XRootD
Public Member Functions | Public Attributes | Protected Member Functions | List of all members
XrdSecProtocol Class Referenceabstract

#include <XrdSecInterface.hh>

+ Inheritance diagram for XrdSecProtocol:
+ Collaboration diagram for XrdSecProtocol:

Public Member Functions

 XrdSecProtocol (const char *pName)
 Constructor. More...
 
virtual int Authenticate (XrdSecCredentials *cred, XrdSecParameters **parms, XrdOucErrInfo *einfo=0)=0
 
virtual int Decrypt (const char *inbuff, int inlen, XrdSecBuffer **outbuff)
 
virtual void Delete ()=0
 Delete the protocol object. DO NOT use C++ delete() on this object. More...
 
virtual int Encrypt (const char *inbuff, int inlen, XrdSecBuffer **outbuff)
 
virtual XrdSecCredentialsgetCredentials (XrdSecParameters *parm=0, XrdOucErrInfo *einfo=0)=0
 
virtual int getKey (char *buff=0, int size=0)
 
virtual bool needTLS ()
 Check if this protocol requires TLS to properly function. More...
 
virtual int setKey (char *buff, int size)
 
virtual int Sign (const char *inbuff, int inlen, XrdSecBuffer **outbuff)
 
virtual int Verify (const char *inbuff, int inlen, const char *sigbuff, int siglen)
 

Public Attributes

XrdSecEntity Entity
 

Protected Member Functions

virtual ~XrdSecProtocol ()
 Destructor (prevents use of direct delete). More...
 

Detailed Description

Definition at line 130 of file XrdSecInterface.hh.

Constructor & Destructor Documentation

◆ XrdSecProtocol()

XrdSecProtocol::XrdSecProtocol ( const char *  pName)
inline

Constructor.

Definition at line 317 of file XrdSecInterface.hh.

317 : Entity(pName) {}
XrdSecProtocol::Entity
XrdSecEntity Entity
Definition: XrdSecInterface.hh:139

◆ ~XrdSecProtocol()

virtual XrdSecProtocol::~XrdSecProtocol ( )
inlineprotectedvirtual

Destructor (prevents use of direct delete).

Definition at line 324 of file XrdSecInterface.hh.

324 {}

Member Function Documentation

◆ Authenticate()

virtual int XrdSecProtocol::Authenticate ( XrdSecCredentials cred,
XrdSecParameters **  parms,
XrdOucErrInfo einfo = 0 
)
pure virtual

Authenticate a client.

Parameters
credCredentials supplied by the client.
parmsPlace where the address of additional authentication data is to be placed for another autrhentication handshake.
einfoThe error information object where error messages should be placed. The messages are returned to the client. Should einfo be null, messages should be written to stderr.
Returns
> 0 -> parms present (more authentication needed) = 0 -> Entity present (authentication succeeded) < 0 -> einfo present (error has occurred)

Implemented in XrdSecProtocolztn, XrdSecProtocolunix, XrdSecProtocolsss, XrdSecProtocolpwd, XrdSecProtocolkrb5, XrdSecProtocolgsi, XrdSecTLayer, XrdSecProtocolhost, and XrdSecProtNone.

Referenced by XrdCmsSecurity::Authenticate(), and main().

+ Here is the caller graph for this function:

◆ Decrypt()

virtual int XrdSecProtocol::Decrypt ( const char *  inbuff,
int  inlen,
XrdSecBuffer **  outbuff 
)
inlinevirtual

Decrypt data in inbuff using the session key.

Parameters
inbuffbuffer holding data to be decrypted.
inlenlength of the data.
outbuffplace where a pointer to the decrypted data is placed.
Returns
< 0 Failed,the return value is -errno (see Encrypt). = 0 Success, outbuff contains a pointer to the decrypted data. The caller is responsible for deleting the returned object.

Reimplemented in XrdSecProtocolgsi.

Definition at line 214 of file XrdSecInterface.hh.

218 {
219  (void) inbuff; (void) inlen; (void) outbuff;
220  return -ENOTSUP;
221 }

◆ Delete()

virtual void XrdSecProtocol::Delete ( )
pure virtual

Delete the protocol object. DO NOT use C++ delete() on this object.

Implemented in XrdSecTLayer, XrdSecProtocolztn, XrdSecProtocolunix, XrdSecProtocolsss, XrdSecProtocolpwd, XrdSecProtocolkrb5, XrdSecProtocolgsi, XrdSecProtocolhost, and XrdSecProtNone.

Referenced by XrdCmsSecurity::Authenticate(), XrdCmsSecurity::Identify(), and main().

+ Here is the caller graph for this function:

◆ Encrypt()

virtual int XrdSecProtocol::Encrypt ( const char *  inbuff,
int  inlen,
XrdSecBuffer **  outbuff 
)
inlinevirtual

Encrypt data in inbuff using the session key.

Parameters
inbuffbuffer holding data to be encrypted.
inlenlength of the data.
outbuffplace where a pointer to the encrypted data is placed.
Returns
< 0 Failed, the return value is -errno of the reason. Typically, -EINVAL - one or more arguments are invalid. -NOTSUP - encryption not supported by the protocol -ENOENT - Context not innitialized = 0 Success, outbuff contains a pointer to the encrypted data. The caller is responsible for deleting the returned object.

Reimplemented in XrdSecProtocolgsi.

Definition at line 193 of file XrdSecInterface.hh.

197 {
198  (void) inbuff; (void) inlen; (void) outbuff;
199  return -ENOTSUP;
200 }

◆ getCredentials()

virtual XrdSecCredentials* XrdSecProtocol::getCredentials ( XrdSecParameters parm = 0,
XrdOucErrInfo einfo = 0 
)
pure virtual

Generate client credentials to be used in the authentication process.

Parameters
parmPointer to the information returned by the server either in the initial login response or the authmore response.
einfoThe error information object where error messages should be placed. The messages are returned to the client. Should einfo be null, messages should be written to stderr.
Returns
Success: Pointer to credentials to sent to the server. The caller is responsible for deleting the object. Failure: Null pointer with einfo, if supplied, containing the reason for the failure.

Implemented in XrdSecProtocolsss, XrdSecProtocolztn, XrdSecProtocolunix, XrdSecProtocolpwd, XrdSecProtocolkrb5, XrdSecProtocolgsi, XrdSecTLayer, XrdSecProtocolhost, and XrdSecProtNone.

Referenced by XrdCmsSecurity::Identify(), and main().

+ Here is the caller graph for this function:

◆ getKey()

virtual int XrdSecProtocol::getKey ( char *  buff = 0,
int  size = 0 
)
inlinevirtual

Get the current encryption key (i.e. session key)

Parameters
buffbuffer to hold the key, and may be null.
sizesize of the buffer.
Returns
< 0 Failed, returned value if -errno (see Encrypt) >= 0 The size of the encyption key. The supplied buffer of length size hold the key. If the buffer address is supplied, the key is placed in the buffer.

Reimplemented in XrdSecProtocolgsi.

Definition at line 279 of file XrdSecInterface.hh.

280 {
281  (void) buff; (void) size;
282  return -ENOTSUP;
283 }

Referenced by XrdSecProtector::New4Client(), and XrdSecProtector::New4Server().

+ Here is the caller graph for this function:

◆ needTLS()

virtual bool XrdSecProtocol::needTLS ( )
inlinevirtual

Check if this protocol requires TLS to properly function.

Reimplemented in XrdSecProtocolztn.

Definition at line 305 of file XrdSecInterface.hh.

305 {return false;}

◆ setKey()

virtual int XrdSecProtocol::setKey ( char *  buff,
int  size 
)
inlinevirtual

Set the current encryption key

Parameters
buffbuffer that holds the key.
sizesize of the key.
Returns
: < 0 Failed, returned value if -errno (see Encrypt) = 0 The new key has been set.

Reimplemented in XrdSecProtocolgsi.

Definition at line 295 of file XrdSecInterface.hh.

296 {
297  (void) buff; (void) size;
298  return -ENOTSUP;
299 }

◆ Sign()

virtual int XrdSecProtocol::Sign ( const char *  inbuff,
int  inlen,
XrdSecBuffer **  outbuff 
)
inlinevirtual

Sign data in inbuff using the session key.

Parameters
inbuffbuffer holding data to be signed.
inlenlength of the data.
outbuffplace where a pointer to the signature is placed.
Returns
< 0 Failed,the return value is -errno (see Encrypt). = 0 Success, outbuff contains a pointer to the signature. The caller is responsible for deleting the returned object.

Reimplemented in XrdSecProtocolgsi.

Definition at line 235 of file XrdSecInterface.hh.

239 {
240  (void) inbuff; (void) inlen; (void) outbuff;
241  return -ENOTSUP;
242 }

◆ Verify()

virtual int XrdSecProtocol::Verify ( const char *  inbuff,
int  inlen,
const char *  sigbuff,
int  siglen 
)
inlinevirtual

Verify a signature using the session key.

Parameters
inbuffbuffer holding data to be verified.
inlenlength of the data.
sigbuffpointer to the signature data.
siglenlength of the signature data.
Returns
< 0 Failed,the return value is -errno (see Encrypt). = 0 Success, signature is correct. > 0 Failed to verify, signature does not match inbuff data.

Reimplemented in XrdSecProtocolgsi.

Definition at line 257 of file XrdSecInterface.hh.

261 {
262  (void) inbuff; (void) inlen; (void) sigbuff; (void) siglen;
263  return -ENOTSUP;
264 }

Member Data Documentation

◆ Entity

XrdSecEntity XrdSecProtocol::Entity

Structure holding the entity's identification. It is filled in by a successful call to Authenticate() (i.e. it returns 0).

Definition at line 139 of file XrdSecInterface.hh.

Referenced by XrdSecProtocolgsi::XrdSecProtocolgsi(), XrdSecProtocolkrb5::XrdSecProtocolkrb5(), XrdSecProtocolpwd::XrdSecProtocolpwd(), XrdSecProtocolunix::XrdSecProtocolunix(), XrdSecProtocolztn::XrdSecProtocolztn(), XrdSecProtocolztn::~XrdSecProtocolztn(), XrdCmsSecurity::Authenticate(), XrdSecProtocolhost::Authenticate(), XrdSecProtocolgsi::Authenticate(), XrdSecProtocolkrb5::Authenticate(), XrdSecProtocolpwd::Authenticate(), XrdSecProtocolsss::Authenticate(), XrdSecProtocolunix::Authenticate(), XrdSecProtocolztn::Authenticate(), XrdSecProtocolgsi::Delete(), XrdSecProtocolkrb5::Delete(), XrdSecProtocolpwd::Delete(), XrdSecProtocolgsi::getCredentials(), main(), and XrdSecProtector::New4Server().

The documentation for this class was generated from the following file: