65#define XrdSecPROTOIDENT "gsi"
66#define XrdSecPROTOIDLEN sizeof(XrdSecPROTOIDENT)
67#define XrdSecgsiVERSION 10600
68#define XrdSecNOIPCHK 0x0001
69#define XrdSecDEBUG 0x1000
70#define XrdCryptoMax 10
72#define kMAXBUFLEN 1024
75#define XrdSecgsiVersDHsigned 10400
77#define XrdSecgsiVersCertKey 10600
150#define REL1(x) { if (x) delete x; }
151#define REL2(x,y) { if (x) delete x; if (y) delete y; }
152#define REL3(x,y,z) { if (x) delete x; if (y) delete y; if (z) delete z; }
154#define SafeDelete(x) { if (x) {delete x ; x = 0;} }
155#define SafeDelArray(x) { if (x) {delete [] x ; x = 0;} }
156#define SafeFree(x) { if (x) {free(x) ; x = 0;} }
159typedef char *(*XrdSecgsiGMAP_t)(
const char *, int);
259 char k[40]; snprintf(k, 40,
"%p", t);
261 if (!stack.Find(k)) stack.Add(k, t, 0,
Hash_count);
266 char k[40]; snprintf(k, 40,
"%p", t);
293 const char *parms = 0);
302 int Encrypt(
const char *inbuf,
int inlen,
304 int Decrypt(
const char *inbuf,
int inlen,
307 int Sign(
const char *inbuf,
int inlen,
309 int Verify(
const char *inbuf,
int inlen,
310 const char *sigbuf,
int siglen);
313 int getKey(
char *kbuf=0,
int klen=0);
315 int setKey(
char *kbuf,
int klen);
334 static int DepLength;
338 static int CRLDownload;
339 static int CRLRefresh;
346 static bool GMAPuseDNname;
347 static int GMAPCacheTimeOut;
351 static int AuthzCertFmt;
352 static int AuthzCacheTimeOut;
353 static int PxyReqOpts;
354 static int AuthzPxyWhat;
355 static int AuthzPxyWhere;
356 static int AuthzAlways;
357 static String SrvAllowedNames;
358 static int VOMSAttrOpt;
360 static int VOMSCertFmt;
361 static int MonInfoOpt;
362 static bool HashCompatibility;
363 static bool TrustDNS;
385 static std::unique_ptr<GSIStack<XrdCryptoX509Crl>> stackCRL;
388 static time_t lastGMAPCheck;
439 int ParseCAlist(
String calist);
442 static int GetCA(
const char *cahash,
444 static String GetCApath(
const char *cahash);
448 bool ServerCertNameOK(
const char *subject,
const char *hname,
String &e);
451 time_t timestamp,
String &cal);
458 static int QueryProxy(
bool checkcache,
XrdSutCache *cache,
const char *tag,
466 const char *msg1,
const char *msg2 = 0,
467 const char *msg3 = 0);
471 const char *msg2 = 0,
const char *msg3 = 0);
475 const char *msg2 = 0,
const char *msg3 = 0);
489 LoadGMAPFun(
const char *plugin,
const char *parms);
491 LoadAuthzFun(
const char *plugin,
const char *parms,
int &fmt);
493 LoadVOMSFun(
const char *plugin,
const char *parms,
int &fmt);
538 if (
Crl &&
bool( XrdSecProtocolgsi::stackCRL ) ) {
541 XrdSecProtocolgsi::stackCRL->
Del(
Crl);
static XrdSysLogger Logger
static XrdSysError eDest(0,"crypto_")
#define XrdCryptoDefRSABits
int(* XrdSecgsiAuthz_t)(XrdSecEntity &)
XrdCryptogsiX509Chain X509Chain
XrdSecgsiAuthz_t XrdSecgsiVOMS_t
int(* XrdSecgsiAuthzKey_t)(XrdSecEntity &, char **)
int(* XrdSecgsiAuthzInit_t)(const char *)
XrdSecgsiAuthzInit_t XrdSecgsiVOMSInit_t
char *(* XrdSecgsiGMAP_t)(const char *, int)
int emsg(int rc, char *msg)
void Cleanup(bool keepCA=0)
static XrdOucTrace * EnableTracing()
int Authenticate(XrdSecCredentials *cred, XrdSecParameters **parms, XrdOucErrInfo *einfo=0)
int Verify(const char *inbuf, int inlen, const char *sigbuf, int siglen)
virtual ~XrdSecProtocolgsi()
XrdSecProtocolgsi(int opts, const char *hname, XrdNetAddrInfo &endPoint, const char *parms=0)
int Decrypt(const char *inbuf, int inlen, XrdSecBuffer **outbuf)
int Encrypt(const char *inbuf, int inlen, XrdSecBuffer **outbuf)
void Delete()
Delete the protocol object. DO NOT use C++ delete() on this object.
static char * Init(gsiOptions o, XrdOucErrInfo *erp)
XrdSecCredentials * getCredentials(XrdSecParameters *parm=0, XrdOucErrInfo *einfo=0)
int getKey(char *kbuf=0, int klen=0)
int Sign(const char *inbuf, int inlen, XrdSecBuffer **outbuf)
int setKey(char *kbuf, int klen)
void Dump(XrdSecProtocolgsi *p=0)
void Print(XrdOucTrace *t)
Generic structure to pass security information back and forth.