xrootd
 All Classes Namespaces Files Functions Variables Typedefs Enumerations Enumerator Friends Macros Pages
Public Member Functions | Public Attributes | Protected Member Functions | Private Member Functions | Private Attributes | Static Private Attributes | Friends | List of all members
XrdSecProtect Class Reference

#include <XrdSecProtect.hh>

Collaboration diagram for XrdSecProtect:
Collaboration graph
[legend]

Public Member Functions

virtual void Delete ()
 Delete this object. Use this method as opposed to operator delete. More...
 
virtual int Secure (SecurityRequest *&newreq, ClientRequest &thereq, const char *thedata)
 
virtual const char * Verify (SecurityRequest &secreq, ClientRequest &thereq, const char *thedata)
 
virtual ~XrdSecProtect ()
 Destructor. More...
 

Public Attributes

bool(XrdSecProtect::* Need2Secure )(ClientRequest &thereq)
 
kXR_unt64 lastSeqno
 
kXR_unt64 nextSeqno
 

Protected Member Functions

 XrdSecProtect (XrdSecProtocol *aprot=0, bool edok=true)
 
 XrdSecProtect (XrdSecProtocol *aprot, XrdSecProtect &pRef, bool edok=true)
 
void SetProtection (const ServerResponseReqs_Protocol &inReqs)
 

Private Member Functions

bool GetSHA2 (unsigned char *hBuff, struct iovec *iovP, int iovN)
 
bool Screen (ClientRequest &thereq)
 

Private Attributes

XrdSecProtocolauthProt
 
const char * secVec
 
ServerResponseReqs_Protocol myReqs
 
union {
   kXR_unt64   lastSeqno
 
   kXR_unt64   nextSeqno
 
}; 
 
bool edOK
 
bool secVerData
 
char myVec [maxRIX]
 

Static Private Attributes

static const unsigned int maxRIX = kXR_REQFENCE-kXR_auth
 

Friends

class XrdSecProtector
 

Constructor & Destructor Documentation

virtual XrdSecProtect::~XrdSecProtect ( )
inlinevirtual

Destructor.

XrdSecProtect::XrdSecProtect ( XrdSecProtocol aprot = 0,
bool  edok = true 
)
inlineprotected
XrdSecProtect::XrdSecProtect ( XrdSecProtocol aprot,
XrdSecProtect pRef,
bool  edok = true 
)
inlineprotected

Member Function Documentation

virtual void XrdSecProtect::Delete ( )
inlinevirtual

Delete this object. Use this method as opposed to operator delete.

bool XrdSecProtect::GetSHA2 ( unsigned char *  hBuff,
struct iovec *  iovP,
int  iovN 
)
private
bool XrdSecProtect::Screen ( ClientRequest thereq)
private
virtual int XrdSecProtect::Secure ( SecurityRequest *&  newreq,
ClientRequest thereq,
const char *  thedata 
)
virtual

Secure a request.

Request securement is optional and this call should be gaurded by an if statement to avoid securing requests that need not be secured as follows:

if (NEED2SECURE(<protP>)(thereq)) result = <protP>->Secure(....); else result = 0;

Modify the above to your particuar needs but gaurd the call!

Parameters
newreqA reference to a pointer where the new request, if needed, will be placed. The new request will consist of a kXR_sigver request followed by hash. The request buffer must be freed using free() when it is no longer needed.
thereqReference to the client request header/body that needs to be secured. The request must be in network byte order. thedata The request data whose length resides in theReq.dlen. If thedata is nil but thereq.dlen is not zero then the request data must follow the request header in the thereq buffer.
Returns
<0 An error occurred and the return value is -errno.
>0 The length of the new request whose pointer is in newreq. This is the nuber of bytes that must be sent.
void XrdSecProtect::SetProtection ( const ServerResponseReqs_Protocol inReqs)
protected
virtual const char* XrdSecProtect::Verify ( SecurityRequest secreq,
ClientRequest thereq,
const char *  thedata 
)
virtual

Verify that a request was properly secured.

Parameters
secreqA reference to the kXR_sigver request followed by whatever data was sent (normally an encrypted verification hash). All but the request code must be in network byte order.
thereqReference to the client request header/body that needs to be verified. The request must be in network byte order. thedata The request data whose length resides in theReq.dlen.
Returns
Upon success zero is returned. Otherwise a pointer to a null delimited string describing the problem is returned.

Friends And Related Function Documentation

friend class XrdSecProtector
friend

Member Data Documentation

union { ... }
XrdSecProtocol* XrdSecProtect::authProt
private
bool XrdSecProtect::edOK
private
kXR_unt64 XrdSecProtect::lastSeqno
const unsigned int XrdSecProtect::maxRIX = kXR_REQFENCE-kXR_auth
staticprivate
ServerResponseReqs_Protocol XrdSecProtect::myReqs
private
char XrdSecProtect::myVec[maxRIX]
private
bool(XrdSecProtect::* XrdSecProtect::Need2Secure)(ClientRequest &thereq)

Test whether or not a request needs to be secured. This method pointer should only be invoked via the NEED2SECURE macro (see above).

Parameters
thereqReference to the request header/body in network byte order.
Returns
false - request need not be secured (equals false).
true - request needs to be secured.
kXR_unt64 XrdSecProtect::nextSeqno
const char* XrdSecProtect::secVec
private
bool XrdSecProtect::secVerData
private

The documentation for this class was generated from the following file: