ROOT  6.06/09
Reference Guide
Public Types | Public Member Functions | Static Public Member Functions | Private Member Functions | Static Private Member Functions | Private Attributes | Static Private Attributes | Friends | List of all members
TAuthenticate Class Reference

Definition at line 63 of file TAuthenticate.h.

Public Types

enum  ESecurity {
  kClear, kSRP, kKrb5, kGlobus,
  kSSH, kRfio
}
 
- Public Types inherited from TObject
enum  EStatusBits {
  kCanDelete = BIT(0), kMustCleanup = BIT(3), kObjInCanvas = BIT(3), kIsReferenced = BIT(4),
  kHasUUID = BIT(5), kCannotPick = BIT(6), kNoContextMenu = BIT(8), kInvalidObject = BIT(13)
}
 
enum  { kIsOnHeap = 0x01000000, kNotDeleted = 0x02000000, kZombie = 0x04000000, kBitMask = 0x00ffffff }
 
enum  { kSingleKey = BIT(0), kOverwrite = BIT(1), kWriteDelete = BIT(2) }
 

Public Member Functions

 TAuthenticate (TSocket *sock, const char *remote, const char *proto, const char *user="")
 Create authentication object. More...
 
virtual ~TAuthenticate ()
 
Bool_t Authenticate ()
 Authenticate to remote rootd or proofd server. More...
 
Int_t AuthExists (TString User, Int_t method, const char *Options, Int_t *Message, Int_t *Rflag, CheckSecCtx_t funcheck)
 Check if we have a valid established sec context in memory Retrieves relevant info and negotiates with server. More...
 
void CatchTimeOut ()
 Called in connection with a timer timeout. More...
 
Bool_t CheckNetrc (TString &user, TString &passwd)
 Try to get user name and passwd from the ~/.rootnetrc or ~/.netrc files. More...
 
Bool_t CheckNetrc (TString &user, TString &passwd, Bool_t &pwhash, Bool_t srppwd)
 Try to get user name and passwd from the ~/.rootnetrc or ~/.netrc files. More...
 
THostAuthGetHostAuth () const
 
const char * GetProtocol () const
 
const char * GetRemoteHost () const
 
Int_t GetRSAKeyType () const
 
TRootSecContextGetSecContext () const
 
TSocketGetSocket () const
 
const char * GetUser () const
 
Int_t HasTimedOut () const
 
void SetRSAKeyType (Int_t key)
 
void SetSecContext (TRootSecContext *ctx)
 
- Public Member Functions inherited from TObject
 TObject ()
 
 TObject (const TObject &object)
 TObject copy ctor. More...
 
TObjectoperator= (const TObject &rhs)
 TObject assignment operator. More...
 
virtual ~TObject ()
 TObject destructor. More...
 
virtual void AppendPad (Option_t *option="")
 Append graphics object to current pad. More...
 
virtual void Browse (TBrowser *b)
 Browse object. May be overridden for another default action. More...
 
virtual const char * ClassName () const
 Returns name of class to which the object belongs. More...
 
virtual void Clear (Option_t *="")
 
virtual TObjectClone (const char *newname="") const
 Make a clone of an object using the Streamer facility. More...
 
virtual Int_t Compare (const TObject *obj) const
 Compare abstract method. More...
 
virtual void Copy (TObject &object) const
 Copy this to obj. More...
 
virtual void Delete (Option_t *option="")
 Delete this object. More...
 
virtual Int_t DistancetoPrimitive (Int_t px, Int_t py)
 Computes distance from point (px,py) to the object. More...
 
virtual void Draw (Option_t *option="")
 Default Draw method for all objects. More...
 
virtual void DrawClass () const
 Draw class inheritance tree of the class to which this object belongs. More...
 
virtual TObjectDrawClone (Option_t *option="") const
 Draw a clone of this object in the current pad. More...
 
virtual void Dump () const
 Dump contents of object on stdout. More...
 
virtual void Execute (const char *method, const char *params, Int_t *error=0)
 Execute method on this object with the given parameter string, e.g. More...
 
virtual void Execute (TMethod *method, TObjArray *params, Int_t *error=0)
 Execute method on this object with parameters stored in the TObjArray. More...
 
virtual void ExecuteEvent (Int_t event, Int_t px, Int_t py)
 Execute action corresponding to an event at (px,py). More...
 
virtual TObjectFindObject (const char *name) const
 Must be redefined in derived classes. More...
 
virtual TObjectFindObject (const TObject *obj) const
 Must be redefined in derived classes. More...
 
virtual Option_tGetDrawOption () const
 Get option used by the graphics system to draw this object. More...
 
virtual UInt_t GetUniqueID () const
 Return the unique object id. More...
 
virtual const char * GetName () const
 Returns name of object. More...
 
virtual const char * GetIconName () const
 Returns mime type name of object. More...
 
virtual Option_tGetOption () const
 
virtual char * GetObjectInfo (Int_t px, Int_t py) const
 Returns string containing info about the object at position (px,py). More...
 
virtual const char * GetTitle () const
 Returns title of object. More...
 
virtual Bool_t HandleTimer (TTimer *timer)
 Execute action in response of a timer timing out. More...
 
virtual ULong_t Hash () const
 Return hash value for this object. More...
 
virtual Bool_t InheritsFrom (const char *classname) const
 Returns kTRUE if object inherits from class "classname". More...
 
virtual Bool_t InheritsFrom (const TClass *cl) const
 Returns kTRUE if object inherits from TClass cl. More...
 
virtual void Inspect () const
 Dump contents of this object in a graphics canvas. More...
 
virtual Bool_t IsFolder () const
 Returns kTRUE in case object contains browsable objects (like containers or lists of other objects). More...
 
virtual Bool_t IsEqual (const TObject *obj) const
 Default equal comparison (objects are equal if they have the same address in memory). More...
 
virtual Bool_t IsSortable () const
 
Bool_t IsOnHeap () const
 
Bool_t IsZombie () const
 
virtual Bool_t Notify ()
 This method must be overridden to handle object notification. More...
 
virtual void ls (Option_t *option="") const
 The ls function lists the contents of a class on stdout. More...
 
virtual void Paint (Option_t *option="")
 This method must be overridden if a class wants to paint itself. More...
 
virtual void Pop ()
 Pop on object drawn in a pad to the top of the display list. More...
 
virtual void Print (Option_t *option="") const
 This method must be overridden when a class wants to print itself. More...
 
virtual Int_t Read (const char *name)
 Read contents of object with specified name from the current directory. More...
 
virtual void RecursiveRemove (TObject *obj)
 Recursively remove this object from a list. More...
 
virtual void SaveAs (const char *filename="", Option_t *option="") const
 Save this object in the file specified by filename. More...
 
virtual void SavePrimitive (std::ostream &out, Option_t *option="")
 Save a primitive as a C++ statement(s) on output stream "out". More...
 
virtual void SetDrawOption (Option_t *option="")
 Set drawing option for object. More...
 
virtual void SetUniqueID (UInt_t uid)
 Set the unique object id. More...
 
virtual void UseCurrentStyle ()
 Set current style settings in this object This function is called when either TCanvas::UseCurrentStyle or TROOT::ForceStyle have been invoked. More...
 
virtual Int_t Write (const char *name=0, Int_t option=0, Int_t bufsize=0)
 Write this object to the current directory. More...
 
virtual Int_t Write (const char *name=0, Int_t option=0, Int_t bufsize=0) const
 Write this object to the current directory. More...
 
voidoperator new (size_t sz)
 
voidoperator new[] (size_t sz)
 
voidoperator new (size_t sz, void *vp)
 
voidoperator new[] (size_t sz, void *vp)
 
void operator delete (void *ptr)
 Operator delete. More...
 
void operator delete[] (void *ptr)
 Operator delete []. More...
 
void SetBit (UInt_t f, Bool_t set)
 Set or unset the user status bits as specified in f. More...
 
void SetBit (UInt_t f)
 
void ResetBit (UInt_t f)
 
Bool_t TestBit (UInt_t f) const
 
Int_t TestBits (UInt_t f) const
 
void InvertBit (UInt_t f)
 
virtual void Info (const char *method, const char *msgfmt,...) const
 Issue info message. More...
 
virtual void Warning (const char *method, const char *msgfmt,...) const
 Issue warning message. More...
 
virtual void Error (const char *method, const char *msgfmt,...) const
 Issue error message. More...
 
virtual void SysError (const char *method, const char *msgfmt,...) const
 Issue system error message. More...
 
virtual void Fatal (const char *method, const char *msgfmt,...) const
 Issue fatal error message. More...
 
void AbstractMethod (const char *method) const
 Use this method to implement an "abstract" method that you don't want to leave purely abstract. More...
 
void MayNotUse (const char *method) const
 Use this method to signal that a method (defined in a base class) may not be called in a derived class (in principle against good design since a child class should not provide less functionality than its parent, however, sometimes it is necessary). More...
 
void Obsolete (const char *method, const char *asOfVers, const char *removedFromVers) const
 Use this method to declare a method obsolete. More...
 

Static Public Member Functions

static void AuthError (const char *where, Int_t error)
 Print error string depending on error code. More...
 
static Bool_t CheckProofAuth (Int_t cSec, TString &det)
 Check if the authentication method can be attempted for the client. More...
 
static Int_t DecodeRSAPublic (const char *rsapubexport, rsa_NUMBER &n, rsa_NUMBER &d, char **rsassl=0)
 Store RSA public keys from export string rsaPubExport. More...
 
static TListGetAuthInfo ()
 Static method returning the list with authentication details. More...
 
static const char * GetAuthMethod (Int_t idx)
 Static method returning the method corresponding to idx. More...
 
static Int_t GetAuthMethodIdx (const char *meth)
 Static method returning the method index (which can be used to find the method in GetAuthMethod()). More...
 
static Bool_t GetAuthReUse ()
 Static method returning the authentication reuse settings. More...
 
static Int_t GetClientProtocol ()
 Static method returning supported client protocol. More...
 
static char * GetDefaultDetails (Int_t method, Int_t opt, const char *user)
 Determine default authentication details for method 'sec' and user 'usr'. More...
 
static const char * GetDefaultUser ()
 Static method returning the default user information. More...
 
static TDatime GetGlobalExpDate ()
 Static method returning default expiring date for new validity contexts. More...
 
static Bool_t GetGlobalPwHash ()
 Static method returning the global password hash flag. More...
 
static Bool_t GetGlobalSRPPwd ()
 Static method returning the global SRP password flag. More...
 
static const char * GetGlobalUser ()
 Static method returning the global user. More...
 
static GlobusAuth_t GetGlobusAuthHook ()
 Static method returning the globus authorization hook. More...
 
static THostAuthGetHostAuth (const char *host, const char *user="", Option_t *opt="R", Int_t *Exact=0)
 Sets fUser=user and search fgAuthInfo for the entry pertaining to (host,user), setting fHostAuth accordingly. More...
 
static const char * GetKrb5Principal ()
 Static method returning the principal to be used to init Krb5 tickets. More...
 
static Bool_t GetPromptUser ()
 Static method returning the prompt user settings. More...
 
static TListGetProofAuthInfo ()
 Static method returning the list with authentication directives to be sent to proof. More...
 
static Int_t GetRSAInit ()
 Static method returning the RSA initialization flag. More...
 
static const char * GetRSAPubExport (Int_t key=0)
 Static method returning the RSA public keys. More...
 
static THostAuthHasHostAuth (const char *host, const char *user, Option_t *opt="R")
 Checks if a THostAuth with exact match for {host,user} exists in the fgAuthInfo list If opt = "P" use ProofAuthInfo list instead Returns pointer to it or 0. More...
 
static void InitRandom ()
 Initialize random machine using seed from /dev/urandom (or current time if /dev/urandom not available). More...
 
static void MergeHostAuthList (TList *Std, TList *New, Option_t *Opt="")
 Tool for updating fgAuthInfo or fgProofAuthInfo 'nin' contains list of last input information through (re)reading of a rootauthrc-alike file. More...
 
static char * PromptPasswd (const char *prompt="Password: ")
 Static method to prompt for the user's passwd to be used for authentication to rootd or proofd. More...
 
static char * PromptUser (const char *remote)
 Static method to prompt for the user name to be used for authentication to rootd or proofd. More...
 
static Int_t ReadRootAuthrc ()
 Read authentication directives from $ROOTAUTHRC, $HOME/.rootauthrc or <Root_etc_dir>/system.rootauthrc and create related THostAuth objects. More...
 
static void RemoveHostAuth (THostAuth *ha, Option_t *opt="")
 Remove THostAuth instance from the list. More...
 
static Int_t SecureRecv (TSocket *Socket, Int_t dec, Int_t KeyType, char **Out)
 Receive str from sock and decode it using key indicated by key type Return number of received bytes or -1 in case of error. More...
 
static Int_t SecureSend (TSocket *Socket, Int_t enc, Int_t KeyType, const char *In)
 Encode null terminated str using the session private key indicated by enc and sends it over the network Returns number of bytes sent, or -1 in case of error. More...
 
static Int_t SendRSAPublicKey (TSocket *Socket, Int_t key=0)
 Receives server RSA Public key Sends local RSA public key encoded. More...
 
static void SetAuthReUse (Bool_t authreuse)
 Set global AuthReUse flag. More...
 
static void SetDefaultUser (const char *defaultuser)
 Set default user name. More...
 
static void SetGlobalExpDate (TDatime expdate)
 Set default expiring date for new validity contexts. More...
 
static void SetGlobalPasswd (const char *passwd)
 Set global passwd to be used for authentication to rootd or proofd. More...
 
static void SetGlobalPwHash (Bool_t pwhash)
 Set global passwd hash flag to be used for authentication to rootd or proofd. More...
 
static void SetGlobalSRPPwd (Bool_t srppwd)
 Set global SRP passwd flag to be used for authentication to rootd or proofd. More...
 
static void SetGlobalUser (const char *user)
 Set global user name to be used for authentication to rootd or proofd. More...
 
static void SetGlobusAuthHook (GlobusAuth_t func)
 Set Globus authorization function. More...
 
static void SetKrb5AuthHook (Krb5Auth_t func)
 Set kerberos5 authorization function. More...
 
static void SetPromptUser (Bool_t promptuser)
 Set global PromptUser flag. More...
 
static void SetDefaultRSAKeyType (Int_t key)
 Static method setting the default type of RSA key. More...
 
static void SetReadHomeAuthrc (Bool_t readhomeauthrc)
 Set flag controlling the reading of $HOME/.rootauthrc. More...
 
static void SetRSAInit (Int_t init=1)
 Static method setting RSA initialization flag. More...
 
static Int_t SetRSAPublic (const char *rsapubexport, Int_t klen)
 Store RSA public keys from export string rsaPubExport. More...
 
static void SetSecureAuthHook (SecureAuth_t func)
 Set secure authorization function. More...
 
static void SetTimeOut (Int_t to)
 Set timeout (active if > 0) More...
 
static void Show (Option_t *opt="S")
 Print info about the authentication sector. More...
 
- Static Public Member Functions inherited from TObject
static Long_t GetDtorOnly ()
 Return destructor only flag. More...
 
static void SetDtorOnly (void *obj)
 Set destructor only flag. More...
 
static Bool_t GetObjectStat ()
 Get status of object stat flag. More...
 
static void SetObjectStat (Bool_t stat)
 Turn on/off tracking of objects in the TObjectTable. More...
 

Private Member Functions

Int_t GenRSAKeys ()
 Generate a valid pair of private/public RSA keys to protect for authentication token exchange. More...
 
Bool_t GetPwHash () const
 
Int_t GetRSAKey () const
 
ESecurity GetSecurity () const
 
Bool_t GetSRPPwd () const
 
const char * GetSshUser (TString user) const
 Method returning the user to be used for the ssh login. More...
 
Int_t GetVersion () const
 
Int_t ClearAuth (TString &user, TString &passwd, Bool_t &pwhash)
 UsrPwd client authentication code. More...
 
Bool_t GetUserPasswd (TString &user, TString &passwd, Bool_t &pwhash, Bool_t srppwd)
 Try to get user name and passwd from several sources. More...
 
char * GetRandString (Int_t Opt, Int_t Len)
 Allocates and fills a 0 terminated buffer of length len+1 with len random characters. More...
 
Int_t ProofAuthSetup ()
 Authentication related stuff setup in TProofServ. More...
 
Int_t RfioAuth (TString &user)
 UidGid client authentication code. More...
 
void SetEnvironment ()
 Set default authentication environment. More...
 
Int_t SshAuth (TString &user)
 SSH client authentication code. More...
 
Int_t SshError (const char *errfile)
 SSH error parsing: returns 0 : no error or fatal 1 : should retry (eg 'connection closed by remote host') More...
 

Static Private Member Functions

static Bool_t CheckHost (const char *Host, const char *host)
 Check if 'host' matches 'href': this means either equal or "containing" it, even with wild cards * in the first field (in the case 'href' is a name, ie not IP address) Returns kTRUE if the two matches. More...
 
static void FileExpand (const char *fin, FILE *ftmp)
 Expands include directives found in fexp files The expanded, temporary file, is pointed to by 'ftmp' and should be already open. More...
 
static Int_t ProofAuthSetup (TSocket *sock, Bool_t client)
 Setup of authetication related stuff in PROOF run after a successful authentication. More...
 
static void RemoveSecContext (TRootSecContext *ctx)
 Tool for removing SecContext ctx from THostAuth listed in fgAuthInfo or fgProofAuthInfo. More...
 

Private Attributes

TString fDetails
 
THostAuthfHostAuth
 
TString fPasswd
 
TString fProtocol
 
Bool_t fPwHash
 
TString fRemote
 
Int_t fRSAKey
 
TRootSecContextfSecContext
 
ESecurity fSecurity
 
TSocketfSocket
 
Bool_t fSRPPwd
 
Int_t fVersion
 
TString fUser
 
Int_t fTimeOut
 

Static Private Attributes

static TListfgAuthInfo = 0
 
static TString fgAuthMeth [kMAXSEC]
 
static Bool_t fgAuthReUse
 
static TString fgDefaultUser
 
static TDatime fgExpDate
 
static GlobusAuth_t fgGlobusAuthHook
 
static Krb5Auth_t fgKrb5AuthHook
 
static TString fgKrb5Principal
 
static TDatime fgLastAuthrc
 
static TString fgPasswd
 
static TPluginHandlerfgPasswdDialog = (TPluginHandler *)(-1)
 
static Bool_t fgPromptUser
 
static TListfgProofAuthInfo = 0
 
static Bool_t fgPwHash
 
static Bool_t fgReadHomeAuthrc = kTRUE
 
static TString fgRootAuthrc
 
static Int_t fgRSAKey = -1
 
static Int_t fgRSAInit = 0
 
static rsa_KEY fgRSAPriKey
 
static rsa_KEY fgRSAPubKey
 
static rsa_KEY_export fgRSAPubExport [2] = {{0,0},{0,0}}
 
static SecureAuth_t fgSecAuthHook
 
static Bool_t fgSRPPwd
 
static TString fgUser
 
static Bool_t fgUsrPwdCrypt
 
static Int_t fgLastError = -1
 
static Int_t fgAuthTO = -2
 
static Int_t fgProcessID = -1
 

Friends

class TRootAuth
 
class TRootSecContext
 
class TSocket
 

Additional Inherited Members

- Protected Member Functions inherited from TObject
void MakeZombie ()
 
virtual void DoError (int level, const char *location, const char *fmt, va_list va) const
 Interface to ErrorHandler (protected). More...
 

#include <TAuthenticate.h>

+ Inheritance diagram for TAuthenticate:
+ Collaboration diagram for TAuthenticate:

Member Enumeration Documentation

Enumerator
kClear 
kSRP 
kKrb5 
kGlobus 
kSSH 
kRfio 

Definition at line 70 of file TAuthenticate.h.

Constructor & Destructor Documentation

TAuthenticate::TAuthenticate ( TSocket sock,
const char *  remote,
const char *  proto,
const char *  user = "" 
)

Create authentication object.

Definition at line 162 of file TAuthenticate.cxx.

virtual TAuthenticate::~TAuthenticate ( )
inlinevirtual

Definition at line 146 of file TAuthenticate.h.

Member Function Documentation

Bool_t TAuthenticate::Authenticate ( )

Authenticate to remote rootd or proofd server.

Return kTRUE if authentication succeeded.

Definition at line 403 of file TAuthenticate.cxx.

Referenced by TRootAuth::Authenticate().

void TAuthenticate::AuthError ( const char *  where,
Int_t  error 
)
static

Print error string depending on error code.

Definition at line 1497 of file TAuthenticate.cxx.

Referenced by Authenticate(), AuthExists(), ClearAuth(), TRootAuth::ErrorMsg(), Krb5Authenticate(), RfioAuth(), and SshAuth().

Int_t TAuthenticate::AuthExists ( TString  username,
Int_t  method,
const char *  options,
Int_t message,
Int_t rflag,
CheckSecCtx_t  checksecctx 
)

Check if we have a valid established sec context in memory Retrieves relevant info and negotiates with server.

options = "Opt,strlen(username),username.Data()" message = kROOTD_USER, ...

Definition at line 3163 of file TAuthenticate.cxx.

Referenced by ClearAuth(), Krb5Authenticate(), and SshAuth().

void TAuthenticate::CatchTimeOut ( )

Called in connection with a timer timeout.

Definition at line 387 of file TAuthenticate.cxx.

Bool_t TAuthenticate::CheckHost ( const char *  host,
const char *  href 
)
staticprivate

Check if 'host' matches 'href': this means either equal or "containing" it, even with wild cards * in the first field (in the case 'href' is a name, ie not IP address) Returns kTRUE if the two matches.

Definition at line 2203 of file TAuthenticate.cxx.

Referenced by GetHostAuth().

Bool_t TAuthenticate::CheckNetrc ( TString user,
TString passwd 
)

Try to get user name and passwd from the ~/.rootnetrc or ~/.netrc files.

For more info see the version with 4 arguments. This version is maintained for backward compatability reasons.

Definition at line 1109 of file TAuthenticate.cxx.

Referenced by Authenticate(), and GetUserPasswd().

Bool_t TAuthenticate::CheckNetrc ( TString user,
TString passwd,
Bool_t pwhash,
Bool_t  srppwd 
)

Try to get user name and passwd from the ~/.rootnetrc or ~/.netrc files.

First ~/.rootnetrc is tried, after that ~/.netrc. These files will only be used when their access masks are 0600. Returns kTRUE if user and passwd were found for the machine specified in the URL. If kFALSE, user and passwd are "". If srppwd == kTRUE then a SRP ('secure') pwd is searched for in the files. The boolean pwhash is set to kTRUE if the returned passwd is to be understood as password hash, i.e. if the 'password-hash' keyword is found in the 'machine' lines; not implemented for 'secure' and the .netrc file. The format of these files are:

this is a comment line

machine <machine fqdn>=""> login <user> password <passwd> machine <machine fqdn>=""> login <user> password-hash <passwd>

and in addition ~/.rootnetrc also supports:

secure <machine fqdn>=""> login <user> password <passwd>

<machine fqdn>=""> may be a domain name or contain the wild card '*'.

for the secure protocols. All lines must start in the first column.

Definition at line 1145 of file TAuthenticate.cxx.

Bool_t TAuthenticate::CheckProofAuth ( Int_t  cSec,
TString det 
)
static

Check if the authentication method can be attempted for the client.

Definition at line 4434 of file TAuthenticate.cxx.

Int_t TAuthenticate::ClearAuth ( TString user,
TString passwd,
Bool_t pwdhash 
)
private

UsrPwd client authentication code.

Returns 0 in case authentication failed 1 in case of success

Definition at line 2357 of file TAuthenticate.cxx.

Referenced by Authenticate().

Int_t TAuthenticate::DecodeRSAPublic ( const char *  rsapubexport,
rsa_NUMBER n,
rsa_NUMBER d,
char **  rsassl = 0 
)
static

Store RSA public keys from export string rsaPubExport.

Definition at line 3818 of file TAuthenticate.cxx.

Referenced by SendRSAPublicKey(), and SetRSAPublic().

void TAuthenticate::FileExpand ( const char *  fexp,
FILE *  ftmp 
)
staticprivate

Expands include directives found in fexp files The expanded, temporary file, is pointed to by 'ftmp' and should be already open.

To be called recursively.

Definition at line 2943 of file TAuthenticate.cxx.

Referenced by ReadRootAuthrc().

Int_t TAuthenticate::GenRSAKeys ( )
private

Generate a valid pair of private/public RSA keys to protect for authentication token exchange.

Definition at line 3388 of file TAuthenticate.cxx.

Referenced by TAuthenticate().

TList * TAuthenticate::GetAuthInfo ( )
static

Static method returning the list with authentication details.

Definition at line 1472 of file TAuthenticate.cxx.

Referenced by GetHostAuth(), HasHostAuth(), ProofAuthSetup(), ReadRootAuthrc(), RecvHostAuth(), RemoveHostAuth(), RemoveSecContext(), Show(), and TAuthenticate().

const char * TAuthenticate::GetAuthMethod ( Int_t  idx)
static

Static method returning the method corresponding to idx.

Definition at line 1303 of file TAuthenticate.cxx.

Referenced by ClassImp(), Krb5Authenticate(), THostAuth::Print(), SetEnvironment(), and TRootSecContext::TRootSecContext().

Int_t TAuthenticate::GetAuthMethodIdx ( const char *  meth)
static

Static method returning the method index (which can be used to find the method in GetAuthMethod()).

Returns -1 in case meth is not found.

Definition at line 1318 of file TAuthenticate.cxx.

Referenced by ReadRootAuthrc(), and TAuthenticate().

Bool_t TAuthenticate::GetAuthReUse ( )
static

Static method returning the authentication reuse settings.

Definition at line 1287 of file TAuthenticate.cxx.

Referenced by Krb5Authenticate().

Int_t TAuthenticate::GetClientProtocol ( )
static

Static method returning supported client protocol.

Definition at line 4867 of file TAuthenticate.cxx.

char * TAuthenticate::GetDefaultDetails ( Int_t  method,
Int_t  opt,
const char *  usr 
)
static

Determine default authentication details for method 'sec' and user 'usr'.

Checks .rootrc family files. Returned string must be deleted by the user.

Definition at line 3022 of file TAuthenticate.cxx.

Referenced by THostAuth::AddFirst(), THostAuth::AddMethod(), THostAuth::Create(), THostAuth::ReOrder(), THostAuth::SetDetails(), and TAuthenticate().

const char * TAuthenticate::GetDefaultUser ( )
static

Static method returning the default user information.

Definition at line 1271 of file TAuthenticate.cxx.

Referenced by Krb5Authenticate().

TDatime TAuthenticate::GetGlobalExpDate ( )
static

Static method returning default expiring date for new validity contexts.

Definition at line 1263 of file TAuthenticate.cxx.

Bool_t TAuthenticate::GetGlobalPwHash ( )
static

Static method returning the global password hash flag.

Definition at line 1247 of file TAuthenticate.cxx.

Bool_t TAuthenticate::GetGlobalSRPPwd ( )
static

Static method returning the global SRP password flag.

Definition at line 1255 of file TAuthenticate.cxx.

const char * TAuthenticate::GetGlobalUser ( )
static

Static method returning the global user.

Definition at line 1239 of file TAuthenticate.cxx.

GlobusAuth_t TAuthenticate::GetGlobusAuthHook ( )
static

Static method returning the globus authorization hook.

Definition at line 1430 of file TAuthenticate.cxx.

Referenced by TRootSecContext::DeActivate().

THostAuth* TAuthenticate::GetHostAuth ( ) const
inline
THostAuth * TAuthenticate::GetHostAuth ( const char *  host,
const char *  user = "",
Option_t opt = "R",
Int_t exact = 0 
)
static

Sets fUser=user and search fgAuthInfo for the entry pertaining to (host,user), setting fHostAuth accordingly.

If opt = "P" use fgProofAuthInfo list instead If no entry is found fHostAuth is not changed

Definition at line 2822 of file TAuthenticate.cxx.

const char * TAuthenticate::GetKrb5Principal ( )
static

Static method returning the principal to be used to init Krb5 tickets.

Definition at line 1279 of file TAuthenticate.cxx.

Referenced by Krb5Authenticate().

Bool_t TAuthenticate::GetPromptUser ( )
static

Static method returning the prompt user settings.

Definition at line 1295 of file TAuthenticate.cxx.

Referenced by Krb5Authenticate(), and Krb5InitCred().

TList * TAuthenticate::GetProofAuthInfo ( )
static

Static method returning the list with authentication directives to be sent to proof.

Definition at line 1485 of file TAuthenticate.cxx.

Referenced by GetHostAuth(), HasHostAuth(), ProofAuthSetup(), ReadRootAuthrc(), RecvHostAuth(), RemoveHostAuth(), RemoveSecContext(), SendHostAuth(), and Show().

const char* TAuthenticate::GetProtocol ( ) const
inline

Definition at line 156 of file TAuthenticate.h.

Referenced by Krb5Authenticate().

Bool_t TAuthenticate::GetPwHash ( ) const
inlineprivate

Definition at line 89 of file TAuthenticate.h.

char * TAuthenticate::GetRandString ( Int_t  opt,
Int_t  len 
)
private

Allocates and fills a 0 terminated buffer of length len+1 with len random characters.

Returns pointer to the buffer (to be deleted by the caller) opt = 0 any non dangerous char 1 letters and numbers (upper and lower case) 2 hex characters (upper and lower case)

Definition at line 3632 of file TAuthenticate.cxx.

Referenced by GenRSAKeys().

const char* TAuthenticate::GetRemoteHost ( ) const
inline

Definition at line 157 of file TAuthenticate.h.

Referenced by Krb5Authenticate().

Int_t TAuthenticate::GetRSAInit ( )
static

Static method returning the RSA initialization flag.

Definition at line 1447 of file TAuthenticate.cxx.

Int_t TAuthenticate::GetRSAKey ( ) const
inlineprivate

Definition at line 90 of file TAuthenticate.h.

Int_t TAuthenticate::GetRSAKeyType ( ) const
inline

Definition at line 158 of file TAuthenticate.h.

Referenced by Krb5Authenticate().

const char * TAuthenticate::GetRSAPubExport ( Int_t  key = 0)
static

Static method returning the RSA public keys.

Definition at line 1438 of file TAuthenticate.cxx.

TRootSecContext* TAuthenticate::GetSecContext ( ) const
inline

Definition at line 159 of file TAuthenticate.h.

Referenced by TRootAuth::Authenticate().

ESecurity TAuthenticate::GetSecurity ( ) const
inlineprivate

Definition at line 91 of file TAuthenticate.h.

TSocket* TAuthenticate::GetSocket ( ) const
inline

Definition at line 160 of file TAuthenticate.h.

Referenced by Krb5Authenticate().

Bool_t TAuthenticate::GetSRPPwd ( ) const
inlineprivate

Definition at line 92 of file TAuthenticate.h.

const char * TAuthenticate::GetSshUser ( TString  user) const
private

Method returning the user to be used for the ssh login.

Looks first at SSH.Login and finally at env USER. If SSH.LoginPrompt is set to 'yes' it prompts for the 'login name'

Definition at line 2171 of file TAuthenticate.cxx.

Referenced by SshAuth().

const char* TAuthenticate::GetUser ( ) const
inline

Definition at line 161 of file TAuthenticate.h.

Referenced by TRootAuth::Authenticate(), and Krb5Authenticate().

Bool_t TAuthenticate::GetUserPasswd ( TString user,
TString passwd,
Bool_t pwhash,
Bool_t  srppwd 
)
private

Try to get user name and passwd from several sources.

Definition at line 1041 of file TAuthenticate.cxx.

Referenced by Authenticate().

Int_t TAuthenticate::GetVersion ( ) const
inlineprivate

Definition at line 94 of file TAuthenticate.h.

THostAuth * TAuthenticate::HasHostAuth ( const char *  host,
const char *  user,
Option_t opt = "R" 
)
static

Checks if a THostAuth with exact match for {host,user} exists in the fgAuthInfo list If opt = "P" use ProofAuthInfo list instead Returns pointer to it or 0.

Definition at line 2899 of file TAuthenticate.cxx.

Referenced by MergeHostAuthList().

Int_t TAuthenticate::HasTimedOut ( ) const
inline

Definition at line 162 of file TAuthenticate.h.

Referenced by TRootAuth::Authenticate().

void TAuthenticate::InitRandom ( )
static

Initialize random machine using seed from /dev/urandom (or current time if /dev/urandom not available).

Definition at line 3360 of file TAuthenticate.cxx.

Referenced by GenRSAKeys(), and GetRandString().

void TAuthenticate::MergeHostAuthList ( TList std,
TList nin,
Option_t opt = "" 
)
static

Tool for updating fgAuthInfo or fgProofAuthInfo 'nin' contains list of last input information through (re)reading of a rootauthrc-alike file.

'nin' info has priority. 'std' is cleaned from inactive members. 'nin' members used to update existing members in 'std' are removed from 'nin', do that they do not leak opt = "P" for proofauthinfo.

Definition at line 4574 of file TAuthenticate.cxx.

Referenced by ReadRootAuthrc().

char * TAuthenticate::PromptPasswd ( const char *  prompt = "Password: ")
static

Static method to prompt for the user's passwd to be used for authentication to rootd or proofd.

Uses non-echoing command line to get passwd. Returns passwd (which must de deleted by caller) or 0. If non-interactive run (eg ProofServ) returns -1

Definition at line 1378 of file TAuthenticate.cxx.

Referenced by ClearAuth().

char * TAuthenticate::PromptUser ( const char *  remote)
static

Static method to prompt for the user name to be used for authentication to rootd or proofd.

User is asked to type user name. Returns user name (which must be deleted by caller) or 0. If non-interactive run (eg ProofServ) returns default user.

Definition at line 1338 of file TAuthenticate.cxx.

Referenced by Authenticate(), GetSshUser(), and GetUserPasswd().

Int_t TAuthenticate::ProofAuthSetup ( )
private

Authentication related stuff setup in TProofServ.

This is the place where the buffer send by the client / master is decoded. It contains also password information, if the case requires. Return 0 on success, -1 on failure.

Definition at line 4662 of file TAuthenticate.cxx.

Referenced by TRootAuth::Authenticate(), and TAuthenticate().

Int_t TAuthenticate::ProofAuthSetup ( TSocket sock,
Bool_t  client 
)
staticprivate

Setup of authetication related stuff in PROOF run after a successful authentication.

Return 0 on success, -1 on failure.

Definition at line 4784 of file TAuthenticate.cxx.

Int_t TAuthenticate::ReadRootAuthrc ( )
static

Read authentication directives from $ROOTAUTHRC, $HOME/.rootauthrc or <Root_etc_dir>/system.rootauthrc and create related THostAuth objects.

Files are read only if they changed since last reading If 'proofconf' is defined, check also file proofconf for directives

Definition at line 4096 of file TAuthenticate.cxx.

Referenced by RecvHostAuth(), and TAuthenticate().

void TAuthenticate::RemoveHostAuth ( THostAuth ha,
Option_t opt = "" 
)
static

Remove THostAuth instance from the list.

Definition at line 3090 of file TAuthenticate.cxx.

void TAuthenticate::RemoveSecContext ( TRootSecContext ctx)
staticprivate

Tool for removing SecContext ctx from THostAuth listed in fgAuthInfo or fgProofAuthInfo.

Definition at line 4624 of file TAuthenticate.cxx.

Referenced by TRootSecContext::DeActivate().

Int_t TAuthenticate::RfioAuth ( TString username)
private

UidGid client authentication code.

Returns 0 in case authentication failed 1 in case of success <0 in case of system error

Definition at line 2264 of file TAuthenticate.cxx.

Referenced by Authenticate().

Int_t TAuthenticate::SecureRecv ( TSocket sock,
Int_t  dec,
Int_t  key,
char **  str 
)
static

Receive str from sock and decode it using key indicated by key type Return number of received bytes or -1 in case of error.

dec = 1 for private decoding, dec = 2 for public decoding

Definition at line 3751 of file TAuthenticate.cxx.

Referenced by ClearAuth(), Krb5Authenticate(), OldProofServAuthSetup(), and SshAuth().

Int_t TAuthenticate::SecureSend ( TSocket sock,
Int_t  enc,
Int_t  key,
const char *  str 
)
static

Encode null terminated str using the session private key indicated by enc and sends it over the network Returns number of bytes sent, or -1 in case of error.

enc = 1 for private encoding, enc = 2 for public encoding

Definition at line 3690 of file TAuthenticate.cxx.

Referenced by AuthExists(), TRootSecContext::CleanupSecContext(), ClearAuth(), OldSlaveAuthSetup(), and ProofAuthSetup().

Int_t TAuthenticate::SendRSAPublicKey ( TSocket Socket,
Int_t  key = 0 
)
static

Receives server RSA Public key Sends local RSA public key encoded.

Definition at line 4001 of file TAuthenticate.cxx.

Referenced by ClearAuth(), Krb5Authenticate(), and SshAuth().

void TAuthenticate::SetAuthReUse ( Bool_t  authreuse)
static

Set global AuthReUse flag.

Definition at line 1613 of file TAuthenticate.cxx.

void TAuthenticate::SetDefaultRSAKeyType ( Int_t  key)
static

Static method setting the default type of RSA key.

Definition at line 1455 of file TAuthenticate.cxx.

Referenced by OldProofServAuthSetup(), and ProofAuthSetup().

void TAuthenticate::SetDefaultUser ( const char *  defaultuser)
static

Set default user name.

Definition at line 1593 of file TAuthenticate.cxx.

void TAuthenticate::SetEnvironment ( )
private

Set default authentication environment.

The values are inferred from fSecurity and fDetails.

Definition at line 856 of file TAuthenticate.cxx.

Referenced by Authenticate().

void TAuthenticate::SetGlobalExpDate ( TDatime  expdate)
static

Set default expiring date for new validity contexts.

Definition at line 1585 of file TAuthenticate.cxx.

void TAuthenticate::SetGlobalPasswd ( const char *  passwd)
static

Set global passwd to be used for authentication to rootd or proofd.

Definition at line 1545 of file TAuthenticate.cxx.

Referenced by OldProofServAuthSetup(), and ProofAuthSetup().

void TAuthenticate::SetGlobalPwHash ( Bool_t  pwhash)
static

Set global passwd hash flag to be used for authentication to rootd or proofd.

Definition at line 1559 of file TAuthenticate.cxx.

Referenced by OldProofServAuthSetup(), and ProofAuthSetup().

void TAuthenticate::SetGlobalSRPPwd ( Bool_t  srppwd)
static

Set global SRP passwd flag to be used for authentication to rootd or proofd.

Definition at line 1567 of file TAuthenticate.cxx.

Referenced by OldProofServAuthSetup(), and ProofAuthSetup().

void TAuthenticate::SetGlobalUser ( const char *  user)
static

Set global user name to be used for authentication to rootd or proofd.

Definition at line 1531 of file TAuthenticate.cxx.

Referenced by OldProofServAuthSetup(), and ProofAuthSetup().

void TAuthenticate::SetGlobusAuthHook ( GlobusAuth_t  func)
static

Set Globus authorization function.

Automatically called when libGlobusAuth is loaded.

Definition at line 1648 of file TAuthenticate.cxx.

void TAuthenticate::SetKrb5AuthHook ( Krb5Auth_t  func)
static

Set kerberos5 authorization function.

Automatically called when libKrb5Auth is loaded.

Definition at line 1639 of file TAuthenticate.cxx.

void TAuthenticate::SetPromptUser ( Bool_t  promptuser)
static

Set global PromptUser flag.

Definition at line 1621 of file TAuthenticate.cxx.

void TAuthenticate::SetReadHomeAuthrc ( Bool_t  readhomeauthrc)
static

Set flag controlling the reading of $HOME/.rootauthrc.

In PROOF the administrator may want to switch off private settings. Always true, may only be set false via option to proofd.

Definition at line 1577 of file TAuthenticate.cxx.

Referenced by OldProofServAuthSetup(), and ProofAuthSetup().

void TAuthenticate::SetRSAInit ( Int_t  init = 1)
static

Static method setting RSA initialization flag.

Definition at line 1464 of file TAuthenticate.cxx.

void TAuthenticate::SetRSAKeyType ( Int_t  key)
inline

Definition at line 163 of file TAuthenticate.h.

Int_t TAuthenticate::SetRSAPublic ( const char *  rsaPubExport,
Int_t  klen 
)
static

Store RSA public keys from export string rsaPubExport.

Returns type of stored key, or -1 is not recognized

Definition at line 3923 of file TAuthenticate.cxx.

Referenced by OldProofServAuthSetup().

void TAuthenticate::SetSecContext ( TRootSecContext ctx)
inline

Definition at line 164 of file TAuthenticate.h.

Referenced by Krb5Authenticate().

void TAuthenticate::SetSecureAuthHook ( SecureAuth_t  func)
static

Set secure authorization function.

Automatically called when libSRPAuth is loaded.

Definition at line 1630 of file TAuthenticate.cxx.

void TAuthenticate::SetTimeOut ( Int_t  to)
static

Set timeout (active if > 0)

Definition at line 1605 of file TAuthenticate.cxx.

void TAuthenticate::Show ( Option_t opt = "S")
static

Print info about the authentication sector.

If 'opt' contains 's' or 'S' prints information about established TSecContext, else prints information about THostAuth (if 'opt' is 'p' or 'P', prints Proof related information)

Definition at line 3106 of file TAuthenticate.cxx.

Referenced by ReadRootAuthrc(), and TAuthenticate().

Int_t TAuthenticate::SshAuth ( TString user)
private

SSH client authentication code.

Definition at line 1707 of file TAuthenticate.cxx.

Referenced by Authenticate().

Int_t TAuthenticate::SshError ( const char *  errfile)
private

SSH error parsing: returns 0 : no error or fatal 1 : should retry (eg 'connection closed by remote host')

Definition at line 1658 of file TAuthenticate.cxx.

Referenced by SshAuth().

Friends And Related Function Documentation

friend class TRootAuth
friend

Definition at line 65 of file TAuthenticate.h.

friend class TRootSecContext
friend

Definition at line 66 of file TAuthenticate.h.

friend class TSocket
friend

Definition at line 67 of file TAuthenticate.h.

Referenced by SshAuth().

Member Data Documentation

TString TAuthenticate::fDetails
private

Definition at line 73 of file TAuthenticate.h.

Referenced by Authenticate(), AuthExists(), ClearAuth(), RfioAuth(), SetEnvironment(), and SshAuth().

TList * TAuthenticate::fgAuthInfo = 0
staticprivate

Definition at line 105 of file TAuthenticate.h.

Referenced by GetAuthInfo().

TString TAuthenticate::fgAuthMeth
staticprivate
Initial value:
= { "UsrPwd", "SRP", "Krb5",
"Globus", "SSH", "UidGid" }

Definition at line 106 of file TAuthenticate.h.

Referenced by Authenticate(), AuthExists(), CatchTimeOut(), GetAuthMethod(), and GetAuthMethodIdx().

Bool_t TAuthenticate::fgAuthReUse
staticprivate

Definition at line 107 of file TAuthenticate.h.

Referenced by ClearAuth(), GetAuthReUse(), SetAuthReUse(), SetEnvironment(), and SshAuth().

Int_t TAuthenticate::fgAuthTO = -2
staticprivate

Definition at line 134 of file TAuthenticate.h.

Referenced by Authenticate(), CatchTimeOut(), SetTimeOut(), and TAuthenticate().

TString TAuthenticate::fgDefaultUser
staticprivate
TDatime TAuthenticate::fgExpDate
staticprivate
GlobusAuth_t TAuthenticate::fgGlobusAuthHook
staticprivate

Definition at line 110 of file TAuthenticate.h.

Referenced by Authenticate(), GetGlobusAuthHook(), and SetGlobusAuthHook().

Krb5Auth_t TAuthenticate::fgKrb5AuthHook
staticprivate

Definition at line 111 of file TAuthenticate.h.

Referenced by Authenticate(), and SetKrb5AuthHook().

TString TAuthenticate::fgKrb5Principal
staticprivate

Definition at line 112 of file TAuthenticate.h.

Referenced by GetKrb5Principal(), and SetEnvironment().

TDatime TAuthenticate::fgLastAuthrc
staticprivate

Definition at line 113 of file TAuthenticate.h.

Referenced by ReadRootAuthrc().

Int_t TAuthenticate::fgLastError = -1
staticprivate

Definition at line 133 of file TAuthenticate.h.

Referenced by AuthError().

TString TAuthenticate::fgPasswd
staticprivate

Definition at line 114 of file TAuthenticate.h.

Referenced by ClearAuth(), GetUserPasswd(), and SetGlobalPasswd().

TPluginHandler * TAuthenticate::fgPasswdDialog = (TPluginHandler *)(-1)
staticprivate

Definition at line 115 of file TAuthenticate.h.

Referenced by PromptPasswd().

Int_t TAuthenticate::fgProcessID = -1
staticprivate
Bool_t TAuthenticate::fgPromptUser
staticprivate
TList * TAuthenticate::fgProofAuthInfo = 0
staticprivate

Definition at line 117 of file TAuthenticate.h.

Referenced by GetProofAuthInfo().

Bool_t TAuthenticate::fgPwHash
staticprivate

Definition at line 118 of file TAuthenticate.h.

Referenced by ClearAuth(), GetGlobalPwHash(), GetUserPasswd(), and SetGlobalPwHash().

Bool_t TAuthenticate::fgReadHomeAuthrc = kTRUE
staticprivate

Definition at line 119 of file TAuthenticate.h.

Referenced by ReadRootAuthrc(), and SetReadHomeAuthrc().

TString TAuthenticate::fgRootAuthrc
staticprivate

Definition at line 120 of file TAuthenticate.h.

Referenced by ReadRootAuthrc().

Int_t TAuthenticate::fgRSAInit = 0
staticprivate

Definition at line 122 of file TAuthenticate.h.

Referenced by GenRSAKeys(), GetRSAInit(), SetRSAInit(), and TAuthenticate().

Int_t TAuthenticate::fgRSAKey = -1
staticprivate

Definition at line 121 of file TAuthenticate.h.

Referenced by ClearAuth(), GenRSAKeys(), SetDefaultRSAKeyType(), and TAuthenticate().

rsa_KEY TAuthenticate::fgRSAPriKey
staticprivate

Definition at line 123 of file TAuthenticate.h.

Referenced by GenRSAKeys(), SecureRecv(), and SecureSend().

rsa_KEY_export TAuthenticate::fgRSAPubExport = {{0,0},{0,0}}
staticprivate

Definition at line 125 of file TAuthenticate.h.

Referenced by GenRSAKeys(), GetRSAPubExport(), SendRSAPublicKey(), and SshAuth().

rsa_KEY TAuthenticate::fgRSAPubKey
staticprivate

Definition at line 124 of file TAuthenticate.h.

Referenced by GenRSAKeys(), SecureRecv(), SecureSend(), and SetRSAPublic().

SecureAuth_t TAuthenticate::fgSecAuthHook
staticprivate

Definition at line 129 of file TAuthenticate.h.

Referenced by Authenticate(), and SetSecureAuthHook().

Bool_t TAuthenticate::fgSRPPwd
staticprivate

Definition at line 130 of file TAuthenticate.h.

Referenced by ClearAuth(), GetGlobalSRPPwd(), GetUserPasswd(), and SetGlobalSRPPwd().

TString TAuthenticate::fgUser
staticprivate
Bool_t TAuthenticate::fgUsrPwdCrypt
staticprivate

Definition at line 132 of file TAuthenticate.h.

Referenced by ClearAuth(), and SetEnvironment().

THostAuth* TAuthenticate::fHostAuth
private
TString TAuthenticate::fPasswd
private

Definition at line 75 of file TAuthenticate.h.

Referenced by Authenticate(), ClearAuth(), and TAuthenticate().

TString TAuthenticate::fProtocol
private

Definition at line 76 of file TAuthenticate.h.

Referenced by AuthExists(), ClearAuth(), GetProtocol(), RfioAuth(), and TAuthenticate().

Bool_t TAuthenticate::fPwHash
private

Definition at line 77 of file TAuthenticate.h.

Referenced by Authenticate(), ClearAuth(), GetPwHash(), and TAuthenticate().

TString TAuthenticate::fRemote
private
Int_t TAuthenticate::fRSAKey
private

Definition at line 79 of file TAuthenticate.h.

Referenced by ClearAuth(), GetRSAKey(), GetRSAKeyType(), SshAuth(), and TAuthenticate().

TRootSecContext* TAuthenticate::fSecContext
private
ESecurity TAuthenticate::fSecurity
private

Definition at line 81 of file TAuthenticate.h.

Referenced by Authenticate(), CatchTimeOut(), CheckNetrc(), GetSecurity(), and SetEnvironment().

TSocket* TAuthenticate::fSocket
private
Bool_t TAuthenticate::fSRPPwd
private

Definition at line 83 of file TAuthenticate.h.

Referenced by Authenticate(), ClearAuth(), GetSRPPwd(), and TAuthenticate().

Int_t TAuthenticate::fTimeOut
private

Definition at line 86 of file TAuthenticate.h.

Referenced by Authenticate(), CatchTimeOut(), and HasTimedOut().

TString TAuthenticate::fUser
private
Int_t TAuthenticate::fVersion
private

Definition at line 84 of file TAuthenticate.h.

Referenced by Authenticate(), ClearAuth(), GetVersion(), SshAuth(), and TAuthenticate().


The documentation for this class was generated from the following files: