XRootD
Classes | Public Member Functions | Static Public Member Functions | Public Attributes | Static Public Attributes | Protected Attributes | Static Protected Attributes | Friends | List of all members
XrdHttpProtocol Class Reference

#include <XrdHttpProtocol.hh>

+ Inheritance diagram for XrdHttpProtocol:
+ Collaboration diagram for XrdHttpProtocol:

Classes

struct  StaticPreloadInfo
 

Public Member Functions

 XrdHttpProtocol (bool imhttps)
 
 XrdHttpProtocol (const XrdHttpProtocol &)=default
 Ctor, dtors and copy ctor. More...
 
 ~XrdHttpProtocol ()
 
int doChksum (const XrdOucString &fname)
 Perform a checksum request. More...
 
void DoIt ()
 Override from the base class. More...
 
int doStat (char *fname)
 Perform a Stat request. More...
 
bool isHTTPS ()
 called via https More...
 
XrdProtocolMatch (XrdLink *lp)
 Tells if the oustanding bytes on the socket match this protocol implementation. More...
 
XrdHttpProtocol operator= (const XrdHttpProtocol &rhs)
 
int Process (XrdLink *lp)
 Process data incoming from the socket. More...
 
void Recycle (XrdLink *lp, int consec, const char *reason)
 Recycle this instance. More...
 
int Stats (char *buff, int blen, int do_sync=0)
 Get activity stats. More...
 
- Public Member Functions inherited from XrdProtocol
 XrdProtocol (const char *jname)
 
virtual ~XrdProtocol ()
 
- Public Member Functions inherited from XrdJob
 XrdJob (const char *desc="")
 
virtual ~XrdJob ()
 

Static Public Member Functions

static int Configure (char *parms, XrdProtocol_Config *pi)
 Read and apply the configuration. More...
 
static int parseHeader2CGI (XrdOucStream &Config, XrdSysError &err, std::map< std::string, std::string > &header2cgi)
 Use this function to parse header2cgi configurations. More...
 

Public Attributes

XrdObject< XrdHttpProtocolProtLink
 
XrdSecEntity SecEntity
 Authentication area. More...
 
- Public Attributes inherited from XrdJob
const char * Comment
 
XrdJobNextJob
 

Static Public Attributes

static XrdHttpChecksumHandler cksumHandler = XrdHttpChecksumHandler()
 
static XrdObjectQ< XrdHttpProtocolProtStack
 
static XrdHttpReadRangeHandler::Configuration ReadRangeConfig
 configuration for the read range handler More...
 

Protected Attributes

char * Addr_str
 
XrdXrootd::BridgeBridge
 The Bridge that we use to exercise the xrootd internals. More...
 
XrdHttpReq CurrentReq
 
XrdLinkLink
 The link we are bound to. More...
 

Static Protected Attributes

static XrdBuffManagerBPool = 0
 
static XrdSecServiceCIA = 0
 
static bool compatNameGeneration = false
 
static int crlRefIntervalSec = XrdTlsContext::DEFAULT_CRL_REF_INT_SEC
 CRL thread refresh interval. More...
 
static XrdSysError eDest = 0
 
static bool embeddedstatic = true
 If true, use the embedded css and icons. More...
 
static char * gridmap = 0
 Gridmap file location. The same used by XrdSecGsi. More...
 
static int hailWait = 60000
 Timeout for reading the handshake. More...
 
static std::map< std::string, std::string > hdr2cgimap
 Rules that turn HTTP headers to cgi tokens in the URL, for internal comsumption. More...
 
static bool isdesthttps = false
 True if the redirections must be towards https targets. More...
 
static bool isRequiredGridmap = false
 
static bool listdeny = false
 If true, any form of listing is denied. More...
 
static char * listredir = 0
 Url to redirect to in the case a listing is requested. More...
 
static BIO_METHOD * m_bio_method = NULL
 C-style vptr table for our custom BIO objects. More...
 
static int m_bio_type = 0
 Type identifier for our custom BIO objects. More...
 
static int m_maxdelay = -1
 
static std::unordered_map< std::string, std::vector< std::pair< std::string, std::string > > > m_staticheader_map
 The static headers to always return; map is from verb to a list of (header, val) pairs. More...
 
static std::unordered_map< std::string, std::string > m_staticheaders
 
static kXR_int32 myRole = kXR_isManager
 Our role. More...
 
static XrdNetPMarkpmarkHandle = nullptr
 Packet marking handler pointer (assigned from the environment during the Config() call) More...
 
static int Port = 1094
 Our port. More...
 
static char * Port_str = 0
 Our port, as a string. More...
 
static int readWait = 300000
 Timeout for reading data. More...
 
static XrdSchedulerSched = 0
 
static char * secretkey = 0
 The key used to calculate the url hashes. More...
 
static bool selfhttps2http = false
 If client is HTTPS, self-redirect with HTTP+token. More...
 
static XrdOucGMapservGMap = 0
 The instance of the DN mapper. Created only when a valid path is given. More...
 
static char * sslcadir = 0
 
static char * sslcafile = 0
 
static char * sslcert = 0
 OpenSSL stuff. More...
 
static char * sslcipherfilter = 0
 
static char * sslkey = 0
 
static int sslverifydepth = 9
 Depth of verification of a certificate chain. More...
 
static XrdOucHash< StaticPreloadInfo > * staticpreload = 0
 
static char * staticredir = 0
 
static bool tpcForwardCreds = false
 If set to true, the HTTP TPC transfers will forward the credentials to redirected hosts. More...
 
static char * xrd_cslist = nullptr
 The list of checksums that were configured via the xrd.cksum parameter on the server config file. More...
 
static XrdHttpCorsxrdcors = nullptr
 
static std::string xrdcorsLibPath
 

Friends

class XrdHttpExtReq
 
class XrdHttpReq
 

Detailed Description

Definition at line 81 of file XrdHttpProtocol.hh.

Class Documentation

◆ XrdHttpProtocol::StaticPreloadInfo

struct XrdHttpProtocol::StaticPreloadInfo

Definition at line 441 of file XrdHttpProtocol.hh.

+ Collaboration diagram for XrdHttpProtocol::StaticPreloadInfo:
Class Members
char * data
int len

Constructor & Destructor Documentation

◆ XrdHttpProtocol() [1/2]

XrdHttpProtocol::XrdHttpProtocol ( const XrdHttpProtocol )
default

Ctor, dtors and copy ctor.

Referenced by Match().

+ Here is the caller graph for this function:

◆ XrdHttpProtocol() [2/2]

XrdHttpProtocol::XrdHttpProtocol ( bool  imhttps)

Definition at line 203 of file XrdHttpProtocol.cc.

204 : XrdProtocol("HTTP protocol handler"), ProtLink(this),
205 SecEntity(""), CurrentReq(this, ReadRangeConfig) {
206  myBuff = 0;
207  Addr_str = 0;
208  Reset();
209  ishttps = imhttps;
210 
211 }
XrdHttpProtocol::ProtLink
XrdObject< XrdHttpProtocol > ProtLink
Definition: XrdHttpProtocol.hh:130
XrdHttpProtocol::CurrentReq
XrdHttpReq CurrentReq
Definition: XrdHttpProtocol.hh:380
XrdHttpProtocol::ReadRangeConfig
static XrdHttpReadRangeHandler::Configuration ReadRangeConfig
configuration for the read range handler
Definition: XrdHttpProtocol.hh:140
XrdHttpProtocol::SecEntity
XrdSecEntity SecEntity
Authentication area.
Definition: XrdHttpProtocol.hh:134
XrdProtocol::XrdProtocol
XrdProtocol(const char *jname)
Definition: XrdProtocol.hh:156

References Addr_str.

◆ ~XrdHttpProtocol()

XrdHttpProtocol::~XrdHttpProtocol ( )
inline

Definition at line 125 of file XrdHttpProtocol.hh.

125  {
126  Cleanup();
127  }

Member Function Documentation

◆ Configure()

int XrdHttpProtocol::Configure ( char *  parms,
XrdProtocol_Config pi 
)
static

Read and apply the configuration.

Definition at line 1752 of file XrdHttpProtocol.cc.

1752  {
1753  /*
1754  Function: Establish configuration at load time.
1755 
1756  Input: None.
1757 
1758  Output: 0 upon success or !0 otherwise.
1759  */
1760 
1761  char *rdf;
1762 
1763  // Copy out the special info we want to use at top level
1764  //
1765  eDest.logger(pi->eDest->logger());
1766  XrdHttpTrace.SetLogger(pi->eDest->logger());
1767  // SI = new XrdXrootdStats(pi->Stats);
1768  Sched = pi->Sched;
1769  BPool = pi->BPool;
1770  xrd_cslist = getenv("XRD_CSLIST");
1771 
1772  Port = pi->Port;
1773 
1774  // Copy out the current TLS context
1775  //
1776  xrdctx = pi->tlsCtx;
1777 
1778  {
1779  char buf[16];
1780  sprintf(buf, "%d", Port);
1781  Port_str = strdup(buf);
1782  }
1783 
1784  // Now process and configuration parameters
1785  //
1786  rdf = (parms && *parms ? parms : pi->ConfigFN);
1787  if (rdf && Config(rdf, pi->theEnv)) return 0;
1788  if (pi->DebugON) XrdHttpTrace.What = TRACE_ALL;
1789 
1790  // Set the redirect flag if we are a pure redirector
1791  myRole = kXR_isServer;
1792  if ((rdf = getenv("XRDROLE"))) {
1793  eDest.Emsg("Config", "XRDROLE: ", rdf);
1794 
1795  if (!strcasecmp(rdf, "manager") || !strcasecmp(rdf, "supervisor")) {
1796  myRole = kXR_isManager;
1797  eDest.Emsg("Config", "Configured as HTTP(s) redirector.");
1798  } else {
1799 
1800  eDest.Emsg("Config", "Configured as HTTP(s) data server.");
1801  }
1802 
1803  } else {
1804  eDest.Emsg("Config", "No XRDROLE specified.");
1805  }
1806 
1807  // Schedule protocol object cleanup
1808  //
1809  ProtStack.Set(pi->Sched, &XrdHttpTrace,
1810  (XrdHttpTrace.What & TRACE_MEM ? TRACE_MEM : 0));
1811  ProtStack.Set((pi->ConnMax / 3 ? pi->ConnMax / 3 : 30), 60 * 60);
1812 
1813  // Return success
1814  //
1815 
1816  return 1;
1817 }
kXR_isManager
#define kXR_isManager
Definition: XProtocol.hh:1156
kXR_isServer
#define kXR_isServer
Definition: XProtocol.hh:1157
XrdHttpTrace
XrdSysTrace XrdHttpTrace("http")
TRACE_MEM
#define TRACE_MEM
Definition: XrdTrace.hh:38
TRACE_ALL
#define TRACE_ALL
Definition: XrdTrace.hh:35
XrdHttpProtocol::Sched
static XrdScheduler * Sched
Definition: XrdHttpProtocol.hh:359
XrdHttpProtocol::myRole
static kXR_int32 myRole
Our role.
Definition: XrdHttpProtocol.hh:448
XrdHttpProtocol::Port_str
static char * Port_str
Our port, as a string.
Definition: XrdHttpProtocol.hh:399
XrdHttpProtocol::eDest
static XrdSysError eDest
Definition: XrdHttpProtocol.hh:361
XrdHttpProtocol::xrd_cslist
static char * xrd_cslist
The list of checksums that were configured via the xrd.cksum parameter on the server config file.
Definition: XrdHttpProtocol.hh:460
XrdHttpProtocol::ProtStack
static XrdObjectQ< XrdHttpProtocol > ProtStack
Definition: XrdHttpProtocol.hh:129
XrdHttpProtocol::Port
static int Port
Our port.
Definition: XrdHttpProtocol.hh:396
XrdHttpProtocol::BPool
static XrdBuffManager * BPool
Definition: XrdHttpProtocol.hh:360
XrdObjectQ::Set
void Set(int inQMax, time_t agemax=1800)
Definition: XrdObject.icc:90
XrdProtocol_Config::BPool
XrdBuffManager * BPool
Definition: XrdProtocol.hh:63
XrdProtocol_Config::Sched
XrdScheduler * Sched
Definition: XrdProtocol.hh:64
XrdProtocol_Config::Port
int Port
Definition: XrdProtocol.hh:73
XrdProtocol_Config::tlsCtx
XrdTlsContext * tlsCtx
Definition: XrdProtocol.hh:99
XrdProtocol_Config::ConnMax
int ConnMax
Definition: XrdProtocol.hh:90
XrdProtocol_Config::eDest
XrdSysError * eDest
Definition: XrdProtocol.hh:61
XrdProtocol_Config::theEnv
XrdOucEnv * theEnv
Definition: XrdProtocol.hh:66
XrdProtocol_Config::ConfigFN
char * ConfigFN
Definition: XrdProtocol.hh:71
XrdProtocol_Config::DebugON
char DebugON
Definition: XrdProtocol.hh:95
XrdSysError::Emsg
int Emsg(const char *esfx, int ecode, const char *text1, const char *text2=0)
Definition: XrdSysError.cc:95
XrdSysError::logger
XrdSysLogger * logger(XrdSysLogger *lp=0)
Definition: XrdSysError.hh:141
XrdSysTrace::SetLogger
void SetLogger(XrdSysLogger *logp)
Definition: XrdSysTrace.cc:65
XrdHttpProtoInfo::xrdctx
XrdTlsContext * xrdctx
Definition: XrdHttpProtocol.cc:139

References XrdProtocol_Config::BPool, BPool, XrdCms::Config, XrdProtocol_Config::ConfigFN, XrdProtocol_Config::ConnMax, XrdProtocol_Config::DebugON, XrdProtocol_Config::eDest, eDest, XrdSysError::Emsg(), kXR_isManager, kXR_isServer, XrdSysError::logger(), myRole, XrdProtocol_Config::Port, Port, Port_str, ProtStack, XrdProtocol_Config::Sched, Sched, XrdObjectQ< T >::Set(), XrdSysTrace::SetLogger(), XrdProtocol_Config::theEnv, XrdProtocol_Config::tlsCtx, TRACE_ALL, TRACE_MEM, XrdSysTrace::What, xrd_cslist, XrdHttpProtoInfo::xrdctx, and XrdHttpTrace.

Referenced by XrdgetProtocol().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ doChksum()

int XrdHttpProtocol::doChksum ( const XrdOucString fname)

Perform a checksum request.

Definition at line 3124 of file XrdHttpProtocol.cc.

3124  {
3125  size_t length;
3126  memset(&CurrentReq.xrdreq, 0, sizeof (ClientRequest));
3127  CurrentReq.xrdreq.query.requestid = htons(kXR_query);
3128  CurrentReq.xrdreq.query.infotype = htons(kXR_Qcksum);
3129  memset(CurrentReq.xrdreq.query.reserved1, '\0', sizeof(CurrentReq.xrdreq.query.reserved1));
3130  memset(CurrentReq.xrdreq.query.fhandle, '\0', sizeof(CurrentReq.xrdreq.query.fhandle));
3131  memset(CurrentReq.xrdreq.query.reserved2, '\0', sizeof(CurrentReq.xrdreq.query.reserved2));
3132  length = fname.length() + 1;
3133  CurrentReq.xrdreq.query.dlen = htonl(length);
3134 
3135  if (!Bridge) return -1;
3136 
3137  return Bridge->Run(reinterpret_cast<char *>(&CurrentReq.xrdreq), const_cast<char *>(fname.c_str()), length) ? 0 : -1;
3138 }
ClientQueryRequest::requestid
kXR_unt16 requestid
Definition: XProtocol.hh:630
ClientQueryRequest::reserved1
kXR_char reserved1[2]
Definition: XProtocol.hh:632
ClientQueryRequest::infotype
kXR_unt16 infotype
Definition: XProtocol.hh:631
ClientQueryRequest::reserved2
kXR_char reserved2[8]
Definition: XProtocol.hh:634
ClientQueryRequest::fhandle
kXR_char fhandle[4]
Definition: XProtocol.hh:633
kXR_query
@ kXR_query
Definition: XProtocol.hh:113
ClientRequest::query
struct ClientQueryRequest query
Definition: XProtocol.hh:866
kXR_Qcksum
@ kXR_Qcksum
Definition: XProtocol.hh:617
XrdHttpProtocol::Bridge
XrdXrootd::Bridge * Bridge
The Bridge that we use to exercise the xrootd internals.
Definition: XrdHttpProtocol.hh:375
XrdHttpReq::xrdreq
ClientRequest xrdreq
The last issued xrd request, often pending.
Definition: XrdHttpReq.hh:322
XrdOucString::c_str
const char * c_str() const
Definition: XrdOucString.hh:278
XrdOucString::length
int length() const
Definition: XrdOucString.hh:279
XrdXrootd::Bridge::Run
virtual bool Run(const char *xreqP, char *xdataP=0, int xdataL=0)=0

References Bridge, XrdOucString::c_str(), CurrentReq, ClientQueryRequest::dlen, ClientQueryRequest::fhandle, ClientQueryRequest::infotype, kXR_Qcksum, kXR_query, XrdOucString::length(), ClientRequest::query, ClientQueryRequest::requestid, ClientQueryRequest::reserved1, ClientQueryRequest::reserved2, XrdXrootd::Bridge::Run(), and XrdHttpReq::xrdreq.

Referenced by XrdHttpReq::ProcessHTTPReq().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ DoIt()

void XrdHttpProtocol::DoIt ( )
inlinevirtual

Override from the base class.

Implements XrdJob.

Definition at line 92 of file XrdHttpProtocol.hh.

92  {
93  if (Resume) (*this.*Resume)();
94  }

◆ doStat()

int XrdHttpProtocol::doStat ( char *  fname)

Perform a Stat request.

Definition at line 3096 of file XrdHttpProtocol.cc.

3096  {
3097  int l;
3098  bool b;
3099  CurrentReq.filesize = 0;
3100  CurrentReq.fileflags = 0;
3101  CurrentReq.filemodtime = 0;
3102 
3103  memset(&CurrentReq.xrdreq, 0, sizeof (ClientRequest));
3104  CurrentReq.xrdreq.stat.requestid = htons(kXR_stat);
3105  memset(CurrentReq.xrdreq.stat.reserved, 0,
3106  sizeof (CurrentReq.xrdreq.stat.reserved));
3107  l = strlen(fname) + 1;
3108  CurrentReq.xrdreq.stat.dlen = htonl(l);
3109 
3110  if (!Bridge) return -1;
3111  b = Bridge->Run((char *) &CurrentReq.xrdreq, fname, l);
3112  if (!b) {
3113  return -1;
3114  }
3115 
3116 
3117  return 0;
3118 }
ClientStatRequest::reserved
kXR_char reserved[11]
Definition: XProtocol.hh:770
kXR_stat
@ kXR_stat
Definition: XProtocol.hh:129
ClientStatRequest::requestid
kXR_unt16 requestid
Definition: XProtocol.hh:768
ClientRequest::stat
struct ClientStatRequest stat
Definition: XProtocol.hh:873
ClientStatRequest::dlen
kXR_int32 dlen
Definition: XProtocol.hh:772
XrdHttpReq::fileflags
long fileflags
Definition: XrdHttpReq.hh:338
XrdHttpReq::filemodtime
long filemodtime
Definition: XrdHttpReq.hh:339
XrdHttpReq::filesize
long long filesize
Definition: XrdHttpReq.hh:337

References Bridge, CurrentReq, ClientStatRequest::dlen, XrdHttpReq::fileflags, XrdHttpReq::filemodtime, XrdHttpReq::filesize, kXR_stat, ClientStatRequest::requestid, ClientStatRequest::reserved, XrdXrootd::Bridge::Run(), ClientRequest::stat, and XrdHttpReq::xrdreq.

Referenced by XrdHttpReq::ProcessHTTPReq().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ isHTTPS()

bool XrdHttpProtocol::isHTTPS ( )
inline

called via https

Definition at line 143 of file XrdHttpProtocol.hh.

143 { return ishttps; }

Referenced by XrdHttpExtReq::XrdHttpExtReq().

+ Here is the caller graph for this function:

◆ Match()

XrdProtocol * XrdHttpProtocol::Match ( XrdLink lp)
virtual

Tells if the oustanding bytes on the socket match this protocol implementation.

Implements XrdProtocol.

Definition at line 229 of file XrdHttpProtocol.cc.

229  {
230  char mybuf[16], mybuf2[1024];
231  XrdHttpProtocol *hp;
232  int dlen;
233  bool myishttps = false;
234 
235  // Peek at the first 20 bytes of data
236  //
237  if ((dlen = lp->Peek(mybuf, (int) sizeof (mybuf), hailWait)) < (int) sizeof (mybuf)) {
238  if (dlen <= 0) lp->setEtext("handshake not received");
239  return (XrdProtocol *) 0;
240  }
241  mybuf[dlen - 1] = '\0';
242 
243  // Trace the data
244  //
245 
246  TRACEI(DEBUG, "received dlen: " << dlen);
247  //TRACEI(REQ, "received buf: " << mybuf);
248  mybuf2[0] = '\0';
249  for (int i = 0; i < dlen; i++) {
250  char mybuf3[16];
251  sprintf(mybuf3, "%.02d ", mybuf[i]);
252  strcat(mybuf2, mybuf3);
253 
254  }
255  TRACEI(DEBUG, "received dump: " << mybuf2);
256 
257  // Decide if it looks http or not. For now we are happy if all the received characters are alphanumeric
258  bool ismine = true;
259  for (int i = 0; i < dlen - 1; i++)
260  if (!isprint(mybuf[i]) && (mybuf[i] != '\r') && (mybuf[i] != '\n')) {
261  ismine = false;
262  TRACEI(DEBUG, "This does not look like http at pos " << i);
263  break;
264  }
265 
266  // If it does not look http then look if it looks like https
267  if ((!ismine) && (dlen >= 4)) {
268  char check[4] = {00, 00, 00, 00};
269  if (memcmp(mybuf, check, 4)) {
270 
271  if (httpsmode) {
272  ismine = true;
273  myishttps = true;
274  TRACEI(DEBUG, "This may look like https");
275  } else {
276  TRACEI(ALL, "This may look like https, but https is not configured");
277  }
278 
279  }
280  }
281 
282  if (!ismine) {
283  TRACEI(DEBUG, "This does not look like https. Protocol not matched.");
284  return (XrdProtocol *) 0;
285  }
286 
287  // It does look http or https...
288  // Get a protocol object off the stack (if none, allocate a new one)
289  //
290 
291  TRACEI(REQ, "Protocol matched. https: " << myishttps);
292  if (!(hp = ProtStack.Pop())) hp = new XrdHttpProtocol(myishttps);
293  else
294  hp->ishttps = myishttps;
295 
296  // We now have to do some work arounds to tell the underlying framework
297  // that is is https without invoking TLS on the actual link. Eventually,
298  // we should just use the link's TLS native implementation.
299  //
300  hp->SecEntity.addrInfo = lp->AddrInfo();
301  XrdNetAddr *netP = const_cast<XrdNetAddr*>(lp->NetAddr());
302  netP->SetDialect("https");
303  netP->SetTLS(true);
304 
305  // Allocate 1MB buffer from pool
306  if (!hp->myBuff) {
307  hp->myBuff = BPool->Obtain(1024 * 1024);
308  }
309  hp->myBuffStart = hp->myBuffEnd = hp->myBuff->buff;
310 
311  // Bind the protocol to the link and return the protocol
312  //
313  hp->Link = lp;
314  return (XrdProtocol *) hp;
315 }
DEBUG
#define DEBUG(x)
Definition: XrdBwmTrace.hh:54
TRACEI
#define TRACEI(act, x)
Definition: XrdTrace.hh:66
XrdBuffManager::Obtain
XrdBuffer * Obtain(int bsz)
Definition: XrdBuffer.cc:140
XrdBuffer::buff
char * buff
Definition: XrdBuffer.hh:45
XrdHttpProtocol::hailWait
static int hailWait
Timeout for reading the handshake.
Definition: XrdHttpProtocol.hh:390
XrdHttpProtocol::Link
XrdLink * Link
The link we are bound to.
Definition: XrdHttpProtocol.hh:365
XrdHttpProtocol::XrdHttpProtocol
XrdHttpProtocol(const XrdHttpProtocol &)=default
Ctor, dtors and copy ctor.
XrdNetAddr::SetDialect
void SetDialect(const char *dP)
Definition: XrdNetAddr.hh:205
XrdNetAddr::SetTLS
void SetTLS(bool val)
Definition: XrdNetAddr.cc:590
XrdObjectQ::Pop
T * Pop()
Definition: XrdObject.hh:93
XrdSecEntity::addrInfo
XrdNetAddrInfo * addrInfo
Entity's connection details.
Definition: XrdSecEntity.hh:80

References XrdHttpProtocol(), XrdLink::AddrInfo(), XrdSecEntity::addrInfo, BPool, XrdBuffer::buff, DEBUG, hailWait, XrdHttpProtoInfo::httpsmode, Link, XrdLink::NetAddr(), XrdBuffManager::Obtain(), XrdLink::Peek(), XrdObjectQ< T >::Pop(), ProtStack, SecEntity, XrdNetAddr::SetDialect(), XrdLink::setEtext(), XrdNetAddr::SetTLS(), and TRACEI.

+ Here is the call graph for this function:

◆ operator=()

XrdHttpProtocol XrdHttpProtocol::operator= ( const XrdHttpProtocol rhs)

Definition at line 218 of file XrdHttpProtocol.cc.

218  {
219 
220  return *this;
221 }

◆ parseHeader2CGI()

int XrdHttpProtocol::parseHeader2CGI ( XrdOucStream Config,
XrdSysError err,
std::map< std::string, std::string > &  header2cgi 
)
static

Use this function to parse header2cgi configurations.

Definition at line 1822 of file XrdHttpProtocol.cc.

1822  {
1823  char *val, keybuf[1024], parmbuf[1024];
1824  char *parm;
1825 
1826  // Get the header key
1827  val = Config.GetWord();
1828  if (!val || !val[0]) {
1829  err.Emsg("Config", "No headerkey specified.");
1830  return 1;
1831  } else {
1832 
1833  // Trim the beginning, in place
1834  while ( *val && !isalnum(*val) ) val++;
1835  strcpy(keybuf, val);
1836 
1837  // Trim the end, in place
1838  char *pp;
1839  pp = keybuf + strlen(keybuf) - 1;
1840  while ( (pp >= keybuf) && (!isalnum(*pp)) ) {
1841  *pp = '\0';
1842  pp--;
1843  }
1844 
1845  parm = Config.GetWord();
1846 
1847  // Avoids segfault in case a key is given without value
1848  if(!parm || !parm[0]) {
1849  err.Emsg("Config", "No header2cgi value specified. key: '", keybuf, "'");
1850  return 1;
1851  }
1852 
1853  // Trim the beginning, in place
1854  while ( *parm && !isalnum(*parm) ) parm++;
1855  strcpy(parmbuf, parm);
1856 
1857  // Trim the end, in place
1858  pp = parmbuf + strlen(parmbuf) - 1;
1859  while ( (pp >= parmbuf) && (!isalnum(*pp)) ) {
1860  *pp = '\0';
1861  pp--;
1862  }
1863 
1864  // Add this mapping to the map that will be used
1865  try {
1866  header2cgi[keybuf] = parmbuf;
1867  } catch ( ... ) {
1868  err.Emsg("Config", "Can't insert new header2cgi rule. key: '", keybuf, "'");
1869  return 1;
1870  }
1871 
1872  }
1873  return 0;
1874 }
XrdCms::Config
XrdCmsConfig Config
Definition: XrdCmsConfig.cc:108

References XrdCms::Config, and XrdSysError::Emsg().

+ Here is the call graph for this function:

◆ Process()

int XrdHttpProtocol::Process ( XrdLink lp)
virtual

Process data incoming from the socket.

Implements XrdProtocol.

Definition at line 491 of file XrdHttpProtocol.cc.

492 {
493  int rc = 0;
494 
495  TRACEI(DEBUG, " Process. lp:"<<(void *)lp<<" reqstate: "<<CurrentReq.reqstate);
496 
497  if (!myBuff || !myBuff->buff || !myBuff->bsize) {
498  TRACE(ALL, " Process. No buffer available. Internal error.");
499  return -1;
500  }
501 
502 
503  if (!SecEntity.host) {
504  char *nfo = GetClientIPStr();
505  if (nfo) {
506  TRACEI(REQ, " Setting host: " << nfo);
507  SecEntity.host = nfo;
508  strcpy(SecEntity.prot, "http");
509  }
510  }
511 
512 
513 
514  // If https then check independently for the ssl handshake
515  if (ishttps && !ssldone) {
516 
517  if (!ssl) {
518  sbio = CreateBIO(Link);
519  BIO_set_nbio(sbio, 1);
520  ssl = (SSL*)xrdctx->Session();
521  }
522 
523  if (!ssl) {
524  TRACEI(DEBUG, " SSL_new returned NULL");
525  ERR_print_errors(sslbio_err);
526  return -1;
527  }
528 
529  // If a secxtractor has been loaded
530  // maybe it wants to add its own initialization bits
531  if (secxtractor)
532  secxtractor->InitSSL(ssl, sslcadir);
533 
534  SSL_set_bio(ssl, sbio, sbio);
535  //SSL_set_connect_state(ssl);
536 
537  //SSL_set_fd(ssl, Link->FDnum());
538  struct timeval tv;
539  tv.tv_sec = 10;
540  tv.tv_usec = 0;
541  setsockopt(Link->FDnum(), SOL_SOCKET, SO_RCVTIMEO, (struct timeval *)&tv, sizeof(struct timeval));
542  setsockopt(Link->FDnum(), SOL_SOCKET, SO_SNDTIMEO, (struct timeval *)&tv, sizeof(struct timeval));
543 
544  TRACEI(DEBUG, " Entering SSL_accept...");
545  int res = SSL_accept(ssl);
546  TRACEI(DEBUG, " SSL_accept returned :" << res);
547  if ((res == -1) && (SSL_get_error(ssl, res) == SSL_ERROR_WANT_READ)) {
548  TRACEI(DEBUG, " SSL_accept wants to read more bytes... err:" << SSL_get_error(ssl, res));
549  return 1;
550  }
551 
552  if(res <= 0) {
553  ERR_print_errors(sslbio_err);
554  if (res < 0) {
555 
556  SSL_free(ssl);
557  ssl = 0;
558  return -1;
559  }
560  }
561 
562  BIO_set_nbio(sbio, 0);
563 
564  strcpy(SecEntity.prot, "https");
565 
566  // Get the voms string and auth information
567  if (tlsClientAuth && HandleAuthentication(Link)) {
568  SSL_free(ssl);
569  ssl = 0;
570  return -1;
571  }
572 
573  ssldone = true;
574  if (TRACING(TRACE_AUTH)) {
575  SecEntity.Display(eDest);
576  }
577  }
578 
579 
580 
581  if (!DoingLogin) {
582  // Re-invocations triggered by the bridge have lp==0
583  // In this case we keep track of a different request state
584  if (lp) {
585 
586  // This is an invocation that was triggered by a socket event
587  // Read all the data that is available, throw it into the buffer
588  if ((rc = getDataOneShot(BuffAvailable())) < 0) {
589  // Error -> exit
590  return -1;
591  }
592 
593  // If we need more bytes, let's wait for another invokation
594  if (BuffUsed() < ResumeBytes) return 1;
595 
596 
597  } else
598  CurrentReq.reqstate++;
599  } else if (!DoneSetInfo && !CurrentReq.userAgent().empty()) { // DoingLogin is true, meaning the login finished.
600  std::string mon_info = "monitor info " + CurrentReq.userAgent();
601  DoneSetInfo = true;
602  if (mon_info.size() >= 1024) {
603  TRACEI(ALL, "User agent string too long");
604  } else if (!Bridge) {
605  TRACEI(ALL, "Internal logic error: Bridge is null after login");
606  } else {
607  TRACEI(DEBUG, "Setting " << mon_info);
608  memset(&CurrentReq.xrdreq, 0, sizeof (ClientRequest));
609  CurrentReq.xrdreq.set.requestid = htons(kXR_set);
610  CurrentReq.xrdreq.set.modifier = '\0';
611  memset(CurrentReq.xrdreq.set.reserved, '\0', sizeof(CurrentReq.xrdreq.set.reserved));
612  CurrentReq.xrdreq.set.dlen = htonl(mon_info.size());
613  if (!Bridge->Run((char *) &CurrentReq.xrdreq, (char *) mon_info.c_str(), mon_info.size())) {
614  SendSimpleResp(500, nullptr, nullptr, "Could not set user agent.", 0, false);
615  return -1;
616  }
617  return 0;
618  }
619  } else {
620  DoingLogin = false;
621  }
622 
623  // Read the next request header, that is, read until a double CRLF is found
624 
625 
626  if (!CurrentReq.headerok) {
627 
628  // Read as many lines as possible into the buffer. An empty line breaks
629  while ((rc = BuffgetLine(tmpline)) > 0) {
630  std::string traceLine = tmpline.c_str();
631  if (TRACING(TRACE_DEBUG)) {
632  traceLine = obfuscateAuth(traceLine);
633  }
634  TRACE(DEBUG, " rc:" << rc << " got hdr line: " << traceLine);
635  if ((rc == 2) && (tmpline.length() > 1) && (tmpline[rc - 1] == '\n')) {
636  CurrentReq.headerok = true;
637  TRACE(DEBUG, " rc:" << rc << " detected header end.");
638  break;
639  }
640 
641 
642  if (CurrentReq.request == CurrentReq.rtUnset) {
643  TRACE(DEBUG, " Parsing first line: " << traceLine.c_str());
644  int result = CurrentReq.parseFirstLine((char *)tmpline.c_str(), tmpline.length());
645  if (result < 0) {
646  TRACE(DEBUG, " Parsing of first line failed with " << result);
647  return -1;
648  }
649  } else {
650  int result = CurrentReq.parseLine((char *) tmpline.c_str(), tmpline.length());
651  if(result < 0) {
652  TRACE(DEBUG, " Parsing of header line failed with " << result)
653  SendSimpleResp(400,NULL,NULL,"Malformed header line. Hint: ensure the line finishes with \"\\r\\n\"", 0, false);
654  return -1;
655  }
656  }
657 
658 
659  }
660 
661  // Here we have CurrentReq loaded with the header, or its relevant fields
662 
663  if (!CurrentReq.headerok) {
664  TRACEI(REQ, " rc:" << rc << "Header not yet complete.");
665 
666  // Here a subtle error condition. IF we failed reading a line AND the buffer
667  // has a reasonable amount of data available THEN we consider the header
668  // as corrupted and shutdown the client
669  if ((rc <= 0) && (BuffUsed() >= 16384)) {
670  TRACEI(ALL, "Corrupted header detected, or line too long. Disconnecting client.");
671  return -1;
672  }
673 
674 
675  if (CurrentReq.reqstate > 0)
676  CurrentReq.reqstate--;
677  // Waiting for more data
678  return 1;
679  }
680 
681  }
682 
683  // If we are in self-redirect mode, then let's do it
684  // Do selfredirect only with 'simple' requests, otherwise poor clients may misbehave
685  if (ishttps && ssldone && selfhttps2http &&
686  ( (CurrentReq.request == XrdHttpReq::rtGET) || (CurrentReq.request == XrdHttpReq::rtPUT) ||
687  (CurrentReq.request == XrdHttpReq::rtPROPFIND)) ) {
688  char hash[512];
689  time_t timenow = time(0);
690 
691 
692  calcHashes(hash, CurrentReq.resource.c_str(), (kXR_int16) CurrentReq.request,
693  &SecEntity,
694  timenow,
695  secretkey);
696 
697 
698 
699  if (hash[0]) {
700 
701  // Workaround... delete the previous opaque information
702  if (CurrentReq.opaque) {
703  delete CurrentReq.opaque;
704  CurrentReq.opaque = 0;
705  }
706 
707  TRACEI(REQ, " rc:" << rc << " self-redirecting to http with security token.");
708 
709  XrdOucString dest = "Location: http://";
710  // Here I should put the IP addr of the server
711 
712  // We have to recompute it here because we don't know to which
713  // interface the client had connected to
714  struct sockaddr_storage sa;
715  socklen_t sl = sizeof(sa);
716  getsockname(this->Link->AddrInfo()->SockFD(), (struct sockaddr*)&sa, &sl);
717 
718  // now get it back and print it
719  char buf[256];
720  bool ok = false;
721 
722  switch (sa.ss_family) {
723  case AF_INET:
724  if (inet_ntop(AF_INET, &(((sockaddr_in*)&sa)->sin_addr), buf, INET_ADDRSTRLEN)) {
725  if (Addr_str) free(Addr_str);
726  Addr_str = strdup(buf);
727  ok = true;
728  }
729  break;
730  case AF_INET6:
731  if (inet_ntop(AF_INET6, &(((sockaddr_in6*)&sa)->sin6_addr), buf, INET6_ADDRSTRLEN)) {
732  if (Addr_str) free(Addr_str);
733  Addr_str = (char *)malloc(strlen(buf)+3);
734  strcpy(Addr_str, "[");
735  strcat(Addr_str, buf);
736  strcat(Addr_str, "]");
737  ok = true;
738  }
739  break;
740  default:
741  TRACEI(REQ, " Can't recognize the address family of the local host.");
742  }
743 
744  if (ok) {
745  dest += Addr_str;
746  dest += ":";
747  dest += Port_str;
748  dest += CurrentReq.resource.c_str();
749  TRACEI(REQ," rc:"<<rc<<" self-redirecting to http with security token: '"
750  << dest.c_str() << "'");
751 
752 
753  CurrentReq.appendOpaque(dest, &SecEntity, hash, timenow);
754  SendSimpleResp(302, NULL, (char *) dest.c_str(), 0, 0, true);
755  CurrentReq.reset();
756  return -1;
757  }
758 
759  TRACEI(REQ, " rc:" << rc << " Can't perform self-redirection.");
760 
761  }
762  else {
763  TRACEI(ALL, " Could not calculate self-redirection hash");
764  }
765  }
766 
767  // If this is not https, then extract the signed information from the url
768  // and fill the SecEntity structure as if we were using https
769  if (!ishttps && !ssldone) {
770 
771 
772  if (CurrentReq.opaque) {
773  char * tk = CurrentReq.opaque->Get("xrdhttptk");
774  // If there is a hash then we use it as authn info
775  if (tk) {
776 
777  time_t tim = 0;
778  char * t = CurrentReq.opaque->Get("xrdhttptime");
779  if (t) tim = atoi(t);
780  if (!t) {
781  TRACEI(REQ, " xrdhttptime not specified. Authentication failed.");
782  return -1;
783  }
784  if (abs(time(0) - tim) > XRHTTP_TK_GRACETIME) {
785  TRACEI(REQ, " Token expired. Authentication failed.");
786  return -1;
787  }
788 
789  // Fill the Secentity from the fields in the URL:name, vo, host
790  char *nfo;
791 
792  nfo = CurrentReq.opaque->Get("xrdhttpvorg");
793  if (nfo) {
794  TRACEI(DEBUG, " Setting vorg: " << nfo);
795  SecEntity.vorg = strdup(nfo);
796  TRACEI(REQ, " Setting vorg: " << SecEntity.vorg);
797  }
798 
799  nfo = CurrentReq.opaque->Get("xrdhttpname");
800  if (nfo) {
801  TRACEI(DEBUG, " Setting name: " << nfo);
802  SecEntity.name = strdup(decode_str(nfo).c_str());
803  TRACEI(REQ, " Setting name: " << SecEntity.name);
804  }
805 
806  nfo = CurrentReq.opaque->Get("xrdhttphost");
807  if (nfo) {
808  TRACEI(DEBUG, " Setting host: " << nfo);
809  if (SecEntity.host) free(SecEntity.host);
810  SecEntity.host = strdup(decode_str(nfo).c_str());
811  TRACEI(REQ, " Setting host: " << SecEntity.host);
812  }
813 
814  nfo = CurrentReq.opaque->Get("xrdhttpdn");
815  if (nfo) {
816  TRACEI(DEBUG, " Setting dn: " << nfo);
817  SecEntity.moninfo = strdup(decode_str(nfo).c_str());
818  TRACEI(REQ, " Setting dn: " << SecEntity.moninfo);
819  }
820 
821  nfo = CurrentReq.opaque->Get("xrdhttprole");
822  if (nfo) {
823  TRACEI(DEBUG, " Setting role: " << nfo);
824  SecEntity.role = strdup(decode_str(nfo).c_str());
825  TRACEI(REQ, " Setting role: " << SecEntity.role);
826  }
827 
828  nfo = CurrentReq.opaque->Get("xrdhttpgrps");
829  if (nfo) {
830  TRACEI(DEBUG, " Setting grps: " << nfo);
831  SecEntity.grps = strdup(decode_str(nfo).c_str());
832  TRACEI(REQ, " Setting grps: " << SecEntity.grps);
833  }
834 
835  nfo = CurrentReq.opaque->Get("xrdhttpendorsements");
836  if (nfo) {
837  TRACEI(DEBUG, " Setting endorsements: " << nfo);
838  SecEntity.endorsements = strdup(decode_str(nfo).c_str());
839  TRACEI(REQ, " Setting endorsements: " << SecEntity.endorsements);
840  }
841 
842  nfo = CurrentReq.opaque->Get("xrdhttpcredslen");
843  if (nfo) {
844  TRACEI(DEBUG, " Setting credslen: " << nfo);
845  char *s1 = strdup(decode_str(nfo).c_str());
846  if (s1 && s1[0]) {
847  SecEntity.credslen = atoi(s1);
848  TRACEI(REQ, " Setting credslen: " << SecEntity.credslen);
849  }
850  if (s1) free(s1);
851  }
852 
853  if (SecEntity.credslen) {
854  nfo = CurrentReq.opaque->Get("xrdhttpcreds");
855  if (nfo) {
856  TRACEI(DEBUG, " Setting creds: " << nfo);
857  SecEntity.creds = strdup(decode_str(nfo).c_str());
858  TRACEI(REQ, " Setting creds: " << SecEntity.creds);
859  }
860  }
861 
862  char hash[512];
863 
864  calcHashes(hash, CurrentReq.resource.c_str(), (kXR_int16) CurrentReq.request,
865  &SecEntity,
866  tim,
867  secretkey);
868 
869  if (compareHash(hash, tk)) {
870  TRACEI(REQ, " Invalid tk '" << tk << "' != '" << hash << "'(calculated). Authentication failed.");
871  return -1;
872  }
873 
874  } else {
875  // Client is plain http. If we have a secret key then we reject it
876  if (secretkey) {
877  TRACEI(ALL, " Rejecting plain http with no valid token as we have a secretkey.");
878  return -1;
879  }
880  }
881 
882  } else {
883  // Client is plain http. If we have a secret key then we reject it
884  if (secretkey) {
885  TRACEI(ALL, " Rejecting plain http with no valid token as we have a secretkey.");
886  return -1;
887  }
888  }
889 
890  ssldone = true;
891  }
892 
893 
894 
895  // Now we have everything that is needed to try the login
896  // Remember that if there is an exthandler then it has the responsibility
897  // for authorization in the paths that it manages
898  if (!Bridge && !FindMatchingExtHandler(CurrentReq)) {
899  if (SecEntity.name)
900  Bridge = XrdXrootd::Bridge::Login(&CurrentReq, Link, &SecEntity, SecEntity.name, ishttps ? "https" : "http");
901  else
902  Bridge = XrdXrootd::Bridge::Login(&CurrentReq, Link, &SecEntity, "unknown", ishttps ? "https" : "http");
903 
904  if (!Bridge) {
905  TRACEI(REQ, " Authorization failed.");
906  return -1;
907  }
908  if (m_maxdelay > 0) Bridge->SetWait(m_maxdelay, false);
909 
910  // Let the bridge process the login, and then reinvoke us
911  DoingLogin = true;
912  return 0;
913  }
914 
915  // Compute and send the response. This may involve further reading from the socket
916  rc = CurrentReq.ProcessHTTPReq();
917  if (rc < 0)
918  CurrentReq.reset();
919 
920 
921 
922  TRACEI(REQ, "Process is exiting rc:" << rc);
923  return rc;
924 }
ClientRequest::set
struct ClientSetRequest set
Definition: XProtocol.hh:871
kXR_set
@ kXR_set
Definition: XProtocol.hh:130
ClientSetRequest::requestid
kXR_unt16 requestid
Definition: XProtocol.hh:719
ClientSetRequest::dlen
kXR_int32 dlen
Definition: XProtocol.hh:722
ClientSetRequest::modifier
kXR_char modifier
Definition: XProtocol.hh:721
ClientSetRequest::reserved
kXR_char reserved[15]
Definition: XProtocol.hh:720
kXR_int16
short kXR_int16
Definition: XPtypes.hh:66
XRHTTP_TK_GRACETIME
#define XRHTTP_TK_GRACETIME
Definition: XrdHttpProtocol.cc:61
TRACE_AUTH
#define TRACE_AUTH
Definition: XrdHttpTrace.hh:48
compareHash
int compareHash(const char *h1, const char *h2)
Definition: XrdHttpUtils.cc:355
calcHashes
void calcHashes(char *hash, const char *fn, kXR_int16 request, XrdSecEntity *secent, time_t tim, const char *key)
Definition: XrdHttpUtils.cc:219
decode_str
std::string decode_str(const std::string &str)
Definition: XrdHttpUtils.hh:210
obfuscateAuth
std::string obfuscateAuth(const std::string &input)
Definition: XrdOucUtils.cc:1534
TRACE_DEBUG
#define TRACE_DEBUG
Definition: XrdTrace.hh:36
TRACE
#define TRACE(act, x)
Definition: XrdTrace.hh:63
TRACING
#define TRACING(x)
Definition: XrdTrace.hh:70
XrdBuffer::bsize
int bsize
Definition: XrdBuffer.hh:46
XrdHttpProtocol::secretkey
static char * secretkey
The key used to calculate the url hashes.
Definition: XrdHttpProtocol.hh:413
XrdHttpProtocol::selfhttps2http
static bool selfhttps2http
If client is HTTPS, self-redirect with HTTP+token.
Definition: XrdHttpProtocol.hh:428
XrdHttpProtocol::m_maxdelay
static int m_maxdelay
Definition: XrdHttpProtocol.hh:438
XrdHttpProtocol::sslcadir
static char * sslcadir
Definition: XrdHttpProtocol.hh:402
XrdHttpReq::reqstate
int reqstate
State machine to talk to the bridge.
Definition: XrdHttpReq.hh:348
XrdHttpReq::resource
XrdOucString resource
The resource specified by the request, stripped of opaque data.
Definition: XrdHttpReq.hh:266
XrdHttpReq::headerok
bool headerok
Tells if we have finished reading the header.
Definition: XrdHttpReq.hh:274
XrdHttpReq::request
ReqType request
The request we got.
Definition: XrdHttpReq.hh:258
XrdHttpReq::ProcessHTTPReq
int ProcessHTTPReq()
Definition: XrdHttpReq.cc:839
XrdHttpReq::opaque
XrdOucEnv * opaque
The opaque data, after parsing.
Definition: XrdHttpReq.hh:268
XrdHttpReq::parseFirstLine
int parseFirstLine(char *line, int len)
Parse the first line of the header.
Definition: XrdHttpReq.cc:265
XrdHttpReq::parseLine
int parseLine(char *line, int len)
Parse the header.
Definition: XrdHttpReq.cc:117
XrdHttpReq::appendOpaque
void appendOpaque(XrdOucString &s, XrdSecEntity *secent, char *hash, time_t tnow)
Definition: XrdHttpReq.cc:639
XrdHttpReq::userAgent
const std::string & userAgent() const
Definition: XrdHttpReq.hh:254
XrdHttpReq::reset
virtual void reset()
Definition: XrdHttpReq.cc:2700
XrdHttpSecXtractor::InitSSL
virtual int InitSSL(SSL *, char *)
Definition: XrdHttpSecXtractor.hh:52
XrdOucEnv::Get
char * Get(const char *varname)
Definition: XrdOucEnv.hh:69
XrdSecEntity::vorg
char * vorg
Entity's virtual organization(s)
Definition: XrdSecEntity.hh:71
XrdSecEntity::credslen
int credslen
Length of the 'creds' data.
Definition: XrdSecEntity.hh:78
XrdSecEntity::prot
char prot[XrdSecPROTOIDSIZE]
Auth protocol used (e.g. krb5)
Definition: XrdSecEntity.hh:67
XrdSecEntity::creds
char * creds
Raw entity credentials or cert.
Definition: XrdSecEntity.hh:77
XrdSecEntity::grps
char * grps
Entity's group name(s)
Definition: XrdSecEntity.hh:73
XrdSecEntity::name
char * name
Entity's name.
Definition: XrdSecEntity.hh:69
XrdSecEntity::role
char * role
Entity's role(s)
Definition: XrdSecEntity.hh:72
XrdSecEntity::endorsements
char * endorsements
Protocol specific endorsements.
Definition: XrdSecEntity.hh:75
XrdSecEntity::Display
void Display(XrdSysError &mDest)
Definition: XrdSecEntity.cc:58
XrdSecEntity::moninfo
char * moninfo
Information for monitoring.
Definition: XrdSecEntity.hh:76
XrdSecEntity::host
char * host
Entity's host name dnr dependent.
Definition: XrdSecEntity.hh:70
XrdTlsContext::Session
void * Session()
Definition: XrdTlsContext.cc:896
XrdXrootd::Bridge::Login
static Bridge * Login(Result *rsltP, XrdLink *linkP, XrdSecEntity *seceP, const char *nameP, const char *protP)
Definition: XrdXrootdBridge.cc:38
XrdXrootd::Bridge::SetWait
virtual void SetWait(int wtime, bool notify=false)=0

References Addr_str, XrdLink::AddrInfo(), XrdHttpReq::appendOpaque(), Bridge, XrdBuffer::bsize, XrdBuffer::buff, XrdOucString::c_str(), calcHashes(), compareHash(), XrdSecEntity::creds, XrdSecEntity::credslen, CurrentReq, DEBUG, decode_str(), XrdSecEntity::Display(), ClientSetRequest::dlen, eDest, XrdSecEntity::endorsements, XrdLink::FDnum(), XrdOucEnv::Get(), XrdSecEntity::grps, XrdHttpReq::headerok, XrdSecEntity::host, XrdHttpSecXtractor::InitSSL(), kXR_set, XrdOucString::length(), Link, XrdXrootd::Bridge::Login(), m_maxdelay, ClientSetRequest::modifier, XrdSecEntity::moninfo, XrdSecEntity::name, obfuscateAuth(), XrdHttpReq::opaque, XrdHttpReq::parseFirstLine(), XrdHttpReq::parseLine(), Port_str, XrdHttpReq::ProcessHTTPReq(), XrdSecEntity::prot, XrdHttpReq::reqstate, XrdHttpReq::request, ClientSetRequest::requestid, ClientSetRequest::reserved, XrdHttpReq::reset(), XrdHttpReq::resource, XrdSecEntity::role, XrdHttpReq::rtGET, XrdHttpReq::rtPROPFIND, XrdHttpReq::rtPUT, XrdHttpReq::rtUnset, XrdXrootd::Bridge::Run(), SecEntity, secretkey, selfhttps2http, XrdTlsContext::Session(), ClientRequest::set, XrdXrootd::Bridge::SetWait(), XrdNetAddrInfo::SockFD(), sslcadir, XrdHttpProtoInfo::tlsClientAuth, TRACE, TRACE_AUTH, TRACE_DEBUG, TRACEI, TRACING, XrdHttpReq::userAgent(), XrdSecEntity::vorg, XrdHttpProtoInfo::xrdctx, XrdHttpReq::xrdreq, and XRHTTP_TK_GRACETIME.

+ Here is the call graph for this function:

◆ Recycle()

void XrdHttpProtocol::Recycle ( XrdLink lp,
int  consec,
const char *  reason 
)
virtual

Recycle this instance.

Implements XrdProtocol.

Definition at line 932 of file XrdHttpProtocol.cc.

932  {
933 
934  // Release all appendages
935  //
936 
937  Cleanup();
938 
939 
940  // Set fields to starting point (debugging mostly)
941  //
942  Reset();
943 
944  // Push ourselves on the stack
945  //
946  ProtStack.Push(&ProtLink);
947 }
XrdObjectQ::Push
void Push(XrdObject< T > *Node)
Definition: XrdObject.hh:101

References ProtLink, ProtStack, and XrdObjectQ< T >::Push().

+ Here is the call graph for this function:

◆ Stats()

int XrdHttpProtocol::Stats ( char *  buff,
int  blen,
int  do_sync = 0 
)
virtual

Get activity stats.

Implements XrdProtocol.

Definition at line 949 of file XrdHttpProtocol.cc.

949  {
950  // Synchronize statistics if need be
951  //
952  // if (do_sync) {
953  //
954  // SI->statsMutex.Lock();
955  // SI->readCnt += numReads;
956  // cumReads += numReads;
957  // numReads = 0;
958  // SI->prerCnt += numReadP;
959  // cumReadP += numReadP;
960  // numReadP = 0;
961  // SI->rvecCnt += numReadV;
962  // cumReadV += numReadV;
963  // numReadV = 0;
964  // SI->rsegCnt += numSegsV;
965  // cumSegsV += numSegsV;
966  // numSegsV = 0;
967  // SI->writeCnt += numWrites;
968  // cumWrites += numWrites;
969  // numWrites = 0;
970  // SI->statsMutex.UnLock();
971  // }
972  //
973  // // Now return the statistics
974  // //
975  // return SI->Stats(buff, blen, do_sync);
976 
977  return 0;
978 }

Friends And Related Function Documentation

◆ XrdHttpExtReq

friend class XrdHttpExtReq
friend

Definition at line 84 of file XrdHttpProtocol.hh.

◆ XrdHttpReq

friend class XrdHttpReq
friend

Definition at line 83 of file XrdHttpProtocol.hh.

Member Data Documentation

◆ Addr_str

char* XrdHttpProtocol::Addr_str
protected

Our IP address, as a string. Please remember that this may not be unique for a given machine, hence we need to keep it here and recompute ad every new connection.

Definition at line 369 of file XrdHttpProtocol.hh.

Referenced by XrdHttpProtocol(), and Process().

◆ BPool

XrdBuffManager * XrdHttpProtocol::BPool = 0
staticprotected

Definition at line 360 of file XrdHttpProtocol.hh.

Referenced by Configure(), and Match().

◆ Bridge

XrdXrootd::Bridge* XrdHttpProtocol::Bridge
protected

The Bridge that we use to exercise the xrootd internals.

Definition at line 375 of file XrdHttpProtocol.hh.

Referenced by doChksum(), doStat(), Process(), and XrdHttpReq::ProcessHTTPReq().

◆ CIA

XrdSecService * XrdHttpProtocol::CIA = 0
staticprotected

Definition at line 362 of file XrdHttpProtocol.hh.

◆ cksumHandler

XrdHttpChecksumHandler XrdHttpProtocol::cksumHandler = XrdHttpChecksumHandler()
static

Definition at line 137 of file XrdHttpProtocol.hh.

Referenced by XrdHttpReq::ProcessHTTPReq().

◆ compatNameGeneration

bool XrdHttpProtocol::compatNameGeneration = false
staticprotected

Definition at line 410 of file XrdHttpProtocol.hh.

◆ crlRefIntervalSec

int XrdHttpProtocol::crlRefIntervalSec = XrdTlsContext::DEFAULT_CRL_REF_INT_SEC
staticprotected

CRL thread refresh interval.

Definition at line 405 of file XrdHttpProtocol.hh.

◆ CurrentReq

XrdHttpReq XrdHttpProtocol::CurrentReq
protected

Area for coordinating request and responses to/from the bridge This also can process HTTP/DAV stuff

Definition at line 380 of file XrdHttpProtocol.hh.

Referenced by doChksum(), doStat(), and Process().

◆ eDest

XrdSysError XrdHttpProtocol::eDest = 0
staticprotected

Definition at line 361 of file XrdHttpProtocol.hh.

Referenced by Configure(), and Process().

◆ embeddedstatic

bool XrdHttpProtocol::embeddedstatic = true
staticprotected

If true, use the embedded css and icons.

Definition at line 431 of file XrdHttpProtocol.hh.

Referenced by XrdHttpReq::ProcessHTTPReq().

◆ gridmap

char * XrdHttpProtocol::gridmap = 0
staticprotected

Gridmap file location. The same used by XrdSecGsi.

Definition at line 408 of file XrdHttpProtocol.hh.

◆ hailWait

int XrdHttpProtocol::hailWait = 60000
staticprotected

Timeout for reading the handshake.

Definition at line 390 of file XrdHttpProtocol.hh.

Referenced by Match().

◆ hdr2cgimap

std::map< std::string, std::string > XrdHttpProtocol::hdr2cgimap
staticprotected

Rules that turn HTTP headers to cgi tokens in the URL, for internal comsumption.

Definition at line 451 of file XrdHttpProtocol.hh.

Referenced by XrdHttpReq::parseLine().

◆ isdesthttps

bool XrdHttpProtocol::isdesthttps = false
staticprotected

True if the redirections must be towards https targets.

Definition at line 419 of file XrdHttpProtocol.hh.

Referenced by XrdHttpReq::Redir().

◆ isRequiredGridmap

bool XrdHttpProtocol::isRequiredGridmap = false
staticprotected

Definition at line 409 of file XrdHttpProtocol.hh.

◆ Link

XrdLink* XrdHttpProtocol::Link
protected

The link we are bound to.

Definition at line 365 of file XrdHttpProtocol.hh.

Referenced by XrdHttpExtReq::GetClientID(), Match(), and Process().

◆ listdeny

bool XrdHttpProtocol::listdeny = false
staticprotected

If true, any form of listing is denied.

Definition at line 425 of file XrdHttpProtocol.hh.

Referenced by XrdHttpReq::ProcessHTTPReq().

◆ listredir

char * XrdHttpProtocol::listredir = 0
staticprotected

Url to redirect to in the case a listing is requested.

Definition at line 422 of file XrdHttpProtocol.hh.

Referenced by XrdHttpReq::ProcessHTTPReq().

◆ m_bio_method

BIO_METHOD * XrdHttpProtocol::m_bio_method = NULL
staticprotected

C-style vptr table for our custom BIO objects.

Definition at line 457 of file XrdHttpProtocol.hh.

◆ m_bio_type

int XrdHttpProtocol::m_bio_type = 0
staticprotected

Type identifier for our custom BIO objects.

Definition at line 454 of file XrdHttpProtocol.hh.

◆ m_maxdelay

int XrdHttpProtocol::m_maxdelay = -1
staticprotected

Definition at line 438 of file XrdHttpProtocol.hh.

Referenced by Process().

◆ m_staticheader_map

std::unordered_map<std::string, std::vector<std::pair<std::string, std::string> > > XrdHttpProtocol::m_staticheader_map
staticprotected

The static headers to always return; map is from verb to a list of (header, val) pairs.

Definition at line 469 of file XrdHttpProtocol.hh.

◆ m_staticheaders

std::unordered_map<std::string, std::string> XrdHttpProtocol::m_staticheaders
staticprotected

The static string version of m_staticheader_map. After config parsing is done, this is computed and we won't need to reference m_staticheader_map in the response path.

Definition at line 473 of file XrdHttpProtocol.hh.

◆ myRole

kXR_int32 XrdHttpProtocol::myRole = kXR_isManager
staticprotected

Our role.

Definition at line 448 of file XrdHttpProtocol.hh.

Referenced by Configure(), and XrdHttpReq::ProcessHTTPReq().

◆ pmarkHandle

XrdNetPMark * XrdHttpProtocol::pmarkHandle = nullptr
staticprotected

Packet marking handler pointer (assigned from the environment during the Config() call)

Definition at line 463 of file XrdHttpProtocol.hh.

Referenced by XrdHttpExtReq::XrdHttpExtReq(), and XrdHttpReq::parseLine().

◆ Port

int XrdHttpProtocol::Port = 1094
staticprotected

Our port.

Definition at line 396 of file XrdHttpProtocol.hh.

Referenced by Configure().

◆ Port_str

char * XrdHttpProtocol::Port_str = 0
staticprotected

Our port, as a string.

Definition at line 399 of file XrdHttpProtocol.hh.

Referenced by Configure(), and Process().

◆ ProtLink

XrdObject<XrdHttpProtocol> XrdHttpProtocol::ProtLink

Definition at line 130 of file XrdHttpProtocol.hh.

Referenced by Recycle().

◆ ProtStack

XrdObjectQ< XrdHttpProtocol > XrdHttpProtocol::ProtStack
static

Definition at line 129 of file XrdHttpProtocol.hh.

Referenced by Configure(), Match(), and Recycle().

◆ ReadRangeConfig

XrdHttpReadRangeHandler::Configuration XrdHttpProtocol::ReadRangeConfig
static

configuration for the read range handler

Definition at line 140 of file XrdHttpProtocol.hh.

◆ readWait

int XrdHttpProtocol::readWait = 300000
staticprotected

Timeout for reading data.

Definition at line 393 of file XrdHttpProtocol.hh.

◆ Sched

XrdScheduler * XrdHttpProtocol::Sched = 0
staticprotected

Definition at line 359 of file XrdHttpProtocol.hh.

Referenced by Configure().

◆ SecEntity

XrdSecEntity XrdHttpProtocol::SecEntity

Authentication area.

Definition at line 134 of file XrdHttpProtocol.hh.

Referenced by XrdHttpExtReq::XrdHttpExtReq(), XrdHttpExtReq::GetSecEntity(), Match(), Process(), and XrdHttpReq::Redir().

◆ secretkey

char * XrdHttpProtocol::secretkey = 0
staticprotected

The key used to calculate the url hashes.

Definition at line 413 of file XrdHttpProtocol.hh.

Referenced by Process(), and XrdHttpReq::Redir().

◆ selfhttps2http

bool XrdHttpProtocol::selfhttps2http = false
staticprotected

If client is HTTPS, self-redirect with HTTP+token.

Definition at line 428 of file XrdHttpProtocol.hh.

Referenced by Process().

◆ servGMap

XrdOucGMap * XrdHttpProtocol::servGMap = 0
staticprotected

The instance of the DN mapper. Created only when a valid path is given.

Definition at line 372 of file XrdHttpProtocol.hh.

◆ sslcadir

char * XrdHttpProtocol::sslcadir = 0
staticprotected

Definition at line 402 of file XrdHttpProtocol.hh.

Referenced by Process().

◆ sslcafile

char * XrdHttpProtocol::sslcafile = 0
staticprotected

Definition at line 402 of file XrdHttpProtocol.hh.

◆ sslcert

char * XrdHttpProtocol::sslcert = 0
staticprotected

OpenSSL stuff.

Definition at line 402 of file XrdHttpProtocol.hh.

◆ sslcipherfilter

char * XrdHttpProtocol::sslcipherfilter = 0
staticprotected

Definition at line 402 of file XrdHttpProtocol.hh.

◆ sslkey

char * XrdHttpProtocol::sslkey = 0
staticprotected

Definition at line 402 of file XrdHttpProtocol.hh.

◆ sslverifydepth

int XrdHttpProtocol::sslverifydepth = 9
staticprotected

Depth of verification of a certificate chain.

Definition at line 416 of file XrdHttpProtocol.hh.

◆ staticpreload

XrdOucHash< XrdHttpProtocol::StaticPreloadInfo > * XrdHttpProtocol::staticpreload = 0
staticprotected

Definition at line 445 of file XrdHttpProtocol.hh.

Referenced by XrdHttpReq::ProcessHTTPReq().

◆ staticredir

char * XrdHttpProtocol::staticredir = 0
staticprotected

Definition at line 434 of file XrdHttpProtocol.hh.

Referenced by XrdHttpReq::ProcessHTTPReq().

◆ tpcForwardCreds

bool XrdHttpProtocol::tpcForwardCreds = false
staticprotected

If set to true, the HTTP TPC transfers will forward the credentials to redirected hosts.

Definition at line 466 of file XrdHttpProtocol.hh.

Referenced by XrdHttpExtReq::XrdHttpExtReq().

◆ xrd_cslist

char * XrdHttpProtocol::xrd_cslist = nullptr
staticprotected

The list of checksums that were configured via the xrd.cksum parameter on the server config file.

Definition at line 460 of file XrdHttpProtocol.hh.

Referenced by Configure().

◆ xrdcors

XrdHttpCors * XrdHttpProtocol::xrdcors = nullptr
staticprotected

Definition at line 384 of file XrdHttpProtocol.hh.

◆ xrdcorsLibPath

std::string XrdHttpProtocol::xrdcorsLibPath
staticprotected

Definition at line 382 of file XrdHttpProtocol.hh.

The documentation for this class was generated from the following files: