Inheritance diagram for XrdSecProtocolkrb5:

Collaboration diagram for XrdSecProtocolkrb5:

Public Member Functions
int	Authenticate (XrdSecCredentials cred, XrdSecParameters parms, XrdOucErrInfo einfo=0)

XrdSecCredentials *	getCredentials (XrdSecParameters parm=0, XrdOucErrInfo einfo=0)

	XrdSecProtocolkrb5 (const char KP, const char hname, const struct sockaddr *ipadd)

void	Delete ()
	Delete the protocol object. DO NOT use C++ delete() on this object. More...

Public Member Functions inherited from XrdSecProtocol
virtual int	Encrypt (const char , int, XrdSecBuffer *)

virtual int	Decrypt (const char , int, XrdSecBuffer *)

virtual int	Sign (const char , int, XrdSecBuffer *)

virtual int	Verify (const char , int, const char , int)

virtual int	getKey (char *=0, int=0)

virtual int	setKey (char *, int)

	XrdSecProtocol (const char *pName)
	Constructor. More...

Static Public Member Functions
static char *	getPrincipal ()

static int	Init (XrdOucErrInfo einfo, char KP=0, char *kfn=0)

static void	setOpts (int opts)

static void	setClientOpts (int opts)

static void	setParms (char *param)

static void	setExpFile (char *expfile)

Private Member Functions
	~XrdSecProtocolkrb5 ()

int	exp_krbTkn (XrdSecCredentials cred, XrdOucErrInfo erp)

int	get_krbFwdCreds (char KP, krb5_data outdata)

Static Private Member Functions
static int	Fatal (XrdOucErrInfo erp, int rc, const char msg1, char *KP=0, int krc=0)

static int	get_krbCreds (char KP, krb5_creds *krb_creds)

Private Attributes
struct sockaddr	hostaddr

char	CName [256]

char *	Service

char	Step

krb5_auth_context	AuthContext

krb5_auth_context	AuthClientContext

krb5_ticket *	Ticket

krb5_creds *	Creds

Static Private Attributes
static XrdSysMutex	krbContext

static XrdSysMutex	krbClientContext

static int	options = 0

static int	client_options = 0

static krb5_context	krb_context

static krb5_context	krb_client_context

static krb5_ccache	krb_client_ccache

static krb5_ccache	krb_ccache

static krb5_keytab	krb_keytab = NULL

static uid_t	krb_kt_uid = 0

static gid_t	krb_kt_gid = 0

static krb5_principal	krb_principal

static char *	Principal = 0

static char *	Parms = 0

static char	ExpFile [XrdSecMAXPATHLEN] = "/tmp/krb5cc_<uid>"

Friends
class	XrdSecProtocolDummy

Additional Inherited Members
Public Attributes inherited from XrdSecProtocol
XrdSecEntity	Entity

Protected Member Functions inherited from XrdSecProtocol
virtual	~XrdSecProtocol ()
	Destructor (prevents use of direct delete). More...

Constructor & Destructor Documentation

XrdSecProtocolkrb5::XrdSecProtocolkrb5	(	const char *	KP,
		const char *	hname,
		const struct sockaddr *	ipadd
	)

inline

References AuthClientContext, AuthContext, CName, Creds, XrdSecProtocol::Entity, XrdSecEntity::host, hostaddr, XrdSecEntity::name, Service, Step, and Ticket.

XrdSecProtocolkrb5::~XrdSecProtocolkrb5 ( )

inlineprivate

Member Function Documentation

int XrdSecProtocolkrb5::Authenticate	(	XrdSecCredentials *	cred,
		XrdSecParameters **	parms,
		XrdOucErrInfo *	einfo = `0`
	)

virtual

Authenticate a client.

Parameters

cred	Credentials supplied by the client.
parms	Place where the address of additional authentication data is to be placed for another autrhentication handshake.
einfo	The error information object where error messages should be placed. The messages are returned to the client. Should einfo be null, messages should be written to stderr.

Returns: > 0 -> parms present (more authentication needed) = 0 -> Entity present (authentication suceeded) < 0 -> einfo present (error has occured)

Implements XrdSecProtocol.

References AuthContext, XrdSecBuffer::buffer, CLDBG, CName, emsg(), XrdSecProtocol::Entity, exp_krbTkn(), Fatal(), hostaddr, krb_context, krb_keytab, krb_kt_gid, krb_kt_uid, krb_principal, krbContext, XrdSysMutex::Lock(), options, Principal, XrdSecEntity::prot, XrdSecBuffer::size, Step, Ticket, XrdSysMutex::UnLock(), XrdSysPrivGuard::Valid(), XrdSecEXPTKN, XrdSecNOIPCHK, XrdSecPROTOIDENT, and XrdSecPROTOIDLEN.

void XrdSecProtocolkrb5::Delete ( )

virtual

Delete the protocol object. DO NOT use C++ delete() on this object.

Implements XrdSecProtocol.

References AuthClientContext, AuthContext, Creds, XrdSecProtocol::Entity, XrdSecEntity::host, krb_client_context, krb_context, Parms, Service, and Ticket.

int XrdSecProtocolkrb5::exp_krbTkn	(	XrdSecCredentials *	cred,
		XrdOucErrInfo *	erp
	)

private

References AuthContext, XrdSecBuffer::buffer, CName, ExpFile, Fatal(), hostaddr, krb_context, krb_principal, krbContext, XrdSysMutex::Lock(), XrdSecBuffer::size, Ticket, XrdSysPrivGuard::Valid(), XrdSecMAXPATHLEN, and XrdSecPROTOIDLEN.

Referenced by Authenticate().

int XrdSecProtocolkrb5::Fatal	(	XrdOucErrInfo *	erp,
		int	rc,
		const char *	msg1,
		char *	KP = `0`,
		int	krc = `0`
	)

staticprivate

References krb_etxt, and XrdOucErrInfo::setErrInfo().

Referenced by Authenticate(), exp_krbTkn(), getCredentials(), and Init().

int XrdSecProtocolkrb5::get_krbCreds	(	char *	KP,
		krb5_creds **	krb_creds
	)

staticprivate

References CLDBG, krb_client_ccache, krb_client_context, and krb_etxt.

Referenced by getCredentials().

int XrdSecProtocolkrb5::get_krbFwdCreds	(	char *	KP,
		krb5_data *	outdata
	)

private

References AuthClientContext, CLDBG, krb_client_ccache, krb_client_context, and krb_etxt.

Referenced by getCredentials().

XrdSecCredentials * XrdSecProtocolkrb5::getCredentials	(	XrdSecParameters *	parm = `0`,
		XrdOucErrInfo *	einfo = `0`
	)

virtual

Generate client credentials to be used in the authentication process.

Parameters

parm	Pointer to the information returned by the server either in the initial login response or the authmore response.
einfo	The error information object where error messages should be placed. The messages are returned to the client. Should einfo be null, messages should be written to stderr.

Returns: Success: Pointer to credentials to sent to the server. The caller is responsible for deleting the object. Failure: Null pointer with einfo, if supplied, containing the reason for the failure.

Implements XrdSecProtocol.

References access(), AuthClientContext, CLDBG, client_options, CLPRT, Creds, Fatal(), get_krbCreds(), get_krbFwdCreds(), krb_client_ccache, krb_client_context, krbClientContext, XrdSysMutex::Lock(), Service, Step, XrdSysMutex::UnLock(), XrdSecEXPTKN, XrdSecINITTKN, XrdSecPROTOIDENT, and XrdSecPROTOIDLEN.