24 #if ROOTXRDVERS < ROOT_OldXrdOuc
25 # define XPD_LOG_01 OUC_LOG_01
27 # define XPD_LOG_01 SYS_LOG_01
32 #include "Xrd/XrdBuffer.hh"
34 #include "XrdNet/XrdNetAddrInfo.hh"
36 #include "XrdOuc/XrdOucErrInfo.hh"
37 #include "XrdOuc/XrdOucStream.hh"
38 #include "XrdSec/XrdSecInterface.hh"
39 #include "XrdSys/XrdSysPlugin.hh"
56 typedef XrdSecService *(*XrdSecServLoader_t)(
XrdSysLogger *,
const char *cfn);
75 TRACE(REQ,
"undefined client manager: cannot start");
80 TRACE(REQ,
"undefined session manager: cannot start");
85 int lastcheck = time(0), ckfreq = mgr->
CheckFrequency(), deltat = 0;
88 if ((deltat = ckfreq - (time(0) - lastcheck)) <= 0)
90 int pollRet = mgr->
Pipe()->
Poll(deltat);
96 if ((rc = mgr->
Pipe()->
Recv(msg)) != 0) {
97 XPDERR(
"problems receiving message; errno: "<<-rc);
104 TRACE(XERR,
"obsolete type: XrdProofdClientMgr::kClientDisconnect");
106 TRACE(XERR,
"unknown type: "<<msg.
Type());
128 XPDLOC(CMGR,
"XrdProofdClientMgr")
141 TRACE(XERR,
"unable to generate the pipe");
165 char *val, XrdOucStream *cfg,
bool rcf)
167 XPDLOC(SMGR,
"ClientMgr::DoDirective")
173 if (d->
fName ==
"clientmgr") {
186 XPDLOC(SMGR,
"ClientMgr::DoDirectiveClientMgr")
196 XrdOucString tok(val);
197 if (tok.beginswith(
"checkfq:")) {
198 tok.replace(
"checkfq:",
"");
199 checkfq = strtol(tok.c_str(), 0, 10);
200 }
else if (tok.beginswith(
"activityto:")) {
201 tok.replace(
"activityto:",
"");
202 activityto = strtol(tok.c_str(), 0, 10);
205 val = cfg->GetWord();
230 XPDLOC(CMGR,
"ClientMgr::Config")
234 XPDERR(
"problems parsing file ");
239 msg = (rcf) ?
"re-configuring" :
"configuring";
240 TRACE(ALL, msg.c_str());
244 fClntAdminPath +=
"/clients";
250 XPDERR(
"unable to assert the clients admin path: "<<fClntAdminPath);
254 TRACE(ALL,
"clients admin path set to: "<<fClntAdminPath);
258 XPDERR(
"problems parsing previous active clients: "<<msg);
264 TRACE(ALL,
"XRD seclib not specified; strong authentication disabled");
267 XPDERR(
"unable to load security system.");
270 TRACE(ALL,
"security library loaded");
277 std::list<XrdProofdClient *>::iterator pci;
290 (
void *)&fManagerCron, 0,
"ClientMgr cron thread") != 0) {
291 XPDERR(
"could not start cron thread");
294 TRACE(ALL,
"cron thread started");
306 XPDLOC(CMGR,
"ClientMgr::Login")
318 TRACEP(p, XERR,
"master not allowed to connect - "
319 "ignoring request ("<<p->
Link()->Host()<<
")");
320 response->Send(kXR_InvalidRequest,
321 "master not allowed to connect - request ignored");
328 XrdOucString uname, gname, emsg;
341 XErrorCode rcode = (rccc == -2) ? (XErrorCode) kXR_NotAuthorized
342 : (XErrorCode) kXR_InvalidRequest;
343 response->Send(rcode, emsg.c_str());
344 response->Send(kXR_InvalidRequest, emsg.c_str());
356 response->Send(kXR_InvalidRequest,
"duplicate login; already logged in");
360 TRACE(ALL,
" hostname: '"<<p->
Link()->Host()<<
"'");
364 !strcmp(p->
Link()->Host(),
"localhost") ||
365 !strcmp(p->
Link()->Host(),
"127.0.0.0")) ? 1 : 0;
373 response->SetTag(
"adm");
377 response->SetTag(
"int");
380 if (anyserver || ismaster) {
383 response->SetTag(
"m2c");
385 TRACEP(p, XERR,
"top master mode not allowed - ignoring request");
386 response->Send(kXR_InvalidRequest,
387 "Server not allowed to be top master - ignoring request");
392 if (anyserver || ismaster) {
395 response->SetTag(
"m2m");
397 TRACEP(p, XERR,
"submaster mode not allowed - ignoring request");
398 response->Send(kXR_InvalidRequest,
399 "Server not allowed to be submaster - ignoring request");
407 response->SetTag(
"m2l");
410 TRACEP(p, XERR,
"PLite submaster mode not allowed - ignoring request");
411 response->Send(kXR_InvalidRequest,
412 "Server not allowed to be PLite submaster - ignoring request");
420 response->SetTag(
"w2m");
422 TRACEP(p, XERR,
"worker mode not allowed - ignoring request");
423 response->Send(kXR_InvalidRequest,
424 "Server not allowed to be worker - ignoring request");
430 response->Send(kXR_InvalidRequest,
"Server type: invalide mode");
433 response->SetTraceID();
441 for (i = 0; i < (int)
sizeof(un)-1; i++) {
450 if (uname ==
"?>buf") {
452 char *buf = p->
Argp()->buff;
455 uname.assign(buf,0,len-1);
456 int iusr = uname.find(
"|usr:");
458 TRACEP(p, XERR,
"long user name not found");
459 response->Send(kXR_InvalidRequest,
"long user name not found");
462 uname.erase(0,iusr+5);
463 uname.erase(uname.find(
"|"));
467 int ig = uname.find(
":");
469 gname.assign(uname, ig+1);
471 TRACEP(p, DBG,
"requested group: "<<gname);
480 p->
Link()->setID(uname.c_str(), pid);
482 response->SetTraceID();
488 if (needauth &&
fCIA) {
490 const char *pp =
fCIA->getParms(i, (XrdNetAddrInfo *) p->
Link()->NetAddr());
492 const char *pp =
fCIA->getParms(i, p->
Link()->Name());
507 XErrorCode rcode = (rccc == -2) ? (XErrorCode) kXR_NotAuthorized
508 : (XErrorCode) kXR_InvalidRequest;
509 response->Send(rcode, emsg.c_str());
525 const char *user, XrdOucString &emsg)
527 XPDLOC(CMGR,
"ClientMgr::CheckClient")
530 emsg =
"protocol object undefined!";
534 XrdOucString uname(user), gname(p->
GroupIn());
539 emsg =
"username not passed and not available in the protocol security entity - failing";
547 if (gname.length() > 0) {
550 XPDFORM(emsg,
"group unknown: %s", gname.c_str());
552 }
else if (strncmp(g->
Name(),
"default",7) &&
554 XPDFORM(emsg,
"user %s is not member of group %s", uname.c_str(), gname.c_str());
558 TRACEP(p, DBG,
"group: "<<gname<<
" found");
564 gname = g ? g->
Name() :
"default";
572 if (
fMgr->
CheckUser(uname.c_str(), gname.c_str(), ui, emsg, su) != 0) {
573 if (emsg.length() <= 0)
574 XPDFORM(emsg,
"Controlled access: user '%s', group '%s' not allowed to connect",
575 uname.c_str(), gname.c_str());
581 TRACEP(p, DBG,
"request from entity: "<<uname<<
":"<<gname<<
" (privileged)");
583 TRACEP(p, DBG,
"request from entity: "<<uname<<
":"<<gname);
597 emsg =
"unable to instantiate object for client ";
613 XPDLOC(CMGR,
"ClientMgr::MapClient")
620 TRACEP(p, HDBG,
"all: "<< all);
635 TRACEP(p, DBG,
"cannot find valid instance of XrdProofdClient");
637 "MapClient: cannot find valid instance of XrdProofdClient");
647 short int clientvers = -1;
651 TRACEP(p, XERR,
"proofsrv callback: sent invalid session id");
652 response->Send(kXR_InvalidRequest,
653 "MapClient: proofsrv callback: sent invalid session id");
657 TRACEP(p, DBG,
"proofsrv callback for session: " <<psid);
661 TRACEP(p, DBG,
"PROOF version run by client: " <<clientvers);
668 TRACEP(p, XERR,
"proofsrv callback: wrong target session: "<<psid<<
" : protocol error");
669 response->Send(
kXP_nosession,
"MapClient: proofsrv callback:"
670 " wrong target session: protocol error");
682 resp->
SetTag(tid.c_str());
684 TRACEI(resp->
TraceID(), DBG,
"proofsrv callback: link assigned to target session "<<psid);
704 XrdOucString discpath(cpath, 0, cpath.rfind(
"/cid"));
705 discpath +=
"/disconnected";
706 if (unlink(discpath.c_str()) != 0) {
707 XPDFORM(msg,
"warning: could not remove %s (errno: %d)", discpath.c_str(), errno);
708 TRACEP(p, XERR, msg.c_str());
718 TRACEP(p, XERR, msg.c_str());
727 XPDFORM(msg,
"client ID and admin paths created: %s", cpath.c_str());
728 TRACEP(p, DBG, msg.c_str());
735 const char *srvtype[6] = {
"ANY",
"MasterWorker",
"MasterMaster",
736 "ClientMaster",
"Internal",
"Admin"};
737 XPDFORM(msg,
"user %s logged-in%s; type: %s", pc->
User(),
750 XrdOucString &cpath, XrdOucString &emsg)
752 if (!p || !p->
Link()) {
753 XPDFORM(emsg,
"invalid inputs (p: %p)", p);
766 XPDFORM(emsg,
"error creating client admin path: %s", cpath.c_str());
771 FILE *fcid = fopen(cpath.c_str(),
"w");
773 fprintf(fcid,
"%d", p->
CID());
776 XPDFORM(emsg,
"error creating file for client id: %s", cpath.c_str());
788 XrdOucString &cidpath, XrdOucString &emsg)
792 XPDFORM(emsg,
"CheckAdminPath: invalid inputs (p: %p)", p);
804 XrdOucString discpath;
808 bool expired =
false;
810 int rc = stat(discpath.c_str(), &st);
811 if (rc != 0) rc = stat(cidpath.c_str(), &st);
813 if (expired || (rc != 0 && errno != ENOENT)) {
815 cidpath.replace(
"/cid",
"");
817 XPDFORM(emsg,
"CheckAdminPath: reconnection timeout expired: remove %s ",
820 XPDFORM(emsg,
"CheckAdminPath: problems stat'ing %s (errno: %d): remove ",
821 cidpath.c_str(), errno);
823 emsg +=
": failure!";
825 XPDFORM(emsg,
"CheckAdminPath: no such file %s", cidpath.c_str());
839 XPDLOC(CMGR,
"ClientMgr::ParsePreviousClients")
849 TRACE(DBG,
"creating holders for active clients ...");
852 XrdOucString usrpath, cidpath, discpath, usr, grp;
853 struct dirent *ent = 0;
854 while ((ent = (
struct dirent *)readdir(dir))) {
856 if (!strcmp(ent->d_name,
".") || !strcmp(ent->d_name,
".."))
continue;
860 if (stat(usrpath.c_str(), &st) == 0) {
863 usr.erase(usr.find(
'.'));
864 grp.erase(0, grp.find(
'.')+1);
865 TRACE(DBG,
"found usr: "<<usr<<
", grp: "<<grp);
869 XPDFORM(emsg,
"ParsePreviousClients: could not get client instance"
870 " for {%s, %s}", usr.c_str(), grp.c_str());
875 if (!rm && !(subdir = opendir(usrpath.c_str()))) {
876 TRACE(XERR,
"cannot open dir "<<usrpath<<
" ; error: "<<errno);
881 struct dirent *sent = 0;
882 while ((sent = (
struct dirent *)readdir(subdir))) {
884 if (!strcmp(sent->d_name,
".") || !strcmp(sent->d_name,
".."))
continue;
885 if (!strcmp(sent->d_name,
"xpdsock"))
continue;
886 XPDFORM(cidpath,
"%s/%s/cid", usrpath.c_str(), sent->d_name);
888 if (stat(cidpath.c_str(), &st) != 0 ||
901 XPDFORM(discpath,
"%s/%s/disconnected", usrpath.c_str(), sent->d_name);
902 FILE *fd = fopen(discpath.c_str(),
"w");
904 TRACE(XERR,
"unable to create path: " <<discpath);
914 TRACE(DBG,
"removing path: " <<cidpath);
915 cidpath.replace(
"/cid",
"");
916 XPDFORM(emsg,
"ParsePreviousClients: failure: remove %s ", cidpath.c_str());
918 emsg +=
": failure!";
929 TRACE(DBG,
"removing path: " <<usrpath);
930 XPDFORM(emsg,
"ParsePreviousClients: failure: remove %s ", usrpath.c_str());
932 emsg +=
": failure!";
950 XPDLOC(CMGR,
"ClientMgr::CheckClients")
958 TRACE(REQ,
"checking active clients ...");
962 XrdOucString usrpath, cidpath, discpath;
963 struct dirent *ent = 0;
964 while ((ent = (
struct dirent *)readdir(dir))) {
966 if (!strcmp(ent->d_name,
".") || !strcmp(ent->d_name,
".."))
continue;
971 if (stat(usrpath.c_str(), &xst) == 0) {
973 XrdOucString usr, grp;
975 if (!(c =
GetClient(usr.c_str(), grp.c_str(), 0))) {
976 TRACE(XERR,
"instance for client "<<ent->d_name<<
" not found!");
981 if (!rm && !(subdir = opendir(usrpath.c_str()))) {
982 TRACE(XERR,
"cannot open dir "<<usrpath<<
" ; error: "<<errno);
986 bool xrm = 0, xclose = 0;
987 struct dirent *sent = 0;
988 while ((sent = (
struct dirent *)readdir(subdir))) {
990 if (!strcmp(sent->d_name,
".") || !strcmp(sent->d_name,
".."))
continue;
991 if (!strcmp(sent->d_name,
"xpdsock"))
continue;
992 XPDFORM(discpath,
"%s/%s/disconnected", usrpath.c_str(), sent->d_name);
994 XPDFORM(cidpath,
"%s/%s/cid", usrpath.c_str(), sent->d_name);
996 if (stat(cidpath.c_str(), &st) == 0) {
998 if (stat(discpath.c_str(), &xst) == 0) {
1008 if (c->
Touch() == 1) {
1028 if (p && p->
Link()) {
1035 TRACE(XERR,
"protocol or link associated with ID "<<cid<<
" are invalid");
1039 TRACE(XERR,
"could not resolve client id from "<<cidpath);
1045 discpath.replace(
"/disconnected",
"");
1046 TRACE(DBG,
"removing path "<<discpath);
1048 TRACE(XERR,
"problems removing "<<discpath<<
"; error: "<<-rc);
1060 TRACE(DBG,
"removing path: " <<usrpath);
1062 TRACE(XERR,
"problems removing "<<usrpath<<
"; error: "<<-rc);
1078 XPDLOC(CMGR,
"ClientMgr::Auth")
1080 XrdSecCredentials cred;
1081 XrdSecParameters *parm = 0;
1091 return response->Send();
1093 cred.buffer = p->
Argp()->buff;
1097 XrdSecProtocol *ap = 0;
1099 XrdNetAddr netaddr(p->
Link()->NetAddr());
1101 struct sockaddr netaddr;
1102 p->
Link()->Name(&netaddr);
1104 if (!(ap =
fCIA->getProtocol(p->
Link()->Host(), netaddr, &cred, &eMsg))) {
1105 eText = eMsg.getErrText(rc);
1106 TRACEP(p, XERR,
"user authentication failed; "<<eText);
1107 response->Send(kXR_NotAuthorized, eText);
1114 size_t len = strlen(
"XrdSecLOGINUSER=")+strlen(p->
UserIn())+2;
1115 char *u =
new char[len];
1116 snprintf(u, len,
"XrdSecLOGINUSER=%s", p->
UserIn());
1121 if (!(rc = p->
AuthProt()->Authenticate(&cred, &parm, &eMsg))) {
1124 if (p->
AuthProt()->Entity.name && strlen(p->
AuthProt()->Entity.name) > 0) {
1126 XrdOucString usrs(p->
AuthProt()->Entity.name);
1129 int from = 0, rcmtc = -1;
1130 while ((from = usrs.tokenize(usr, from,
',')) != STR_NPOS) {
1133 p->
AuthProt()->Entity.name = strdup(usr.c_str());
1134 if ((usr == p->
UserIn())) {
1136 p->
AuthProt()->Entity.name = strdup(usr.c_str());
1142 namsg =
"logging as '";
1143 namsg += p->
AuthProt()->Entity.name;
1144 namsg +=
"' instead of '";
1146 namsg +=
"' following admin settings";
1147 TRACEP(p, LOGIN, namsg.c_str());
1148 namsg.insert(
"Warning: ", 0);
1149 response->Send(kXR_attn,
kXPD_srvmsg, 2, (
char *) namsg.c_str(), namsg.length());
1152 TRACEP(p, XERR,
"user name is empty: protocol error?");
1155 TRACEP(p, XERR,
"name of the authenticated entity is empty: protocol error?");
1161 rc = response->Send();
1169 TRACEP(p, LOGIN, p->
Link()->ID << msg <<
" nobody");
1177 TRACEP(p, DBG,
"more auth requested; sz: " <<(parm ? parm->size : 0));
1179 rc = response->Send(kXR_authmore, parm->buffer, parm->size);
1187 TRACEP(p, XERR,
"security requested additional auth w/o parms!");
1197 eText = (namsg.length() > 0) ? namsg.c_str() : eMsg.getErrText(rc);
1198 TRACEP(p, XERR,
"user authentication failed; "<<eText);
1199 response->Send(kXR_NotAuthorized, eText);
1208 XPDLOC(CMGR,
"ClientMgr::LoadSecurity")
1210 TRACE(REQ,
"LoadSecurity");
1213 const char *seclib =
fSecLib.c_str();
1217 TRACE(XERR,
"config file not specified");
1223 TRACE(XERR,
"could not create plugin instance for "<<seclib);
1224 return (XrdSecService *)0;
1230 TRACE(XERR,
"could not find 'XrdSecgetService()' in "<<seclib);
1231 return (XrdSecService *)0;
1242 TRACE(XERR,
"no security directives: strong authentication disabled");
1246 TRACE(XERR,
"creating temporary config file");
1251 XrdSecService *cia = 0;
1253 TRACE(XERR,
"Unable to create security service object via " << seclib);
1260 TRACE(ALL,
"strong authentication enabled");
1282 XPDLOC(CMGR,
"ClientMgr::FilterSecConfig")
1284 static const char *pfx[] = {
"xpd.sec.",
"sec.protparm",
"sec.protocol",
"set" };
1287 TRACE(REQ,
"enter");
1294 if (!cfn || !(fin = fopen(cfn,
"r"))) {
1295 nd = (errno > 0) ? -errno : -1;
1303 while (fgets(lin,
sizeof(lin),fin)) {
1304 if (!strncmp(lin, pfx[0], strlen(pfx[0])) ||
1305 !strncmp(lin, pfx[1], strlen(pfx[1])) ||
1306 !strncmp(lin, pfx[2], strlen(pfx[2])) ||
1307 !strncmp(lin, pfx[3], strlen(pfx[3]))) {
1312 size_t len = strlen(
fMgr->
TMPdir()) + strlen(
"/xpdcfn_XXXXXX") + 2;
1313 rcfn =
new char[len];
1314 snprintf(rcfn, len,
"%s/xpdcfn_XXXXXX",
fMgr->
TMPdir());
1315 mode_t oldum = umask(022);
1316 if ((fd = mkstemp(rcfn)) < 0) {
1318 nd = (errno > 0) ? -errno : -1;
1321 oldum = umask(oldum);
1324 oldum = umask(oldum);
1326 XrdOucString slin = lin;
1328 if (slin.beginswith(
"xpd.")) slin.replace(
"xpd.",
"");
1338 if (fd >= 0)
close(fd);
1351 XPDLOC(CMGR,
"ClientMgr::GetClient")
1353 TRACE(DBG,
"usr: "<< (usr ? usr :
"undef")<<
", grp:"<<(grp ? grp :
"undef"));
1355 XrdOucString dmsg, emsg;
1358 std::list<XrdProofdClient *>::iterator i;
1362 if ((c = *i) && c->
Match(usr,grp))
break;
1379 bool freeclient = 1;
1387 emsg =
"group = "; emsg += grp; emsg +=
" nor found";
1393 if ((nc = *i) && nc->
Match(usr,grp))
break;
1406 XPDFORM(dmsg,
"instance for {client, group} = {%s, %s} created"
1407 " and added to the list (%p)", usr, grp, c);
1411 XPDFORM(dmsg,
"instance for {client, group} = {%s, %s} is invalid", usr, grp);
1417 XPDFORM(dmsg,
"client '%s' unknown or unauthorized: %s", usr, emsg.c_str());
1423 if (c && !newclient) {
1426 XPDFORM(dmsg,
"problems trimming client '%s' sandbox", usr);
1431 if (dmsg.length() > 0) {
1435 if (emsg.length() > 0)
TRACE(XERR, emsg);
1451 std::list<XrdProofdClient *> *clnts;
1456 clnts =
new std::list<XrdProofdClient *>;
1457 clnts->push_back(clnt);
1462 std::list<XrdProofdClient *>::iterator i;
1464 for (i = clnts->begin(); i != clnts->end(); ++i) {
1470 if (clnt)
delete clnts;
1480 XPDLOC(CMGR,
"ClientMgr::TerminateSessions")
1484 std::list<XrdProofdClient *> *clnts;
1490 clnts =
new std::list<XrdProofdClient *>;
1491 clnts->push_back(clnt);
1497 std::list<XrdProofdClient *>::iterator i;
1499 for (i = clnts->begin(); i != clnts->end(); ++i) {
1506 TRACE(DBG,
"cleaning "<<all);
1511 XPDFORM(buf,
"%s %d", (all ?
"all" : clnt->
User()), srvtype);
1512 TRACE(DBG,
"posting: "<<buf);
1514 buf.c_str())) != 0) {
1515 TRACE(XERR,
"problem posting the pipe; errno: "<<-rc);
1520 for (i = clnts->begin(); i != clnts->end(); ++i) {
1526 if (clnt)
delete clnts;
int Auth(XrdProofdProtocol *xp)
Analyse client authentication info.
int GetClientID(XrdProofdProtocol *p)
Get next free client ID.
static int Write(int fd, const void *buf, size_t nb)
Write nb bytes at buf to descriptor 'fd' ignoring interrupts Return the number of bytes written or -1...
int Poll(int to=-1)
Poll over the read pipe for to secs; return whatever poll returns.
int ReserveClientID(int cid)
Reserve a client ID.
static int GetUserInfo(const char *usr, XrdProofUI &ui)
Get information about user 'usr' in a thread safe way.
int DoDirectiveClass(XrdProofdDirective *, char *val, XrdOucStream *cfg, bool rcf)
Generic class directive processor.
static int RmDir(const char *path)
Remove directory at path and its content.
void RegisterDirectives()
Register directives for configuration.
void SetGroup(const char *g)
static XpdManagerCron_t fManagerCron
#define TRACE(Flag, Args)
XrdProofGroupMgr * GroupsMgr() const
void * XrdProofdClientCron(void *p)
This is an endless loop to check the system periodically or when triggered via a message in a dedicat...
int CheckAdminPath(XrdProofdProtocol *p, XrdOucString &cidpath, XrdOucString &emsg)
Check the old-clients admin for an existing entry for this client and read the client ID;...
void SetAuthProt(XrdSecProtocol *p)
void Broadcast(XrdProofdClient *c, const char *msg)
Broadcast message 'msg' to the connected instances of client 'clnt' or to all connected instances if ...
int DoDirectiveInt(XrdProofdDirective *, char *val, XrdOucStream *cfg, bool rcf)
Process directive for an integer.
XrdProofdProofServMgr * SessionMgr() const
void SkipSessionsCheck(std::list< XrdProofdProofServ * > *active, XrdOucString &emsg, XrdProofdResponse *r=0)
Skip the next sessions status check.
#define kXPD_MasterMaster
void SetAdminPath(const char *p)
#define kXPD_ClientMaster
const char * UserIn() const
XrdProofGroup * GetGroup(const char *grp)
Returns the instance of for group 'grp.
XrdSysRecMutex * Mutex() const
struct ClientRequestHdr header
int Recv(XpdMsg &msg)
Recv message from the pipe.
XrdROOT * DefaultVersion() const
void SetCID(kXR_int32 cid)
void Print()
Dump group content.
void SetUserIn(const char *uin)
#define TRACEI(id, act, x)
int MapClient(XrdProofdProtocol *xp, bool all=1)
Process a login request.
XrdSysPlugin * fSecPlugin
XrdProofdClientMgr * fClientMgr
char * FilterSecConfig(int &nd)
Grep directives of the form "xpd.sec...", "sec.protparm" and "sec.protocol" from file 'cfn' and...
bool HasMember(const char *usr)
Check if 'usr' is member of this group.
const char * GroupIn() const
int Login(XrdProofdProtocol *xp)
Process a login request.
const char * TraceID() const
void TerminateSessions(XrdProofdClient *c, const char *msg, int srvtype)
Terminate sessions of client 'clnt' or to of all clients if clnt == 0.
XrdSecService * LoadSecurity()
Load security framework and plugins, if not already done.
bool Match(const char *usr, const char *grp=0)
return TRUE if this instance matches 'id' (and 'grp', if defined)
void Broadcast(const char *msg)
Broadcast message 'msg' to the connected clients.
bool CheckMaster(const char *m)
Check if master 'm' is allowed to connect to this host.
const char * Ordinal() const
int DoDirectiveClientMgr(char *, XrdOucStream *, bool)
Process 'clientmgr' directive eg: xpd.clientmgr checkfq:120 activityto:600.
XPClientRequest * Request() const
int ParsePreviousClients(XrdOucString &emsg)
Client entries for the clients still connected when the daemon terminated.
#define kXPD_MasterWorker
XrdProofdResponse * Response(kXR_unt16 rid)
Get response instance corresponding to stream ID 'sid'.
static int GetIDFromPath(const char *path, XrdOucString &emsg)
Extract an integer from a file.
#define XrdSysMutexHelper
int CheckUser(const char *usr, const char *grp, XrdProofUI &ui, XrdOucString &e, bool &su)
Check if the user is allowed to use the system Return 0 if OK, -1 if not.
#define TRACEP(p, act, x)
void SetProofProtocol(short int pp)
int Config(bool rcf=0)
Run configuration and parse the entered config directives.
XrdSecProtocol * AuthProt() const
void SetTraceID()
Auxilliary set method.
void SetClntCapVer(unsigned char c)
void SetAuthEntity(XrdSecEntity *se=0)
int CheckClient(XrdProofdProtocol *p, const char *user, XrdOucString &emsg)
Perform checks on the client username.
XrdProofGroup * GetUserGroup(const char *usr, const char *grp=0)
Returns the instance of the first group to which this user belongs; if grp != 0, return the instance ...
std::list< XrdProofdClient * > fProofdClients
const char * AdminPath() const
void SetConnection(XrdProofdResponse *r)
int Touch(bool reset=0)
Send a touch the connected clients: this will remotely touch the associated TSocket instance and sche...
static int AssertDir(const char *path, XrdProofUI ui, bool changeown)
Make sure that 'path' exists and is owned by the entity described by 'ui'.
const char * AdminPath() const
XrdProofdProofServMgr * fSessionMgr
static int CheckIf(XrdOucStream *s, const char *h)
Check existence and match condition of an 'if' directive If none (valid) is found, return -1.
int ResolveKeywords(XrdOucString &s, XrdProofdClient *pcl)
Resolve special keywords in 's' for client 'pcl'.
void SetClient(XrdProofdClient *c)
int DoDirective(XrdProofdDirective *d, char *val, XrdOucStream *cfg, bool rcf)
Update the priorities of the active sessions.
int DoDirectiveString(XrdProofdDirective *, char *val, XrdOucStream *cfg, bool rcf)
Process directive for a string.
static int ParseUsrGrp(const char *path, XrdOucString &usr, XrdOucString &grp)
Parse a path in the form of "<usr>[.<grp>][.<pid>]", filling 'usr' and 'grp'.
void SetSuperUser(bool su=1)
int CheckFrequency() const
const char * Host() const
void SetValid(bool valid=1)
#define XPD_SETRESP(p, x)
struct XPClientLoginRequest login
XrdProofdProtocol * GetProtocol(int ic)
Return protocol attached to client slot at 'ic'.
int CreateAdminPath(XrdProofdProtocol *p, XrdOucString &path, XrdOucString &e)
Create the client directory in the admin path.
const char * EffectiveUser() const
const char * User() const
XrdROOTMgr * ROOTMgr() const
XrdProofdClientMgr(XrdProofdManager *mgr, XrdProtocol_Config *pi, XrdSysError *e)
Constructor.
const char * Name() const
XrdProofdClient * GetClient(const char *usr, const char *grp=0, bool create=1)
Handle request for localizing a client instance for {usr, grp} from the list.
int Post(int type, const char *msg)
Post message on the pipe.
const char * CfgFile() const
XrdProofdProofServ * GetServer(int psid)
Get from the vector server instance with ID psid.
virtual int Config(bool rcf=0)
XrdSecService *(* XrdSecServLoader_t)(XrdSysLogger *, const char *cfn)
void SetTag(const char *tag)
XrdOucString fClntAdminPath
const char * TMPdir() const
void Register(const char *dname, XrdProofdDirective *d)
XrdProofdClient * Client() const
int CheckClients()
Regular checks of the client admin path; run by the cron job.
void ResetSessions()
Reset this instance.
void SetGroupIn(const char *gin)
int SetClientID(int cid, XrdProofdProtocol *p)
Set slot cid to instance 'p'.