ROOT
6.06/09
Reference Guide
|
Definition at line 63 of file TAuthenticate.h.
Public Types | |
enum | ESecurity { kClear, kSRP, kKrb5, kGlobus, kSSH, kRfio } |
Public Types inherited from TObject | |
enum | EStatusBits { kCanDelete = BIT(0), kMustCleanup = BIT(3), kObjInCanvas = BIT(3), kIsReferenced = BIT(4), kHasUUID = BIT(5), kCannotPick = BIT(6), kNoContextMenu = BIT(8), kInvalidObject = BIT(13) } |
enum | { kIsOnHeap = 0x01000000, kNotDeleted = 0x02000000, kZombie = 0x04000000, kBitMask = 0x00ffffff } |
enum | { kSingleKey = BIT(0), kOverwrite = BIT(1), kWriteDelete = BIT(2) } |
Public Member Functions | |
TAuthenticate (TSocket *sock, const char *remote, const char *proto, const char *user="") | |
Create authentication object. More... | |
virtual | ~TAuthenticate () |
Bool_t | Authenticate () |
Authenticate to remote rootd or proofd server. More... | |
Int_t | AuthExists (TString User, Int_t method, const char *Options, Int_t *Message, Int_t *Rflag, CheckSecCtx_t funcheck) |
Check if we have a valid established sec context in memory Retrieves relevant info and negotiates with server. More... | |
void | CatchTimeOut () |
Called in connection with a timer timeout. More... | |
Bool_t | CheckNetrc (TString &user, TString &passwd) |
Try to get user name and passwd from the ~/.rootnetrc or ~/.netrc files. More... | |
Bool_t | CheckNetrc (TString &user, TString &passwd, Bool_t &pwhash, Bool_t srppwd) |
Try to get user name and passwd from the ~/.rootnetrc or ~/.netrc files. More... | |
THostAuth * | GetHostAuth () const |
const char * | GetProtocol () const |
const char * | GetRemoteHost () const |
Int_t | GetRSAKeyType () const |
TRootSecContext * | GetSecContext () const |
TSocket * | GetSocket () const |
const char * | GetUser () const |
Int_t | HasTimedOut () const |
void | SetRSAKeyType (Int_t key) |
void | SetSecContext (TRootSecContext *ctx) |
Public Member Functions inherited from TObject | |
TObject () | |
TObject (const TObject &object) | |
TObject copy ctor. More... | |
TObject & | operator= (const TObject &rhs) |
TObject assignment operator. More... | |
virtual | ~TObject () |
TObject destructor. More... | |
virtual void | AppendPad (Option_t *option="") |
Append graphics object to current pad. More... | |
virtual void | Browse (TBrowser *b) |
Browse object. May be overridden for another default action. More... | |
virtual const char * | ClassName () const |
Returns name of class to which the object belongs. More... | |
virtual void | Clear (Option_t *="") |
virtual TObject * | Clone (const char *newname="") const |
Make a clone of an object using the Streamer facility. More... | |
virtual Int_t | Compare (const TObject *obj) const |
Compare abstract method. More... | |
virtual void | Copy (TObject &object) const |
Copy this to obj. More... | |
virtual void | Delete (Option_t *option="") |
Delete this object. More... | |
virtual Int_t | DistancetoPrimitive (Int_t px, Int_t py) |
Computes distance from point (px,py) to the object. More... | |
virtual void | Draw (Option_t *option="") |
Default Draw method for all objects. More... | |
virtual void | DrawClass () const |
Draw class inheritance tree of the class to which this object belongs. More... | |
virtual TObject * | DrawClone (Option_t *option="") const |
Draw a clone of this object in the current pad. More... | |
virtual void | Dump () const |
Dump contents of object on stdout. More... | |
virtual void | Execute (const char *method, const char *params, Int_t *error=0) |
Execute method on this object with the given parameter string, e.g. More... | |
virtual void | Execute (TMethod *method, TObjArray *params, Int_t *error=0) |
Execute method on this object with parameters stored in the TObjArray. More... | |
virtual void | ExecuteEvent (Int_t event, Int_t px, Int_t py) |
Execute action corresponding to an event at (px,py). More... | |
virtual TObject * | FindObject (const char *name) const |
Must be redefined in derived classes. More... | |
virtual TObject * | FindObject (const TObject *obj) const |
Must be redefined in derived classes. More... | |
virtual Option_t * | GetDrawOption () const |
Get option used by the graphics system to draw this object. More... | |
virtual UInt_t | GetUniqueID () const |
Return the unique object id. More... | |
virtual const char * | GetName () const |
Returns name of object. More... | |
virtual const char * | GetIconName () const |
Returns mime type name of object. More... | |
virtual Option_t * | GetOption () const |
virtual char * | GetObjectInfo (Int_t px, Int_t py) const |
Returns string containing info about the object at position (px,py). More... | |
virtual const char * | GetTitle () const |
Returns title of object. More... | |
virtual Bool_t | HandleTimer (TTimer *timer) |
Execute action in response of a timer timing out. More... | |
virtual ULong_t | Hash () const |
Return hash value for this object. More... | |
virtual Bool_t | InheritsFrom (const char *classname) const |
Returns kTRUE if object inherits from class "classname". More... | |
virtual Bool_t | InheritsFrom (const TClass *cl) const |
Returns kTRUE if object inherits from TClass cl. More... | |
virtual void | Inspect () const |
Dump contents of this object in a graphics canvas. More... | |
virtual Bool_t | IsFolder () const |
Returns kTRUE in case object contains browsable objects (like containers or lists of other objects). More... | |
virtual Bool_t | IsEqual (const TObject *obj) const |
Default equal comparison (objects are equal if they have the same address in memory). More... | |
virtual Bool_t | IsSortable () const |
Bool_t | IsOnHeap () const |
Bool_t | IsZombie () const |
virtual Bool_t | Notify () |
This method must be overridden to handle object notification. More... | |
virtual void | ls (Option_t *option="") const |
The ls function lists the contents of a class on stdout. More... | |
virtual void | Paint (Option_t *option="") |
This method must be overridden if a class wants to paint itself. More... | |
virtual void | Pop () |
Pop on object drawn in a pad to the top of the display list. More... | |
virtual void | Print (Option_t *option="") const |
This method must be overridden when a class wants to print itself. More... | |
virtual Int_t | Read (const char *name) |
Read contents of object with specified name from the current directory. More... | |
virtual void | RecursiveRemove (TObject *obj) |
Recursively remove this object from a list. More... | |
virtual void | SaveAs (const char *filename="", Option_t *option="") const |
Save this object in the file specified by filename. More... | |
virtual void | SavePrimitive (std::ostream &out, Option_t *option="") |
Save a primitive as a C++ statement(s) on output stream "out". More... | |
virtual void | SetDrawOption (Option_t *option="") |
Set drawing option for object. More... | |
virtual void | SetUniqueID (UInt_t uid) |
Set the unique object id. More... | |
virtual void | UseCurrentStyle () |
Set current style settings in this object This function is called when either TCanvas::UseCurrentStyle or TROOT::ForceStyle have been invoked. More... | |
virtual Int_t | Write (const char *name=0, Int_t option=0, Int_t bufsize=0) |
Write this object to the current directory. More... | |
virtual Int_t | Write (const char *name=0, Int_t option=0, Int_t bufsize=0) const |
Write this object to the current directory. More... | |
void * | operator new (size_t sz) |
void * | operator new[] (size_t sz) |
void * | operator new (size_t sz, void *vp) |
void * | operator new[] (size_t sz, void *vp) |
void | operator delete (void *ptr) |
Operator delete. More... | |
void | operator delete[] (void *ptr) |
Operator delete []. More... | |
void | SetBit (UInt_t f, Bool_t set) |
Set or unset the user status bits as specified in f. More... | |
void | SetBit (UInt_t f) |
void | ResetBit (UInt_t f) |
Bool_t | TestBit (UInt_t f) const |
Int_t | TestBits (UInt_t f) const |
void | InvertBit (UInt_t f) |
virtual void | Info (const char *method, const char *msgfmt,...) const |
Issue info message. More... | |
virtual void | Warning (const char *method, const char *msgfmt,...) const |
Issue warning message. More... | |
virtual void | Error (const char *method, const char *msgfmt,...) const |
Issue error message. More... | |
virtual void | SysError (const char *method, const char *msgfmt,...) const |
Issue system error message. More... | |
virtual void | Fatal (const char *method, const char *msgfmt,...) const |
Issue fatal error message. More... | |
void | AbstractMethod (const char *method) const |
Use this method to implement an "abstract" method that you don't want to leave purely abstract. More... | |
void | MayNotUse (const char *method) const |
Use this method to signal that a method (defined in a base class) may not be called in a derived class (in principle against good design since a child class should not provide less functionality than its parent, however, sometimes it is necessary). More... | |
void | Obsolete (const char *method, const char *asOfVers, const char *removedFromVers) const |
Use this method to declare a method obsolete. More... | |
Static Public Member Functions | |
static void | AuthError (const char *where, Int_t error) |
Print error string depending on error code. More... | |
static Bool_t | CheckProofAuth (Int_t cSec, TString &det) |
Check if the authentication method can be attempted for the client. More... | |
static Int_t | DecodeRSAPublic (const char *rsapubexport, rsa_NUMBER &n, rsa_NUMBER &d, char **rsassl=0) |
Store RSA public keys from export string rsaPubExport. More... | |
static TList * | GetAuthInfo () |
Static method returning the list with authentication details. More... | |
static const char * | GetAuthMethod (Int_t idx) |
Static method returning the method corresponding to idx. More... | |
static Int_t | GetAuthMethodIdx (const char *meth) |
Static method returning the method index (which can be used to find the method in GetAuthMethod()). More... | |
static Bool_t | GetAuthReUse () |
Static method returning the authentication reuse settings. More... | |
static Int_t | GetClientProtocol () |
Static method returning supported client protocol. More... | |
static char * | GetDefaultDetails (Int_t method, Int_t opt, const char *user) |
Determine default authentication details for method 'sec' and user 'usr'. More... | |
static const char * | GetDefaultUser () |
Static method returning the default user information. More... | |
static TDatime | GetGlobalExpDate () |
Static method returning default expiring date for new validity contexts. More... | |
static Bool_t | GetGlobalPwHash () |
Static method returning the global password hash flag. More... | |
static Bool_t | GetGlobalSRPPwd () |
Static method returning the global SRP password flag. More... | |
static const char * | GetGlobalUser () |
Static method returning the global user. More... | |
static GlobusAuth_t | GetGlobusAuthHook () |
Static method returning the globus authorization hook. More... | |
static THostAuth * | GetHostAuth (const char *host, const char *user="", Option_t *opt="R", Int_t *Exact=0) |
Sets fUser=user and search fgAuthInfo for the entry pertaining to (host,user), setting fHostAuth accordingly. More... | |
static const char * | GetKrb5Principal () |
Static method returning the principal to be used to init Krb5 tickets. More... | |
static Bool_t | GetPromptUser () |
Static method returning the prompt user settings. More... | |
static TList * | GetProofAuthInfo () |
Static method returning the list with authentication directives to be sent to proof. More... | |
static Int_t | GetRSAInit () |
Static method returning the RSA initialization flag. More... | |
static const char * | GetRSAPubExport (Int_t key=0) |
Static method returning the RSA public keys. More... | |
static THostAuth * | HasHostAuth (const char *host, const char *user, Option_t *opt="R") |
Checks if a THostAuth with exact match for {host,user} exists in the fgAuthInfo list If opt = "P" use ProofAuthInfo list instead Returns pointer to it or 0. More... | |
static void | InitRandom () |
Initialize random machine using seed from /dev/urandom (or current time if /dev/urandom not available). More... | |
static void | MergeHostAuthList (TList *Std, TList *New, Option_t *Opt="") |
Tool for updating fgAuthInfo or fgProofAuthInfo 'nin' contains list of last input information through (re)reading of a rootauthrc-alike file. More... | |
static char * | PromptPasswd (const char *prompt="Password: ") |
Static method to prompt for the user's passwd to be used for authentication to rootd or proofd. More... | |
static char * | PromptUser (const char *remote) |
Static method to prompt for the user name to be used for authentication to rootd or proofd. More... | |
static Int_t | ReadRootAuthrc () |
Read authentication directives from $ROOTAUTHRC, $HOME/.rootauthrc or <Root_etc_dir>/system.rootauthrc and create related THostAuth objects. More... | |
static void | RemoveHostAuth (THostAuth *ha, Option_t *opt="") |
Remove THostAuth instance from the list. More... | |
static Int_t | SecureRecv (TSocket *Socket, Int_t dec, Int_t KeyType, char **Out) |
Receive str from sock and decode it using key indicated by key type Return number of received bytes or -1 in case of error. More... | |
static Int_t | SecureSend (TSocket *Socket, Int_t enc, Int_t KeyType, const char *In) |
Encode null terminated str using the session private key indicated by enc and sends it over the network Returns number of bytes sent, or -1 in case of error. More... | |
static Int_t | SendRSAPublicKey (TSocket *Socket, Int_t key=0) |
Receives server RSA Public key Sends local RSA public key encoded. More... | |
static void | SetAuthReUse (Bool_t authreuse) |
Set global AuthReUse flag. More... | |
static void | SetDefaultUser (const char *defaultuser) |
Set default user name. More... | |
static void | SetGlobalExpDate (TDatime expdate) |
Set default expiring date for new validity contexts. More... | |
static void | SetGlobalPasswd (const char *passwd) |
Set global passwd to be used for authentication to rootd or proofd. More... | |
static void | SetGlobalPwHash (Bool_t pwhash) |
Set global passwd hash flag to be used for authentication to rootd or proofd. More... | |
static void | SetGlobalSRPPwd (Bool_t srppwd) |
Set global SRP passwd flag to be used for authentication to rootd or proofd. More... | |
static void | SetGlobalUser (const char *user) |
Set global user name to be used for authentication to rootd or proofd. More... | |
static void | SetGlobusAuthHook (GlobusAuth_t func) |
Set Globus authorization function. More... | |
static void | SetKrb5AuthHook (Krb5Auth_t func) |
Set kerberos5 authorization function. More... | |
static void | SetPromptUser (Bool_t promptuser) |
Set global PromptUser flag. More... | |
static void | SetDefaultRSAKeyType (Int_t key) |
Static method setting the default type of RSA key. More... | |
static void | SetReadHomeAuthrc (Bool_t readhomeauthrc) |
Set flag controlling the reading of $HOME/.rootauthrc. More... | |
static void | SetRSAInit (Int_t init=1) |
Static method setting RSA initialization flag. More... | |
static Int_t | SetRSAPublic (const char *rsapubexport, Int_t klen) |
Store RSA public keys from export string rsaPubExport. More... | |
static void | SetSecureAuthHook (SecureAuth_t func) |
Set secure authorization function. More... | |
static void | SetTimeOut (Int_t to) |
Set timeout (active if > 0) More... | |
static void | Show (Option_t *opt="S") |
Print info about the authentication sector. More... | |
Static Public Member Functions inherited from TObject | |
static Long_t | GetDtorOnly () |
Return destructor only flag. More... | |
static void | SetDtorOnly (void *obj) |
Set destructor only flag. More... | |
static Bool_t | GetObjectStat () |
Get status of object stat flag. More... | |
static void | SetObjectStat (Bool_t stat) |
Turn on/off tracking of objects in the TObjectTable. More... | |
Private Member Functions | |
Int_t | GenRSAKeys () |
Generate a valid pair of private/public RSA keys to protect for authentication token exchange. More... | |
Bool_t | GetPwHash () const |
Int_t | GetRSAKey () const |
ESecurity | GetSecurity () const |
Bool_t | GetSRPPwd () const |
const char * | GetSshUser (TString user) const |
Method returning the user to be used for the ssh login. More... | |
Int_t | GetVersion () const |
Int_t | ClearAuth (TString &user, TString &passwd, Bool_t &pwhash) |
UsrPwd client authentication code. More... | |
Bool_t | GetUserPasswd (TString &user, TString &passwd, Bool_t &pwhash, Bool_t srppwd) |
Try to get user name and passwd from several sources. More... | |
char * | GetRandString (Int_t Opt, Int_t Len) |
Allocates and fills a 0 terminated buffer of length len+1 with len random characters. More... | |
Int_t | ProofAuthSetup () |
Authentication related stuff setup in TProofServ. More... | |
Int_t | RfioAuth (TString &user) |
UidGid client authentication code. More... | |
void | SetEnvironment () |
Set default authentication environment. More... | |
Int_t | SshAuth (TString &user) |
SSH client authentication code. More... | |
Int_t | SshError (const char *errfile) |
SSH error parsing: returns 0 : no error or fatal 1 : should retry (eg 'connection closed by remote host') More... | |
Static Private Member Functions | |
static Bool_t | CheckHost (const char *Host, const char *host) |
Check if 'host' matches 'href': this means either equal or "containing" it, even with wild cards * in the first field (in the case 'href' is a name, ie not IP address) Returns kTRUE if the two matches. More... | |
static void | FileExpand (const char *fin, FILE *ftmp) |
Expands include directives found in fexp files The expanded, temporary file, is pointed to by 'ftmp' and should be already open. More... | |
static Int_t | ProofAuthSetup (TSocket *sock, Bool_t client) |
Setup of authetication related stuff in PROOF run after a successful authentication. More... | |
static void | RemoveSecContext (TRootSecContext *ctx) |
Tool for removing SecContext ctx from THostAuth listed in fgAuthInfo or fgProofAuthInfo. More... | |
Static Private Attributes | |
static TList * | fgAuthInfo = 0 |
static TString | fgAuthMeth [kMAXSEC] |
static Bool_t | fgAuthReUse |
static TString | fgDefaultUser |
static TDatime | fgExpDate |
static GlobusAuth_t | fgGlobusAuthHook |
static Krb5Auth_t | fgKrb5AuthHook |
static TString | fgKrb5Principal |
static TDatime | fgLastAuthrc |
static TString | fgPasswd |
static TPluginHandler * | fgPasswdDialog = (TPluginHandler *)(-1) |
static Bool_t | fgPromptUser |
static TList * | fgProofAuthInfo = 0 |
static Bool_t | fgPwHash |
static Bool_t | fgReadHomeAuthrc = kTRUE |
static TString | fgRootAuthrc |
static Int_t | fgRSAKey = -1 |
static Int_t | fgRSAInit = 0 |
static rsa_KEY | fgRSAPriKey |
static rsa_KEY | fgRSAPubKey |
static rsa_KEY_export | fgRSAPubExport [2] = {{0,0},{0,0}} |
static SecureAuth_t | fgSecAuthHook |
static Bool_t | fgSRPPwd |
static TString | fgUser |
static Bool_t | fgUsrPwdCrypt |
static Int_t | fgLastError = -1 |
static Int_t | fgAuthTO = -2 |
static Int_t | fgProcessID = -1 |
Friends | |
class | TRootAuth |
class | TRootSecContext |
class | TSocket |
Additional Inherited Members | |
Protected Member Functions inherited from TObject | |
void | MakeZombie () |
virtual void | DoError (int level, const char *location, const char *fmt, va_list va) const |
Interface to ErrorHandler (protected). More... | |
#include <TAuthenticate.h>
Enumerator | |
---|---|
kClear | |
kSRP | |
kKrb5 | |
kGlobus | |
kSSH | |
kRfio |
Definition at line 70 of file TAuthenticate.h.
TAuthenticate::TAuthenticate | ( | TSocket * | sock, |
const char * | remote, | ||
const char * | proto, | ||
const char * | user = "" |
||
) |
Create authentication object.
Definition at line 162 of file TAuthenticate.cxx.
|
inlinevirtual |
Definition at line 146 of file TAuthenticate.h.
Bool_t TAuthenticate::Authenticate | ( | ) |
Authenticate to remote rootd or proofd server.
Return kTRUE if authentication succeeded.
Definition at line 403 of file TAuthenticate.cxx.
Referenced by TRootAuth::Authenticate().
Print error string depending on error code.
Definition at line 1497 of file TAuthenticate.cxx.
Referenced by Authenticate(), AuthExists(), ClearAuth(), TRootAuth::ErrorMsg(), Krb5Authenticate(), RfioAuth(), and SshAuth().
Int_t TAuthenticate::AuthExists | ( | TString | username, |
Int_t | method, | ||
const char * | options, | ||
Int_t * | message, | ||
Int_t * | rflag, | ||
CheckSecCtx_t | checksecctx | ||
) |
Check if we have a valid established sec context in memory Retrieves relevant info and negotiates with server.
options = "Opt,strlen(username),username.Data()" message = kROOTD_USER, ...
Definition at line 3163 of file TAuthenticate.cxx.
Referenced by ClearAuth(), Krb5Authenticate(), and SshAuth().
void TAuthenticate::CatchTimeOut | ( | ) |
Called in connection with a timer timeout.
Definition at line 387 of file TAuthenticate.cxx.
|
staticprivate |
Check if 'host' matches 'href': this means either equal or "containing" it, even with wild cards * in the first field (in the case 'href' is a name, ie not IP address) Returns kTRUE if the two matches.
Definition at line 2203 of file TAuthenticate.cxx.
Referenced by GetHostAuth().
Try to get user name and passwd from the ~/.rootnetrc or ~/.netrc files.
For more info see the version with 4 arguments. This version is maintained for backward compatability reasons.
Definition at line 1109 of file TAuthenticate.cxx.
Referenced by Authenticate(), and GetUserPasswd().
Bool_t TAuthenticate::CheckNetrc | ( | TString & | user, |
TString & | passwd, | ||
Bool_t & | pwhash, | ||
Bool_t | srppwd | ||
) |
Try to get user name and passwd from the ~/.rootnetrc or ~/.netrc files.
First ~/.rootnetrc is tried, after that ~/.netrc. These files will only be used when their access masks are 0600. Returns kTRUE if user and passwd were found for the machine specified in the URL. If kFALSE, user and passwd are "". If srppwd == kTRUE then a SRP ('secure') pwd is searched for in the files. The boolean pwhash is set to kTRUE if the returned passwd is to be understood as password hash, i.e. if the 'password-hash' keyword is found in the 'machine' lines; not implemented for 'secure' and the .netrc file. The format of these files are:
machine <machine fqdn>=""> login <user> password <passwd> machine <machine fqdn>=""> login <user> password-hash <passwd>
and in addition ~/.rootnetrc also supports:
secure <machine fqdn>=""> login <user> password <passwd>
<machine fqdn>=""> may be a domain name or contain the wild card '*'.
for the secure protocols. All lines must start in the first column.
Definition at line 1145 of file TAuthenticate.cxx.
Check if the authentication method can be attempted for the client.
Definition at line 4434 of file TAuthenticate.cxx.
UsrPwd client authentication code.
Returns 0 in case authentication failed 1 in case of success
Definition at line 2357 of file TAuthenticate.cxx.
Referenced by Authenticate().
|
static |
Store RSA public keys from export string rsaPubExport.
Definition at line 3818 of file TAuthenticate.cxx.
Referenced by SendRSAPublicKey(), and SetRSAPublic().
|
staticprivate |
Expands include directives found in fexp files The expanded, temporary file, is pointed to by 'ftmp' and should be already open.
To be called recursively.
Definition at line 2943 of file TAuthenticate.cxx.
Referenced by ReadRootAuthrc().
|
private |
Generate a valid pair of private/public RSA keys to protect for authentication token exchange.
Definition at line 3388 of file TAuthenticate.cxx.
Referenced by TAuthenticate().
|
static |
Static method returning the list with authentication details.
Definition at line 1472 of file TAuthenticate.cxx.
Referenced by GetHostAuth(), HasHostAuth(), ProofAuthSetup(), ReadRootAuthrc(), RecvHostAuth(), RemoveHostAuth(), RemoveSecContext(), Show(), and TAuthenticate().
|
static |
Static method returning the method corresponding to idx.
Definition at line 1303 of file TAuthenticate.cxx.
Referenced by ClassImp(), Krb5Authenticate(), THostAuth::Print(), SetEnvironment(), and TRootSecContext::TRootSecContext().
|
static |
Static method returning the method index (which can be used to find the method in GetAuthMethod()).
Returns -1 in case meth is not found.
Definition at line 1318 of file TAuthenticate.cxx.
Referenced by ReadRootAuthrc(), and TAuthenticate().
|
static |
Static method returning the authentication reuse settings.
Definition at line 1287 of file TAuthenticate.cxx.
Referenced by Krb5Authenticate().
|
static |
Static method returning supported client protocol.
Definition at line 4867 of file TAuthenticate.cxx.
Determine default authentication details for method 'sec' and user 'usr'.
Checks .rootrc family files. Returned string must be deleted by the user.
Definition at line 3022 of file TAuthenticate.cxx.
Referenced by THostAuth::AddFirst(), THostAuth::AddMethod(), THostAuth::Create(), THostAuth::ReOrder(), THostAuth::SetDetails(), and TAuthenticate().
|
static |
Static method returning the default user information.
Definition at line 1271 of file TAuthenticate.cxx.
Referenced by Krb5Authenticate().
|
static |
Static method returning default expiring date for new validity contexts.
Definition at line 1263 of file TAuthenticate.cxx.
|
static |
Static method returning the global password hash flag.
Definition at line 1247 of file TAuthenticate.cxx.
|
static |
Static method returning the global SRP password flag.
Definition at line 1255 of file TAuthenticate.cxx.
|
static |
Static method returning the global user.
Definition at line 1239 of file TAuthenticate.cxx.
|
static |
Static method returning the globus authorization hook.
Definition at line 1430 of file TAuthenticate.cxx.
Referenced by TRootSecContext::DeActivate().
|
inline |
Definition at line 155 of file TAuthenticate.h.
Referenced by TRootAuth::Authenticate(), Krb5Authenticate(), ProofAuthSetup(), ReadRootAuthrc(), RecvHostAuth(), and TAuthenticate().
|
static |
Sets fUser=user and search fgAuthInfo for the entry pertaining to (host,user), setting fHostAuth accordingly.
If opt = "P" use fgProofAuthInfo list instead If no entry is found fHostAuth is not changed
Definition at line 2822 of file TAuthenticate.cxx.
|
static |
Static method returning the principal to be used to init Krb5 tickets.
Definition at line 1279 of file TAuthenticate.cxx.
Referenced by Krb5Authenticate().
|
static |
Static method returning the prompt user settings.
Definition at line 1295 of file TAuthenticate.cxx.
Referenced by Krb5Authenticate(), and Krb5InitCred().
|
static |
Static method returning the list with authentication directives to be sent to proof.
Definition at line 1485 of file TAuthenticate.cxx.
Referenced by GetHostAuth(), HasHostAuth(), ProofAuthSetup(), ReadRootAuthrc(), RecvHostAuth(), RemoveHostAuth(), RemoveSecContext(), SendHostAuth(), and Show().
|
inline |
Definition at line 156 of file TAuthenticate.h.
Referenced by Krb5Authenticate().
|
inlineprivate |
Definition at line 89 of file TAuthenticate.h.
Allocates and fills a 0 terminated buffer of length len+1 with len random characters.
Returns pointer to the buffer (to be deleted by the caller) opt = 0 any non dangerous char 1 letters and numbers (upper and lower case) 2 hex characters (upper and lower case)
Definition at line 3632 of file TAuthenticate.cxx.
Referenced by GenRSAKeys().
|
inline |
Definition at line 157 of file TAuthenticate.h.
Referenced by Krb5Authenticate().
|
static |
Static method returning the RSA initialization flag.
Definition at line 1447 of file TAuthenticate.cxx.
|
inlineprivate |
Definition at line 90 of file TAuthenticate.h.
|
inline |
Definition at line 158 of file TAuthenticate.h.
Referenced by Krb5Authenticate().
|
static |
Static method returning the RSA public keys.
Definition at line 1438 of file TAuthenticate.cxx.
|
inline |
Definition at line 159 of file TAuthenticate.h.
Referenced by TRootAuth::Authenticate().
|
inlineprivate |
Definition at line 91 of file TAuthenticate.h.
|
inline |
Definition at line 160 of file TAuthenticate.h.
Referenced by Krb5Authenticate().
|
inlineprivate |
Definition at line 92 of file TAuthenticate.h.
|
private |
Method returning the user to be used for the ssh login.
Looks first at SSH.Login and finally at env USER. If SSH.LoginPrompt is set to 'yes' it prompts for the 'login name'
Definition at line 2171 of file TAuthenticate.cxx.
Referenced by SshAuth().
|
inline |
Definition at line 161 of file TAuthenticate.h.
Referenced by TRootAuth::Authenticate(), and Krb5Authenticate().
|
private |
Try to get user name and passwd from several sources.
Definition at line 1041 of file TAuthenticate.cxx.
Referenced by Authenticate().
|
inlineprivate |
Definition at line 94 of file TAuthenticate.h.
|
static |
Checks if a THostAuth with exact match for {host,user} exists in the fgAuthInfo list If opt = "P" use ProofAuthInfo list instead Returns pointer to it or 0.
Definition at line 2899 of file TAuthenticate.cxx.
Referenced by MergeHostAuthList().
|
inline |
Definition at line 162 of file TAuthenticate.h.
Referenced by TRootAuth::Authenticate().
|
static |
Initialize random machine using seed from /dev/urandom (or current time if /dev/urandom not available).
Definition at line 3360 of file TAuthenticate.cxx.
Referenced by GenRSAKeys(), and GetRandString().
Tool for updating fgAuthInfo or fgProofAuthInfo 'nin' contains list of last input information through (re)reading of a rootauthrc-alike file.
'nin' info has priority. 'std' is cleaned from inactive members. 'nin' members used to update existing members in 'std' are removed from 'nin', do that they do not leak opt = "P" for proofauthinfo.
Definition at line 4574 of file TAuthenticate.cxx.
Referenced by ReadRootAuthrc().
|
static |
Static method to prompt for the user's passwd to be used for authentication to rootd or proofd.
Uses non-echoing command line to get passwd. Returns passwd (which must de deleted by caller) or 0. If non-interactive run (eg ProofServ) returns -1
Definition at line 1378 of file TAuthenticate.cxx.
Referenced by ClearAuth().
|
static |
Static method to prompt for the user name to be used for authentication to rootd or proofd.
User is asked to type user name. Returns user name (which must be deleted by caller) or 0. If non-interactive run (eg ProofServ) returns default user.
Definition at line 1338 of file TAuthenticate.cxx.
Referenced by Authenticate(), GetSshUser(), and GetUserPasswd().
|
private |
Authentication related stuff setup in TProofServ.
This is the place where the buffer send by the client / master is decoded. It contains also password information, if the case requires. Return 0 on success, -1 on failure.
Definition at line 4662 of file TAuthenticate.cxx.
Referenced by TRootAuth::Authenticate(), and TAuthenticate().
Setup of authetication related stuff in PROOF run after a successful authentication.
Return 0 on success, -1 on failure.
Definition at line 4784 of file TAuthenticate.cxx.
|
static |
Read authentication directives from $ROOTAUTHRC, $HOME/.rootauthrc or <Root_etc_dir>/system.rootauthrc and create related THostAuth objects.
Files are read only if they changed since last reading If 'proofconf' is defined, check also file proofconf for directives
Definition at line 4096 of file TAuthenticate.cxx.
Referenced by RecvHostAuth(), and TAuthenticate().
Remove THostAuth instance from the list.
Definition at line 3090 of file TAuthenticate.cxx.
|
staticprivate |
Tool for removing SecContext ctx from THostAuth listed in fgAuthInfo or fgProofAuthInfo.
Definition at line 4624 of file TAuthenticate.cxx.
Referenced by TRootSecContext::DeActivate().
UidGid client authentication code.
Returns 0 in case authentication failed 1 in case of success <0 in case of system error
Definition at line 2264 of file TAuthenticate.cxx.
Referenced by Authenticate().
Receive str from sock and decode it using key indicated by key type Return number of received bytes or -1 in case of error.
dec = 1 for private decoding, dec = 2 for public decoding
Definition at line 3751 of file TAuthenticate.cxx.
Referenced by ClearAuth(), Krb5Authenticate(), OldProofServAuthSetup(), and SshAuth().
Encode null terminated str using the session private key indicated by enc and sends it over the network Returns number of bytes sent, or -1 in case of error.
enc = 1 for private encoding, enc = 2 for public encoding
Definition at line 3690 of file TAuthenticate.cxx.
Referenced by AuthExists(), TRootSecContext::CleanupSecContext(), ClearAuth(), OldSlaveAuthSetup(), and ProofAuthSetup().
Receives server RSA Public key Sends local RSA public key encoded.
Definition at line 4001 of file TAuthenticate.cxx.
Referenced by ClearAuth(), Krb5Authenticate(), and SshAuth().
Set global AuthReUse flag.
Definition at line 1613 of file TAuthenticate.cxx.
Static method setting the default type of RSA key.
Definition at line 1455 of file TAuthenticate.cxx.
Referenced by OldProofServAuthSetup(), and ProofAuthSetup().
|
static |
Set default user name.
Definition at line 1593 of file TAuthenticate.cxx.
|
private |
Set default authentication environment.
The values are inferred from fSecurity and fDetails.
Definition at line 856 of file TAuthenticate.cxx.
Referenced by Authenticate().
Set default expiring date for new validity contexts.
Definition at line 1585 of file TAuthenticate.cxx.
|
static |
Set global passwd to be used for authentication to rootd or proofd.
Definition at line 1545 of file TAuthenticate.cxx.
Referenced by OldProofServAuthSetup(), and ProofAuthSetup().
Set global passwd hash flag to be used for authentication to rootd or proofd.
Definition at line 1559 of file TAuthenticate.cxx.
Referenced by OldProofServAuthSetup(), and ProofAuthSetup().
Set global SRP passwd flag to be used for authentication to rootd or proofd.
Definition at line 1567 of file TAuthenticate.cxx.
Referenced by OldProofServAuthSetup(), and ProofAuthSetup().
|
static |
Set global user name to be used for authentication to rootd or proofd.
Definition at line 1531 of file TAuthenticate.cxx.
Referenced by OldProofServAuthSetup(), and ProofAuthSetup().
|
static |
Set Globus authorization function.
Automatically called when libGlobusAuth is loaded.
Definition at line 1648 of file TAuthenticate.cxx.
|
static |
Set kerberos5 authorization function.
Automatically called when libKrb5Auth is loaded.
Definition at line 1639 of file TAuthenticate.cxx.
Set global PromptUser flag.
Definition at line 1621 of file TAuthenticate.cxx.
Set flag controlling the reading of $HOME/.rootauthrc.
In PROOF the administrator may want to switch off private settings. Always true, may only be set false via option to proofd.
Definition at line 1577 of file TAuthenticate.cxx.
Referenced by OldProofServAuthSetup(), and ProofAuthSetup().
Static method setting RSA initialization flag.
Definition at line 1464 of file TAuthenticate.cxx.
Definition at line 163 of file TAuthenticate.h.
Store RSA public keys from export string rsaPubExport.
Returns type of stored key, or -1 is not recognized
Definition at line 3923 of file TAuthenticate.cxx.
Referenced by OldProofServAuthSetup().
|
inline |
Definition at line 164 of file TAuthenticate.h.
Referenced by Krb5Authenticate().
|
static |
Set secure authorization function.
Automatically called when libSRPAuth is loaded.
Definition at line 1630 of file TAuthenticate.cxx.
Set timeout (active if > 0)
Definition at line 1605 of file TAuthenticate.cxx.
Print info about the authentication sector.
If 'opt' contains 's' or 'S' prints information about established TSecContext, else prints information about THostAuth (if 'opt' is 'p' or 'P', prints Proof related information)
Definition at line 3106 of file TAuthenticate.cxx.
Referenced by ReadRootAuthrc(), and TAuthenticate().
SSH client authentication code.
Definition at line 1707 of file TAuthenticate.cxx.
Referenced by Authenticate().
|
private |
SSH error parsing: returns 0 : no error or fatal 1 : should retry (eg 'connection closed by remote host')
Definition at line 1658 of file TAuthenticate.cxx.
Referenced by SshAuth().
|
friend |
Definition at line 65 of file TAuthenticate.h.
|
friend |
Definition at line 66 of file TAuthenticate.h.
|
friend |
Definition at line 67 of file TAuthenticate.h.
Referenced by SshAuth().
|
private |
Definition at line 73 of file TAuthenticate.h.
Referenced by Authenticate(), AuthExists(), ClearAuth(), RfioAuth(), SetEnvironment(), and SshAuth().
|
staticprivate |
Definition at line 105 of file TAuthenticate.h.
Referenced by GetAuthInfo().
|
staticprivate |
Definition at line 106 of file TAuthenticate.h.
Referenced by Authenticate(), AuthExists(), CatchTimeOut(), GetAuthMethod(), and GetAuthMethodIdx().
|
staticprivate |
Definition at line 107 of file TAuthenticate.h.
Referenced by ClearAuth(), GetAuthReUse(), SetAuthReUse(), SetEnvironment(), and SshAuth().
|
staticprivate |
Definition at line 134 of file TAuthenticate.h.
Referenced by Authenticate(), CatchTimeOut(), SetTimeOut(), and TAuthenticate().
|
staticprivate |
Definition at line 108 of file TAuthenticate.h.
Referenced by Authenticate(), GetDefaultUser(), GetSshUser(), PromptUser(), SetDefaultUser(), and SetEnvironment().
|
staticprivate |
Definition at line 109 of file TAuthenticate.h.
Referenced by ClearAuth(), GetGlobalExpDate(), SetEnvironment(), SetGlobalExpDate(), and SshAuth().
|
staticprivate |
Definition at line 110 of file TAuthenticate.h.
Referenced by Authenticate(), GetGlobusAuthHook(), and SetGlobusAuthHook().
|
staticprivate |
Definition at line 111 of file TAuthenticate.h.
Referenced by Authenticate(), and SetKrb5AuthHook().
|
staticprivate |
Definition at line 112 of file TAuthenticate.h.
Referenced by GetKrb5Principal(), and SetEnvironment().
|
staticprivate |
Definition at line 113 of file TAuthenticate.h.
Referenced by ReadRootAuthrc().
|
staticprivate |
Definition at line 133 of file TAuthenticate.h.
Referenced by AuthError().
|
staticprivate |
Definition at line 114 of file TAuthenticate.h.
Referenced by ClearAuth(), GetUserPasswd(), and SetGlobalPasswd().
|
staticprivate |
Definition at line 115 of file TAuthenticate.h.
Referenced by PromptPasswd().
|
staticprivate |
Definition at line 135 of file TAuthenticate.h.
Referenced by AuthExists(), TRootSecContext::CleanupSecContext(), SshAuth(), and TAuthenticate().
|
staticprivate |
Definition at line 116 of file TAuthenticate.h.
Referenced by Authenticate(), ClearAuth(), GetPromptUser(), GetSshUser(), SetEnvironment(), SetPromptUser(), and SshAuth().
|
staticprivate |
Definition at line 117 of file TAuthenticate.h.
Referenced by GetProofAuthInfo().
|
staticprivate |
Definition at line 118 of file TAuthenticate.h.
Referenced by ClearAuth(), GetGlobalPwHash(), GetUserPasswd(), and SetGlobalPwHash().
Definition at line 119 of file TAuthenticate.h.
Referenced by ReadRootAuthrc(), and SetReadHomeAuthrc().
|
staticprivate |
Definition at line 120 of file TAuthenticate.h.
Referenced by ReadRootAuthrc().
|
staticprivate |
Definition at line 122 of file TAuthenticate.h.
Referenced by GenRSAKeys(), GetRSAInit(), SetRSAInit(), and TAuthenticate().
|
staticprivate |
Definition at line 121 of file TAuthenticate.h.
Referenced by ClearAuth(), GenRSAKeys(), SetDefaultRSAKeyType(), and TAuthenticate().
|
staticprivate |
Definition at line 123 of file TAuthenticate.h.
Referenced by GenRSAKeys(), SecureRecv(), and SecureSend().
|
staticprivate |
Definition at line 125 of file TAuthenticate.h.
Referenced by GenRSAKeys(), GetRSAPubExport(), SendRSAPublicKey(), and SshAuth().
|
staticprivate |
Definition at line 124 of file TAuthenticate.h.
Referenced by GenRSAKeys(), SecureRecv(), SecureSend(), and SetRSAPublic().
|
staticprivate |
Definition at line 129 of file TAuthenticate.h.
Referenced by Authenticate(), and SetSecureAuthHook().
|
staticprivate |
Definition at line 130 of file TAuthenticate.h.
Referenced by ClearAuth(), GetGlobalSRPPwd(), GetUserPasswd(), and SetGlobalSRPPwd().
|
staticprivate |
Definition at line 131 of file TAuthenticate.h.
Referenced by ClearAuth(), GetGlobalUser(), GetUserPasswd(), SetEnvironment(), and SetGlobalUser().
|
staticprivate |
Definition at line 132 of file TAuthenticate.h.
Referenced by ClearAuth(), and SetEnvironment().
|
private |
Definition at line 74 of file TAuthenticate.h.
Referenced by Authenticate(), AuthExists(), ClearAuth(), GetHostAuth(), RfioAuth(), SshAuth(), and TAuthenticate().
|
private |
Definition at line 75 of file TAuthenticate.h.
Referenced by Authenticate(), ClearAuth(), and TAuthenticate().
|
private |
Definition at line 76 of file TAuthenticate.h.
Referenced by AuthExists(), ClearAuth(), GetProtocol(), RfioAuth(), and TAuthenticate().
|
private |
Definition at line 77 of file TAuthenticate.h.
Referenced by Authenticate(), ClearAuth(), GetPwHash(), and TAuthenticate().
|
private |
Definition at line 78 of file TAuthenticate.h.
Referenced by Authenticate(), AuthExists(), CheckNetrc(), ClearAuth(), GetRemoteHost(), GetSshUser(), GetUserPasswd(), RfioAuth(), SshAuth(), and TAuthenticate().
|
private |
Definition at line 79 of file TAuthenticate.h.
Referenced by ClearAuth(), GetRSAKey(), GetRSAKeyType(), SshAuth(), and TAuthenticate().
|
private |
Definition at line 80 of file TAuthenticate.h.
Referenced by Authenticate(), AuthExists(), ClearAuth(), GetSecContext(), RfioAuth(), SshAuth(), and TAuthenticate().
|
private |
Definition at line 81 of file TAuthenticate.h.
Referenced by Authenticate(), CatchTimeOut(), CheckNetrc(), GetSecurity(), and SetEnvironment().
|
private |
Definition at line 82 of file TAuthenticate.h.
Referenced by Authenticate(), AuthExists(), CatchTimeOut(), ClearAuth(), GetSocket(), RfioAuth(), SshAuth(), and TAuthenticate().
|
private |
Definition at line 83 of file TAuthenticate.h.
Referenced by Authenticate(), ClearAuth(), GetSRPPwd(), and TAuthenticate().
|
private |
Definition at line 86 of file TAuthenticate.h.
Referenced by Authenticate(), CatchTimeOut(), and HasTimedOut().
|
private |
Definition at line 85 of file TAuthenticate.h.
Referenced by Authenticate(), AuthExists(), ClearAuth(), GetUser(), RfioAuth(), SetEnvironment(), and TAuthenticate().
|
private |
Definition at line 84 of file TAuthenticate.h.
Referenced by Authenticate(), ClearAuth(), GetVersion(), SshAuth(), and TAuthenticate().