54 #define XrdSecPROTOIDENT "pwd"
55 #define XrdSecPROTOIDLEN sizeof(XrdSecPROTOIDENT)
56 #define XrdSecpwdVERSION 10100
57 #define XrdSecNOIPCHK 0x0001
58 #define XrdSecDEBUG 0x1000
59 #define XrdCryptoMax 10
61 #define kMAXBUFLEN 1024
198 #define REL1(x) { if (x) delete x; }
199 #define REL2(x,y) { if (x) delete x; if (y) delete y; }
200 #define REL3(x,y,z) { if (x) delete x; if (y) delete y; if (z) delete z; }
203 #define PRINT(y) {{SecTrace->Beg(epname); cerr <<y; SecTrace->End();}}
208 #define SafeDelete(x) { if (x) delete x ; x = 0; }
209 #define SafeDelArray(x) { if (x) delete [] x ; x = 0; }
297 const char *parms = 0);
382 const char *msg1,
const char *msg2 = 0,
383 const char *msg3 = 0);
387 const char *msg2 = 0,
const char *msg3 = 0);
391 const char *msg2 = 0,
const char *msg3 = 0);
421 const char *tag = 0);
int kXR_int32
Definition: XPtypes.hh:89
#define SafeDelete(x)
Definition: XrdSecProtocolpwd.hh:208
kpwdUpdate
Definition: XrdSecProtocolpwd.hh:83
@ kpUP_remove
Definition: XrdSecProtocolpwd.hh:85
@ kpUP_all
Definition: XrdSecProtocolpwd.hh:86
@ kpUP_none
Definition: XrdSecProtocolpwd.hh:84
kpwdCredsInput
Definition: XrdSecProtocolpwd.hh:91
@ kpCI_prompt
Definition: XrdSecProtocolpwd.hh:93
@ kpCI_exact
Definition: XrdSecProtocolpwd.hh:94
@ kpCI_undef
Definition: XrdSecProtocolpwd.hh:92
@ kpCI_wildcard
Definition: XrdSecProtocolpwd.hh:95
kpwdAutoreg
Definition: XrdSecProtocolpwd.hh:75
@ kpAR_none
Definition: XrdSecProtocolpwd.hh:76
@ kpAR_all
Definition: XrdSecProtocolpwd.hh:78
@ kpAR_users
Definition: XrdSecProtocolpwd.hh:77
kpwdErrors
Definition: XrdSecProtocolpwd.hh:150
@ kPWErrParseBuffer
Definition: XrdSecProtocolpwd.hh:151
@ kPWErrBadOpt
Definition: XrdSecProtocolpwd.hh:176
@ kPWErrMarshal
Definition: XrdSecProtocolpwd.hh:177
@ kPWErrNoBuffer
Definition: XrdSecProtocolpwd.hh:181
@ kPWErrBadCreds
Definition: XrdSecProtocolpwd.hh:187
@ kPWErrBadPasswd
Definition: XrdSecProtocolpwd.hh:171
@ kPWErrSaveCreds
Definition: XrdSecProtocolpwd.hh:179
@ kPWErrEncRndmTag
Definition: XrdSecProtocolpwd.hh:165
@ kPWErrNoSessID
Definition: XrdSecProtocolpwd.hh:174
@ kPWErrExportPuK
Definition: XrdSecProtocolpwd.hh:164
@ kPWErrNoCipher
Definition: XrdSecProtocolpwd.hh:168
@ kPWErrNoSalt
Definition: XrdSecProtocolpwd.hh:180
@ kPWErrBadCache
Definition: XrdSecProtocolpwd.hh:172
@ kPWErrUnmarshal
Definition: XrdSecProtocolpwd.hh:178
@ kPWErrSerialBuffer
Definition: XrdSecProtocolpwd.hh:162
@ kPWErrBadUser
Definition: XrdSecProtocolpwd.hh:158
@ kPWErrQueryCreds
Definition: XrdSecProtocolpwd.hh:169
@ kPWErrNoUserHost
Definition: XrdSecProtocolpwd.hh:155
@ kPWErrInit
Definition: XrdSecProtocolpwd.hh:186
@ kPWErrNoPublic
Definition: XrdSecProtocolpwd.hh:183
@ kPWErrBadSessID
Definition: XrdSecProtocolpwd.hh:175
@ kPWErrNoCreds
Definition: XrdSecProtocolpwd.hh:170
@ kPWErrDuplicateBucket
Definition: XrdSecProtocolpwd.hh:160
@ kPWErrBadProtocol
Definition: XrdSecProtocolpwd.hh:154
@ kPWErrNoUser
Definition: XrdSecProtocolpwd.hh:156
@ kPWErrCreateBucket
Definition: XrdSecProtocolpwd.hh:159
@ kPWErrFinCipher
Definition: XrdSecProtocolpwd.hh:185
@ kPWErrLoadCrypto
Definition: XrdSecProtocolpwd.hh:153
@ kPWErrRefCipher
Definition: XrdSecProtocolpwd.hh:182
@ kPWErrBadRndmTag
Definition: XrdSecProtocolpwd.hh:166
@ kPWErrDecodeBuffer
Definition: XrdSecProtocolpwd.hh:152
@ kPWErrNoCache
Definition: XrdSecProtocolpwd.hh:173
@ kPWErrGenCipher
Definition: XrdSecProtocolpwd.hh:163
@ kPWErrNoRndmTag
Definition: XrdSecProtocolpwd.hh:167
@ kPWErrError
Definition: XrdSecProtocolpwd.hh:188
@ kPWErrCreateBuffer
Definition: XrdSecProtocolpwd.hh:161
@ kPWErrAddBucket
Definition: XrdSecProtocolpwd.hh:184
@ kPWErrNoHost
Definition: XrdSecProtocolpwd.hh:157
kpwdStatus
Definition: XrdSecProtocolpwd.hh:67
@ kpST_ok
Definition: XrdSecProtocolpwd.hh:69
@ kpST_more
Definition: XrdSecProtocolpwd.hh:70
@ kpST_error
Definition: XrdSecProtocolpwd.hh:68
XrdOucString String
Definition: XrdSecProtocolpwd.hh:52
kpwdClientSteps
Definition: XrdSecProtocolpwd.hh:125
@ kXPC_failureack
Definition: XrdSecProtocolpwd.hh:132
@ kXPC_autoreg
Definition: XrdSecProtocolpwd.hh:131
@ kXPC_reserved
Definition: XrdSecProtocolpwd.hh:133
@ kXPC_signedrtag
Definition: XrdSecProtocolpwd.hh:129
@ kXPC_normal
Definition: XrdSecProtocolpwd.hh:127
@ kXPC_creds
Definition: XrdSecProtocolpwd.hh:130
@ kXPC_verifysrv
Definition: XrdSecProtocolpwd.hh:128
@ kXPC_none
Definition: XrdSecProtocolpwd.hh:126
kpwdCredsActions
Definition: XrdSecProtocolpwd.hh:116
@ kpCA_cache
Definition: XrdSecProtocolpwd.hh:120
@ kpCA_undef
Definition: XrdSecProtocolpwd.hh:117
@ kpCA_checkold
Definition: XrdSecProtocolpwd.hh:119
@ kpCA_check
Definition: XrdSecProtocolpwd.hh:118
@ kpCA_checkcache
Definition: XrdSecProtocolpwd.hh:121
#define XrdCryptoMax
Definition: XrdSecProtocolpwd.hh:59
kpwdCredType
Definition: XrdSecProtocolpwd.hh:100
@ kpCT_afs
Definition: XrdSecProtocolpwd.hh:110
@ kpCT_old
Definition: XrdSecProtocolpwd.hh:104
@ kpCT_autoreg
Definition: XrdSecProtocolpwd.hh:107
@ kpCT_onetime
Definition: XrdSecProtocolpwd.hh:103
@ kpCT_newagain
Definition: XrdSecProtocolpwd.hh:106
@ kpCT_normal
Definition: XrdSecProtocolpwd.hh:102
@ kpCT_new
Definition: XrdSecProtocolpwd.hh:105
@ kpCT_crypt
Definition: XrdSecProtocolpwd.hh:109
@ kpCT_undef
Definition: XrdSecProtocolpwd.hh:101
@ kpCT_afsenc
Definition: XrdSecProtocolpwd.hh:111
@ kpCT_ar_again
Definition: XrdSecProtocolpwd.hh:108
kpwdServerSteps
Definition: XrdSecProtocolpwd.hh:137
@ kXPS_puk
Definition: XrdSecProtocolpwd.hh:144
@ kXPS_credsreq
Definition: XrdSecProtocolpwd.hh:140
@ kXPS_failure
Definition: XrdSecProtocolpwd.hh:145
@ kXPS_reserved
Definition: XrdSecProtocolpwd.hh:146
@ kXPS_none
Definition: XrdSecProtocolpwd.hh:138
@ kXPS_init
Definition: XrdSecProtocolpwd.hh:139
@ kXPS_signedrtag
Definition: XrdSecProtocolpwd.hh:142
@ kXPS_newpuk
Definition: XrdSecProtocolpwd.hh:143
@ kXPS_rtag
Definition: XrdSecProtocolpwd.hh:141
Definition: XrdCryptoCipher.hh:48
Definition: XrdCryptoFactory.hh:122
Definition: XrdNetAddrInfo.hh:54
Definition: XrdOucErrInfo.hh:99
Definition: XrdOucString.hh:254
Definition: XrdOucTrace.hh:36
Definition: XrdSecInterface.hh:131
Definition: XrdSecProtocolpwd.hh:286
static XrdOucTrace * EnableTracing()
static XrdSutPFCache cacheAlog
Definition: XrdSecProtocolpwd.hh:338
static XrdSutPFCache cacheAdmin
Definition: XrdSecProtocolpwd.hh:335
int ParseClientInput(XrdSutBuffer *br, XrdSutBuffer **bm, String &emsg)
static String DefError
Definition: XrdSecProtocolpwd.hh:322
static XrdSutPFCache cacheSrvPuk
Definition: XrdSecProtocolpwd.hh:336
int ExportCreds(XrdSutBucket *creds)
static int ncrypt
Definition: XrdSecProtocolpwd.hh:328
static XrdCryptoCipher * refcip[XrdCryptoMax]
Definition: XrdSecProtocolpwd.hh:332
static XrdSutPFCache cacheUser
Definition: XrdSecProtocolpwd.hh:337
static int TimeSkew
Definition: XrdSecProtocolpwd.hh:352
XrdSutBucket * QueryCreds(XrdSutBuffer *bm, bool netrc, int &status)
bool CheckCreds(XrdSutBucket *creds, int credtype)
static XrdSutPFile PFAdmin
Definition: XrdSecProtocolpwd.hh:323
static XrdSutPFile PFSrvPuk
Definition: XrdSecProtocolpwd.hh:325
static XrdSysLogger Logger
Definition: XrdSecProtocolpwd.hh:357
int AddSerialized(char opt, kXR_int32 step, String ID, XrdSutBuffer *bls, XrdSutBuffer *buf, kXR_int32 type, XrdCryptoCipher *cip)
bool CheckCredsAFS(XrdSutBucket *creds, int ctype)
bool srvMode
Definition: XrdSecProtocolpwd.hh:365
XrdSecCredentials * getCredentials(XrdSecParameters *parm=0, XrdOucErrInfo *einfo=0)
XrdSecProtocolpwd(int opts, const char *hname, XrdNetAddrInfo &endPoint, const char *parms=0)
static XrdSysError eDest
Definition: XrdSecProtocolpwd.hh:358
static String FileExpCreds
Definition: XrdSecProtocolpwd.hh:315
static bool SysPwd
Definition: XrdSecProtocolpwd.hh:344
virtual ~XrdSecProtocolpwd()
Definition: XrdSecProtocolpwd.hh:298
static XrdCryptoCipher * loccip[XrdCryptoMax]
Definition: XrdSecProtocolpwd.hh:331
int QueryCrypt(String &fn, String &pwhash)
static int AutoLogin
Definition: XrdSecProtocolpwd.hh:351
static bool Server
Definition: XrdSecProtocolpwd.hh:342
static void PrintTimeStat()
static int LifeCreds
Definition: XrdSecProtocolpwd.hh:348
static int cryptID[XrdCryptoMax]
Definition: XrdSecProtocolpwd.hh:329
static String SrvID
Definition: XrdSecProtocolpwd.hh:319
static XrdOucTrace * PWDTrace
Definition: XrdSecProtocolpwd.hh:359
static int FmtExpCreds
Definition: XrdSecProtocolpwd.hh:354
static XrdSysMutex pwdContext
Definition: XrdSecProtocolpwd.hh:313
static String FileUser
Definition: XrdSecProtocolpwd.hh:316
int ErrS(String ID, XrdOucErrInfo *einfo, XrdSutBuffer *b1, XrdSutBuffer *b2, XrdSutBuffer *b3, kXR_int32 ecode, const char *msg1=0, const char *msg2=0, const char *msg3=0)
bool CheckTimeStamp(XrdSutBuffer *b, int skew, String &emsg)
static char * Init(pwdOptions o, XrdOucErrInfo *erp)
char CName[256]
Definition: XrdSecProtocolpwd.hh:364
static int UserPwd
Definition: XrdSecProtocolpwd.hh:343
int GetUserHost(String &usr, String &host)
static String FileSrvPuk
Definition: XrdSecProtocolpwd.hh:318
int QueryUser(int &status, String &cmsg)
static void ErrF(XrdOucErrInfo *einfo, kXR_int32 ecode, const char *msg1, const char *msg2=0, const char *msg3=0)
int ParseServerInput(XrdSutBuffer *br, XrdSutBuffer **bm, String &cmsg)
void Delete()
Delete the protocol object. DO NOT use C++ delete() on this object.
XrdNetAddrInfo epAddr
Definition: XrdSecProtocolpwd.hh:362
int Authenticate(XrdSecCredentials *cred, XrdSecParameters **parms, XrdOucErrInfo *einfo=0)
XrdSecCredentials * ErrC(XrdOucErrInfo *einfo, XrdSutBuffer *b1, XrdSutBuffer *b2, XrdSutBuffer *b3, kXR_int32 ecode, const char *msg1=0, const char *msg2=0, const char *msg3=0)
pwdHSVars * hs
Definition: XrdSecProtocolpwd.hh:368
XrdSecCredentials * clientCreds
Definition: XrdSecProtocolpwd.hh:371
static bool KeepCreds
Definition: XrdSecProtocolpwd.hh:353
bool CheckRtag(XrdSutBuffer *bm, String &emsg)
int SaveCreds(XrdSutBucket *creds)
static int MaxPrompts
Definition: XrdSecProtocolpwd.hh:349
int QueryNetRc(String host, String &passwd, int &status)
int ParseCrypto(XrdSutBuffer *buf)
static String DefCrypto
Definition: XrdSecProtocolpwd.hh:321
static int VeriClnt
Definition: XrdSecProtocolpwd.hh:345
static int Debug
Definition: XrdSecProtocolpwd.hh:341
static String cryptName[XrdCryptoMax]
Definition: XrdSecProtocolpwd.hh:330
static int VeriSrv
Definition: XrdSecProtocolpwd.hh:346
static String SrvEmail
Definition: XrdSecProtocolpwd.hh:320
static int AutoReg
Definition: XrdSecProtocolpwd.hh:347
int DoubleHash(XrdCryptoFactory *cf, XrdSutBucket *bck, XrdSutBucket *s1, XrdSutBucket *s2=0, const char *tag=0)
static int MaxFailures
Definition: XrdSecProtocolpwd.hh:350
static XrdSutPFile PFAlog
Definition: XrdSecProtocolpwd.hh:324
static String FileCrypt
Definition: XrdSecProtocolpwd.hh:317
int options
Definition: XrdSecProtocolpwd.hh:363
static String FileAdmin
Definition: XrdSecProtocolpwd.hh:314
Definition: XrdSutBucket.hh:44
Definition: XrdSutBuffer.hh:43
Definition: XrdSutPFCache.hh:72
Definition: XrdSutPFEntry.hh:78
Definition: XrdSutPFile.hh:121
Definition: XrdSysError.hh:90
Definition: XrdSysLogger.hh:53
Definition: XrdSysPthread.hh:166
Definition: XrdSecProtocolpwd.hh:246
int TimeStamp
Definition: XrdSecProtocolpwd.hh:249
int LastStep
Definition: XrdSecProtocolpwd.hh:264
XrdCryptoCipher * Hcip
Definition: XrdSecProtocolpwd.hh:255
XrdCryptoCipher * Rcip
Definition: XrdSecProtocolpwd.hh:256
int Iter
Definition: XrdSecProtocolpwd.hh:248
pwdHSVars()
Definition: XrdSecProtocolpwd.hh:270
XrdCryptoFactory * CF
Definition: XrdSecProtocolpwd.hh:254
int Step
Definition: XrdSecProtocolpwd.hh:263
pwdStatus_t Status
Definition: XrdSecProtocolpwd.hh:261
~pwdHSVars()
Definition: XrdSecProtocolpwd.hh:277
XrdSutPFEntry * Pent
Definition: XrdSecProtocolpwd.hh:259
String ID
Definition: XrdSecProtocolpwd.hh:257
XrdSutPFEntry * Cref
Definition: XrdSecProtocolpwd.hh:258
bool Tty
Definition: XrdSecProtocolpwd.hh:262
String ErrMsg
Definition: XrdSecProtocolpwd.hh:265
bool RtagOK
Definition: XrdSecProtocolpwd.hh:260
int RemVers
Definition: XrdSecProtocolpwd.hh:253
int SysPwd
Definition: XrdSecProtocolpwd.hh:266
String CryptoMod
Definition: XrdSecProtocolpwd.hh:250
XrdSutBuffer * Parms
Definition: XrdSecProtocolpwd.hh:268
String User
Definition: XrdSecProtocolpwd.hh:251
String AFScell
Definition: XrdSecProtocolpwd.hh:267
String Tag
Definition: XrdSecProtocolpwd.hh:252
Definition: XrdSecProtocolpwd.hh:214
short mode
Definition: XrdSecProtocolpwd.hh:217
int maxprompts
Definition: XrdSecProtocolpwd.hh:225
char * srvpuk
Definition: XrdSecProtocolpwd.hh:232
char * dir
Definition: XrdSecProtocolpwd.hh:228
short areg
Definition: XrdSecProtocolpwd.hh:218
short keepcreds
Definition: XrdSecProtocolpwd.hh:233
char * clist
Definition: XrdSecProtocolpwd.hh:227
char * expcreds
Definition: XrdSecProtocolpwd.hh:234
short upwd
Definition: XrdSecProtocolpwd.hh:219
short vericlnt
Definition: XrdSecProtocolpwd.hh:222
int lifecreds
Definition: XrdSecProtocolpwd.hh:224
short debug
Definition: XrdSecProtocolpwd.hh:216
int maxfailures
Definition: XrdSecProtocolpwd.hh:226
short verisrv
Definition: XrdSecProtocolpwd.hh:221
char * udir
Definition: XrdSecProtocolpwd.hh:229
pwdOptions()
Definition: XrdSecProtocolpwd.hh:237
void Print(XrdOucTrace *t)
short alog
Definition: XrdSecProtocolpwd.hh:220
virtual ~pwdOptions()
Definition: XrdSecProtocolpwd.hh:242
int expfmt
Definition: XrdSecProtocolpwd.hh:235
short syspwd
Definition: XrdSecProtocolpwd.hh:223
char * alogfile
Definition: XrdSecProtocolpwd.hh:231
char * cpass
Definition: XrdSecProtocolpwd.hh:230
Generic structure to pass security information back and forth.
Definition: XrdSecInterface.hh:51
Definition: XrdSecProtocolpwd.hh:192
char ctype
Definition: XrdSecProtocolpwd.hh:193
char action
Definition: XrdSecProtocolpwd.hh:194
short options
Definition: XrdSecProtocolpwd.hh:195