VOMS CC API
1.5.0
|
#include <voms_api.h>
Data Structures | |
class | Initializer |
Public Member Functions | |
vomsdata (std::string voms_dir="", std::string cert_dir="") | |
bool | LoadSystemContacts (std::string dir="") |
bool | LoadUserContacts (std::string dir="") |
std::vector< contactdata > | FindByAlias (std::string alias) |
std::vector< contactdata > | FindByVO (std::string vo) |
void | Order (std::string att) |
void | ResetOrder (void) |
void | AddTarget (std::string target) |
std::vector< std::string > | ListTargets (void) |
void | ResetTargets (void) |
std::string | ServerErrors (void) |
bool | Retrieve (X509 *cert, STACK_OF(X509)*chain, recurse_type how=RECURSE_CHAIN) |
bool | Contact (std::string hostname, int port, std::string servsubject, std::string command) |
bool | Contact (std::string hostname, int port, std::string servsubject, std::string command, int timeout) |
bool | ContactRaw (std::string hostname, int port, std::string servsubject, std::string command, std::string &raw, int &version) |
bool | ContactRaw (std::string hostname, int port, std::string servsubject, std::string command, std::string &raw, int &version, int timeout) |
void | SetVerificationType (verify_type how) |
void | SetLifetime (int lifetime) |
bool | Import (std::string buffer) |
bool | Export (std::string &data) |
bool | DefaultData (voms &) |
std::string | ErrorMessage (void) |
bool | RetrieveFromCtx (gss_ctx_id_t context, recurse_type how) |
bool | RetrieveFromCred (gss_cred_id_t credential, recurse_type how) |
bool | Retrieve (X509_EXTENSION *ext) |
bool | RetrieveFromProxy (recurse_type how) |
bool | Retrieve (FILE *file, recurse_type how) |
bool | Retrieve (AC *ac) |
~vomsdata () | |
vomsdata (const vomsdata &) | |
void | SetRetryCount (int retryCount) |
void | SetVerificationTime (time_t) |
bool | LoadCredentials (X509 *, EVP_PKEY *, STACK_OF(X509)*) |
bool | ContactRESTRaw (const std::string &, int, const std::string &, std::string &, int, int) |
Data Fields | |
verror_type | error |
std::vector< voms > | data |
std::string | workvo |
std::string | extra_data |
vomsdata::vomsdata | ( | std::string | voms_dir = "" , |
std::string | cert_dir = "" |
||
) |
voms_dir | The directory which contains the certificate of the VOMS server |
cert_dir | The directory which contains the certificate of the CA |
If voms_dir is empty, the value of the environment variable X509_VOMS_DIR is taken.
If cert_dir is empty, the value of the environment variable X509_CERT_DIR is taken.
vomsdata::~vomsdata | ( | ) |
vomsdata::vomsdata | ( | const vomsdata & | ) |
void vomsdata::AddTarget | ( | std::string | target | ) |
Adds a target to the AC.
target | The target to be added. it should be a FQDN. |
bool vomsdata::Contact | ( | std::string | hostname, |
int | port, | ||
std::string | servsubject, | ||
std::string | command | ||
) |
Contacts a VOMS server to get a certificate
It is the equivalent of the voms_proxy_init command, but without the --include functionality.
hostname | FQDN of the VOMS server |
port | the port on which the VOMS server is listening |
servsubject | the subject of the server's certificate |
command | the command sent to the server |
bool vomsdata::Contact | ( | std::string | hostname, |
int | port, | ||
std::string | servsubject, | ||
std::string | command, | ||
int | timeout | ||
) |
Contacts a VOMS server to get a certificate
It is the equivalent of the voms_proxy_init command, but without the --include functionality.
hostname | FQDN of the VOMS server |
port | the port on which the VOMS server is listening |
servsubject | the subject of the server's certificate |
command | the command sent to the server |
bool vomsdata::ContactRaw | ( | std::string | hostname, |
int | port, | ||
std::string | servsubject, | ||
std::string | command, | ||
std::string & | raw, | ||
int & | version | ||
) |
Same as Contact, however it does not start the verification process, and the message receviedfrom the server is not parsed.
hostname | FQDN of the VOMS server |
port | the port on which the VOMS server is listening |
servsubject | the subject of the server's certificate |
command | the command sent to the server |
raw | OUTPUT PARAMETER the answer from the server |
version | OUTPUT PARAMETER the version of the answer |
bool vomsdata::ContactRaw | ( | std::string | hostname, |
int | port, | ||
std::string | servsubject, | ||
std::string | command, | ||
std::string & | raw, | ||
int & | version, | ||
int | timeout | ||
) |
Same as Contact, however it does not start the verification process, and the message receviedfrom the server is not parsed.
hostname | FQDN of the VOMS server |
port | the port on which the VOMS server is listening |
servsubject | the subject of the server's certificate |
command | the command sent to the server |
raw | OUTPUT PARAMETER the answer from the server |
version | OUTPUT PARAMETER the version of the answer |
bool vomsdata::ContactRESTRaw | ( | const std::string & | , |
int | , | ||
const std::string & | , | ||
std::string & | , | ||
int | , | ||
int | |||
) |
bool vomsdata::DefaultData | ( | voms & | ) |
Get the default data extension from those present in the pseudo certificate
std::string vomsdata::ErrorMessage | ( | void | ) |
Gets a textual description of the error.
bool vomsdata::Export | ( | std::string & | data | ) |
Exports data from vomsdata::data to the format used for inclusion into a certificate.
The function doesn't verify the data
data | The certificate extension |
std::vector<contactdata> vomsdata::FindByAlias | ( | std::string | alias | ) |
Finds servers which share a common alias.
alias | The alias to look for. |
std::vector<contactdata> vomsdata::FindByVO | ( | std::string | vo | ) |
Finds servers which serve a common VO
vo | The VO name to look for. |
bool vomsdata::Import | ( | std::string | buffer | ) |
Converts data from the format used for inclusion into a certificate to the internal format
The function does verify the data.
buffer | contains the data to be converted |
std::vector<std::string> vomsdata::ListTargets | ( | void | ) |
Returns the list of targets.
bool vomsdata::LoadCredentials | ( | X509 * | , |
EVP_PKEY * | , | ||
STACK_OF(X509)* | |||
) |
bool vomsdata::LoadSystemContacts | ( | std::string | dir = "" | ) |
Loads the system wide configuration files.
dir | The directory in which the files are stored. |
If dir is empty, defaults to /opt/edg/etc/vomses.
bool vomsdata::LoadUserContacts | ( | std::string | dir = "" | ) |
Loads the user-specific configuration files.
dir | The directory in which the files are stored. |
If dir is empty, defaults to $VOMS_USERCONF. If this is empty too, defaults to $HOME/.edg/vomses, or to ~/.edg/vomses as a last resort.
void vomsdata::Order | ( | std::string | att | ) |
Sets up the ordering of the results.
Defines the ordering of the data returned by Contact(). Results are ordered in the same order as the calls to this function.
att | The attribute to be ordered. |
void vomsdata::ResetOrder | ( | void | ) |
Resets the ordering.
void vomsdata::ResetTargets | ( | void | ) |
Resets the target list.
bool vomsdata::Retrieve | ( | X509 * | cert, |
STACK_OF(X509)* | chain, | ||
recurse_type | how = RECURSE_CHAIN |
||
) |
Extracts the VOMS extension from an X.509 certificate. The function doesn't check the validity of the certificates, but it does check the content of the user data.
cert | The certificate with the VOMS extensions |
chain | The chain of the validation certificates (only the intermediate ones) |
how | Recursion type |
bool vomsdata::Retrieve | ( | X509_EXTENSION * | ext | ) |
Gets VOMS information from the given extension
ext | The extension to parse. |
bool vomsdata::Retrieve | ( | FILE * | file, |
recurse_type | how | ||
) |
Gets VOMS information from a proxy saved as a file.
file | the file name |
how | Recursion type |
Note: Does NOT verify that the proxy is valid. Such verification must be obtained through other means.
bool vomsdata::Retrieve | ( | AC * | ac | ) |
Gets VOMS information from the AC
ext | The extension to parse. |
bool vomsdata::RetrieveFromCred | ( | gss_cred_id_t | credential, |
recurse_type | how | ||
) |
Gets VOMS information from the given globus credential
credential | The credential from which to retrieve the certificate. |
how | Recursion type |
bool vomsdata::RetrieveFromCtx | ( | gss_ctx_id_t | context, |
recurse_type | how | ||
) |
Gets VOMS information from the given globus context
context | The context from which to retrieve the certificate. |
how | Recursion type |
bool vomsdata::RetrieveFromProxy | ( | recurse_type | how | ) |
Gets VOMS information from an existing globus proxy
how | Recursion type |
std::string vomsdata::ServerErrors | ( | void | ) |
Gets the error message returned by the server
void vomsdata::SetLifetime | ( | int | lifetime | ) |
Set requested lifetime for the Contact() call.
lifetime | Requested lifetime, in seconds |
void vomsdata::SetRetryCount | ( | int | retryCount | ) |
void vomsdata::SetVerificationTime | ( | time_t | ) |
void vomsdata::SetVerificationType | ( | verify_type | how | ) |
Sets the type of verification done on the data.
how | The type of verification. |
std::vector<voms> vomsdata::data |
User's info, as in the certificate extension. It may contain data gathered from more than one VOMS server,
Definition at line 368 of file voms_api.h.
Error code
Definition at line 213 of file voms_api.h.
std::string vomsdata::extra_data |
The data specified by the user with the --include switch.
Note that this field doesn't contain the result of a request to the VOMS server, but instead data specified by the user.
The reason for the introduction of this extension is to let a user include important data into his proxy certificate, like, for example, a kerberos ticket
Definition at line 372 of file voms_api.h.
std::string vomsdata::workvo |
The value of the -vo option of the voms-proxy-init command
Definition at line 371 of file voms_api.h.