doc/master/TRootAuth_8cxx_source.html

// @(#)root/auth:$Id$

// Author: Gerardo Ganis   08/07/05


/*************************************************************************

 * Copyright (C) 1995-2005, Rene Brun and Fons Rademakers.               *

 * All rights reserved.                                                  *

 *                                                                       *

 * For the licensing terms see $ROOTSYS/LICENSE.                         *

 * For the list of contributors see $ROOTSYS/README/CREDITS.             *

 *************************************************************************/


//////////////////////////////////////////////////////////////////////////

//                                                                      //

// TRootAuth                                                            //

//                                                                      //

// TVirtualAuth implementation based on the old client authentication   //

// code.                                                                //

//                                                                      //

//////////////////////////////////////////////////////////////////////////


#include "TAuthenticate.h"

#include "TError.h"

#include "THostAuth.h"

#include "TRootAuth.h"

#include "TRootSecContext.h"

#include "TSocket.h"

#include "TSystem.h"

#include "TUrl.h"


////////////////////////////////////////////////////////////////////////////////

/// Runs authentication on socket s.

/// Invoked when dynamic loading is needed.

/// Returns 1 on success, 0 on failure.


TSecContext *TRootAuth::Authenticate(TSocket *s, const char *host,

                                     const char *user, Option_t *opts)

{

   TSecContext *ctx = 0;

   Int_t rc = 0;


   Int_t rproto =  s->GetRemoteProtocol() % 1000;

   if (s->GetServType() == (Int_t)TSocket::kROOTD) {

      if (rproto > 6 && rproto < 10) {

         // Middle aged versions expect client protocol now

         s->Send(Form("%d", TSocket::GetClientProtocol()), kROOTD_PROTOCOL2);

         Int_t kind = 0;

         if (s->Recv(rproto, kind) < 0) {

            Error("Authenticate", "receiving remote protocol");

            return ctx;

         }

         s->SetRemoteProtocol(rproto);

      }

   }


   Bool_t isPROOF = (s->GetServType() == (Int_t)TSocket::kPROOFD);

   Bool_t isPROOFserv = (opts[0] == 'P') ? kTRUE : kFALSE;


   // Build the protocol string for TAuthenticate

   TString proto = TUrl(s->GetUrl()).GetProtocol();

   if (proto == "") {

      proto = "root";

   } else if (proto.Contains("sockd") || proto.Contains("rootd") ||

              proto.Contains("proofd")) {

      proto.ReplaceAll("d",1,"",0);

   }

   proto += Form(":%d",rproto);


   // Init authentication

   TAuthenticate *auth =

      new TAuthenticate(s, host, proto, user);


   // Attempt authentication

   if (!auth->Authenticate()) {

      // Close the socket if unsuccessful

      if (auth->HasTimedOut() > 0)

         Error("Authenticate",

               "timeout expired for %s@%s", auth->GetUser(), host);

      else

         Error("Authenticate",

               "authentication failed for %s@%s", auth->GetUser(), host);

      // This is to terminate properly remote proofd in case of failure

      if (isPROOF)

         s->Send(Form("%d %s", gSystem->GetPid(), host), kROOTD_CLEANUP);

   } else {

      // Set return flag;

      rc = 1;

      // Search pointer to relevant TSecContext

      ctx = auth->GetSecContext();

      s->SetSecContext(ctx);

   }

   // Cleanup

   delete auth;


   // If we are talking to a recent proofd send over a buffer with the

   // remaining authentication related stuff

   if (rc && isPROOF && rproto > 11) {

      Bool_t client = !isPROOFserv;

      if (TAuthenticate::ProofAuthSetup(s, client) !=0 ) {

         Error("Authenticate", "PROOF: failed to finalize setup");

      }

   }


   // We are done

   return ctx;

}


////////////////////////////////////////////////////////////////////////////////

/// Return client version;


Int_t TRootAuth::ClientVersion()

{

   return TSocket::GetClientProtocol();

}


////////////////////////////////////////////////////////////////////////////////

/// Print error string corresponding to ecode, prepending location


void TRootAuth::ErrorMsg(const char *where, Int_t ecode)

{

   TAuthenticate::AuthError(where, ecode);

}


kROOTD_PROTOCOL2
@ kROOTD_PROTOCOL2
Definition MessageTypes.h:125

kROOTD_CLEANUP
@ kROOTD_CLEANUP
Definition MessageTypes.h:127

Int_t
int Int_t
Definition RtypesCore.h:45

kFALSE
constexpr Bool_t kFALSE
Definition RtypesCore.h:94

kTRUE
constexpr Bool_t kTRUE
Definition RtypesCore.h:93

Option_t
const char Option_t
Definition RtypesCore.h:66

TAuthenticate.h

TRangeDynCast
ROOT::Detail::TRangeCast< T, true > TRangeDynCast
TRangeDynCast is an adapter class that allows the typed iteration through a TCollection.
Definition TCollection.h:358

TError.h

Error
void Error(const char *location, const char *msgfmt,...)
Use this function in case an error occurred.
Definition TError.cxx:185

THostAuth.h

TRootAuth.h

TRootSecContext.h

TSocket.h

Form
char * Form(const char *fmt,...)
Formats a string in a circular formatting buffer.
Definition TString.cxx:2489

TSystem.h

gSystem
R__EXTERN TSystem * gSystem
Definition TSystem.h:572

TUrl.h

proto
const char * proto
Definition civetweb.c:17535

ROOT::Detail::TRangeCast
Definition TCollection.h:311

TAuthenticate
Definition TAuthenticate.h:53

TAuthenticate::ProofAuthSetup
Int_t ProofAuthSetup()
Authentication related stuff setup in TProofServ.
Definition TAuthenticate.cxx:3699

TAuthenticate::AuthError
static void AuthError(const char *where, Int_t error)
Print error string depending on error code.
Definition TAuthenticate.cxx:1261

TRootAuth::ErrorMsg
void ErrorMsg(const char *where, Int_t ecode=-1) override
Print error string corresponding to ecode, prepending location.
Definition TRootAuth.cxx:118

TRootAuth::Authenticate
TSecContext * Authenticate(TSocket *, const char *host, const char *user, Option_t *options="") override
Runs authentication on socket s.
Definition TRootAuth.cxx:35

TRootAuth::ClientVersion
Int_t ClientVersion() override
Return client version;.
Definition TRootAuth.cxx:110

TSecContext
Definition TSecContext.h:36

TSocket
Definition TSocket.h:41

TSocket::SetRemoteProtocol
void SetRemoteProtocol(Int_t rproto)
Definition TSocket.h:151

TSocket::Recv
virtual Int_t Recv(TMessage *&mess)
Receive a TMessage object.
Definition TSocket.cxx:818

TSocket::GetClientProtocol
static Int_t GetClientProtocol()
Static method returning supported client protocol.
Definition TSocket.cxx:1469

TSocket::GetRemoteProtocol
Int_t GetRemoteProtocol() const
Definition TSocket.h:126

TSocket::kROOTD
@ kROOTD
Definition TSocket.h:52

TSocket::kPROOFD
@ kPROOFD
Definition TSocket.h:52

TSocket::GetServType
Int_t GetServType() const
Definition TSocket.h:117

TSocket::SetSecContext
void SetSecContext(TSecContext *ctx)
Definition TSocket.h:152

TSocket::GetUrl
const char * GetUrl() const
Definition TSocket.h:130

TSocket::Send
virtual Int_t Send(const TMessage &mess)
Send a TMessage object.
Definition TSocket.cxx:522

TString
Basic string class.
Definition TString.h:139

TSystem::GetPid
virtual int GetPid()
Get process id.
Definition TSystem.cxx:718

TUrl
This class represents a WWW compatible URL.
Definition TUrl.h:33

TUrl::GetProtocol
const char * GetProtocol() const
Definition TUrl.h:64

bool

int