00001 #ifndef __XRDDIGAUTH_HH__ 00002 #define __XRDDIGAUTH_HH__ 00003 /******************************************************************************/ 00004 /* */ 00005 /* X r d D i g A u t h . h h */ 00006 /* */ 00007 /* (C) 2013 by the Board of Trustees of the Leland Stanford, Jr., University */ 00008 /* All Rights Reserved */ 00009 /* Produced by Andrew Hanushevsky for Stanford University under contract */ 00010 /* DE-AC02-76-SFO0515 with the Deprtment of Energy */ 00011 /* */ 00012 /* This file is part of the XRootD software suite. */ 00013 /* */ 00014 /* XRootD is free software: you can redistribute it and/or modify it under */ 00015 /* the terms of the GNU Lesser General Public License as published by the */ 00016 /* Free Software Foundation, either version 3 of the License, or (at your */ 00017 /* option) any later version. */ 00018 /* */ 00019 /* XRootD is distributed in the hope that it will be useful, but WITHOUT */ 00020 /* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or */ 00021 /* FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public */ 00022 /* License for more details. */ 00023 /* */ 00024 /* You should have received a copy of the GNU Lesser General Public License */ 00025 /* along with XRootD in a file called COPYING.LESSER (LGPL license) and file */ 00026 /* COPYING (GPL license). If not, see <http://www.gnu.org/licenses/>. */ 00027 /* */ 00028 /* The copyright holder's institutional names and contributor's names may not */ 00029 /* be used to endorse or promote products derived from this software without */ 00030 /* specific prior written permission of the institution or contributor. */ 00031 /******************************************************************************/ 00032 00033 #include "XrdSec/XrdSecEntity.hh" 00034 #include "XrdSys/XrdSysPthread.hh" 00035 00036 class XrdOucStream; 00037 class XrdSysError; 00038 00039 /******************************************************************************/ 00040 /* X r d D i g A u t h E n t */ 00041 /******************************************************************************/ 00042 00043 class XrdDigAuthEnt 00044 { 00045 public: 00046 XrdDigAuthEnt *next; 00047 char *rec; 00048 char prot[XrdSecPROTOIDSIZE]; 00049 00050 enum eType {eName=0, eHost=1, eVorg=2, eRole=3, eGrp=4, eNum=5}; 00051 char *eChk[eNum]; 00052 00053 enum aType {aConf = 0, aCore = 1, aLogs = 2, aProc = 3, aNum = 4}; 00054 bool accOK[aNum]; 00055 00056 XrdDigAuthEnt() : next(0), rec(0) 00057 {memset(prot, 0, sizeof(prot)); 00058 memset(eChk, 0, sizeof(eChk)); 00059 memset(accOK, 0, sizeof(accOK)); 00060 } 00061 ~XrdDigAuthEnt() {if (rec) free(rec);} 00062 }; 00063 00064 /******************************************************************************/ 00065 /* X r d D i g A u t h */ 00066 /******************************************************************************/ 00067 00068 class XrdDigAuth 00069 { 00070 public: 00071 00072 bool Authorize(const XrdSecEntity *client, 00073 XrdDigAuthEnt::aType aType, 00074 bool aVec[XrdDigAuthEnt::aNum]=0 00075 ); 00076 00077 bool Configure(const char *aFN); 00078 00079 XrdDigAuth() : authFN(0), authTOD(0), authCHK(0), authList(0) {} 00080 ~XrdDigAuth() {} 00081 00082 private: 00083 00084 bool Failure(int lNum, const char *txt1, const char *txt2=0); 00085 bool OkGrp(const char *glist, const char *gname); 00086 bool Parse(XrdOucStream &aFile, int lNum); 00087 bool Refresh(); 00088 bool SetupAuth(bool isRefresh); 00089 bool SetupAuth(bool isRefresh, bool aOK); 00090 void Squash(char *bP); 00091 00092 XrdSysMutex authMutex; 00093 const char *authFN; 00094 time_t authTOD; 00095 time_t authCHK; 00096 XrdDigAuthEnt *authList; 00097 bool accOK[XrdDigAuthEnt::aNum]; 00098 }; 00099 #endif