
133 int frnd =
open(
"/dev/urandom", O_RDONLY);
134 if (frnd < 0) frnd =
open(
"/dev/random", O_RDONLY);
137 ssize_t rs = read(frnd, (
void *) &
r,
sizeof(
int));
140 if (rs ==
sizeof(
int))
return r;
142 Printf(
"+++ERROR+++ : auth_rand: neither /dev/urandom nor /dev/random are available or readable!");
144 if (gettimeofday(&tv,0) == 0) {
146 memcpy((
void *)&
t1, (
void *)&tv.tv_sec,
sizeof(
int));
147 memcpy((
void *)&t2, (
void *)&tv.tv_usec,
sizeof(
int));
163 const char *
proto,
const char *user)
170 if (
gROOT->IsProofServ())
187 Info(
"TAuthenticate",
"Enter: local host: %s, user is: %s (proto: %s)",
196 if ((pdd = strstr(sproto,
":")) != 0) {
197 int rproto = atoi(pdd + 1);
199 if (strstr(sproto,
"root") != 0) {
216 if (strstr(sproto,
"proof") != 0) {
231 Info(
"TAuthenticate",
232 "service: %s (remote protocol: %d): fVersion: %d", sproto,
242 if (user && strlen(user) > 0) {
248 checkUser = u->
fUser;
267 Info(
"TAuthenticate",
"RSA key: default type %d",
fgRSAKey);
281 fqdnsrv.
Form(
"%s:%d",fqdn.
Data(),servtype);
287 Info(
"TAuthenticate",
288 "number of HostAuth Instantiations in memory: %d",
315 if (!strncmp(tmp.
Data(),
"up",2))
317 else if (!strncmp(tmp.
Data(),
"s",1))
319 else if (!strncmp(tmp.
Data(),
"k",1))
321 else if (!strncmp(tmp.
Data(),
"g",1))
323 else if (!strncmp(tmp.
Data(),
"h",1))
325 else if (!strncmp(tmp.
Data(),
"ug",2))
327 if (sec > -1 && sec <
kMAXSEC) {
353 Info(
"CatchTimeOut",
"%d sec timeout expired (protocol: %s)",
377 char noSupport[80] = { 0 };
378 char triedMeth[80] = { 0 };
394 alarm->
Connect(
"Timeout()",
"TAuthenticate",
this,
"CatchTimeOut()");
402 Info(
"Authenticate",
"try #: %d", ntry);
413 "trying authentication: method:%d, default details:%s",
417 if (triedMeth[0] !=
'\0')
418 (
void) strlcat(triedMeth,
" ",
sizeof(triedMeth) - 1);
459 Error(
"Authenticate",
460 "unable to get user name for UsrPwd authentication");
466 if (alarm) alarm->
Stop();
478 Int_t remloc = nmet - ntry;
480 Info(
"Authenticate",
"remloc: %d, ntry: %d, meth: %d, fSecurity: %d",
506 "negotiation not supported remotely: try next method, if any");
507 if (meth < nmet - 1) {
524 "after failed attempt: kind= %d, stat= %d", kind, stat);
531 char *answer =
new char[len];
541 "strings with accepted methods not received (%d:%d)",
544 sscanf(answer,
"%d %d %d %d %d %d", &rMth[0], &rMth[1],
545 &rMth[2], &rMth[3], &rMth[4], &rMth[5]);
546 if (
gDebug > 0 && remloc > 0)
548 "remotely allowed methods not yet tried: %s",
551 }
else if (stat == 0) {
553 "no more methods accepted remotely to be tried");
566 std::string available{};
568 for (i = 0; i < remMeth; i++) {
569 for (j = 0; j < nmet; j++) {
579 if (methfound)
break;
581 if (methfound)
break;
585 Warning(
"Authenticate",
"no match with those locally available: %s", available.c_str());
602 "method not even started: insufficient or wrong info: %s",
603 "try with next method, if any");
620 "status code -2 not expected from old daemons");
632 Info(
"Authenticate",
"got a timeout");
634 if (meth < nmet - 1) {
644 Info(
"Authenticate",
"unknown status code: %d - assume failure",st);
658 if (strlen(noSupport) > 0)
659 Info(
"Authenticate",
"attempted methods %s are not supported"
660 " by remote server version", noSupport);
662 "failure: list of attempted methods: %s", triedMeth);
686 Info(
"SetEnvironment",
687 "setting environment: fSecurity:%d, fDetails:%s",
fSecurity,
698 char pt[5] = { 0 }, ru[5] = { 0 };
704 if ((ptr = strstr(
fDetails,
"pt:")) != 0) {
705 sscanf(ptr + 3,
"%4s %8191s",
pt, usdef);
707 if (!strncasecmp(
gEnv->
GetValue(usrPromptDef,
""),
"no",2) ||
714 if ((ptr = strstr(
fDetails,
"ru:")) != 0) {
715 sscanf(ptr + 3,
"%4s %8191s", ru, usdef);
717 if (!strncasecmp(
gEnv->
GetValue(usrReUseDef,
""),
"no",2) ||
726 if ((pd = hours.
Index(
":")) > -1) {
730 hh = atoi(hours.
Data());
731 mm = atoi(minutes.
Data());
733 hh = atoi(hours.
Data());
739 if ((ptr = strstr(
fDetails,
"us:")) != 0)
740 sscanf(ptr + 3,
"%8191s %8191s",
us, usdef);
741 if ((ptr = strstr(
fDetails,
"cp:")) != 0)
742 sscanf(ptr + 3,
"%8191s %8191s", cp, usdef);
744 Info(
"SetEnvironment",
"details:%s, pt:%s, ru:%s, us:%s cp:%s",
747 if ((ptr = strstr(
fDetails,
"us:")) != 0)
748 sscanf(ptr + 3,
"%8191s %8191s",
us, usdef);
750 Info(
"SetEnvironment",
"details:%s, pt:%s, ru:%s, us:%s",
755 if (!strncasecmp(
pt,
"yes",3) || !strncmp(
pt,
"1", 1))
759 if (!
gROOT->IsProofServ()) {
761 if (!strncasecmp(ru,
"no",2) || !strncmp(ru,
"0",1))
772 if (!strncmp(cp,
"no", 2) || !strncmp(cp,
"0", 1))
784 if (strlen(usdef) > 0) {
814 Error(
"GetUserPasswd",
"SRP no longer supported by ROOT");
819 Info(
"GetUserPasswd",
"Enter: User: '%s' Hash:%d SRP:%d",
823 if (user ==
"" &&
fgUser !=
"")
834 Info(
"GetUserPasswd",
"In memory: User: '%s' Hash:%d",
844 Info(
"GetUserPasswd",
"In memory: User: '%s' Hash:%d",
850 if (user ==
"" ||
passwd ==
"") {
852 Info(
"GetUserPasswd",
"Checking .netrc family ...");
856 Info(
"GetUserPasswd",
"From .netrc family: User: '%s' Hash:%d",
865 Error(
"GetUserPasswd",
"user name not set");
912 Error(
"CheckNetrc",
"SRP no longer supported by ROOT");
937 bool mode0600 =
true;
942 FILE *fd = fopen(net,
"r");
944 while (fgets(
line,
sizeof(
line), fd) != 0) {
948 int nword = sscanf(
line,
"%63s %63s %63s %63s %63s %63s",
949 word[0], word[1], word[2], word[3], word[4], word[5]);
952 if (strcmp(word[0],
"machine"))
954 if (strcmp(word[2],
"login"))
956 if (strcmp(word[4],
"password") && strcmp(word[4],
"password-hash"))
968 if (!strcmp(word[4],
"password-hash"))
973 if (!strcmp(word[3], user.
Data())) {
975 if (!strcmp(word[4],
"password-hash"))
986 "file %s exists but has not 0600 permission", net);
990 if (
first && !result) {
1044 ::Error(
"Krb5Auth",
"Kerberos5 is no longer supported by ROOT");
1071 if (idx < 0 || idx >
kMAXSEC-1) {
1072 ::Error(
"Authenticate::GetAuthMethod",
"idx out of bounds (%d)", idx);
1086 if (meth && meth[0]) {
1115 if (isatty(0) == 0 || isatty(1) == 0) {
1117 "not tty: cannot prompt for user, returning default");
1124 const char *usrIn = Getline(
Form(
"Name (%s:%s): ", remote, user));
1144 if (isatty(0) == 0 || isatty(1) == 0) {
1145 ::Warning(
"TAuthenticate::PromptPasswd",
1146 "not tty: cannot prompt for passwd, returning -1");
1147 static char noint[4] = {
"-1"};
1152 const char *pw = buf;
1157 gROOT->GetPluginManager()->FindHandler(
"TGPasswdDialog"))) {
1161 "could not load plugin for the password dialog box");
1171 while (
gROOT->IsInterrupted())
1175 Gl_config(
"noecho", 1);
1176 pw = Getline(prompt);
1177 Gl_config(
"noecho", 0);
1204 key = (key >= 0 && key <= 1) ? key : 0;
1221 if (key >= 0 && key <= 1)
1274 lasterr =
"(last error only; re-run with gDebug > 0 for more details)";
1278 if (
gDebug > 0 || forceprint) {
1280 ::Error(
Form(
"TAuthenticate::%s", where),
"%s %s",
1284 "unknown error code: server must be running a newer ROOT version %s",
1302 if (user && user[0])
1333 ::Error(
"SetGlobalSRPPwd",
"SRP no longer supported by ROOT");
1362 if (defaultuser && defaultuser[0])
1404 ::Error(
"Krb5Auth",
"Kerberos5 is no longer supported by ROOT");
1413 ::Error(
"GlobusAuth",
"Globus is no longer supported by ROOT");
1421 ::Error(
"SshAuth",
"SSH is no longer supported by ROOT");
1430 ::Error(
"GetSshUser",
"SSH is no longer supported by ROOT");
1451 if (!strcmp(href,
"*"))
1460 if (rename.
Index(href,&len) != -1 || strstr(href,
"-"))
1465 if (strstr(href,
"*"))
1477 ::Info(
"TAuthenticate::CheckHost",
"checking host IP: %s", theHost.
Data());
1488 if (pos > 0 && pos != (
Ssiz_t)(theHost.
Length()-strlen(href)))
1500 ::Error(
"RfioAuth",
"RfioAuth is no longer supported by ROOT");
1514 Info(
"ClearAuth",
"enter: user: %s (passwd hashed?: %d)",
1526 Info(
"ClearAuth",
"ru:%d pt:%d cp:%d ns:%d rk:%d",
1555 options.
Form(
"%d %ld %s %ld %s", opt,
1577 Info(
"ClearAuth",
"anonymous user");
1586 char ctag[11] = {0};
1587 if (anon == 0 && cryptopt == 1) {
1594 "problems recvn RSA key flag: got message %d, flag: %d",
1600 Info(
"ClearAuth",
"get key request ...");
1614 Warning(
"ClearAuth",
"problems secure-receiving salt -"
1615 " may result in corrupted salt");
1616 Warning(
"ClearAuth",
"switch off reuse for this session");
1624 while (ltmp && tmpsalt[ltmp-1] !=
'#') ltmp--;
1626 if (tmpsalt[ltmp-1] ==
'#' &&
1627 tmpsalt[ltmp-10] ==
'#') {
1628 strlcpy(ctag,&tmpsalt[ltmp-10],11);
1647 Info(
"ClearAuth",
"got salt: '%s' (len: %d)", salt.
Data(), slen);
1650 Info(
"ClearAuth",
"Salt not required");
1653 Warning(
"ClearAuth",
"problems secure-receiving rndmtag -"
1654 " may result in corrupted rndmtag");
1657 strlcpy(ctag, tmptag, 11);
1683 if (localFQDN ==
"") {
1691 "automatically generated anonymous passwd: %s",
1697 if (prompt == 1 || pashash.
Length() == 0) {
1706 Error(
"ClearAuth",
"password not set");
1711 if (needsalt && !pwdhash) {
1737 if (anon == 0 && cryptopt == 1) {
1749 Warning(
"ClearAuth",
"problems secure-sending pass hash"
1750 " - may result in authentication failure");
1757 for (
int i = 0; i <
passwd.Length(); i++) {
1771 Info(
"ClearAuth",
"after kROOTD_PASS: kind= %d, stat= %d", kind,
1783 "problems recvn (user,offset) length (%d:%d bytes:%d)",
1788 int reclen = (stat+1 > 256) ? 256 : stat+1;
1789 if ((nrec =
fSocket->
Recv(answer, reclen, kind)) < 0)
1793 "username and offset not received (%d:%d)", kind,
1799 sscanf(answer,
"%127s %d", lUser, &offset);
1802 "received from server: user: %s, offset: %d (%s)", lUser,
1809 if (reuse == 1 && offset > -1) {
1811 if (cryptopt == 1) {
1814 "problems secure-receiving token -"
1815 " may result in corrupted token");
1820 token =
new char[tlen];
1826 Warning(
"ClearAuth",
"token not received (%d:%d)", kind,
1829 for (
int i = 0; i < (
int) strlen(token); i++) {
1830 token[i] = ~token[i];
1835 Info(
"ClearAuth",
"received from server: token: '%s' ",
1897 "%s@%s does not accept connections from %s@%s",
1904 "%s@%s does not accept %s authentication from %s@%s",
1921 Error(
"ClearAuth",
"password not set");
1923 if (
fUser ==
"anonymous" ||
fUser ==
"rootd") {
1924 if (!
passwd.Contains(
"@")) {
1926 "please use passwd of form: user@host.do.main");
1937 for (
int i = 0; i <
passwd.Length(); i++) {
1950 Info(
"ClearAuth",
"after kROOTD_PASS: kind= %d, stat= %d", kind,
1979 ::Info(
"TAuthenticate::GetHostAuth",
"enter ... %s ... %s", host, user);
1985 char *
ps = (
char *)strstr(host,
":");
1987 srvtyp = atoi(
ps+1);
1991 if (strncmp(host,
"default",7) && !hostFQDN.
Contains(
"*")) {
2003 if (!strncasecmp(opt,
"P",1)) {
2011 while ((ai = (
THostAuth *) (*next)())) {
2013 ai->
Print(
"Authenticate::GetHostAuth");
2016 if (!(serverOK = (ai->
GetServer() == -1) ||
2021 if (!strcmp(ai->
GetHost(),
"default") && serverOK && notFound)
2031 if (hostFQDN == ai->
GetHost() &&
2053 ::Info(
"TAuthenticate::HasHostAuth",
"enter ... %s ... %s", host, user);
2059 char *
ps = (
char *)strstr(host,
":");
2061 srvtyp = atoi(
ps+1);
2064 if (strncmp(host,
"default",7) && !hostFQDN.
Contains(
"*")) {
2071 if (!strncasecmp(opt,
"P",1)) {
2076 while ((ai = (
THostAuth *) (*next)())) {
2078 if (hostFQDN == ai->
GetHost() &&
2100 ::Info(
"TAuthenticate::FileExpand",
"enter ... '%s' ... 0x%lx", fexp, (
Long_t)ftmp);
2102 fin = fopen(fexp,
"r");
2106 while (fgets(
line,
sizeof(
line), fin) != 0) {
2110 if (
line[strlen(
line) - 1] ==
'\n')
2113 ::Info(
"TAuthenticate::FileExpand",
"read line ... '%s'",
line);
2114 int nw = sscanf(
line,
"%19s %8191s", cinc, fileinc);
2117 if (strcmp(cinc,
"include") != 0) {
2119 fprintf(ftmp,
"%s\n",
line);
2126 sscanf(ln.
Data(),
"%19s %8191s", cinc, fileinc);
2129 if (fileinc[0] ==
'$') {
2146 if (fileinc[0] ==
'~') {
2150 char *ffull =
new char[flen];
2160 "file specified by 'include' cannot be open or read (%s)",
2175 const char copt[2][5] = {
"no",
"yes" };
2178 ::Info(
"TAuthenticate::GetDefaultDetails",
2179 "enter ... %d ...pt:%d ... '%s'", sec, opt, usr);
2181 if (opt < 0 || opt > 1)
2186 if (!usr[0] || !strncmp(usr,
"*",1))
2195 ::Info(
"TAuthenticate::GetDefaultDetails",
"returning ... %s", temp);
2205 if (!strncasecmp(opt,
"P",1))
2234 " +--------------------------- BEGIN --------------------------------+");
2239 " + List fgProofAuthInfo has %4d members +",
2244 " +------------------------------------------------------------------+");
2252 " + List fgAuthInfo has %4d members +",
2257 " +------------------------------------------------------------------+");
2266 " +---------------------------- END ---------------------------------+");
2282 Info(
"AuthExists",
"%d: enter: msg: %d options: '%s'",
2283 method,*message, options);
2295 (*checksecctx)(username,secctx) == 1)
2308 (*checksecctx)(username,secctx) == 1) {
2325 "found valid TSecContext: offset: %d token: '%s'",
2326 offset, token.
Data());
2337 Int_t reuse = *rflag;
2338 if (reuse == 1 && offset > -1) {
2347 Int_t stat = 1, kind;
2352 Warning(
"AuthExists",
"protocol error: expecting %d got %d"
2358 Info(
"AuthExists",
"offset OK");
2362 Info(
"AuthExists",
"key type: %d", rsaKey);
2378 Warning(
"AuthExists",
"problems secure-sending token %s",
2379 "- may trigger problems in proofing Id ");
2384 for (
int i = 0; i < token.
Length(); i++) {
2385 char inv = ~token(i);
2393 Info(
"AuthExists",
"offset not OK - rerun authentication");
2404 Info(
"AuthExists",
"%d: after msg %d: kind= %d, stat= %d",
2405 method,*message, kind, stat);
2418 Error(
"AuthExists",
"%s@%s does not accept connections from %s@%s",
2424 "%s@%s does not accept %s authentication from %s@%s",
2442 Info(
"AuthExists",
"valid authentication exists");
2444 Info(
"AuthExists",
"valid authentication exists: offset changed");
2446 Info(
"AuthExists",
"remote access authorized by /etc/hosts.equiv");
2448 Info(
"AuthExists",
"no authentication required remotely");
2478 const char *randdev =
"/dev/urandom";
2481 if ((fd =
open(randdev, O_RDONLY)) != -1) {
2483 ::Info(
"InitRandom",
"taking seed from %s", randdev);
2484 if (read(fd, &seed,
sizeof(seed)) !=
sizeof(seed))
2485 ::Warning(
"InitRandom",
"could not read seed from %s", randdev);
2489 ::Info(
"InitRandom",
"%s not available: using time()", randdev);
2504 Info(
"GenRSAKeys",
"enter");
2508 Info(
"GenRSAKeys",
"Keys prviously generated - return");
2530 Info(
"GenRSAKeys",
"SSL: Generate Blowfish key");
2539 OpenSSL_add_all_ciphers();
2545 nbits = (nbits >= 128) ? nbits : 128;
2548 nbits = (nbits <= 15912) ? nbits : 15912;
2551 Int_t klen = nbits / 8 ;
2555 RAND_seed(rbuf,strlen(rbuf));
2564 BF_set_key(&fgBFKey, klen, (
const unsigned char *)rbuf);
2573 Int_t l_n = 0, l_d = 0;
2580 Int_t nAttempts = 0;
2586 if (
gDebug > 2 && nAttempts > 1) {
2587 Info(
"GenRSAKeys",
"retry no. %d",nAttempts);
2600 Info(
"GenRSAKeys",
"equal primes: regenerate (%d times)",nPrimes);
2608 Info(
"GenRSAKeys",
"local: p1: '%s' ", buf);
2610 Info(
"GenRSAKeys",
"local: p2: '%s' ", buf);
2615 if (
gDebug > 2 && nAttempts > 1)
2616 Info(
"GenRSAKeys",
" genrsa: unable to generate keys (%d)",
2623 l_n = strlen(buf_n);
2626 l_e = strlen(buf_e);
2629 l_d = strlen(buf_d);
2633 Info(
"GenRSAKeys",
"local: n: '%s' length: %d", buf_n, l_n);
2634 Info(
"GenRSAKeys",
"local: e: '%s' length: %d", buf_e, l_e);
2635 Info(
"GenRSAKeys",
"local: d: '%s' length: %d", buf_d, l_d);
2647 strlcpy(
test, tdum, lTes+1);
2651 Info(
"GenRSAKeys",
"local: test string: '%s' ",
test);
2654 strlcpy(buf,
test, lTes+1);
2660 "local: length of crypted string: %d bytes", lout);
2666 Info(
"GenRSAKeys",
"local: after private/public : '%s' ", buf);
2668 if (strncmp(
test, buf, lTes))
2672 strlcpy(buf,
test, lTes+1);
2677 Info(
"GenRSAKeys",
"local: length of crypted string: %d bytes ",
2684 Info(
"GenRSAKeys",
"local: after public/private : '%s' ", buf);
2686 if (strncmp(
test, buf, lTes))
2703 Info(
"GenRSAKeys",
"local: generated keys are:");
2704 Info(
"GenRSAKeys",
"local: n: '%s' length: %d", buf_n, l_n);
2705 Info(
"GenRSAKeys",
"local: e: '%s' length: %d", buf_e, l_e);
2706 Info(
"GenRSAKeys",
"local: d: '%s' length: %d", buf_d, l_d);
2747 unsigned int iimx[4][4] = {
2748 {0x0, 0xffffff08, 0xafffffff, 0x2ffffffe},
2749 {0x0, 0x3ff0000, 0x7fffffe, 0x7fffffe},
2750 {0x0, 0x3ff0000, 0x7e, 0x7e},
2751 {0x0, 0x3ffc000, 0x7fffffe, 0x7fffffe}
2754 const char *cOpt[4] = {
"Any",
"LetNum",
"Hex",
"Crypt" };
2757 if (opt < 0 || opt > 2) {
2760 Info(
"GetRandString",
"unknown option: %d : assume 0", opt);
2763 Info(
"GetRandString",
"enter ... len: %d %s", len, cOpt[opt]);
2766 char *buf =
new char[len + 1];
2776 for (
m = 7;
m < 32;
m += 7) {
2777 i = 0x7F & (frnd >>
m);
2780 if ((iimx[opt][j] & (1 <<
l))) {
2792 Info(
"GetRandString",
"got '%s' ", buf);
2804 Int_t key,
const char *str)
2810 ::Info(
"TAuthenticate::SecureSend",
"local: enter ... (enc: %d)", enc);
2812 Int_t slen = strlen(str) + 1;
2817 strlcpy(buftmp, str, slen+1);
2827 }
else if (key == 1) {
2832 ttmp = ((ttmp + 8)/8) * 8;
2833 unsigned char iv[8];
2834 memset((
void *)&iv[0],0,8);
2835 BF_cbc_encrypt((
const unsigned char *)str, (
unsigned char *)buftmp,
2836 strlen(str), &fgBFKey, iv, BF_ENCRYPT);
2839 ::Info(
"TAuthenticate::SecureSend",
"not compiled with SSL support:"
2840 " you should not have got here!");
2844 ::Info(
"TAuthenticate::SecureSend",
"unknown key type (%d)",key);
2851 nsen = sock->
SendRaw(buftmp, ttmp);
2853 ::Info(
"TAuthenticate::SecureSend",
2854 "local: sent %d bytes (expected: %d)", nsen,ttmp);
2876 if (sock->
Recv(buflen, 20, kind) < 0)
2878 Int_t len = atoi(buflen);
2880 ::Info(
"TAuthenticate::SecureRecv",
"got len '%s' %d (msg kind: %d)",
2885 if (!strncmp(buflen,
"-1", 2))
2889 if ((nrec = sock->
RecvRaw(buftmp, len)) < 0)
2900 const size_t strSize = strlen(buftmp) + 1;
2901 *str =
new char[strSize];
2902 strlcpy(*str, buftmp, strSize);
2904 }
else if (key == 1) {
2906 unsigned char iv[8];
2907 memset((
void *)&iv[0],0,8);
2908 *str =
new char[nrec + 1];
2909 BF_cbc_encrypt((
const unsigned char *)buftmp, (
unsigned char *)(*str),
2910 nrec, &fgBFKey, iv, BF_DECRYPT);
2911 (*str)[nrec] =
'\0';
2914 ::Info(
"TAuthenticate::SecureRecv",
"not compiled with SSL support:"
2915 " you should not have got here!");
2919 ::Info(
"TAuthenticate::SecureRecv",
"unknown key type (%d)",key);
2932 R__rsa_NUMBER &rsa_d,
char **rsassl)
2938 ::Info(
"TAuthenticate::DecodeRSAPublic",
2939 "enter: string length: %ld bytes", (
Long_t)strlen(rsaPubExport));
2942 Int_t klen = strlen(rsaPubExport);
2944 ::Info(
"TAuthenticate::DecodeRSAPublic",
2945 "key too long (%d): truncate to %d",klen,
kMAXPATHLEN);
2948 memcpy(str, rsaPubExport, klen);
2957 while (str[k] == 32) k++;
2959 if (str[k] ==
'#') {
2964 char *pd1 = strstr(str,
"#");
2965 char *pd2 = pd1 ? strstr(pd1 + 1,
"#") : (
char *)0;
2966 char *pd3 = pd2 ? strstr(pd2 + 1,
"#") : (
char *)0;
2967 if (pd1 && pd2 && pd3) {
2969 int l1 = (
int) (pd2 - pd1 - 1);
2970 char *rsa_n_exp =
new char[l1 + 1];
2971 strlcpy(rsa_n_exp, pd1 + 1, l1+1);
2973 ::Info(
"TAuthenticate::DecodeRSAPublic",
2974 "got %ld bytes for rsa_n_exp", (
Long_t)strlen(rsa_n_exp));
2976 int l2 = (
int) (pd3 - pd2 - 1);
2977 char *rsa_d_exp =
new char[l2 + 1];
2978 strlcpy(rsa_d_exp, pd2 + 1, 13);
2980 ::Info(
"TAuthenticate::DecodeRSAPublic",
2981 "got %ld bytes for rsa_d_exp", (
Long_t)strlen(rsa_d_exp));
2990 ::Info(
"TAuthenticate::DecodeRSAPublic",
"bad format for input string");
2999 BIO *bpub = BIO_new(BIO_s_mem());
3002 BIO_write(bpub,(
void *)str,strlen(str));
3005 if (!(rsatmp = PEM_read_bio_RSAPublicKey(bpub, 0, 0, 0))) {
3007 ::Info(
"TAuthenticate::DecodeRSAPublic",
3008 "unable to read pub key from bio");
3011 *rsassl = (
char *)rsatmp;
3013 ::Info(
"TAuthenticate::DecodeRSAPublic",
3014 "no space allocated for output variable");
3021 ::Info(
"TAuthenticate::DecodeRSAPublic",
"not compiled with SSL support:"
3022 " you should not have got here!");
3037 ::Info(
"TAuthenticate::SetRSAPublic",
3038 "enter: string length %ld bytes", (
Long_t)strlen(rsaPubExport));
3048 while (rsaPubExport[k0] == 32) k0++;
3057 if (rsaPubExport[k0] ==
'#' && rsaPubExport[k2] ==
'#') {
3058 char *p0 = (
char *)&rsaPubExport[k0];
3059 char *p2 = (
char *)&rsaPubExport[k2];
3060 char *p1 = strchr(p0+1,
'#');
3061 if (p1 > p0 && p1 < p2) {
3067 while (
c < p1 && ((*c < 58 && *c > 47) || (*c < 91 && *c > 64)))
3071 while (
c < p2 && ((*c < 58 && *c > 47) || (*c < 91 && *c > 64)))
3080 ::Info(
"TAuthenticate::SetRSAPublic",
" Key type: %d",rsakey);
3084 R__rsa_NUMBER rsa_n, rsa_d;
3095 BF_set_key(&fgBFKey, klen, (
const unsigned char *)rsaPubExport);
3098 ::Info(
"TAuthenticate::SetRSAPublic",
3099 "not compiled with SSL support:"
3100 " you should not have got here!");
3120 ::Info(
"TAuthenticate::SendRSAPublicKey",
3121 "received key from server %ld bytes", (
Long_t)strlen(serverPubKey));
3124 R__rsa_NUMBER rsa_n, rsa_d;
3130 RSA_free((RSA *)tmprsa);
3133 RSA *RSASSLServer = (RSA *)tmprsa;
3141 char buflen[20] = {0};
3148 }
else if (key == 1) {
3150 Int_t lcmax = RSA_size(RSASSLServer) - 11;
3156 if ((ttmp = RSA_public_encrypt(lc,
3158 (
unsigned char *)&buftmp[ke],
3159 RSASSLServer,RSA_PKCS1_PADDING)) < 0) {
3162 ::Info(
"TAuthenticate::SendRSAPublicKey",
"SSL: error: '%s' ",errstr);
3172 ::Info(
"TAuthenticate::SendRSAPublicKey",
"not compiled with SSL support:"
3173 " you should not have got here!");
3178 ::Info(
"TAuthenticate::SendRSAPublicKey",
"unknown key type (%d)",key);
3181 RSA_free(RSASSLServer);
3192 ::Info(
"TAuthenticate::SendRSAPublicKey",
3193 "local: sent %d bytes (expected: %d)", nsen,ttmp);
3196 RSA_free(RSASSLServer);
3217 if (authrc &&
gDebug > 2)
3218 ::Info(
"TAuthenticate::ReadRootAuthrc",
"Checking file: %s", authrc);
3220 if (authrc &&
gDebug > 1)
3221 ::Info(
"TAuthenticate::ReadRootAuthrc",
3222 "file %s cannot be read (errno: %d)", authrc, errno);
3226 ::Info(
"TAuthenticate::ReadRootAuthrc",
"Checking system file: %s", authrc);
3229 ::Info(
"TAuthenticate::ReadRootAuthrc",
3230 "file %s cannot be read (errno: %d)", authrc, errno);
3240 stat(tRootAuthrc, &si);
3243 ::Info(
"TAuthenticate::ReadRootAuthrc",
3244 "file %s already read", authrc);
3260 TString filetmp =
"rootauthrc";
3263 ::Info(
"TAuthenticate::ReadRootAuthrc",
"got tmp file: %s open at 0x%lx",
3276 fd = fopen(authrc,
"r");
3279 ::Info(
"TAuthenticate::ReadRootAuthrc",
3280 "file %s cannot be open (errno: %d)", authrc, errno);
3291 while (fgets(
line,
sizeof(
line), fd) != 0) {
3298 if (
line[strlen(
line) - 1] ==
'\n')
3306 const size_t tmpSize = strlen(
line) + 1;
3307 char *tmp =
new char[tmpSize];
3309 ::Error(
"TAuthenticate::ReadRootAuthrc",
3310 "could not allocate temporary buffer");
3314 strlcpy(tmp,
line, tmpSize);
3315 char *nxt = strtok(tmp,
" ");
3317 if (!strcmp(nxt,
"proofserv") || cont) {
3327 proofserv +=
TString((
const char *)ph);
3348 if (server ==
"0" || server.
BeginsWith(
"sock"))
3350 else if (server ==
"1" || server.
BeginsWith(
"root"))
3352 else if (server ==
"2" || server.
BeginsWith(
"proof"))
3359 nxt = strtok(0,
" ");
3360 if (!strncmp(nxt,
"user",4)) {
3361 nxt = strtok(0,
" ");
3362 if (strncmp(nxt,
"list",4) && strncmp(nxt,
"method",6)) {
3364 nxt = strtok(0,
" ");
3369 TIter next(&tmpAuthInfo);
3379 tmpAuthInfo.
Add(ha);
3382 if (!strncmp(nxt,
"list",4)) {
3385 char *mth = strtok(0,
" ");
3388 if (strlen(mth) > 1) {
3391 if (met == -1 &&
gDebug > 2)
3392 ::Info(
"TAuthenticate::ReadRootAuthrc",
3393 "unrecognized method (%s): ", mth);
3397 if (met > -1 && met <
kMAXSEC)
3399 mth = strtok(0,
" ");
3404 }
else if (!strncmp(nxt,
"method",6)) {
3407 char *mth = strtok(0,
" ");
3409 if (strlen(mth) > 1) {
3412 if (met == -1 &&
gDebug > 2)
3413 ::Info(
"TAuthenticate::ReadRootAuthrc",
3414 "unrecognized method (%s): ", mth);
3418 if (met > -1 && met <
kMAXSEC) {
3419 const char *det = 0;
3420 nxt = strtok(0,
" ");
3422 det = (
const char *)strstr(
line,nxt);
3431 if (tmp)
delete [] tmp;
3449 TList tmpproofauthinfo;
3450 if (proofserv.
Length() > 0) {
3451 char *tmps =
new char[proofserv.
Length()+1];
3452 strlcpy(tmps,proofserv.
Data(),proofserv.
Length()+1);
3453 char *nxt = strtok(tmps,
" ");
3455 TString tmp((
const char *)nxt);
3459 if ((pdd = tmp.
Index(
":")) == -1) {
3470 if ((pdd = tmp.
Index(
":")) == -1) {
3482 while (tmp.
Length() > 0) {
3484 if ((pdd = tmp.
Index(
":")) > -1)
3489 if (met == -1 &&
gDebug > 2)
3490 ::Info(
"TAuthenticate::ReadRootAuthrc",
3491 "unrecognized method (%s): ",meth.
Data());
3492 }
else if (meth.
Length() == 1) {
3493 met = atoi(meth.
Data());
3494 if (met > -1 && met <
kMAXSEC)
3517 tmpproofauthinfo.
Add(ha);
3519 nxt = strtok(0,
" ");
3539 const char netrc[2][20] = {
"/.netrc",
"/.rootnetrc" };
3549 "not properly logged on (getpwuid unable to find relevant info)!");
3557 for (; i < 2; i++) {
3563 out.
Form(
"pt:0 ru:1 us:%s",user.
Data());
3567 if (strlen(out) > 0)
3569 "meth: %d ... is available: details: %s", cSec, out.
Data());
3572 "meth: %d ... is NOT available", cSec);
3590 if (!strcmp(user,ctx->
GetUser()) &&
3591 strncmp(
"AFS", ctx->
GetID(), 3))
3621 while ((hanew = (
THostAuth *)nxnew())) {
3643 while ((hanew = (
THostAuth *)nxnew())) {
3707 Info(
"ProofAuthSetup",
"Buffer not found: nothing to do");
3721 *mess >> user >>
passwd >> pwhash >> srppwd >> rsakey;
3738 Info(
"ProofAuthSetup",
"List of THostAuth not found");
3759 fromProofAI =
kTRUE;
3770 if (!master || fromProofAI) {
3832 if (remoteOffSet > -1 && upwd)
3835 if (upwd && pwdctx) {
3844 mess << user <<
passwd << pwhash << srppwd << keytyp;
3850 char *mbuf = mess.
Buffer();
3855 ::Info(
"ProofAuthSetup",
"sending %d bytes", messb64.
Length());
3858 if (remoteOffSet > -1) {
3860 ::Error(
"ProofAuthSetup",
"problems secure-sending message buffer");
3868 ::Error(
"ProofAuthSetup",
"plain: problems sending message length");
3872 ::Error(
"ProofAuthSetup",
"problems sending message buffer");
3908 Error(
"SendHostAuth",
"invalid input: socket undefined");
3923 Info(
"SendHostAuth",
"sent %d bytes (%s)",
ns,buf.
Data());
3930 Info(
"SendHostAuth",
"sent %d bytes for closing",
ns);
3944 Error(
"RecvHostAuth",
"invalid input: socket undefined");
3959 Error(
"RecvHostAuth",
"received: kind: %d (%d bytes)", kind, nr);
3963 Info(
"RecvHostAuth",
"received %d bytes (%s)",nr,buf);
3965 while (strcmp(buf,
"END")) {
3985 fromProofAI =
kTRUE;
3996 if (!master || fromProofAI) {
4035 Info(
"RecvHostAuth",
"Error: received: kind: %d (%d bytes)", kind, nr);
4039 Info(
"RecvHostAuth",
"received %d bytes (%s)",nr,buf);
4072 if (remoteOffSet > -1 && upwd)
4075 if (upwd && pwdctx) {
4079 Error(
"OldAuthSetup",
"failed to send offset in RSA key");
4090 if (remoteOffSet > -1)
4091 Warning(
"OldAuthSetup",
"problems secure-sending pass hash %s",
4092 "- may result in failures");
4095 for (
int i = 0; i <
passwd.Length(); i++) {
4101 if (sock->
Send(mess) < 0) {
4102 Error(
"OldAuthSetup",
"failed to send inverted password");
4112 Error(
"OldAuthSetup",
"failed to send no offset notification in RSA key");
4119 mess << user << pwhash << srppwd << ord << conf;
4121 if (sock->
Send(mess) < 0) {
4122 Error(
"OldAuthSetup",
"failed to send ordinal and config info");
4126 if (proofdProto > 6) {
4132 Error(
"OldAuthSetup",
"failed to send HostAuth info");
4151 if (sock->
Recv(retval, kind) != 2*
sizeof(
Int_t)) {
4153 Info(
"OldProofServAuthSetup",
4154 "socket has been closed due to protocol mismatch - Exiting");
4171 if ((fKey = fopen(keyfile.
Data(),
"r"))) {
4172 Int_t klen = fread((
void *)pubkey,1,
sizeof(pubkey),fKey);
4174 Error(
"OldProofServAuthSetup",
4175 "failed to read public key from '%s'", keyfile.
Data());
4184 Error(
"OldProofServAuthSetup",
"failed to open '%s'", keyfile.
Data());
4193 Error(
"OldProofServAuthSetup",
"failed to receive password");
4199 }
else if (retval == -1) {
4203 if ((sock->
Recv(mess) <= 0) || !mess) {
4204 Error(
"OldProofServAuthSetup",
"failed to receive inverted password");
4220 if ((sock->
Recv(mess) <= 0) || !mess) {
4221 Error(
"OldProofServAuthSetup",
"failed to receive ordinal and config info");
4229 (*mess) >> user >> pwhash >> srppwd >> conf;
4232 (*mess) >> user >> pwhash >> srppwd >> ord >> conf;
4237 (*mess) >> user >> pwhash >> srppwd >> iord;
4241 (*mess) >> user >> pwhash >> srppwd >> ord >> conf;
4262 Error(
"OldProofServAuthSetup",
"failed to receive HostAuth info");
const Int_t kAUTH_SSALT_MSK
const Int_t kAUTH_CRYPT_MSK
const Int_t kAUTH_REUSE_MSK
const Int_t kAUTH_RSATY_MSK
R__EXTERN const char * gRootdErrStr[]
TVirtualMutex * gAuthenticateMutex
static Int_t SendHostAuth(TSocket *s)
Sends the list of the relevant THostAuth objects to the master or to the active slaves,...
Int_t OldProofServAuthSetup(TSocket *sock, Bool_t master, Int_t protocol, TString &user, TString &ord, TString &conf)
Authentication related setup in TProofServ run after successful startup.
Int_t StdCheckSecCtx(const char *, TRootSecContext *)
Standard version of CheckSecCtx to be passed to TAuthenticate::AuthExists Check if User is matches th...
Int_t OldSlaveAuthSetup(TSocket *sock, Bool_t, TString ord, TString conf)
Setup of authetication in PROOF run after successful opening of the socket.
static Int_t RecvHostAuth(TSocket *s, Option_t *opt)
Receive from client/master directives for authentications, create related THostAuth and add them to t...
R__rsa_KEY_export R__fgRSAPubExport[2]
static int auth_rand()
rand() implementation using /udev/random or /dev/random, if available
Int_t(* Krb5Auth_t)(TAuthenticate *auth, TString &user, TString &det, Int_t version)
Int_t(* SecureAuth_t)(TAuthenticate *auth, const char *user, const char *passwd, const char *remote, TString &det, Int_t version)
Int_t(* GlobusAuth_t)(TAuthenticate *auth, TString &user, TString &det)
Int_t(* CheckSecCtx_t)(const char *subj, TRootSecContext *ctx)
void Info(const char *location, const char *msgfmt,...)
void Error(const char *location, const char *msgfmt,...)
void Warning(const char *location, const char *msgfmt,...)
char * Form(const char *fmt,...)
void Printf(const char *fmt,...)
char * StrDup(const char *str)
Duplicate the string str.
typedef void((*Func_t)())
Bool_t R_ISREG(Int_t mode)
Bool_t R_ISDIR(Int_t mode)
R__EXTERN TSystem * gSystem
#define R__LOCKGUARD2(mutex)
#define SSL_load_error_strings
static void RemoveHostAuth(THostAuth *ha, Option_t *opt="")
Remove THostAuth instance from the list.
static Int_t SetRSAPublic(const char *rsapubexport, Int_t klen)
Store RSA public keys from export string rsaPubExport.
static TPluginHandler * fgPasswdDialog
static void SetGlobalSRPPwd(Bool_t srppwd)
Set global SRP passwd flag to be used for authentication to rootd or proofd.
static Bool_t fgPromptUser
TRootSecContext * fSecContext
static void FileExpand(const char *fin, FILE *ftmp)
Expands include directives found in fexp files The expanded, temporary file, is pointed to by 'ftmp' ...
static const char * GetGlobalUser()
Static method returning the global user.
static void SetGlobalUser(const char *user)
Set global user name to be used for authentication to rootd or proofd.
static void SetPromptUser(Bool_t promptuser)
Set global PromptUser flag.
Int_t RfioAuth(TString &user)
RFIO authentication (no longer supported)
static void Show(Option_t *opt="S")
Print info about the authentication sector.
const char * GetSshUser(TString user) const
Method returning the user to be used for the ssh login (no longer supported)
static const char * GetDefaultUser()
Static method returning the default user information.
static Bool_t GetPromptUser()
Static method returning the prompt user settings.
static Int_t SecureRecv(TSocket *Socket, Int_t dec, Int_t KeyType, char **Out)
Receive str from sock and decode it using key indicated by key type Return number of received bytes o...
static const char * GetKrb5Principal()
Static method returning the principal to be used to init Krb5 tickets.
THostAuth * GetHostAuth() const
static void SetAuthReUse(Bool_t authreuse)
Set global AuthReUse flag.
static R__rsa_KEY_export * fgRSAPubExport
char * GetRandString(Int_t Opt, Int_t Len)
Allocates and fills a 0 terminated buffer of length len+1 with len random characters.
static TList * GetProofAuthInfo()
Static method returning the list with authentication directives to be sent to proof.
Int_t SshAuth(TString &user)
SSH client authentication code (no longer supported)
static char * PromptPasswd(const char *prompt="Password: ")
Static method to prompt for the user's passwd to be used for authentication to rootd or proofd.
static void SetDefaultUser(const char *defaultuser)
Set default user name.
static void SetGlobalPwHash(Bool_t pwhash)
Set global passwd hash flag to be used for authentication to rootd or proofd.
static void SetGlobalExpDate(TDatime expdate)
Set default expiring date for new validity contexts.
static Int_t GetRSAInit()
Static method returning the RSA initialization flag.
static void SetSecureAuthHook(SecureAuth_t func)
Set secure authorization function.
static Int_t GetClientProtocol()
Static method returning supported client protocol.
static Int_t ReadRootAuthrc()
Read authentication directives from $ROOTAUTHRC, $HOME/.rootauthrc or <Root_etc_dir>/system....
static Bool_t fgReadHomeAuthrc
static Int_t SecureSend(TSocket *Socket, Int_t enc, Int_t KeyType, const char *In)
Encode null terminated str using the session private key indicated by enc and sends it over the netwo...
Int_t GenRSAKeys()
Generate a valid pair of private/public RSA keys to protect for authentication token exchange.
Bool_t CheckNetrc(TString &user, TString &passwd)
Try to get user name and passwd from the ~/.rootnetrc or ~/.netrc files.
static const char * GetRSAPubExport(Int_t key=0)
Static method returning the RSA public keys.
static Int_t DecodeRSAPublic(const char *rsapubexport, R__rsa_NUMBER &n, R__rsa_NUMBER &d, char **rsassl=0)
Store RSA public keys from export string rsaPubExport.
static void SetReadHomeAuthrc(Bool_t readhomeauthrc)
Set flag controlling the reading of $HOME/.rootauthrc.
static void InitRandom()
Initialize random machine using seed from /dev/urandom (or current time if /dev/urandom not available...
static TList * fgProofAuthInfo
static R__rsa_KEY fgRSAPubKey
static Bool_t fgAuthReUse
static Bool_t GetGlobalPwHash()
Static method returning the global password hash flag.
static void SetKrb5AuthHook(Krb5Auth_t func)
Set kerberos5 authorization function.
static void SetGlobusAuthHook(GlobusAuth_t func)
Set Globus authorization function.
static void SetRSAInit(Int_t init=1)
Static method setting RSA initialization flag.
static void SetGlobalPasswd(const char *passwd)
Set global passwd to be used for authentication to rootd or proofd.
void SetEnvironment()
Set default authentication environment.
static Int_t SendRSAPublicKey(TSocket *Socket, Int_t key=0)
Receives server RSA Public key Sends local RSA public key encoded.
static Bool_t CheckProofAuth(Int_t cSec, TString &det)
Check if the authentication method can be attempted for the client.
static TDatime fgLastAuthrc
static TList * fgAuthInfo
static TString fgAuthMeth[kMAXSEC]
void CatchTimeOut()
Called in connection with a timer timeout.
Bool_t GetUserPasswd(TString &user, TString &passwd, Bool_t &pwhash, Bool_t srppwd)
Try to get user name and passwd from several sources.
Bool_t Authenticate()
Authenticate to remote rootd or proofd server.
static R__rsa_KEY fgRSAPriKey
static TString fgRootAuthrc
Int_t AuthExists(TString User, Int_t method, const char *Options, Int_t *Message, Int_t *Rflag, CheckSecCtx_t funcheck)
Check if we have a valid established sec context in memory Retrieves relevant info and negotiates wit...
static TList * GetAuthInfo()
Static method returning the list with authentication details.
static GlobusAuth_t GetGlobusAuthHook()
Static method returning the globus authorization hook (no longer supported)
Int_t ProofAuthSetup()
Authentication related stuff setup in TProofServ.
Int_t ClearAuth(TString &user, TString &passwd, Bool_t &pwhash)
UsrPwd client authentication code.
static void AuthError(const char *where, Int_t error)
Print error string depending on error code.
static char * GetDefaultDetails(Int_t method, Int_t opt, const char *user)
Determine default authentication details for method 'sec' and user 'usr'.
static void MergeHostAuthList(TList *Std, TList *New, Option_t *Opt="")
Tool for updating fgAuthInfo or fgProofAuthInfo 'nin' contains list of last input information through...
static TString fgDefaultUser
static Int_t GetAuthMethodIdx(const char *meth)
Static method returning the method index (which can be used to find the method in GetAuthMethod()).
static void SetTimeOut(Int_t to)
Set timeout (active if > 0)
static Bool_t fgUsrPwdCrypt
TAuthenticate(TSocket *sock, const char *remote, const char *proto, const char *user="")
Create authentication object.
static void RemoveSecContext(TRootSecContext *ctx)
Tool for removing SecContext ctx from THostAuth listed in fgAuthInfo or fgProofAuthInfo.
static TDatime GetGlobalExpDate()
Static method returning default expiring date for new validity contexts.
static Bool_t GetGlobalSRPPwd()
Static method returning the global SRP password flag.
static SecureAuth_t fgSecAuthHook
static char * PromptUser(const char *remote)
Static method to prompt for the user name to be used for authentication to rootd or proofd.
static Bool_t CheckHost(const char *Host, const char *host)
Check if 'host' matches 'href': this means either equal or "containing" it, even with wild cards * in...
static void SetDefaultRSAKeyType(Int_t key)
Static method setting the default type of RSA key.
static const char * GetAuthMethod(Int_t idx)
Static method returning the method corresponding to idx.
static Bool_t GetAuthReUse()
Static method returning the authentication reuse settings.
static THostAuth * HasHostAuth(const char *host, const char *user, Option_t *opt="R")
Checks if a THostAuth with exact match for {host,user} exists in the fgAuthInfo list If opt = "P" use...
static TString Decode(const char *data)
Decode a base64 string date into a generic TString.
static TString Encode(const char *data)
Transform data into a null terminated base64 string.
TObject * ReadObject(const TClass *cl) override
Read object from I/O buffer.
void WriteObject(const TObject *obj, Bool_t cacheReuse=kTRUE) override
Write object to I/O buffer.
virtual Int_t GetSize() const
Return the capacity of the collection, i.e.
This class stores the date and time with a precision of one second in an unsigned 32 bit word (950130...
void Set()
Set Date/Time to current time as reported by the system.
UInt_t Convert(Bool_t toGMT=kFALSE) const
Convert fDatime from TDatime format to the standard time_t format.
virtual Int_t GetValue(const char *name, Int_t dflt) const
Returns the integer value for a resource.
const char * GetUser() const
const char * GetHost() const
TRootSecContext * CreateSecContext(const char *user, const char *host, Int_t meth, Int_t offset, const char *details, const char *token, TDatime expdate=kROOTTZERO, void *ctx=0, Int_t key=-1)
Create a Security context and add it to local list Return pointer to it to be stored in TAuthenticate...
void SetUser(const char *user)
void SetDetails(Int_t level, const char *details)
Set authentication details for specified level.
void SetHost(const char *host)
void SetFirst(Int_t level)
Set 'method' to be the first used (if in the list ...).
virtual void Print(Option_t *option="") const
Print object content.
void SetServer(Int_t server)
void ReOrder(Int_t nmet, Int_t *fmet)
Reorder nmet methods according fmet[nmet].
void RemoveMethod(Int_t level)
Remove method 'meth' from the list, if there ...
void AddMethod(Int_t level, const char *details=0)
Add method to the list.
void CountFailure(Int_t level)
Count failures for 'method'.
Int_t GetMethod(Int_t idx) const
void AsString(TString &out) const
Return a static string with all info in a serialized form.
Bool_t HasMethod(Int_t level, Int_t *pos=0)
Return kTRUE if method 'level' is in the list.
TList * Established() const
void AddFirst(Int_t level, const char *details=0)
Add new method in first position If already in the list, set as first method 'level' with authenticat...
void Update(THostAuth *ha)
Update info with the one in ha Remaining methods, if any, get lower priority.
const char * GetDetails(Int_t level)
Return authentication details for specified level or "" if the specified level does not exist for thi...
void SetLast(Int_t level)
Set 'method' to be the last used (if in the list ...).
void PrintEstablished() const
Print info about established authentication vis-a-vis of this Host.
void CountSuccess(Int_t level)
Count successes for 'method'.
This class represents an Internet Protocol (IP) address.
const char * GetHostName() const
const char * GetHostAddress() const
Returns the IP address string "%d.%d.%d.%d".
virtual void Add(TObject *obj)
virtual TObject * Remove(TObject *obj)
Remove object from the list.
virtual void Warning(const char *method, const char *msgfmt,...) const
Issue warning message.
virtual void Error(const char *method, const char *msgfmt,...) const
Issue error message.
virtual void Info(const char *method, const char *msgfmt,...) const
Issue info message.
Long_t ExecPlugin(int nargs, const T &... params)
Int_t LoadPlugin()
Load the plugin library for this handler.
const char * GetPasswd() const
Bool_t Connect(const char *signal, const char *receiver_class, void *receiver, const char *slot)
Non-static method is used to connect from the signal of this object to the receiver slot.
static const TString & GetEtcDir()
Get the sysconfig directory in the installation. Static utility function.
static RSA_encode_t RSA_encode()
static RSA_genprim_t RSA_genprim()
static RSA_assign_t RSA_assign()
static RSA_cmp_t RSA_cmp()
static RSA_decode_t RSA_decode()
static RSA_genrsa_t RSA_genrsa()
static RSA_num_sput_t RSA_num_sput()
static RSA_num_sget_t RSA_num_sget()
Regular expression class.
Ssiz_t Index(const TString &str, Ssiz_t *len, Ssiz_t start=0) const
Find the first occurrence of the regexp in string and return the position, or -1 if there is no match...
void DeActivate(Option_t *opt="CR")
Set OffSet to -1 and expiring Date to default Remove from the list If Opt contains "C" or "c",...
void Print(Option_t *option="F") const
If opt is "F" (default) print object content.
Bool_t IsActive() const
Check remote OffSet and expiring Date.
const char * GetID() const
void SetID(const char *id)
const char * GetHost() const
const char * GetToken() const
void AddForCleanup(Int_t port, Int_t proto, Int_t type)
Create a new TSecContextCleanup Internally is added to the list.
virtual void Print(Option_t *option="F") const
If opt is "F" (default) print object content.
Bool_t IsA(const char *methodname)
Checks if this security context is for method named 'methname' Case sensitive.
void * GetContext() const
const char * GetUser() const
void SetOffSet(Int_t offset)
virtual Int_t Recv(TMessage *&mess)
Receive a TMessage object.
static Int_t GetClientProtocol()
Static method returning supported client protocol.
Int_t GetRemoteProtocol() const
virtual void Close(Option_t *opt="")
Close the socket.
virtual Int_t RecvRaw(void *buffer, Int_t length, ESendRecvOptions opt=kDefault)
Receive a raw buffer of specified length bytes.
TSecContext * GetSecContext() const
virtual Int_t SendRaw(const void *buffer, Int_t length, ESendRecvOptions opt=kDefault)
Send a raw buffer of specified length.
Int_t GetServType() const
virtual Int_t Send(const TMessage &mess)
Send a TMessage object.
Bool_t EndsWith(const char *pat, ECaseCompare cmp=kExact) const
Return true if string ends with the specified string.
TString & Replace(Ssiz_t pos, Ssiz_t n, const char *s)
const char * Data() const
TString & ReplaceAll(const TString &s1, const TString &s2)
void Resize(Ssiz_t n)
Resize the string. Truncate or add blanks as necessary.
Bool_t BeginsWith(const char *s, ECaseCompare cmp=kExact) const
TString & Remove(Ssiz_t pos)
static TString Format(const char *fmt,...)
Static method which formats a string using a printf style format descriptor and return a TString.
void Form(const char *fmt,...)
Formats a string using a printf style format descriptor.
Bool_t Contains(const char *pat, ECaseCompare cmp=kExact) const
Ssiz_t Index(const char *pat, Ssiz_t i=0, ECaseCompare cmp=kExact) const
virtual int GetPid()
Get process id.
virtual const char * Getenv(const char *env)
Get environment variable.
virtual char * ConcatFileName(const char *dir, const char *name)
Concatenate a directory and a file name. User must delete returned string.
virtual int Load(const char *module, const char *entry="", Bool_t system=kFALSE)
Load a shared library.
int GetPathInfo(const char *path, Long_t *id, Long_t *size, Long_t *flags, Long_t *modtime)
Get info about a file: id, size, flags, modification time.
virtual Bool_t AccessPathName(const char *path, EAccessMode mode=kFileExists)
Returns FALSE if one can access a file using the specified access mode.
virtual FILE * TempFileName(TString &base, const char *dir=nullptr)
Create a secure temporary file by appending a unique 6 letter string to base.
virtual void DispatchOneEvent(Bool_t pendingOnly=kFALSE)
Dispatch a single event.
virtual const char * HostName()
Return the system's host name.
virtual Int_t GetEffectiveUid()
Returns the effective user id.
virtual TInetAddress GetHostByName(const char *server)
Get Internet Protocol (IP) address of host.
virtual const char * HomeDirectory(const char *userName=nullptr)
Return the user's home directory.
virtual int Unlink(const char *name)
Unlink, i.e.
virtual UserGroup_t * GetUserInfo(Int_t uid)
Returns all user info in the UserGroup_t structure.
char * DynamicPathName(const char *lib, Bool_t quiet=kFALSE)
Find a dynamic library called lib using the system search paths.
Handles synchronous and a-synchronous timer events.
virtual void Start(Long_t milliSec=-1, Bool_t singleShot=kFALSE)
Starts the timer with a milliSec timeout.
void SetInterruptSyscalls(Bool_t set=kTRUE)
When the argument is true the a-synchronous timer (SIGALRM) signal handler is set so that interrupted...
This class implements a mutex interface.
EvaluateInfo init(std::vector< RooRealProxy > parameters, std::vector< ArrayWrapper * > wrappers, std::vector< double * > arrays, size_t begin, size_t batchSize)
static constexpr double nm
static constexpr double us
static constexpr double s
static constexpr double mm
static constexpr double ns
static constexpr double ps
void inv(rsa_NUMBER *, rsa_NUMBER *, rsa_NUMBER *)