XRootD
Classes | Public Member Functions | Static Public Member Functions | Public Attributes | Static Public Attributes | Protected Attributes | Static Protected Attributes | Friends | List of all members
XrdHttpProtocol Class Reference

#include <XrdHttpProtocol.hh>

+ Inheritance diagram for XrdHttpProtocol:
+ Collaboration diagram for XrdHttpProtocol:

Classes

struct  StaticPreloadInfo
 

Public Member Functions

 XrdHttpProtocol (bool imhttps)
 
 XrdHttpProtocol (const XrdHttpProtocol &)=default
 Ctor, dtors and copy ctor. More...
 
 ~XrdHttpProtocol ()
 
int doChksum (const XrdOucString &fname)
 Perform a checksum request. More...
 
void DoIt ()
 Override from the base class. More...
 
int doStat (char *fname)
 Perform a Stat request. More...
 
bool isHTTPS ()
 called via https More...
 
XrdProtocolMatch (XrdLink *lp)
 Tells if the oustanding bytes on the socket match this protocol implementation. More...
 
XrdHttpProtocol operator= (const XrdHttpProtocol &rhs)
 
int Process (XrdLink *lp)
 Process data incoming from the socket. More...
 
void Recycle (XrdLink *lp, int consec, const char *reason)
 Recycle this instance. More...
 
int Stats (char *buff, int blen, int do_sync=0)
 Get activity stats. More...
 
- Public Member Functions inherited from XrdProtocol
 XrdProtocol (const char *jname)
 
virtual ~XrdProtocol ()
 
- Public Member Functions inherited from XrdJob
 XrdJob (const char *desc="")
 
virtual ~XrdJob ()
 

Static Public Member Functions

static int Configure (char *parms, XrdProtocol_Config *pi)
 Read and apply the configuration. More...
 
static int parseHeader2CGI (XrdOucStream &Config, XrdSysError &err, std::map< std::string, std::string > &header2cgi)
 Use this function to parse header2cgi configurations. More...
 

Public Attributes

XrdObject< XrdHttpProtocolProtLink
 
XrdSecEntity SecEntity
 Authentication area. More...
 
- Public Attributes inherited from XrdJob
const char * Comment
 
XrdJobNextJob
 

Static Public Attributes

static XrdHttpChecksumHandler cksumHandler = XrdHttpChecksumHandler()
 
static XrdObjectQ< XrdHttpProtocolProtStack
 
static XrdHttpReadRangeHandler::Configuration ReadRangeConfig
 configuration for the read range handler More...
 

Protected Attributes

char * Addr_str
 
XrdXrootd::BridgeBridge
 The Bridge that we use to exercise the xrootd internals. More...
 
XrdHttpReq CurrentReq
 
XrdLinkLink
 The link we are bound to. More...
 

Static Protected Attributes

static bool allowMissingCRL = false
 
static XrdBuffManagerBPool = 0
 
static XrdSecServiceCIA = 0
 
static bool compatNameGeneration = false
 
static int crlRefIntervalSec = XrdTlsContext::DEFAULT_CRL_REF_INT_SEC
 CRL thread refresh interval. More...
 
static XrdSysError eDest = 0
 
static bool embeddedstatic = true
 If true, use the embedded css and icons. More...
 
static char * gridmap = 0
 Gridmap file location. The same used by XrdSecGsi. More...
 
static int hailWait = 60000
 Timeout for reading the handshake. More...
 
static std::map< std::string, std::string > hdr2cgimap
 Rules that turn HTTP headers to cgi tokens in the URL, for internal comsumption. More...
 
static bool isdesthttps = false
 True if the redirections must be towards https targets. More...
 
static bool isRequiredGridmap = false
 
static bool listdeny = false
 If true, any form of listing is denied. More...
 
static char * listredir = 0
 Url to redirect to in the case a listing is requested. More...
 
static BIO_METHOD * m_bio_method = NULL
 C-style vptr table for our custom BIO objects. More...
 
static int m_bio_type = 0
 Type identifier for our custom BIO objects. More...
 
static int m_maxdelay = -1
 
static std::unordered_map< std::string, std::vector< std::pair< std::string, std::string > > > m_staticheader_map
 The static headers to always return; map is from verb to a list of (header, val) pairs. More...
 
static std::unordered_map< std::string, std::string > m_staticheaders
 
static kXR_int32 myRole = kXR_isManager
 Our role. More...
 
static XrdNetPMarkpmarkHandle = nullptr
 Packet marking handler pointer (assigned from the environment during the Config() call) More...
 
static int Port = 1094
 Our port. More...
 
static char * Port_str = 0
 Our port, as a string. More...
 
static int readWait = 300000
 Timeout for reading data. More...
 
static XrdSchedulerSched = 0
 
static char * secretkey = 0
 The key used to calculate the url hashes. More...
 
static bool selfhttps2http = false
 If client is HTTPS, self-redirect with HTTP+token. More...
 
static XrdOucGMapservGMap = 0
 The instance of the DN mapper. Created only when a valid path is given. More...
 
static char * sslcadir = 0
 
static char * sslcafile = 0
 
static char * sslcert = 0
 OpenSSL stuff. More...
 
static char * sslcipherfilter = 0
 
static char * sslkey = 0
 
static int sslverifydepth = 9
 Depth of verification of a certificate chain. More...
 
static XrdOucHash< StaticPreloadInfo > * staticpreload = 0
 
static char * staticredir = 0
 
static std::unordered_set< std::string > strp_cgi_params
 CGI parameters (names) to strip from redirect URLs. More...
 
static bool tpcForwardCreds = false
 If set to true, the HTTP TPC transfers will forward the credentials to redirected hosts. More...
 
static char * xrd_cslist = nullptr
 The list of checksums that were configured via the xrd.cksum parameter on the server config file. More...
 
static XrdHttpCorsxrdcors = nullptr
 
static std::string xrdcorsLibPath
 

Friends

class XrdHttpExtReq
 
class XrdHttpReq
 

Detailed Description

Definition at line 81 of file XrdHttpProtocol.hh.

Class Documentation

◆ XrdHttpProtocol::StaticPreloadInfo

struct XrdHttpProtocol::StaticPreloadInfo

Definition at line 449 of file XrdHttpProtocol.hh.

+ Collaboration diagram for XrdHttpProtocol::StaticPreloadInfo:
Class Members
char * data
int len

Constructor & Destructor Documentation

◆ XrdHttpProtocol() [1/2]

XrdHttpProtocol::XrdHttpProtocol ( const XrdHttpProtocol )
default

Ctor, dtors and copy ctor.

Referenced by Match().

+ Here is the caller graph for this function:

◆ XrdHttpProtocol() [2/2]

XrdHttpProtocol::XrdHttpProtocol ( bool  imhttps)

Definition at line 173 of file XrdHttpProtocol.cc.

174 : XrdProtocol("HTTP protocol handler"), ProtLink(this),
175 SecEntity(""), CurrentReq(this, ReadRangeConfig) {
176  myBuff = 0;
177  Addr_str = 0;
178  Reset();
179  ishttps = imhttps;
180 
181 }
XrdHttpProtocol::ProtLink
XrdObject< XrdHttpProtocol > ProtLink
Definition: XrdHttpProtocol.hh:130
XrdHttpProtocol::CurrentReq
XrdHttpReq CurrentReq
Definition: XrdHttpProtocol.hh:382
XrdHttpProtocol::ReadRangeConfig
static XrdHttpReadRangeHandler::Configuration ReadRangeConfig
configuration for the read range handler
Definition: XrdHttpProtocol.hh:140
XrdHttpProtocol::SecEntity
XrdSecEntity SecEntity
Authentication area.
Definition: XrdHttpProtocol.hh:134
XrdProtocol::XrdProtocol
XrdProtocol(const char *jname)
Definition: XrdProtocol.hh:156

References Addr_str.

◆ ~XrdHttpProtocol()

XrdHttpProtocol::~XrdHttpProtocol ( )
inline

Definition at line 125 of file XrdHttpProtocol.hh.

125  {
126  Cleanup();
127  }

Member Function Documentation

◆ Configure()

int XrdHttpProtocol::Configure ( char *  parms,
XrdProtocol_Config pi 
)
static

Read and apply the configuration.

Definition at line 1698 of file XrdHttpProtocol.cc.

1698  {
1699  /*
1700  Function: Establish configuration at load time.
1701 
1702  Input: None.
1703 
1704  Output: 0 upon success or !0 otherwise.
1705  */
1706 
1707  char *rdf;
1708 
1709  // Copy out the special info we want to use at top level
1710  //
1711  eDest.logger(pi->eDest->logger());
1712  XrdHttpTrace.SetLogger(pi->eDest->logger());
1713  // SI = new XrdXrootdStats(pi->Stats);
1714  Sched = pi->Sched;
1715  BPool = pi->BPool;
1716  xrd_cslist = getenv("XRD_CSLIST");
1717 
1718  Port = pi->Port;
1719 
1720  // Copy out the current TLS context
1721  //
1722  xrdctx = pi->tlsCtx;
1723 
1724  {
1725  char buf[16];
1726  sprintf(buf, "%d", Port);
1727  Port_str = strdup(buf);
1728  }
1729 
1730  // Now process and configuration parameters
1731  //
1732  rdf = (parms && *parms ? parms : pi->ConfigFN);
1733  if (rdf && Config(rdf, pi->theEnv)) return 0;
1734  if (pi->DebugON) XrdHttpTrace.What = TRACE_ALL;
1735 
1736  // Set the redirect flag if we are a pure redirector
1737  myRole = kXR_isServer;
1738  if ((rdf = getenv("XRDROLE"))) {
1739  eDest.Emsg("Config", "XRDROLE: ", rdf);
1740 
1741  if (!strcasecmp(rdf, "manager") || !strcasecmp(rdf, "supervisor")) {
1742  myRole = kXR_isManager;
1743  eDest.Emsg("Config", "Configured as HTTP(s) redirector.");
1744  } else {
1745 
1746  eDest.Emsg("Config", "Configured as HTTP(s) data server.");
1747  }
1748 
1749  } else {
1750  eDest.Emsg("Config", "No XRDROLE specified.");
1751  }
1752 
1753  // Schedule protocol object cleanup
1754  //
1755  ProtStack.Set(pi->Sched, &XrdHttpTrace,
1756  (XrdHttpTrace.What & TRACE_MEM ? TRACE_MEM : 0));
1757  ProtStack.Set((pi->ConnMax / 3 ? pi->ConnMax / 3 : 30), 60 * 60);
1758 
1759  // Return success
1760  //
1761 
1762  return 1;
1763 }
kXR_isManager
#define kXR_isManager
Definition: XProtocol.hh:1198
kXR_isServer
#define kXR_isServer
Definition: XProtocol.hh:1199
XrdHttpTrace
XrdSysTrace XrdHttpTrace("http")
TRACE_MEM
#define TRACE_MEM
Definition: XrdTrace.hh:38
TRACE_ALL
#define TRACE_ALL
Definition: XrdTrace.hh:35
XrdHttpProtocol::Sched
static XrdScheduler * Sched
Definition: XrdHttpProtocol.hh:361
XrdHttpProtocol::myRole
static kXR_int32 myRole
Our role.
Definition: XrdHttpProtocol.hh:456
XrdHttpProtocol::Port_str
static char * Port_str
Our port, as a string.
Definition: XrdHttpProtocol.hh:401
XrdHttpProtocol::eDest
static XrdSysError eDest
Definition: XrdHttpProtocol.hh:363
XrdHttpProtocol::xrd_cslist
static char * xrd_cslist
The list of checksums that were configured via the xrd.cksum parameter on the server config file.
Definition: XrdHttpProtocol.hh:468
XrdHttpProtocol::ProtStack
static XrdObjectQ< XrdHttpProtocol > ProtStack
Definition: XrdHttpProtocol.hh:129
XrdHttpProtocol::Port
static int Port
Our port.
Definition: XrdHttpProtocol.hh:398
XrdHttpProtocol::BPool
static XrdBuffManager * BPool
Definition: XrdHttpProtocol.hh:362
XrdObjectQ::Set
void Set(int inQMax, time_t agemax=1800)
Definition: XrdObject.icc:90
XrdProtocol_Config::BPool
XrdBuffManager * BPool
Definition: XrdProtocol.hh:63
XrdProtocol_Config::Sched
XrdScheduler * Sched
Definition: XrdProtocol.hh:64
XrdProtocol_Config::Port
int Port
Definition: XrdProtocol.hh:73
XrdProtocol_Config::tlsCtx
XrdTlsContext * tlsCtx
Definition: XrdProtocol.hh:99
XrdProtocol_Config::ConnMax
int ConnMax
Definition: XrdProtocol.hh:90
XrdProtocol_Config::eDest
XrdSysError * eDest
Definition: XrdProtocol.hh:61
XrdProtocol_Config::theEnv
XrdOucEnv * theEnv
Definition: XrdProtocol.hh:66
XrdProtocol_Config::ConfigFN
char * ConfigFN
Definition: XrdProtocol.hh:71
XrdProtocol_Config::DebugON
char DebugON
Definition: XrdProtocol.hh:95
XrdSysError::Emsg
int Emsg(const char *esfx, int ecode, const char *text1, const char *text2=0)
Definition: XrdSysError.cc:116
XrdSysError::logger
XrdSysLogger * logger(XrdSysLogger *lp=0)
Definition: XrdSysError.hh:175
XrdSysTrace::SetLogger
void SetLogger(XrdSysLogger *logp)
Definition: XrdSysTrace.cc:65
XrdHttpProtoInfo::xrdctx
XrdTlsContext * xrdctx
Definition: XrdHttpProtocol.cc:142

References XrdProtocol_Config::BPool, BPool, XrdCms::Config, XrdProtocol_Config::ConfigFN, XrdProtocol_Config::ConnMax, XrdProtocol_Config::DebugON, XrdProtocol_Config::eDest, eDest, XrdSysError::Emsg(), kXR_isManager, kXR_isServer, XrdSysError::logger(), myRole, XrdProtocol_Config::Port, Port, Port_str, ProtStack, XrdProtocol_Config::Sched, Sched, XrdObjectQ< T >::Set(), XrdSysTrace::SetLogger(), XrdProtocol_Config::theEnv, XrdProtocol_Config::tlsCtx, TRACE_ALL, TRACE_MEM, XrdSysTrace::What, xrd_cslist, XrdHttpProtoInfo::xrdctx, and XrdHttpTrace.

Referenced by XrdgetProtocol().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ doChksum()

int XrdHttpProtocol::doChksum ( const XrdOucString fname)

Perform a checksum request.

Definition at line 3120 of file XrdHttpProtocol.cc.

3120  {
3121  size_t length;
3122  memset(&CurrentReq.xrdreq, 0, sizeof (ClientRequest));
3123  CurrentReq.xrdreq.query.requestid = htons(kXR_query);
3124  CurrentReq.xrdreq.query.infotype = htons(kXR_Qcksum);
3125  memset(CurrentReq.xrdreq.query.reserved1, '\0', sizeof(CurrentReq.xrdreq.query.reserved1));
3126  memset(CurrentReq.xrdreq.query.fhandle, '\0', sizeof(CurrentReq.xrdreq.query.fhandle));
3127  memset(CurrentReq.xrdreq.query.reserved2, '\0', sizeof(CurrentReq.xrdreq.query.reserved2));
3128  length = fname.length() + 1;
3129  CurrentReq.xrdreq.query.dlen = htonl(length);
3130 
3131  if (!Bridge) return -1;
3132 
3133  return Bridge->Run(reinterpret_cast<char *>(&CurrentReq.xrdreq), const_cast<char *>(fname.c_str()), length) ? 0 : -1;
3134 }
ClientQueryRequest::requestid
kXR_unt16 requestid
Definition: XProtocol.hh:666
ClientQueryRequest::reserved1
kXR_char reserved1[2]
Definition: XProtocol.hh:668
ClientQueryRequest::infotype
kXR_unt16 infotype
Definition: XProtocol.hh:667
ClientQueryRequest::reserved2
kXR_char reserved2[8]
Definition: XProtocol.hh:670
ClientQueryRequest::fhandle
kXR_char fhandle[4]
Definition: XProtocol.hh:669
kXR_query
@ kXR_query
Definition: XProtocol.hh:114
ClientRequest::query
struct ClientQueryRequest query
Definition: XProtocol.hh:908
kXR_Qcksum
@ kXR_Qcksum
Definition: XProtocol.hh:651
XrdHttpProtocol::Bridge
XrdXrootd::Bridge * Bridge
The Bridge that we use to exercise the xrootd internals.
Definition: XrdHttpProtocol.hh:377
XrdHttpReq::xrdreq
ClientRequest xrdreq
The last issued xrd request, often pending.
Definition: XrdHttpReq.hh:332
XrdOucString::c_str
const char * c_str() const
Definition: XrdOucString.hh:278
XrdOucString::length
int length() const
Definition: XrdOucString.hh:279
XrdXrootd::Bridge::Run
virtual bool Run(const char *xreqP, char *xdataP=0, int xdataL=0)=0

References Bridge, XrdOucString::c_str(), CurrentReq, ClientQueryRequest::dlen, ClientQueryRequest::fhandle, ClientQueryRequest::infotype, kXR_Qcksum, kXR_query, XrdOucString::length(), ClientRequest::query, ClientQueryRequest::requestid, ClientQueryRequest::reserved1, ClientQueryRequest::reserved2, XrdXrootd::Bridge::Run(), and XrdHttpReq::xrdreq.

Referenced by XrdHttpReq::ProcessHTTPReq().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ DoIt()

void XrdHttpProtocol::DoIt ( )
inlinevirtual

Override from the base class.

Implements XrdJob.

Definition at line 92 of file XrdHttpProtocol.hh.

92  {
93  if (Resume) (*this.*Resume)();
94  }

◆ doStat()

int XrdHttpProtocol::doStat ( char *  fname)

Perform a Stat request.

Definition at line 3092 of file XrdHttpProtocol.cc.

3092  {
3093  int l;
3094  bool b;
3095  CurrentReq.filesize = 0;
3096  CurrentReq.fileflags = 0;
3097  CurrentReq.filemodtime = 0;
3098 
3099  memset(&CurrentReq.xrdreq, 0, sizeof (ClientRequest));
3100  CurrentReq.xrdreq.stat.requestid = htons(kXR_stat);
3101  memset(CurrentReq.xrdreq.stat.reserved, 0,
3102  sizeof (CurrentReq.xrdreq.stat.reserved));
3103  l = strlen(fname) + 1;
3104  CurrentReq.xrdreq.stat.dlen = htonl(l);
3105 
3106  if (!Bridge) return -1;
3107  b = Bridge->Run((char *) &CurrentReq.xrdreq, fname, l);
3108  if (!b) {
3109  return -1;
3110  }
3111 
3112 
3113  return 0;
3114 }
kXR_stat
@ kXR_stat
Definition: XProtocol.hh:130
ClientStatRequest::requestid
kXR_unt16 requestid
Definition: XProtocol.hh:808
ClientStatRequest::reserved
kXR_char reserved[7]
Definition: XProtocol.hh:810
ClientRequest::stat
struct ClientStatRequest stat
Definition: XProtocol.hh:915
ClientStatRequest::dlen
kXR_int32 dlen
Definition: XProtocol.hh:813
XrdHttpReq::fileflags
long fileflags
Definition: XrdHttpReq.hh:349
XrdHttpReq::filemodtime
long filemodtime
Definition: XrdHttpReq.hh:350
XrdHttpReq::filesize
long long filesize
Definition: XrdHttpReq.hh:348

References Bridge, CurrentReq, ClientStatRequest::dlen, XrdHttpReq::fileflags, XrdHttpReq::filemodtime, XrdHttpReq::filesize, kXR_stat, ClientStatRequest::requestid, ClientStatRequest::reserved, XrdXrootd::Bridge::Run(), ClientRequest::stat, and XrdHttpReq::xrdreq.

Referenced by XrdHttpReq::ProcessHTTPReq().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ isHTTPS()

bool XrdHttpProtocol::isHTTPS ( )
inline

called via https

Definition at line 143 of file XrdHttpProtocol.hh.

143 { return ishttps; }

Referenced by XrdHttpExtReq::XrdHttpExtReq().

+ Here is the caller graph for this function:

◆ Match()

XrdProtocol * XrdHttpProtocol::Match ( XrdLink lp)
virtual

Tells if the oustanding bytes on the socket match this protocol implementation.

Implements XrdProtocol.

Definition at line 199 of file XrdHttpProtocol.cc.

199  {
200  char mybuf[16], mybuf2[1024];
201  XrdHttpProtocol *hp;
202  int dlen;
203  bool myishttps = false;
204 
205  // Peek at the first 20 bytes of data
206  //
207  if ((dlen = lp->Peek(mybuf, (int) sizeof (mybuf), hailWait)) < (int) sizeof (mybuf)) {
208  if (dlen <= 0) lp->setEtext("handshake not received");
209  return (XrdProtocol *) 0;
210  }
211  mybuf[dlen - 1] = '\0';
212 
213  // Trace the data
214  //
215 
216  TRACEI(DEBUG, "received dlen: " << dlen);
217  //TRACEI(REQ, "received buf: " << mybuf);
218  mybuf2[0] = '\0';
219  for (int i = 0; i < dlen; i++) {
220  char mybuf3[16];
221  sprintf(mybuf3, "%.02d ", mybuf[i]);
222  strcat(mybuf2, mybuf3);
223 
224  }
225  TRACEI(DEBUG, "received dump: " << mybuf2);
226 
227  // Decide if it looks http or not. For now we are happy if all the received characters are alphanumeric
228  bool ismine = true;
229  for (int i = 0; i < dlen - 1; i++)
230  if (!isprint(mybuf[i]) && (mybuf[i] != '\r') && (mybuf[i] != '\n')) {
231  ismine = false;
232  TRACEI(DEBUG, "This does not look like http at pos " << i);
233  break;
234  }
235 
236  // If it does not look http then look if it looks like https
237  if ((!ismine) && (dlen >= 4)) {
238  char check[4] = {00, 00, 00, 00};
239  if (memcmp(mybuf, check, 4)) {
240 
241  if (httpsmode) {
242  ismine = true;
243  myishttps = true;
244  TRACEI(DEBUG, "This may look like https");
245  } else {
246  TRACEI(ALL, "This may look like https, but https is not configured");
247  }
248 
249  }
250  }
251 
252  if (!ismine) {
253  TRACEI(DEBUG, "This does not look like https. Protocol not matched.");
254  return (XrdProtocol *) 0;
255  }
256 
257  // It does look http or https...
258  // Get a protocol object off the stack (if none, allocate a new one)
259  //
260 
261  TRACEI(REQ, "Protocol matched. https: " << myishttps);
262  if (!(hp = ProtStack.Pop())) hp = new XrdHttpProtocol(myishttps);
263  else
264  hp->ishttps = myishttps;
265 
266  // We now have to do some work arounds to tell the underlying framework
267  // that is is https without invoking TLS on the actual link. Eventually,
268  // we should just use the link's TLS native implementation.
269  //
270  hp->SecEntity.addrInfo = lp->AddrInfo();
271  XrdNetAddr *netP = const_cast<XrdNetAddr*>(lp->NetAddr());
272  netP->SetDialect("https");
273  netP->SetTLS(true);
274 
275  // Allocate 1MB buffer from pool
276  if (!hp->myBuff) {
277  hp->myBuff = BPool->Obtain(1024 * 1024);
278  }
279  hp->myBuffStart = hp->myBuffEnd = hp->myBuff->buff;
280 
281  // Bind the protocol to the link and return the protocol
282  //
283  hp->Link = lp;
284  return (XrdProtocol *) hp;
285 }
DEBUG
#define DEBUG(x)
Definition: XrdBwmTrace.hh:54
TRACEI
#define TRACEI(act, x)
Definition: XrdTrace.hh:66
XrdBuffManager::Obtain
XrdBuffer * Obtain(int bsz)
Definition: XrdBuffer.cc:140
XrdBuffer::buff
char * buff
Definition: XrdBuffer.hh:45
XrdHttpProtocol::hailWait
static int hailWait
Timeout for reading the handshake.
Definition: XrdHttpProtocol.hh:392
XrdHttpProtocol::Link
XrdLink * Link
The link we are bound to.
Definition: XrdHttpProtocol.hh:367
XrdHttpProtocol::XrdHttpProtocol
XrdHttpProtocol(const XrdHttpProtocol &)=default
Ctor, dtors and copy ctor.
XrdNetAddr::SetDialect
void SetDialect(const char *dP)
Definition: XrdNetAddr.hh:205
XrdNetAddr::SetTLS
void SetTLS(bool val)
Definition: XrdNetAddr.cc:590
XrdObjectQ::Pop
T * Pop()
Definition: XrdObject.hh:93
XrdSecEntity::addrInfo
XrdNetAddrInfo * addrInfo
Entity's connection details.
Definition: XrdSecEntity.hh:80

References XrdHttpProtocol(), XrdLink::AddrInfo(), XrdSecEntity::addrInfo, BPool, XrdBuffer::buff, DEBUG, hailWait, XrdHttpProtoInfo::httpsmode, Link, XrdLink::NetAddr(), XrdBuffManager::Obtain(), XrdLink::Peek(), XrdObjectQ< T >::Pop(), ProtStack, SecEntity, XrdNetAddr::SetDialect(), XrdLink::setEtext(), XrdNetAddr::SetTLS(), and TRACEI.

+ Here is the call graph for this function:

◆ operator=()

XrdHttpProtocol XrdHttpProtocol::operator= ( const XrdHttpProtocol rhs)

Definition at line 188 of file XrdHttpProtocol.cc.

188  {
189 
190  return *this;
191 }

◆ parseHeader2CGI()

int XrdHttpProtocol::parseHeader2CGI ( XrdOucStream Config,
XrdSysError err,
std::map< std::string, std::string > &  header2cgi 
)
static

Use this function to parse header2cgi configurations.

Definition at line 1768 of file XrdHttpProtocol.cc.

1768  {
1769  char *val, keybuf[1024], parmbuf[1024];
1770  char *parm;
1771  bool strip_on_redirect = false;
1772 
1773  // Get the header key
1774  val = Config.GetWord();
1775  if (!val || !val[0]) {
1776  err.Emsg("Config", "No headerkey specified.");
1777  return 1;
1778  } else {
1779 
1780  // Trim the beginning, in place
1781  while ( *val && !isalnum(*val) ) val++;
1782  strcpy(keybuf, val);
1783 
1784  // Trim the end, in place
1785  char *pp;
1786  pp = keybuf + strlen(keybuf) - 1;
1787  while ( (pp >= keybuf) && (!isalnum(*pp)) ) {
1788  *pp = '\0';
1789  pp--;
1790  }
1791 
1792  parm = Config.GetWord();
1793 
1794  // Avoids segfault in case a key is given without value
1795  if(!parm || !parm[0]) {
1796  err.Emsg("Config", "No header2cgi value specified. key: '", keybuf, "'");
1797  return 1;
1798  }
1799 
1800  // Trim the beginning, in place
1801  while ( *parm && !isalnum(*parm) ) parm++;
1802  strcpy(parmbuf, parm);
1803 
1804  // Trim the end, in place
1805  pp = parmbuf + strlen(parmbuf) - 1;
1806  while ( (pp >= parmbuf) && (!isalnum(*pp)) ) {
1807  *pp = '\0';
1808  pp--;
1809  }
1810 
1811  // Check for optional strip-on-redirect parameter
1812  char *nextWord = Config.GetWord();
1813  if (nextWord && nextWord[0] && !strcasecmp(nextWord, "strip-on-redirect")) {
1814  strip_on_redirect = true;
1815  }
1816 
1817  // Add this mapping to the map that will be used
1818  try {
1819  header2cgi[keybuf] = parmbuf;
1820  if (strip_on_redirect) {
1821  strp_cgi_params.insert(parmbuf);
1822  }
1823  } catch ( ... ) {
1824  err.Emsg("Config", "Can't insert new header2cgi rule. key: '", keybuf, "'");
1825  return 1;
1826  }
1827 
1828  }
1829  return 0;
1830 }
XrdHttpProtocol::strp_cgi_params
static std::unordered_set< std::string > strp_cgi_params
CGI parameters (names) to strip from redirect URLs.
Definition: XrdHttpProtocol.hh:436
XrdCms::Config
XrdCmsConfig Config
Definition: XrdCmsConfig.cc:108

References XrdCms::Config, XrdSysError::Emsg(), and strp_cgi_params.

+ Here is the call graph for this function:

◆ Process()

int XrdHttpProtocol::Process ( XrdLink lp)
virtual

Process data incoming from the socket.

Implements XrdProtocol.

Definition at line 398 of file XrdHttpProtocol.cc.

399 {
400  int rc = 0;
401 
402  TRACEI(DEBUG, " Process. lp:"<<(void *)lp<<" reqstate: "<<CurrentReq.reqstate);
403 
404  if (CurrentReq.startTime == std::chrono::steady_clock::time_point::min()) {
405  CurrentReq.startTime = std::chrono::steady_clock::now();
406  }
407 
408  if (!myBuff || !myBuff->buff || !myBuff->bsize) {
409  TRACE(ALL, " Process. No buffer available. Internal error.");
410  return -1;
411  }
412 
413 
414  if (!SecEntity.host) {
415  char *nfo = GetClientIPStr();
416  if (nfo) {
417  TRACEI(REQ, " Setting host: " << nfo);
418  SecEntity.host = nfo;
419  strcpy(SecEntity.prot, "http");
420  }
421  }
422 
423 
424 
425  // If https then check independently for the ssl handshake
426  if (ishttps && !ssldone) {
427 
428  if (!ssl) {
429  sbio = CreateBIO(Link);
430  BIO_set_nbio(sbio, 1);
431  ssl = (SSL*)xrdctx->Session();
432  }
433 
434  if (!ssl) {
435  TRACEI(DEBUG, " SSL_new returned NULL");
436  ERR_print_errors(sslbio_err);
437  return -1;
438  }
439 
440  // If a secxtractor has been loaded
441  // maybe it wants to add its own initialization bits
442  if (secxtractor)
443  secxtractor->InitSSL(ssl, sslcadir);
444 
445  SSL_set_bio(ssl, sbio, sbio);
446  //SSL_set_connect_state(ssl);
447 
448  //SSL_set_fd(ssl, Link->FDnum());
449  struct timeval tv;
450  tv.tv_sec = 10;
451  tv.tv_usec = 0;
452  setsockopt(Link->FDnum(), SOL_SOCKET, SO_RCVTIMEO, (struct timeval *)&tv, sizeof(struct timeval));
453  setsockopt(Link->FDnum(), SOL_SOCKET, SO_SNDTIMEO, (struct timeval *)&tv, sizeof(struct timeval));
454 
455  TRACEI(DEBUG, " Entering SSL_accept...");
456  int res = SSL_accept(ssl);
457  TRACEI(DEBUG, " SSL_accept returned :" << res);
458  if ((res == -1) && (SSL_get_error(ssl, res) == SSL_ERROR_WANT_READ)) {
459  TRACEI(DEBUG, " SSL_accept wants to read more bytes... err:" << SSL_get_error(ssl, res));
460  return 1;
461  }
462 
463  if(res <= 0) {
464  ERR_print_errors(sslbio_err);
465  if (res < 0) {
466 
467  SSL_free(ssl);
468  ssl = 0;
469  return -1;
470  }
471  }
472 
473  BIO_set_nbio(sbio, 0);
474 
475  strcpy(SecEntity.prot, "https");
476 
477  // Get the voms string and auth information
478  if (tlsClientAuth && HandleAuthentication(Link)) {
479  SSL_free(ssl);
480  ssl = 0;
481  return -1;
482  }
483 
484  ssldone = true;
485  if (TRACING(TRACE_AUTH)) {
486  SecEntity.Display(eDest);
487  }
488  }
489 
490 
491 
492  if (!DoingLogin) {
493  // Re-invocations triggered by the bridge have lp==0
494  // In this case we keep track of a different request state
495  if (lp) {
496 
497  // This is an invocation that was triggered by a socket event
498  // Read all the data that is available, throw it into the buffer
499  if ((rc = getDataOneShot(BuffAvailable())) < 0) {
500  // Error -> exit
501  return -1;
502  }
503 
504  // If we need more bytes, let's wait for another invokation
505  if (BuffUsed() < ResumeBytes) return 1;
506 
507 
508  } else
509  CurrentReq.reqstate++;
510  } else if (!DoneSetInfo && !CurrentReq.userAgent().empty()) { // DoingLogin is true, meaning the login finished.
511  std::string mon_info = "monitor info " + CurrentReq.userAgent();
512  DoneSetInfo = true;
513  if (mon_info.size() >= 1024) {
514  TRACEI(ALL, "User agent string too long");
515  } else if (!Bridge) {
516  TRACEI(ALL, "Internal logic error: Bridge is null after login");
517  } else {
518  TRACEI(DEBUG, "Setting " << mon_info);
519  memset(&CurrentReq.xrdreq, 0, sizeof (ClientRequest));
520  CurrentReq.xrdreq.set.requestid = htons(kXR_set);
521  CurrentReq.xrdreq.set.modifier = '\0';
522  memset(CurrentReq.xrdreq.set.reserved, '\0', sizeof(CurrentReq.xrdreq.set.reserved));
523  CurrentReq.xrdreq.set.dlen = htonl(mon_info.size());
524  if (!Bridge->Run((char *) &CurrentReq.xrdreq, (char *) mon_info.c_str(), mon_info.size())) {
525  SendSimpleResp(500, nullptr, nullptr, "Could not set user agent.", 0, false);
526  return -1;
527  }
528  return 0;
529  }
530  } else {
531  DoingLogin = false;
532  }
533 
534  // Read the next request header, that is, read until a double CRLF is found
535 
536 
537  if (!CurrentReq.headerok) {
538 
539  // Read as many lines as possible into the buffer. An empty line breaks
540  while ((rc = BuffgetLine(tmpline)) > 0) {
541  std::string traceLine = tmpline.c_str();
542  if (TRACING(TRACE_DEBUG)) {
543  traceLine = obfuscateAuth(traceLine);
544  }
545  TRACE(DEBUG, " rc:" << rc << " got hdr line: " << traceLine);
546  if ((rc == 2) && (tmpline.length() == 2) && (tmpline[0] == '\r') && (tmpline[1] == '\n')) {
547  if (CurrentReq.request != CurrentReq.rtUnset) {
548  CurrentReq.headerok = true;
549  TRACE(DEBUG, " rc:" << rc << " detected header end.");
550  break;
551  }
552  }
553 
554 
555  if (CurrentReq.request == CurrentReq.rtUnset) {
556  TRACE(DEBUG, " Parsing first line: " << traceLine.c_str());
557  int result = CurrentReq.parseFirstLine((char *)tmpline.c_str(), tmpline.length());
558  if (result < 0) {
559  TRACE(DEBUG, " Parsing of first line failed with " << result);
560  return -1;
561  }
562  } else {
563  int result = CurrentReq.parseLine((char *) tmpline.c_str(), tmpline.length());
564  if(result < 0) {
565  TRACE(DEBUG, " Parsing of header line failed with " << result)
566  SendSimpleResp(400,NULL,NULL,"Malformed header line. Hint: ensure the line finishes with \"\\r\\n\"", 0, false);
567  return -1;
568  }
569  }
570 
571 
572  }
573 
574  // Here we have CurrentReq loaded with the header, or its relevant fields
575 
576  if (!CurrentReq.headerok) {
577  TRACEI(REQ, " rc:" << rc << "Header not yet complete.");
578 
579  // Here a subtle error condition. IF we failed reading a line AND the buffer
580  // has a reasonable amount of data available THEN we consider the header
581  // as corrupted and shutdown the client
582  if ((rc <= 0) && (BuffUsed() >= 16384)) {
583  TRACEI(ALL, "Corrupted header detected, or line too long. Disconnecting client.");
584  return -1;
585  }
586 
587 
588  if (CurrentReq.reqstate > 0)
589  CurrentReq.reqstate--;
590  // Waiting for more data
591  return 1;
592  }
593 
594  }
595 
596  // If we are in self-redirect mode, then let's do it
597  // Do selfredirect only with 'simple' requests, otherwise poor clients may misbehave
598  if (ishttps && ssldone && selfhttps2http &&
599  ( (CurrentReq.request == XrdHttpReq::rtGET) || (CurrentReq.request == XrdHttpReq::rtPUT) ||
600  (CurrentReq.request == XrdHttpReq::rtPROPFIND)) ) {
601  char hash[512];
602  time_t timenow = time(0);
603 
604 
605  calcHashes(hash, CurrentReq.resource.c_str(), (kXR_int16) CurrentReq.request,
606  &SecEntity,
607  timenow,
608  secretkey);
609 
610 
611 
612  if (hash[0]) {
613 
614  // Workaround... delete the previous opaque information
615  if (CurrentReq.opaque) {
616  delete CurrentReq.opaque;
617  CurrentReq.opaque = 0;
618  }
619 
620  TRACEI(REQ, " rc:" << rc << " self-redirecting to http with security token.");
621 
622  XrdOucString dest = "Location: http://";
623  // Here I should put the IP addr of the server
624 
625  // We have to recompute it here because we don't know to which
626  // interface the client had connected to
627  struct sockaddr_storage sa;
628  socklen_t sl = sizeof(sa);
629  getsockname(this->Link->AddrInfo()->SockFD(), (struct sockaddr*)&sa, &sl);
630 
631  // now get it back and print it
632  char buf[256];
633  bool ok = false;
634 
635  switch (sa.ss_family) {
636  case AF_INET:
637  if (inet_ntop(AF_INET, &(((sockaddr_in*)&sa)->sin_addr), buf, INET_ADDRSTRLEN)) {
638  if (Addr_str) free(Addr_str);
639  Addr_str = strdup(buf);
640  ok = true;
641  }
642  break;
643  case AF_INET6:
644  if (inet_ntop(AF_INET6, &(((sockaddr_in6*)&sa)->sin6_addr), buf, INET6_ADDRSTRLEN)) {
645  if (Addr_str) free(Addr_str);
646  Addr_str = (char *)malloc(strlen(buf)+3);
647  strcpy(Addr_str, "[");
648  strcat(Addr_str, buf);
649  strcat(Addr_str, "]");
650  ok = true;
651  }
652  break;
653  default:
654  TRACEI(REQ, " Can't recognize the address family of the local host.");
655  }
656 
657  if (ok) {
658  dest += Addr_str;
659  dest += ":";
660  dest += Port_str;
661  dest += CurrentReq.resource.c_str();
662  TRACEI(REQ," rc:"<<rc<<" self-redirecting to http with security token: '"
663  << dest.c_str() << "'");
664 
665 
666  CurrentReq.appendOpaque(dest, &SecEntity, hash, timenow);
667  SendSimpleResp(302, NULL, (char *) dest.c_str(), 0, 0, true);
668  CurrentReq.reset();
669  return -1;
670  }
671 
672  TRACEI(REQ, " rc:" << rc << " Can't perform self-redirection.");
673 
674  }
675  else {
676  TRACEI(ALL, " Could not calculate self-redirection hash");
677  }
678  }
679 
680  // If this is not https, then extract the signed information from the url
681  // and fill the SecEntity structure as if we were using https
682  if (!ishttps && !ssldone) {
683 
684 
685  if (CurrentReq.opaque) {
686  char * tk = CurrentReq.opaque->Get("xrdhttptk");
687  // If there is a hash then we use it as authn info
688  if (tk) {
689 
690  time_t tim = 0;
691  char * t = CurrentReq.opaque->Get("xrdhttptime");
692  if (t) tim = atoi(t);
693  if (!t) {
694  TRACEI(REQ, " xrdhttptime not specified. Authentication failed.");
695  return -1;
696  }
697  if (abs(time(0) - tim) > XRHTTP_TK_GRACETIME) {
698  TRACEI(REQ, " Token expired. Authentication failed.");
699  return -1;
700  }
701 
702  // Fill the Secentity from the fields in the URL:name, vo, host
703  char *nfo;
704 
705  nfo = CurrentReq.opaque->Get("xrdhttpvorg");
706  if (nfo) {
707  TRACEI(DEBUG, " Setting vorg: " << nfo);
708  SecEntity.vorg = strdup(nfo);
709  TRACEI(REQ, " Setting vorg: " << SecEntity.vorg);
710  }
711 
712  nfo = CurrentReq.opaque->Get("xrdhttpname");
713  if (nfo) {
714  TRACEI(DEBUG, " Setting name: " << nfo);
715  SecEntity.name = strdup(decode_str(nfo).c_str());
716  TRACEI(REQ, " Setting name: " << SecEntity.name);
717  }
718 
719  nfo = CurrentReq.opaque->Get("xrdhttphost");
720  if (nfo) {
721  TRACEI(DEBUG, " Setting host: " << nfo);
722  if (SecEntity.host) free(SecEntity.host);
723  SecEntity.host = strdup(decode_str(nfo).c_str());
724  TRACEI(REQ, " Setting host: " << SecEntity.host);
725  }
726 
727  nfo = CurrentReq.opaque->Get("xrdhttpdn");
728  if (nfo) {
729  TRACEI(DEBUG, " Setting dn: " << nfo);
730  SecEntity.moninfo = strdup(decode_str(nfo).c_str());
731  TRACEI(REQ, " Setting dn: " << SecEntity.moninfo);
732  }
733 
734  nfo = CurrentReq.opaque->Get("xrdhttprole");
735  if (nfo) {
736  TRACEI(DEBUG, " Setting role: " << nfo);
737  SecEntity.role = strdup(decode_str(nfo).c_str());
738  TRACEI(REQ, " Setting role: " << SecEntity.role);
739  }
740 
741  nfo = CurrentReq.opaque->Get("xrdhttpgrps");
742  if (nfo) {
743  TRACEI(DEBUG, " Setting grps: " << nfo);
744  SecEntity.grps = strdup(decode_str(nfo).c_str());
745  TRACEI(REQ, " Setting grps: " << SecEntity.grps);
746  }
747 
748  nfo = CurrentReq.opaque->Get("xrdhttpendorsements");
749  if (nfo) {
750  TRACEI(DEBUG, " Setting endorsements: " << nfo);
751  SecEntity.endorsements = strdup(decode_str(nfo).c_str());
752  TRACEI(REQ, " Setting endorsements: " << SecEntity.endorsements);
753  }
754 
755  nfo = CurrentReq.opaque->Get("xrdhttpcredslen");
756  if (nfo) {
757  TRACEI(DEBUG, " Setting credslen: " << nfo);
758  char *s1 = strdup(decode_str(nfo).c_str());
759  if (s1 && s1[0]) {
760  SecEntity.credslen = atoi(s1);
761  TRACEI(REQ, " Setting credslen: " << SecEntity.credslen);
762  }
763  if (s1) free(s1);
764  }
765 
766  if (SecEntity.credslen) {
767  nfo = CurrentReq.opaque->Get("xrdhttpcreds");
768  if (nfo) {
769  TRACEI(DEBUG, " Setting creds: " << nfo);
770  SecEntity.creds = strdup(decode_str(nfo).c_str());
771  TRACEI(REQ, " Setting creds: " << SecEntity.creds);
772  }
773  }
774 
775  char hash[512];
776 
777  calcHashes(hash, CurrentReq.resource.c_str(), (kXR_int16) CurrentReq.request,
778  &SecEntity,
779  tim,
780  secretkey);
781 
782  if (compareHash(hash, tk)) {
783  TRACEI(REQ, " Invalid tk '" << tk << "' != '" << hash << "'(calculated). Authentication failed.");
784  return -1;
785  }
786 
787  } else {
788  // Client is plain http. If we have a secret key then we reject it
789  if (secretkey) {
790  TRACEI(ALL, " Rejecting plain http with no valid token as we have a secretkey.");
791  return -1;
792  }
793  }
794 
795  } else {
796  // Client is plain http. If we have a secret key then we reject it
797  if (secretkey) {
798  TRACEI(ALL, " Rejecting plain http with no valid token as we have a secretkey.");
799  return -1;
800  }
801  }
802 
803  ssldone = true;
804  }
805 
806 
807 
808  // Now we have everything that is needed to try the login
809  // Remember that if there is an exthandler then it has the responsibility
810  // for authorization in the paths that it manages
811  if (!Bridge && !FindMatchingExtHandler(CurrentReq)) {
812  if (SecEntity.name)
813  Bridge = XrdXrootd::Bridge::Login(&CurrentReq, Link, &SecEntity, SecEntity.name, ishttps ? "https" : "http");
814  else
815  Bridge = XrdXrootd::Bridge::Login(&CurrentReq, Link, &SecEntity, "unknown", ishttps ? "https" : "http");
816 
817  if (!Bridge) {
818  TRACEI(REQ, " Authorization failed.");
819  return -1;
820  }
821  if (m_maxdelay > 0) Bridge->SetWait(m_maxdelay, false);
822 
823  // Let the bridge process the login, and then reinvoke us
824  DoingLogin = true;
825  return 0;
826  }
827 
828  // Compute and send the response. This may involve further reading from the socket
829  rc = CurrentReq.ProcessHTTPReq();
830  if (rc < 0)
831  CurrentReq.reset();
832 
833 
834 
835  TRACEI(REQ, "Process is exiting rc:" << rc);
836  return rc;
837 }
ClientRequest::set
struct ClientSetRequest set
Definition: XProtocol.hh:913
kXR_set
@ kXR_set
Definition: XProtocol.hh:131
ClientSetRequest::requestid
kXR_unt16 requestid
Definition: XProtocol.hh:755
ClientSetRequest::dlen
kXR_int32 dlen
Definition: XProtocol.hh:758
ClientSetRequest::modifier
kXR_char modifier
Definition: XProtocol.hh:757
ClientSetRequest::reserved
kXR_char reserved[15]
Definition: XProtocol.hh:756
kXR_int16
short kXR_int16
Definition: XPtypes.hh:66
XRHTTP_TK_GRACETIME
#define XRHTTP_TK_GRACETIME
Definition: XrdHttpProtocol.cc:62
TRACE_AUTH
#define TRACE_AUTH
Definition: XrdHttpTrace.hh:48
compareHash
int compareHash(const char *h1, const char *h2)
Definition: XrdHttpUtils.cc:367
calcHashes
void calcHashes(char *hash, const char *fn, kXR_int16 request, XrdSecEntity *secent, time_t tim, const char *key)
Definition: XrdHttpUtils.cc:231
decode_str
std::string decode_str(const std::string &str)
Definition: XrdHttpUtils.hh:213
obfuscateAuth
std::string obfuscateAuth(const std::string &input)
Definition: XrdOucUtils.cc:1591
TRACE_DEBUG
#define TRACE_DEBUG
Definition: XrdTrace.hh:36
TRACE
#define TRACE(act, x)
Definition: XrdTrace.hh:63
TRACING
#define TRACING(x)
Definition: XrdTrace.hh:70
XrdBuffer::bsize
int bsize
Definition: XrdBuffer.hh:46
XrdHttpProtocol::secretkey
static char * secretkey
The key used to calculate the url hashes.
Definition: XrdHttpProtocol.hh:418
XrdHttpProtocol::selfhttps2http
static bool selfhttps2http
If client is HTTPS, self-redirect with HTTP+token.
Definition: XrdHttpProtocol.hh:433
XrdHttpProtocol::m_maxdelay
static int m_maxdelay
Definition: XrdHttpProtocol.hh:446
XrdHttpProtocol::sslcadir
static char * sslcadir
Definition: XrdHttpProtocol.hh:404
XrdHttpReq::reqstate
int reqstate
State machine to talk to the bridge.
Definition: XrdHttpReq.hh:359
XrdHttpReq::resource
XrdOucString resource
The resource specified by the request, stripped of opaque data.
Definition: XrdHttpReq.hh:276
XrdHttpReq::headerok
bool headerok
Tells if we have finished reading the header.
Definition: XrdHttpReq.hh:284
XrdHttpReq::request
ReqType request
The request we got.
Definition: XrdHttpReq.hh:268
XrdHttpReq::ProcessHTTPReq
int ProcessHTTPReq()
Definition: XrdHttpReq.cc:881
XrdHttpReq::opaque
XrdOucEnv * opaque
The opaque data, after parsing.
Definition: XrdHttpReq.hh:278
XrdHttpReq::parseFirstLine
int parseFirstLine(char *line, int len)
Parse the first line of the header.
Definition: XrdHttpReq.cc:275
XrdHttpReq::parseLine
int parseLine(char *line, int len)
Parse the header.
Definition: XrdHttpReq.cc:118
XrdHttpReq::appendOpaque
void appendOpaque(XrdOucString &s, XrdSecEntity *secent, char *hash, time_t tnow)
Definition: XrdHttpReq.cc:652
XrdHttpReq::startTime
std::chrono::steady_clock::time_point startTime
Definition: XrdHttpReq.hh:368
XrdHttpReq::userAgent
const std::string & userAgent() const
Definition: XrdHttpReq.hh:264
XrdHttpReq::reset
virtual void reset()
Definition: XrdHttpReq.cc:2713
XrdHttpSecXtractor::InitSSL
virtual int InitSSL(SSL *, char *)
Definition: XrdHttpSecXtractor.hh:52
XrdOucEnv::Get
char * Get(const char *varname)
Definition: XrdOucEnv.hh:69
XrdSecEntity::vorg
char * vorg
Entity's virtual organization(s)
Definition: XrdSecEntity.hh:71
XrdSecEntity::credslen
int credslen
Length of the 'creds' data.
Definition: XrdSecEntity.hh:78
XrdSecEntity::prot
char prot[XrdSecPROTOIDSIZE]
Auth protocol used (e.g. krb5)
Definition: XrdSecEntity.hh:67
XrdSecEntity::creds
char * creds
Raw entity credentials or cert.
Definition: XrdSecEntity.hh:77
XrdSecEntity::grps
char * grps
Entity's group name(s)
Definition: XrdSecEntity.hh:73
XrdSecEntity::name
char * name
Entity's name.
Definition: XrdSecEntity.hh:69
XrdSecEntity::role
char * role
Entity's role(s)
Definition: XrdSecEntity.hh:72
XrdSecEntity::endorsements
char * endorsements
Protocol specific endorsements.
Definition: XrdSecEntity.hh:75
XrdSecEntity::Display
void Display(XrdSysError &mDest)
Definition: XrdSecEntity.cc:58
XrdSecEntity::moninfo
char * moninfo
Information for monitoring.
Definition: XrdSecEntity.hh:76
XrdSecEntity::host
char * host
Entity's host name dnr dependent.
Definition: XrdSecEntity.hh:70
XrdXrootd::Bridge::Login
static Bridge * Login(Result *rsltP, XrdLink *linkP, XrdSecEntity *seceP, const char *nameP, const char *protP)
Definition: XrdXrootdBridge.cc:38
XrdXrootd::Bridge::SetWait
virtual void SetWait(int wtime, bool notify=false)=0

References Addr_str, XrdLink::AddrInfo(), XrdHttpReq::appendOpaque(), Bridge, XrdBuffer::bsize, XrdBuffer::buff, XrdOucString::c_str(), calcHashes(), compareHash(), XrdSecEntity::creds, XrdSecEntity::credslen, CurrentReq, DEBUG, decode_str(), XrdSecEntity::Display(), ClientSetRequest::dlen, eDest, XrdSecEntity::endorsements, XrdLink::FDnum(), XrdOucEnv::Get(), XrdSecEntity::grps, XrdHttpReq::headerok, XrdSecEntity::host, XrdHttpSecXtractor::InitSSL(), kXR_set, XrdOucString::length(), Link, XrdXrootd::Bridge::Login(), m_maxdelay, ClientSetRequest::modifier, XrdSecEntity::moninfo, XrdSecEntity::name, obfuscateAuth(), XrdHttpReq::opaque, XrdHttpReq::parseFirstLine(), XrdHttpReq::parseLine(), Port_str, XrdHttpReq::ProcessHTTPReq(), XrdSecEntity::prot, XrdHttpReq::reqstate, XrdHttpReq::request, ClientSetRequest::requestid, ClientSetRequest::reserved, XrdHttpReq::reset(), XrdHttpReq::resource, XrdSecEntity::role, XrdHttpReq::rtGET, XrdHttpReq::rtPROPFIND, XrdHttpReq::rtPUT, XrdHttpReq::rtUnset, XrdXrootd::Bridge::Run(), SecEntity, secretkey, selfhttps2http, XrdTlsContext::Session(), ClientRequest::set, XrdXrootd::Bridge::SetWait(), XrdNetAddrInfo::SockFD(), sslcadir, XrdHttpReq::startTime, XrdHttpProtoInfo::tlsClientAuth, TRACE, TRACE_AUTH, TRACE_DEBUG, TRACEI, TRACING, XrdHttpReq::userAgent(), XrdSecEntity::vorg, XrdHttpProtoInfo::xrdctx, XrdHttpReq::xrdreq, and XRHTTP_TK_GRACETIME.

+ Here is the call graph for this function:

◆ Recycle()

void XrdHttpProtocol::Recycle ( XrdLink lp,
int  consec,
const char *  reason 
)
virtual

Recycle this instance.

Implements XrdProtocol.

Definition at line 845 of file XrdHttpProtocol.cc.

845  {
846 
847  // Release all appendages
848  //
849 
850  Cleanup();
851 
852 
853  // Set fields to starting point (debugging mostly)
854  //
855  Reset();
856 
857  // Push ourselves on the stack
858  //
859  ProtStack.Push(&ProtLink);
860 }
XrdObjectQ::Push
void Push(XrdObject< T > *Node)
Definition: XrdObject.hh:101

References ProtLink, ProtStack, and XrdObjectQ< T >::Push().

+ Here is the call graph for this function:

◆ Stats()

int XrdHttpProtocol::Stats ( char *  buff,
int  blen,
int  do_sync = 0 
)
virtual

Get activity stats.

Implements XrdProtocol.

Definition at line 862 of file XrdHttpProtocol.cc.

862  {
863  // Synchronize statistics if need be
864  //
865  // if (do_sync) {
866  //
867  // SI->statsMutex.Lock();
868  // SI->readCnt += numReads;
869  // cumReads += numReads;
870  // numReads = 0;
871  // SI->prerCnt += numReadP;
872  // cumReadP += numReadP;
873  // numReadP = 0;
874  // SI->rvecCnt += numReadV;
875  // cumReadV += numReadV;
876  // numReadV = 0;
877  // SI->rsegCnt += numSegsV;
878  // cumSegsV += numSegsV;
879  // numSegsV = 0;
880  // SI->writeCnt += numWrites;
881  // cumWrites += numWrites;
882  // numWrites = 0;
883  // SI->statsMutex.UnLock();
884  // }
885  //
886  // // Now return the statistics
887  // //
888  // return SI->Stats(buff, blen, do_sync);
889 
890  return 0;
891 }

Friends And Related Function Documentation

◆ XrdHttpExtReq

friend class XrdHttpExtReq
friend

Definition at line 84 of file XrdHttpProtocol.hh.

◆ XrdHttpReq

friend class XrdHttpReq
friend

Definition at line 83 of file XrdHttpProtocol.hh.

Member Data Documentation

◆ Addr_str

char* XrdHttpProtocol::Addr_str
protected

Our IP address, as a string. Please remember that this may not be unique for a given machine, hence we need to keep it here and recompute ad every new connection.

Definition at line 371 of file XrdHttpProtocol.hh.

Referenced by XrdHttpProtocol(), and Process().

◆ allowMissingCRL

bool XrdHttpProtocol::allowMissingCRL = false
staticprotected

Definition at line 410 of file XrdHttpProtocol.hh.

◆ BPool

XrdBuffManager * XrdHttpProtocol::BPool = 0
staticprotected

Definition at line 362 of file XrdHttpProtocol.hh.

Referenced by Configure(), and Match().

◆ Bridge

XrdXrootd::Bridge* XrdHttpProtocol::Bridge
protected

The Bridge that we use to exercise the xrootd internals.

Definition at line 377 of file XrdHttpProtocol.hh.

Referenced by doChksum(), doStat(), Process(), and XrdHttpReq::ProcessHTTPReq().

◆ CIA

XrdSecService * XrdHttpProtocol::CIA = 0
staticprotected

Definition at line 364 of file XrdHttpProtocol.hh.

◆ cksumHandler

XrdHttpChecksumHandler XrdHttpProtocol::cksumHandler = XrdHttpChecksumHandler()
static

Definition at line 137 of file XrdHttpProtocol.hh.

◆ compatNameGeneration

bool XrdHttpProtocol::compatNameGeneration = false
staticprotected

Definition at line 415 of file XrdHttpProtocol.hh.

◆ crlRefIntervalSec

int XrdHttpProtocol::crlRefIntervalSec = XrdTlsContext::DEFAULT_CRL_REF_INT_SEC
staticprotected

CRL thread refresh interval.

Definition at line 407 of file XrdHttpProtocol.hh.

◆ CurrentReq

XrdHttpReq XrdHttpProtocol::CurrentReq
protected

Area for coordinating request and responses to/from the bridge This also can process HTTP/DAV stuff

Definition at line 382 of file XrdHttpProtocol.hh.

Referenced by doChksum(), doStat(), and Process().

◆ eDest

XrdSysError XrdHttpProtocol::eDest = 0
staticprotected

Definition at line 363 of file XrdHttpProtocol.hh.

Referenced by Configure(), and Process().

◆ embeddedstatic

bool XrdHttpProtocol::embeddedstatic = true
staticprotected

If true, use the embedded css and icons.

Definition at line 439 of file XrdHttpProtocol.hh.

Referenced by XrdHttpReq::ProcessHTTPReq().

◆ gridmap

char * XrdHttpProtocol::gridmap = 0
staticprotected

Gridmap file location. The same used by XrdSecGsi.

Definition at line 413 of file XrdHttpProtocol.hh.

◆ hailWait

int XrdHttpProtocol::hailWait = 60000
staticprotected

Timeout for reading the handshake.

Definition at line 392 of file XrdHttpProtocol.hh.

Referenced by Match().

◆ hdr2cgimap

std::map< std::string, std::string > XrdHttpProtocol::hdr2cgimap
staticprotected

Rules that turn HTTP headers to cgi tokens in the URL, for internal comsumption.

Definition at line 459 of file XrdHttpProtocol.hh.

Referenced by XrdHttpReq::parseLine().

◆ isdesthttps

bool XrdHttpProtocol::isdesthttps = false
staticprotected

True if the redirections must be towards https targets.

Definition at line 424 of file XrdHttpProtocol.hh.

Referenced by XrdHttpReq::Redir().

◆ isRequiredGridmap

bool XrdHttpProtocol::isRequiredGridmap = false
staticprotected

Definition at line 414 of file XrdHttpProtocol.hh.

◆ Link

XrdLink* XrdHttpProtocol::Link
protected

The link we are bound to.

Definition at line 367 of file XrdHttpProtocol.hh.

Referenced by XrdHttpExtReq::GetClientID(), Match(), and Process().

◆ listdeny

bool XrdHttpProtocol::listdeny = false
staticprotected

If true, any form of listing is denied.

Definition at line 430 of file XrdHttpProtocol.hh.

Referenced by XrdHttpReq::ProcessHTTPReq().

◆ listredir

char * XrdHttpProtocol::listredir = 0
staticprotected

Url to redirect to in the case a listing is requested.

Definition at line 427 of file XrdHttpProtocol.hh.

Referenced by XrdHttpReq::ProcessHTTPReq().

◆ m_bio_method

BIO_METHOD * XrdHttpProtocol::m_bio_method = NULL
staticprotected

C-style vptr table for our custom BIO objects.

Definition at line 465 of file XrdHttpProtocol.hh.

◆ m_bio_type

int XrdHttpProtocol::m_bio_type = 0
staticprotected

Type identifier for our custom BIO objects.

Definition at line 462 of file XrdHttpProtocol.hh.

◆ m_maxdelay

int XrdHttpProtocol::m_maxdelay = -1
staticprotected

Definition at line 446 of file XrdHttpProtocol.hh.

Referenced by Process().

◆ m_staticheader_map

std::unordered_map<std::string, std::vector<std::pair<std::string, std::string> > > XrdHttpProtocol::m_staticheader_map
staticprotected

The static headers to always return; map is from verb to a list of (header, val) pairs.

Definition at line 477 of file XrdHttpProtocol.hh.

◆ m_staticheaders

std::unordered_map<std::string, std::string> XrdHttpProtocol::m_staticheaders
staticprotected

The static string version of m_staticheader_map. After config parsing is done, this is computed and we won't need to reference m_staticheader_map in the response path.

Definition at line 481 of file XrdHttpProtocol.hh.

◆ myRole

kXR_int32 XrdHttpProtocol::myRole = kXR_isManager
staticprotected

Our role.

Definition at line 456 of file XrdHttpProtocol.hh.

Referenced by Configure(), and XrdHttpReq::ProcessHTTPReq().

◆ pmarkHandle

XrdNetPMark * XrdHttpProtocol::pmarkHandle = nullptr
staticprotected

Packet marking handler pointer (assigned from the environment during the Config() call)

Definition at line 471 of file XrdHttpProtocol.hh.

Referenced by XrdHttpExtReq::XrdHttpExtReq(), and XrdHttpReq::parseLine().

◆ Port

int XrdHttpProtocol::Port = 1094
staticprotected

Our port.

Definition at line 398 of file XrdHttpProtocol.hh.

Referenced by Configure().

◆ Port_str

char * XrdHttpProtocol::Port_str = 0
staticprotected

Our port, as a string.

Definition at line 401 of file XrdHttpProtocol.hh.

Referenced by Configure(), and Process().

◆ ProtLink

XrdObject<XrdHttpProtocol> XrdHttpProtocol::ProtLink

Definition at line 130 of file XrdHttpProtocol.hh.

Referenced by Recycle().

◆ ProtStack

XrdObjectQ< XrdHttpProtocol > XrdHttpProtocol::ProtStack
static

Definition at line 129 of file XrdHttpProtocol.hh.

Referenced by Configure(), Match(), and Recycle().

◆ ReadRangeConfig

XrdHttpReadRangeHandler::Configuration XrdHttpProtocol::ReadRangeConfig
static

configuration for the read range handler

Definition at line 140 of file XrdHttpProtocol.hh.

◆ readWait

int XrdHttpProtocol::readWait = 300000
staticprotected

Timeout for reading data.

Definition at line 395 of file XrdHttpProtocol.hh.

◆ Sched

XrdScheduler * XrdHttpProtocol::Sched = 0
staticprotected

Definition at line 361 of file XrdHttpProtocol.hh.

Referenced by Configure().

◆ SecEntity

XrdSecEntity XrdHttpProtocol::SecEntity

Authentication area.

Definition at line 134 of file XrdHttpProtocol.hh.

Referenced by XrdHttpExtReq::XrdHttpExtReq(), XrdHttpExtReq::GetSecEntity(), Match(), Process(), and XrdHttpReq::Redir().

◆ secretkey

char * XrdHttpProtocol::secretkey = 0
staticprotected

The key used to calculate the url hashes.

Definition at line 418 of file XrdHttpProtocol.hh.

Referenced by Process(), and XrdHttpReq::Redir().

◆ selfhttps2http

bool XrdHttpProtocol::selfhttps2http = false
staticprotected

If client is HTTPS, self-redirect with HTTP+token.

Definition at line 433 of file XrdHttpProtocol.hh.

Referenced by Process().

◆ servGMap

XrdOucGMap * XrdHttpProtocol::servGMap = 0
staticprotected

The instance of the DN mapper. Created only when a valid path is given.

Definition at line 374 of file XrdHttpProtocol.hh.

◆ sslcadir

char * XrdHttpProtocol::sslcadir = 0
staticprotected

Definition at line 404 of file XrdHttpProtocol.hh.

Referenced by Process().

◆ sslcafile

char * XrdHttpProtocol::sslcafile = 0
staticprotected

Definition at line 404 of file XrdHttpProtocol.hh.

◆ sslcert

char * XrdHttpProtocol::sslcert = 0
staticprotected

OpenSSL stuff.

Definition at line 404 of file XrdHttpProtocol.hh.

◆ sslcipherfilter

char * XrdHttpProtocol::sslcipherfilter = 0
staticprotected

Definition at line 404 of file XrdHttpProtocol.hh.

◆ sslkey

char * XrdHttpProtocol::sslkey = 0
staticprotected

Definition at line 404 of file XrdHttpProtocol.hh.

◆ sslverifydepth

int XrdHttpProtocol::sslverifydepth = 9
staticprotected

Depth of verification of a certificate chain.

Definition at line 421 of file XrdHttpProtocol.hh.

◆ staticpreload

XrdOucHash< XrdHttpProtocol::StaticPreloadInfo > * XrdHttpProtocol::staticpreload = 0
staticprotected

Definition at line 453 of file XrdHttpProtocol.hh.

Referenced by XrdHttpReq::ProcessHTTPReq().

◆ staticredir

char * XrdHttpProtocol::staticredir = 0
staticprotected

Definition at line 442 of file XrdHttpProtocol.hh.

Referenced by XrdHttpReq::ProcessHTTPReq().

◆ strp_cgi_params

std::unordered_set< std::string > XrdHttpProtocol::strp_cgi_params
staticprotected

CGI parameters (names) to strip from redirect URLs.

Definition at line 436 of file XrdHttpProtocol.hh.

Referenced by parseHeader2CGI(), and XrdHttpReq::Redir().

◆ tpcForwardCreds

bool XrdHttpProtocol::tpcForwardCreds = false
staticprotected

If set to true, the HTTP TPC transfers will forward the credentials to redirected hosts.

Definition at line 474 of file XrdHttpProtocol.hh.

Referenced by XrdHttpExtReq::XrdHttpExtReq().

◆ xrd_cslist

char * XrdHttpProtocol::xrd_cslist = nullptr
staticprotected

The list of checksums that were configured via the xrd.cksum parameter on the server config file.

Definition at line 468 of file XrdHttpProtocol.hh.

Referenced by Configure().

◆ xrdcors

XrdHttpCors * XrdHttpProtocol::xrdcors = nullptr
staticprotected

Definition at line 386 of file XrdHttpProtocol.hh.

◆ xrdcorsLibPath

std::string XrdHttpProtocol::xrdcorsLibPath
staticprotected

Definition at line 384 of file XrdHttpProtocol.hh.

The documentation for this class was generated from the following files: