XRootD
Loading...
Searching...
No Matches
XrdSectestServer.cc
Go to the documentation of this file.
1/******************************************************************************/
2/* */
3/* X r d S e c t e s t S e r v e r . c c */
4/* */
5/* (c) 2003 by the Board of Trustees of the Leland Stanford, Jr., University */
6/* All Rights Reserved */
7/* Produced by Andrew Hanushevsky for Stanford University under contract */
8/* DE-AC02-76-SFO0515 with the Department of Energy */
9/* */
10/* This file is part of the XRootD software suite. */
11/* */
12/* XRootD is free software: you can redistribute it and/or modify it under */
13/* the terms of the GNU Lesser General Public License as published by the */
14/* Free Software Foundation, either version 3 of the License, or (at your */
15/* option) any later version. */
16/* */
17/* XRootD is distributed in the hope that it will be useful, but WITHOUT */
18/* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or */
19/* FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public */
20/* License for more details. */
21/* */
22/* You should have received a copy of the GNU Lesser General Public License */
23/* along with XRootD in a file called COPYING.LESSER (LGPL license) and file */
24/* COPYING (GPL license). If not, see <http://www.gnu.org/licenses/>. */
25/* */
26/* The copyright holder's institutional names and contributor's names may not */
27/* be used to endorse or promote products derived from this software without */
28/* specific prior written permission of the institution or contributor. */
29/******************************************************************************/
30
31#include <unistd.h>
32#include <cctype>
33#include <cstdlib>
34#include <strings.h>
35#include <cstdio>
36#include <sys/param.h>
37
38#include "XrdNet/XrdNetAddr.hh"
40#include "XrdSys/XrdSysE2T.hh"
44
45/******************************************************************************/
46/* L O C A L D E F I N I T I O N S */
47/******************************************************************************/
48
49#define H(x) fprintf(stderr,x); fprintf(stderr, "\n");
50#define I(x) fprintf(stderr, "\n"); H(x)
51#define insx(a,b) sprintf(errbuff,a,b)
52#define insy(a,b,c) sprintf(errbuff,a,b,c)
53
54typedef unsigned char uchar;
55
56/******************************************************************************/
57/* g l o b a l v a r i a b l e s */
58/******************************************************************************/
59
60/* Define the execution control structure.
61*/
62struct myOpts {
63 int debug; /* 1 -> Enable debugging. */
64 int bin; /* 1 -> Input cred in binary format. */
65 int xtra; /* 1 -> Perform null cred test */
66 int online; /* 1 -> Filename is actual hex cred. */
67 char *cfn; /* -> config file */
68 char *host; /* -> hostname */
69 char *inpt; /* -> Input stream name. */
70 FILE *infid; /* -> Input stream (normally stdin). */
72
73/* Define global variables.
74*/
75char errbuff[256];
76#ifndef C_Block
77char hexbuff[256];
78#else
79char hexbuff[sizeof(C_Block)+8];
80#endif
81
82extern "C"
83{
84extern XrdSecService *XrdSecgetService(XrdSysLogger *lp, const char *cfn);
85}
86
87/******************************************************************************/
88/* f u n c t i o n d e f i n i t i o n s */
89/******************************************************************************/
90
91int getbintix(uchar *buff, int blen);
92void getargs(int argc, char **argv);
93int unhex(uchar *ibuff, uchar *obuff, int blen);
94int cvtx(uchar idig, uchar *odig);
95void getline(uchar *buff, int blen);
96const char *Ereason( );
97int emsg(int rc,char *msg);
98void help(int rc);
99void xerr(int x);
100
101/******************************************************************************/
102/* M A I N P R O G R A M */
103/******************************************************************************/
104
105int main(int argc, char **argv)
106{
107 XrdNetAddr theAddr;
108 XrdOucErrInfo einfo;
110 XrdSecService *ServerSecurity;
111 XrdSecParameters *parmp;
112 XrdSecCredentials cred((char *)malloc(8192), 8192);
113 XrdSecProtocol *pp;
114 const char *eText;
115 unsigned char bbuff[4096];
116 int i, rc;
117
118// Parse the argument list.
119//
120 getargs(argc, argv);
121
122// if hostname given, get the hostname address
123//
124 if (opts.host)
125 {if ((eText = theAddr.Set(opts.host,0)))
126 {std::cerr <<"testServer: Unable to resolve '" <<opts.host <<"'; " <<eText <<std::endl;
127 exit(1);
128 }
129 }
130 else theAddr.Set("localhost",0);
131
132// Create a new security server
133//
134 ServerSecurity = XrdSecgetService(&Logger, opts.cfn);
135 if (!ServerSecurity)
136 {std::cerr <<"testServer: Unable to create server." <<std::endl; exit(1);}
137
138// Get the security token and display it
139//
140 const char *sect = ServerSecurity->getParms(i, opts.host);
141 if (!sect) std::cerr <<"testServer: No security token for " <<opts.host <<std::endl;
142 else std::cerr <<"testServer: " <<i <<" bytes of SecToken='" <<sect <<"'" <<std::endl;
143
144//Get the credentials from whatever source was specified
145//
146 if (opts.bin) cred.size = getbintix((uchar *)cred.buffer, cred.size);
147 else {if (opts.online) strcpy((char *)bbuff, opts.inpt);
148 else getline(bbuff, sizeof(bbuff));
149 cred.size = unhex(bbuff, (uchar *)cred.buffer, cred.size);
150 }
151
152// Verify the length
153//
154 if (cred.size < 0) emsg(100,(char *)"Invalid credentials format.");
155
156// Get the protocol
157//
158 if (!(pp = ServerSecurity->getProtocol(opts.host, theAddr,
159 (const XrdSecCredentials *)&cred,
160 &einfo)))
161 {rc = einfo.getErrInfo();
162 std::cerr << "testServer: getProtocol error " <<rc <<"; ";
163 std::cerr <<einfo.getErrText() <<std::endl;
164 exit(1);
165 }
166
167// Now convert the credentials
168//
169 if (pp->Authenticate(&cred, &parmp, &einfo) < 0)
170 {rc = einfo.getErrInfo();
171 std::cerr << "testServer: Authenticate error " <<rc <<"; ";
172 std::cerr <<einfo.getErrText() <<std::endl;
173 exit(1);
174 }
175
176// Tell everyone what the client identity is.
177//
178 std::cout <<(pp->Entity.name ? pp->Entity.name : "?")
179 <<"@" <<(pp->Entity.host ? pp->Entity.host : "?")
180 <<" prot=" <<pp->Entity.prot <<std::endl;
181
182// All done
183//
184 exit(0);
185}
186
187/*getbintix: get binary credentials into an array.
188*/
189int getbintix(uchar *buff, int blen) {
190int i, j;
191 for (i = 0; i < blen; i++)
192 if ((j = getc(opts.infid)) >= 0) buff[i] = (uchar)j;
193 else if (j == EOF) return i;
194 else xerr(insx("Error reading cred; %s.", Ereason()));
195 xerr(insx("Cred longer than %d bytes.", blen));
196 return -1;
197}
198
199/******************************************************************************/
200/* Command Line Processing */
201/******************************************************************************/
202
203/* getargs: parse through argv obtaining options and parameters.
204*/
205void getargs(int argc, char **argv)
206 {
207 extern int optind; extern char *optarg; char c;
208
209/* Establish defaults here.
210*/
211 opts.debug = 0;
212 opts.bin = 0;
213 opts.online = 0;
214 opts.cfn = 0;
215 opts.host = 0;
216 opts.xtra = 0;
217 opts.inpt = (char *)"";
218 opts.infid = stdin;
219 opts.cfn = 0;
220
221/* Process the options
222*/
223while ((c=getopt(argc,argv,"c:h:i:k:p:bdx")) != (char)EOF)
224 { switch(c)
225 {
226 case 'b': opts.bin = 1; break;
227 case 'c': opts.cfn = optarg; break;
228 case 'd': opts.debug = 1; break;
229 case 'h': opts.host = optarg; break;
230 case 'i': opts.inpt = optarg; break;
231 case 'x': opts.xtra = 1; break;
232 case '?': help(1);
233 }
234 }
235
236/*Get the credentials, if specified on the command line.
237*/
238if (optind < argc) {opts.inpt = argv[optind++]; opts.online = 1;}
239
240/*Make sure no more parameters exist.
241*/
242if (optind < argc) xerr(insx("Extraneous parameter, '%s'.", argv[optind]));
243
244/*If the input stream is other than stdin, verify that it exists.
245*/
246if (opts.inpt[0] != '\000' && !opts.online
247 && (!(opts.infid = fopen(opts.inpt, "r"))) )
248 xerr(insy("Cannot open '%s'; %s.", opts.inpt, Ereason() ));
249
250/* Make sure that -i * and -b are not specified together.
251*/
252if (opts.online && opts.bin)
253 emsg(8, (char *)"-b is incompatible with inline creds.");
254
255/*All done
256*/
257 return;
258 }
259
260/******************************************************************************/
261/* Utility Function */
262/******************************************************************************/
263
264/* unhex() converts a hex character string to its binary equivalent. The result
265 is placed in the passed buffer. It returns the number of bytes extracted.
266 An error results in a -1 response (including uneven hex digits). The
267 input buffer must be terminated with a null.
268*/
269int unhex(uchar *ibuff, uchar *obuff, int blen) {
270int i=0, j;
271uchar dig1, dig2;
272
273for (j = 0; j < blen; j++) {
274 if (!ibuff[i]) return j;
275 if (!cvtx(ibuff[i++], &dig1) || !cvtx(ibuff[i++], &dig2)) return -1;
276 obuff[j] = (dig1 << 4) | dig2;
277 }
278return -1; /* Buffer overflow */
279 }
280
281int cvtx(uchar idig, uchar *odig) {
282if (idig >= '0' && idig <= '9') {*odig = idig & (uchar)0x0f; return 1;}
283idig = idig | (uchar)0x20; /* Change to lower case. */
284if (idig < 'a' || idig > 'f') return 0;
285*odig = (idig & (uchar)0x0f) + (uchar)0x09;
286return 1;
287}
288
289/*getline() gets a newline terminated string from the expected input source.
290*/
291void getline(uchar *buff, int blen) {
292 int i;
293 if (!fgets((char *)buff, blen, opts.infid)) return;
294 for (i = 0; i < blen; i++)
295 if (buff[i] == '\n') {buff[i] = '\000'; break;}
296 return;
297 }
298
299const char *Ereason( ) {
300 return XrdSysE2T(errno);
301 }
302
303/*xerr: print message on standard error using the errbuff as source of message.
304*/
305void xerr(int x) { emsg(8, errbuff); }
306
307/*emsg: print message on standard error.
308*/
309int emsg(int rc,char *msg) {
310 std::cerr << "testServer: " <<msg <<std::endl;
311 if (!rc) return 0;
312 exit(rc);
313 }
314
315/*help prints hout the obvious.
316*/
317void help(int rc) {
318/* Use H macro to avoid Sun string catenation bug. */
319I("Syntax: testServer [ options ] cred ]")
320I("Options: -b -c config -d -h -i input -t")
321H(" -p principal[.instance][@realm] -s sep")
322I("Function: Display the credentials contents.")
323
324if (rc > 1) exit(rc);
325I("options: (defaults: -k /etc/srvtab\\n")
326I("-b indicates the cred is in binary format (i.e., not hexchar).")
327I("-c cfn the config file.")
328I("-d turns on debugging.")
329I("-h host the incoming hostname.")
330I("-i input specifies the input stream (e.g., fname) if other than stdin.")
331H(" This -i is ignored if cred is specified on the command line.")
332exit(rc);
333}
static XrdSysLogger Logger
int optind
#define fopen(a, b)
Definition XrdPosix.hh:49
int getbintix(uchar *buff, int blen)
void xerr(int x)
#define insy(a, b, c)
int main(int argc, char **argv)
void getline(uchar *buff, int blen)
char hexbuff[256]
void help(int rc)
int cvtx(uchar idig, uchar *odig)
struct myOpts opts
#define I(x)
unsigned char uchar
const char * Ereason()
#define H(x)
XrdSecService * XrdSecgetService(XrdSysLogger *lp, const char *cfn)
char errbuff[256]
int unhex(uchar *ibuff, uchar *obuff, int blen)
int emsg(int rc, char *msg)
void getargs(int argc, char **argv)
#define insx(a, b)
const char * XrdSysE2T(int errcode)
Definition XrdSysE2T.cc:104
const char * Set(const char *hSpec, int pNum=PortInSpec)
const char * getErrText()
char prot[XrdSecPROTOIDSIZE]
Auth protocol used (e.g. krb5)
char * name
Entity's name.
char * host
Entity's host name dnr dependent.
XrdSecEntity Entity
virtual int Authenticate(XrdSecCredentials *cred, XrdSecParameters **parms, XrdOucErrInfo *einfo=0)=0
virtual XrdSecProtocol * getProtocol(const char *host, XrdNetAddrInfo &endPoint, const XrdSecCredentials *cred, XrdOucErrInfo &einfo)=0
virtual const char * getParms(int &size, XrdNetAddrInfo *endPoint=0)=0
Generic structure to pass security information back and forth.
char * buffer
Pointer to the buffer.
int size
Size of the buffer or length of data in the buffer.