|
Public Member Functions |
int | Authenticate (XrdSecCredentials *cred, XrdSecParameters **parms, XrdOucErrInfo *einfo=0) |
XrdSecCredentials * | getCredentials (XrdSecParameters *parm=0, XrdOucErrInfo *einfo=0) |
| XrdSecProtocolgsi (int opts, const char *hname, const struct sockaddr *ipadd, const char *parms=0) |
virtual | ~XrdSecProtocolgsi () |
void | Delete () |
int | Encrypt (const char *inbuf, int inlen, XrdSecBuffer **outbuf) |
int | Decrypt (const char *inbuf, int inlen, XrdSecBuffer **outbuf) |
int | Sign (const char *inbuf, int inlen, XrdSecBuffer **outbuf) |
int | Verify (const char *inbuf, int inlen, const char *sigbuf, int siglen) |
int | getKey (char *kbuf=0, int klen=0) |
int | setKey (char *kbuf, int klen) |
Static Public Member Functions |
char * | Init (gsiOptions o, XrdOucErrInfo *erp) |
Private Member Functions |
int | ParseClientInput (XrdSutBuffer *br, XrdSutBuffer **bm, String &emsg) |
int | ClientDoInit (XrdSutBuffer *br, XrdSutBuffer **bm, String &cmsg) |
int | ClientDoCert (XrdSutBuffer *br, XrdSutBuffer **bm, String &cmsg) |
int | ClientDoPxyreq (XrdSutBuffer *br, XrdSutBuffer **bm, String &cmsg) |
int | ParseServerInput (XrdSutBuffer *br, XrdSutBuffer **bm, String &cmsg) |
int | ServerDoCertreq (XrdSutBuffer *br, XrdSutBuffer **bm, String &cmsg) |
int | ServerDoCert (XrdSutBuffer *br, XrdSutBuffer **bm, String &cmsg) |
int | ServerDoSigpxy (XrdSutBuffer *br, XrdSutBuffer **bm, String &cmsg) |
int | ParseCrypto (String cryptlist) |
int | ParseCAlist (String calist) |
int | GetCA (const char *cahash) |
bool | ServerCertNameOK (const char *subject, String &e) |
XrdSecCredentials * | ErrC (XrdOucErrInfo *einfo, XrdSutBuffer *b1, XrdSutBuffer *b2, XrdSutBuffer *b3, kXR_int32 ecode, const char *msg1=0, const char *msg2=0, const char *msg3=0) |
int | ErrS (String ID, XrdOucErrInfo *einfo, XrdSutBuffer *b1, XrdSutBuffer *b2, XrdSutBuffer *b3, kXR_int32 ecode, const char *msg1=0, const char *msg2=0, const char *msg3=0) |
bool | CheckTimeStamp (XrdSutBuffer *b, int skew, String &emsg) |
bool | CheckRtag (XrdSutBuffer *bm, String &emsg) |
int | AddSerialized (char opt, kXR_int32 step, String ID, XrdSutBuffer *bls, XrdSutBuffer *buf, kXR_int32 type, XrdCryptoCipher *cip) |
Static Private Member Functions |
int | LoadCADir (int timestamp) |
String | GetCApath (const char *cahash) |
bool | VerifyCA (int opt, X509Chain *cca, XrdCryptoFactory *cf) |
XrdCryptoX509Crl * | LoadCRL (XrdCryptoX509 *xca, XrdCryptoFactory *CF) |
int | QueryProxy (bool checkcache, XrdSutCache *cache, const char *tag, XrdCryptoFactory *cf, int timestamp, ProxyIn_t *pi, ProxyOut_t *po) |
int | InitProxy (ProxyIn_t *pi, X509Chain *ch=0, XrdCryptoRSA **key=0) |
void | ErrF (XrdOucErrInfo *einfo, kXR_int32 ecode, const char *msg1, const char *msg2=0, const char *msg3=0) |
int | LoadGMAP (int now) |
XrdSecgsiGMAP_t | LoadGMAPFun (const char *plugin, const char *parms) |
XrdSecgsiAuthz_t | LoadAuthzFun (const char *plugin, const char *parms) |
void | QueryGMAP (XrdCryptoX509Chain *chain, int now, String &name) |
Private Attributes |
int | options |
sockaddr | hostaddr |
XrdCryptoFactory * | sessionCF |
XrdCryptoCipher * | sessionKey |
XrdSutBucket * | bucketKey |
XrdCryptoMsgDigest * | sessionMD |
XrdCryptoRSA * | sessionKsig |
XrdCryptoRSA * | sessionKver |
X509Chain * | proxyChain |
bool | srvMode |
gsiHSVars * | hs |
Static Private Attributes |
XrdSysMutex | gsiContext |
String | CAdir = "/etc/grid-security/certificates/" |
String | CRLdir = "/etc/grid-security/certificates/" |
String | DefCRLext = ".r0" |
String | SrvCert = "/etc/grid-security/xrd/xrdcert.pem" |
String | SrvKey = "/etc/grid-security/xrd/xrdkey.pem" |
String | UsrProxy |
String | UsrCert = "/.globus/usercert.pem" |
String | UsrKey = "/.globus/userkey.pem" |
String | PxyValid = "12:00" |
int | DepLength = 0 |
int | DefBits = 512 |
int | CACheck = 1 |
int | CRLCheck = 1 |
String | DefCrypto = "ssl" |
String | DefCipher = "aes-128-cbc:bf-cbc:des-ede3-cbc" |
String | DefMD = "sha1:md5" |
String | DefError = "invalid credentials " |
String | GMAPFile = "/etc/grid-security/grid-mapfile" |
int | GMAPOpt = 1 |
bool | GMAPuseDNname = 0 |
int | GMAPCacheTimeOut = -1 |
XrdSysPlugin * | GMAPPlugin = 0 |
XrdSecgsiGMAP_t | GMAPFun = 0 |
XrdSysPlugin * | AuthzPlugin = 0 |
XrdSecgsiAuthz_t | AuthzFun = 0 |
int | PxyReqOpts = 0 |
int | AuthzPxyWhat = -1 |
int | AuthzPxyWhere = -1 |
String | SrvAllowedNames |
int | ncrypt = 0 |
XrdCryptoFactory * | cryptF [XrdCryptoMax] = {0} |
int | cryptID [XrdCryptoMax] = {0} |
String | cryptName [XrdCryptoMax] = {0} |
XrdCryptoCipher * | refcip [XrdCryptoMax] = {0} |
XrdSutCache | cacheCA |
XrdSutCache | cacheCert |
XrdSutCache | cachePxy |
XrdSutCache | cacheGMAP |
XrdSutCache | cacheGMAPFun |
int | Debug = 0 |
bool | Server = 1 |
int | TimeSkew = 300 |
XrdSysLogger | Logger |
XrdSysError | eDest |
XrdOucTrace * | GSITrace = 0 |