XRootD
XrdHttpProtocol Class Reference

#include <XrdHttpProtocol.hh>

+ Inheritance diagram for XrdHttpProtocol:
+ Collaboration diagram for XrdHttpProtocol:

Classes

struct  StaticPreloadInfo
 

Public Member Functions

 XrdHttpProtocol (bool imhttps)
 
 XrdHttpProtocol (const XrdHttpProtocol &)=default
 Ctor, dtors and copy ctor. More...
 
 ~XrdHttpProtocol ()
 
int doChksum (const XrdOucString &fname)
 Perform a checksum request. More...
 
void DoIt ()
 Override from the base class. More...
 
int doStat (char *fname)
 Perform a Stat request. More...
 
bool isHTTPS ()
 called via https More...
 
XrdProtocolMatch (XrdLink *lp)
 Tells if the oustanding bytes on the socket match this protocol implementation. More...
 
XrdHttpProtocol operator= (const XrdHttpProtocol &rhs)
 
int Process (XrdLink *lp)
 Process data incoming from the socket. More...
 
void Recycle (XrdLink *lp, int consec, const char *reason)
 Recycle this instance. More...
 
int Stats (char *buff, int blen, int do_sync=0)
 Get activity stats. More...
 
- Public Member Functions inherited from XrdProtocol
 XrdProtocol (const char *jname)
 
virtual ~XrdProtocol ()
 
- Public Member Functions inherited from XrdJob
 XrdJob (const char *desc="")
 
virtual ~XrdJob ()
 

Static Public Member Functions

static int Configure (char *parms, XrdProtocol_Config *pi)
 Read and apply the configuration. More...
 
static int parseHeader2CGI (XrdOucStream &Config, XrdSysError &err, std::map< std::string, std::string > &header2cgi)
 Use this function to parse header2cgi configurations. More...
 

Public Attributes

XrdObject< XrdHttpProtocolProtLink
 
XrdSecEntity SecEntity
 Authentication area. More...
 
- Public Attributes inherited from XrdJob
const char * Comment
 
XrdJobNextJob
 

Static Public Attributes

static XrdHttpChecksumHandler cksumHandler = XrdHttpChecksumHandler()
 
static XrdObjectQ< XrdHttpProtocolProtStack
 
static XrdHttpReadRangeHandler::Configuration ReadRangeConfig
 configuration for the read range handler More...
 

Protected Attributes

char * Addr_str
 
XrdXrootd::BridgeBridge
 The Bridge that we use to exercise the xrootd internals. More...
 
XrdHttpReq CurrentReq
 
XrdLinkLink
 The link we are bound to. More...
 

Static Protected Attributes

static XrdBuffManagerBPool = 0
 
static XrdSecServiceCIA = 0
 
static bool compatNameGeneration = false
 
static int crlRefIntervalSec = XrdTlsContext::DEFAULT_CRL_REF_INT_SEC
 CRL thread refresh interval. More...
 
static XrdSysError eDest = 0
 
static bool embeddedstatic = true
 If true, use the embedded css and icons. More...
 
static char * gridmap = 0
 Gridmap file location. The same used by XrdSecGsi. More...
 
static int hailWait = 60000
 Timeout for reading the handshake. More...
 
static std::map< std::string, std::string > hdr2cgimap
 Rules that turn HTTP headers to cgi tokens in the URL, for internal comsumption. More...
 
static bool isdesthttps = false
 True if the redirections must be towards https targets. More...
 
static bool isRequiredGridmap = false
 
static bool listdeny = false
 If true, any form of listing is denied. More...
 
static char * listredir = 0
 Url to redirect to in the case a listing is requested. More...
 
static BIO_METHOD * m_bio_method = NULL
 C-style vptr table for our custom BIO objects. More...
 
static int m_bio_type = 0
 Type identifier for our custom BIO objects. More...
 
static std::unordered_map< std::string, std::vector< std::pair< std::string, std::string > > > m_staticheader_map
 The static headers to always return; map is from verb to a list of (header, val) pairs. More...
 
static std::unordered_map< std::string, std::string > m_staticheaders
 
static kXR_int32 myRole = kXR_isManager
 Our role. More...
 
static XrdNetPMarkpmarkHandle = nullptr
 Packet marking handler pointer (assigned from the environment during the Config() call) More...
 
static int Port = 1094
 Our port. More...
 
static char * Port_str = 0
 Our port, as a string. More...
 
static int readWait = 300000
 Timeout for reading data. More...
 
static XrdSchedulerSched = 0
 
static char * secretkey = 0
 The key used to calculate the url hashes. More...
 
static bool selfhttps2http = false
 If client is HTTPS, self-redirect with HTTP+token. More...
 
static XrdOucGMapservGMap = 0
 The instance of the DN mapper. Created only when a valid path is given. More...
 
static char * sslcadir = 0
 
static char * sslcafile = 0
 
static char * sslcert = 0
 OpenSSL stuff. More...
 
static char * sslcipherfilter = 0
 
static char * sslkey = 0
 
static int sslverifydepth = 9
 Depth of verification of a certificate chain. More...
 
static XrdOucHash< StaticPreloadInfo > * staticpreload = 0
 
static char * staticredir = 0
 
static bool tpcForwardCreds = false
 If set to true, the HTTP TPC transfers will forward the credentials to redirected hosts. More...
 
static char * xrd_cslist = nullptr
 The list of checksums that were configured via the xrd.cksum parameter on the server config file. More...
 

Friends

class XrdHttpExtReq
 
class XrdHttpReq
 

Detailed Description

Definition at line 80 of file XrdHttpProtocol.hh.


Class Documentation

◆ XrdHttpProtocol::StaticPreloadInfo

struct XrdHttpProtocol::StaticPreloadInfo

Definition at line 431 of file XrdHttpProtocol.hh.

+ Collaboration diagram for XrdHttpProtocol::StaticPreloadInfo:
Class Members
char * data
int len

Constructor & Destructor Documentation

◆ XrdHttpProtocol() [1/2]

XrdHttpProtocol::XrdHttpProtocol ( const XrdHttpProtocol )
default

Ctor, dtors and copy ctor.

Referenced by Match().

+ Here is the caller graph for this function:

◆ XrdHttpProtocol() [2/2]

XrdHttpProtocol::XrdHttpProtocol ( bool  imhttps)

Definition at line 197 of file XrdHttpProtocol.cc.

198 : XrdProtocol("HTTP protocol handler"), ProtLink(this),
200  myBuff = 0;
201  Addr_str = 0;
202  Reset();
203  ishttps = imhttps;
204 
205 }
XrdObject< XrdHttpProtocol > ProtLink
XrdHttpReq CurrentReq
static XrdHttpReadRangeHandler::Configuration ReadRangeConfig
configuration for the read range handler
XrdSecEntity SecEntity
Authentication area.
XrdProtocol(const char *jname)
Definition: XrdProtocol.hh:156

References Addr_str.

◆ ~XrdHttpProtocol()

XrdHttpProtocol::~XrdHttpProtocol ( )
inline

Definition at line 124 of file XrdHttpProtocol.hh.

124  {
125  Cleanup();
126  }

Member Function Documentation

◆ Configure()

int XrdHttpProtocol::Configure ( char *  parms,
XrdProtocol_Config pi 
)
static

Read and apply the configuration.

Definition at line 1740 of file XrdHttpProtocol.cc.

1740  {
1741  /*
1742  Function: Establish configuration at load time.
1743 
1744  Input: None.
1745 
1746  Output: 0 upon success or !0 otherwise.
1747  */
1748 
1749  char *rdf;
1750 
1751  // Copy out the special info we want to use at top level
1752  //
1753  eDest.logger(pi->eDest->logger());
1755  // SI = new XrdXrootdStats(pi->Stats);
1756  Sched = pi->Sched;
1757  BPool = pi->BPool;
1758  xrd_cslist = getenv("XRD_CSLIST");
1759 
1760  Port = pi->Port;
1761 
1762  // Copy out the current TLS context
1763  //
1764  xrdctx = pi->tlsCtx;
1765 
1766  {
1767  char buf[16];
1768  sprintf(buf, "%d", Port);
1769  Port_str = strdup(buf);
1770  }
1771 
1772  // Now process and configuration parameters
1773  //
1774  rdf = (parms && *parms ? parms : pi->ConfigFN);
1775  if (rdf && Config(rdf, pi->theEnv)) return 0;
1776  if (pi->DebugON) XrdHttpTrace.What = TRACE_ALL;
1777 
1778  // Set the redirect flag if we are a pure redirector
1779  myRole = kXR_isServer;
1780  if ((rdf = getenv("XRDROLE"))) {
1781  eDest.Emsg("Config", "XRDROLE: ", rdf);
1782 
1783  if (!strcasecmp(rdf, "manager") || !strcasecmp(rdf, "supervisor")) {
1785  eDest.Emsg("Config", "Configured as HTTP(s) redirector.");
1786  } else {
1787 
1788  eDest.Emsg("Config", "Configured as HTTP(s) data server.");
1789  }
1790 
1791  } else {
1792  eDest.Emsg("Config", "No XRDROLE specified.");
1793  }
1794 
1795  // Schedule protocol object cleanup
1796  //
1798  (XrdHttpTrace.What & TRACE_MEM ? TRACE_MEM : 0));
1799  ProtStack.Set((pi->ConnMax / 3 ? pi->ConnMax / 3 : 30), 60 * 60);
1800 
1801  // Return success
1802  //
1803 
1804  return 1;
1805 }
#define kXR_isManager
Definition: XProtocol.hh:1156
#define kXR_isServer
Definition: XProtocol.hh:1157
XrdSysTrace XrdHttpTrace("http")
#define TRACE_MEM
Definition: XrdTrace.hh:38
#define TRACE_ALL
Definition: XrdTrace.hh:35
static XrdScheduler * Sched
static kXR_int32 myRole
Our role.
static char * Port_str
Our port, as a string.
static XrdSysError eDest
static char * xrd_cslist
The list of checksums that were configured via the xrd.cksum parameter on the server config file.
static XrdObjectQ< XrdHttpProtocol > ProtStack
static int Port
Our port.
static XrdBuffManager * BPool
void Set(int inQMax, time_t agemax=1800)
Definition: XrdObject.icc:90
XrdBuffManager * BPool
Definition: XrdProtocol.hh:63
XrdScheduler * Sched
Definition: XrdProtocol.hh:64
XrdTlsContext * tlsCtx
Definition: XrdProtocol.hh:99
XrdSysError * eDest
Definition: XrdProtocol.hh:61
XrdOucEnv * theEnv
Definition: XrdProtocol.hh:66
int Emsg(const char *esfx, int ecode, const char *text1, const char *text2=0)
Definition: XrdSysError.cc:95
XrdSysLogger * logger(XrdSysLogger *lp=0)
Definition: XrdSysError.hh:141
void SetLogger(XrdSysLogger *logp)
Definition: XrdSysTrace.cc:65
XrdTlsContext * xrdctx

References XrdProtocol_Config::BPool, BPool, XrdCms::Config, XrdProtocol_Config::ConfigFN, XrdProtocol_Config::ConnMax, XrdProtocol_Config::DebugON, XrdProtocol_Config::eDest, eDest, XrdSysError::Emsg(), kXR_isManager, kXR_isServer, XrdSysError::logger(), myRole, XrdProtocol_Config::Port, Port, Port_str, ProtStack, XrdProtocol_Config::Sched, Sched, XrdObjectQ< T >::Set(), XrdSysTrace::SetLogger(), XrdProtocol_Config::theEnv, XrdProtocol_Config::tlsCtx, TRACE_ALL, TRACE_MEM, XrdSysTrace::What, xrd_cslist, XrdHttpProtoInfo::xrdctx, and XrdHttpTrace.

Referenced by XrdgetProtocol().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ doChksum()

int XrdHttpProtocol::doChksum ( const XrdOucString fname)

Perform a checksum request.

Definition at line 3080 of file XrdHttpProtocol.cc.

3080  {
3081  size_t length;
3082  memset(&CurrentReq.xrdreq, 0, sizeof (ClientRequest));
3086  memset(CurrentReq.xrdreq.query.fhandle, '\0', sizeof(CurrentReq.xrdreq.query.fhandle));
3088  length = fname.length() + 1;
3089  CurrentReq.xrdreq.query.dlen = htonl(length);
3090 
3091  if (!Bridge) return -1;
3092 
3093  return Bridge->Run(reinterpret_cast<char *>(&CurrentReq.xrdreq), const_cast<char *>(fname.c_str()), length) ? 0 : -1;
3094 }
kXR_unt16 requestid
Definition: XProtocol.hh:630
kXR_char reserved1[2]
Definition: XProtocol.hh:632
kXR_unt16 infotype
Definition: XProtocol.hh:631
kXR_char reserved2[8]
Definition: XProtocol.hh:634
kXR_char fhandle[4]
Definition: XProtocol.hh:633
@ kXR_query
Definition: XProtocol.hh:113
struct ClientQueryRequest query
Definition: XProtocol.hh:866
@ kXR_Qcksum
Definition: XProtocol.hh:617
XrdXrootd::Bridge * Bridge
The Bridge that we use to exercise the xrootd internals.
ClientRequest xrdreq
The last issued xrd request, often pending.
Definition: XrdHttpReq.hh:305
const char * c_str() const
int length() const
virtual bool Run(const char *xreqP, char *xdataP=0, int xdataL=0)=0

References Bridge, XrdOucString::c_str(), CurrentReq, ClientQueryRequest::dlen, ClientQueryRequest::fhandle, ClientQueryRequest::infotype, kXR_Qcksum, kXR_query, XrdOucString::length(), ClientRequest::query, ClientQueryRequest::requestid, ClientQueryRequest::reserved1, ClientQueryRequest::reserved2, XrdXrootd::Bridge::Run(), and XrdHttpReq::xrdreq.

Referenced by XrdHttpReq::ProcessHTTPReq().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ DoIt()

void XrdHttpProtocol::DoIt ( )
inlinevirtual

Override from the base class.

Implements XrdJob.

Definition at line 91 of file XrdHttpProtocol.hh.

91  {
92  if (Resume) (*this.*Resume)();
93  }

◆ doStat()

int XrdHttpProtocol::doStat ( char *  fname)

Perform a Stat request.

Definition at line 3052 of file XrdHttpProtocol.cc.

3052  {
3053  int l;
3054  bool b;
3055  CurrentReq.filesize = 0;
3056  CurrentReq.fileflags = 0;
3057  CurrentReq.filemodtime = 0;
3058 
3059  memset(&CurrentReq.xrdreq, 0, sizeof (ClientRequest));
3061  memset(CurrentReq.xrdreq.stat.reserved, 0,
3062  sizeof (CurrentReq.xrdreq.stat.reserved));
3063  l = strlen(fname) + 1;
3064  CurrentReq.xrdreq.stat.dlen = htonl(l);
3065 
3066  if (!Bridge) return -1;
3067  b = Bridge->Run((char *) &CurrentReq.xrdreq, fname, l);
3068  if (!b) {
3069  return -1;
3070  }
3071 
3072 
3073  return 0;
3074 }
kXR_char reserved[11]
Definition: XProtocol.hh:770
@ kXR_stat
Definition: XProtocol.hh:129
kXR_unt16 requestid
Definition: XProtocol.hh:768
struct ClientStatRequest stat
Definition: XProtocol.hh:873
kXR_int32 dlen
Definition: XProtocol.hh:772
long fileflags
Definition: XrdHttpReq.hh:321
long filemodtime
Definition: XrdHttpReq.hh:322
long long filesize
Definition: XrdHttpReq.hh:320

References Bridge, CurrentReq, ClientStatRequest::dlen, XrdHttpReq::fileflags, XrdHttpReq::filemodtime, XrdHttpReq::filesize, kXR_stat, ClientStatRequest::requestid, ClientStatRequest::reserved, XrdXrootd::Bridge::Run(), ClientRequest::stat, and XrdHttpReq::xrdreq.

Referenced by XrdHttpReq::ProcessHTTPReq().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ isHTTPS()

bool XrdHttpProtocol::isHTTPS ( )
inline

called via https

Definition at line 142 of file XrdHttpProtocol.hh.

142 { return ishttps; }

Referenced by XrdHttpExtReq::XrdHttpExtReq().

+ Here is the caller graph for this function:

◆ Match()

XrdProtocol * XrdHttpProtocol::Match ( XrdLink lp)
virtual

Tells if the oustanding bytes on the socket match this protocol implementation.

Implements XrdProtocol.

Definition at line 223 of file XrdHttpProtocol.cc.

223  {
224  char mybuf[16], mybuf2[1024];
225  XrdHttpProtocol *hp;
226  int dlen;
227  bool myishttps = false;
228 
229  // Peek at the first 20 bytes of data
230  //
231  if ((dlen = lp->Peek(mybuf, (int) sizeof (mybuf), hailWait)) < (int) sizeof (mybuf)) {
232  if (dlen <= 0) lp->setEtext("handshake not received");
233  return (XrdProtocol *) 0;
234  }
235  mybuf[dlen - 1] = '\0';
236 
237  // Trace the data
238  //
239 
240  TRACEI(DEBUG, "received dlen: " << dlen);
241  //TRACEI(REQ, "received buf: " << mybuf);
242  mybuf2[0] = '\0';
243  for (int i = 0; i < dlen; i++) {
244  char mybuf3[16];
245  sprintf(mybuf3, "%.02d ", mybuf[i]);
246  strcat(mybuf2, mybuf3);
247 
248  }
249  TRACEI(DEBUG, "received dump: " << mybuf2);
250 
251  // Decide if it looks http or not. For now we are happy if all the received characters are alphanumeric
252  bool ismine = true;
253  for (int i = 0; i < dlen - 1; i++)
254  if (!isprint(mybuf[i]) && (mybuf[i] != '\r') && (mybuf[i] != '\n')) {
255  ismine = false;
256  TRACEI(DEBUG, "This does not look like http at pos " << i);
257  break;
258  }
259 
260  // If it does not look http then look if it looks like https
261  if ((!ismine) && (dlen >= 4)) {
262  char check[4] = {00, 00, 00, 00};
263  if (memcmp(mybuf, check, 4)) {
264 
265  if (httpsmode) {
266  ismine = true;
267  myishttps = true;
268  TRACEI(DEBUG, "This may look like https");
269  } else {
270  TRACEI(ALL, "This may look like https, but https is not configured");
271  }
272 
273  }
274  }
275 
276  if (!ismine) {
277  TRACEI(DEBUG, "This does not look like https. Protocol not matched.");
278  return (XrdProtocol *) 0;
279  }
280 
281  // It does look http or https...
282  // Get a protocol object off the stack (if none, allocate a new one)
283  //
284 
285  TRACEI(REQ, "Protocol matched. https: " << myishttps);
286  if (!(hp = ProtStack.Pop())) hp = new XrdHttpProtocol(myishttps);
287  else
288  hp->ishttps = myishttps;
289 
290  // We now have to do some work arounds to tell the underlying framework
291  // that is is https without invoking TLS on the actual link. Eventually,
292  // we should just use the link's TLS native implementation.
293  //
294  hp->SecEntity.addrInfo = lp->AddrInfo();
295  XrdNetAddr *netP = const_cast<XrdNetAddr*>(lp->NetAddr());
296  netP->SetDialect("https");
297  netP->SetTLS(true);
298 
299  // Allocate 1MB buffer from pool
300  if (!hp->myBuff) {
301  hp->myBuff = BPool->Obtain(1024 * 1024);
302  }
303  hp->myBuffStart = hp->myBuffEnd = hp->myBuff->buff;
304 
305  // Bind the protocol to the link and return the protocol
306  //
307  hp->Link = lp;
308  return (XrdProtocol *) hp;
309 }
#define DEBUG(x)
Definition: XrdBwmTrace.hh:54
#define TRACEI(act, x)
Definition: XrdTrace.hh:66
XrdBuffer * Obtain(int bsz)
Definition: XrdBuffer.cc:140
char * buff
Definition: XrdBuffer.hh:45
static int hailWait
Timeout for reading the handshake.
XrdLink * Link
The link we are bound to.
XrdHttpProtocol(const XrdHttpProtocol &)=default
Ctor, dtors and copy ctor.
void SetDialect(const char *dP)
Definition: XrdNetAddr.hh:205
void SetTLS(bool val)
Definition: XrdNetAddr.cc:590
T * Pop()
Definition: XrdObject.hh:93
XrdNetAddrInfo * addrInfo
Entity's connection details.
Definition: XrdSecEntity.hh:80

References XrdHttpProtocol(), XrdLink::AddrInfo(), XrdSecEntity::addrInfo, BPool, XrdBuffer::buff, DEBUG, hailWait, XrdHttpProtoInfo::httpsmode, Link, XrdLink::NetAddr(), XrdBuffManager::Obtain(), XrdLink::Peek(), XrdObjectQ< T >::Pop(), ProtStack, SecEntity, XrdNetAddr::SetDialect(), XrdLink::setEtext(), XrdNetAddr::SetTLS(), and TRACEI.

+ Here is the call graph for this function:

◆ operator=()

XrdHttpProtocol XrdHttpProtocol::operator= ( const XrdHttpProtocol rhs)

Definition at line 212 of file XrdHttpProtocol.cc.

212  {
213 
214  return *this;
215 }

◆ parseHeader2CGI()

int XrdHttpProtocol::parseHeader2CGI ( XrdOucStream Config,
XrdSysError err,
std::map< std::string, std::string > &  header2cgi 
)
static

Use this function to parse header2cgi configurations.

Definition at line 1810 of file XrdHttpProtocol.cc.

1810  {
1811  char *val, keybuf[1024], parmbuf[1024];
1812  char *parm;
1813 
1814  // Get the header key
1815  val = Config.GetWord();
1816  if (!val || !val[0]) {
1817  err.Emsg("Config", "No headerkey specified.");
1818  return 1;
1819  } else {
1820 
1821  // Trim the beginning, in place
1822  while ( *val && !isalnum(*val) ) val++;
1823  strcpy(keybuf, val);
1824 
1825  // Trim the end, in place
1826  char *pp;
1827  pp = keybuf + strlen(keybuf) - 1;
1828  while ( (pp >= keybuf) && (!isalnum(*pp)) ) {
1829  *pp = '\0';
1830  pp--;
1831  }
1832 
1833  parm = Config.GetWord();
1834 
1835  // Avoids segfault in case a key is given without value
1836  if(!parm || !parm[0]) {
1837  err.Emsg("Config", "No header2cgi value specified. key: '", keybuf, "'");
1838  return 1;
1839  }
1840 
1841  // Trim the beginning, in place
1842  while ( *parm && !isalnum(*parm) ) parm++;
1843  strcpy(parmbuf, parm);
1844 
1845  // Trim the end, in place
1846  pp = parmbuf + strlen(parmbuf) - 1;
1847  while ( (pp >= parmbuf) && (!isalnum(*pp)) ) {
1848  *pp = '\0';
1849  pp--;
1850  }
1851 
1852  // Add this mapping to the map that will be used
1853  try {
1854  header2cgi[keybuf] = parmbuf;
1855  } catch ( ... ) {
1856  err.Emsg("Config", "Can't insert new header2cgi rule. key: '", keybuf, "'");
1857  return 1;
1858  }
1859 
1860  }
1861  return 0;
1862 }
XrdCmsConfig Config

References XrdCms::Config, and XrdSysError::Emsg().

+ Here is the call graph for this function:

◆ Process()

int XrdHttpProtocol::Process ( XrdLink lp)
virtual

Process data incoming from the socket.

Implements XrdProtocol.

Definition at line 485 of file XrdHttpProtocol.cc.

486 {
487  int rc = 0;
488 
489  TRACEI(DEBUG, " Process. lp:"<<(void *)lp<<" reqstate: "<<CurrentReq.reqstate);
490 
491  if (!myBuff || !myBuff->buff || !myBuff->bsize) {
492  TRACE(ALL, " Process. No buffer available. Internal error.");
493  return -1;
494  }
495 
496 
497  if (!SecEntity.host) {
498  char *nfo = GetClientIPStr();
499  if (nfo) {
500  TRACEI(REQ, " Setting host: " << nfo);
501  SecEntity.host = nfo;
502  strcpy(SecEntity.prot, "http");
503  }
504  }
505 
506 
507 
508  // If https then check independently for the ssl handshake
509  if (ishttps && !ssldone) {
510 
511  if (!ssl) {
512  sbio = CreateBIO(Link);
513  BIO_set_nbio(sbio, 1);
515  TRACE(ALL, "Failed to configure the TLS client authentication; invalid configuration");
516  return -1;
517  }
518  ssl = (SSL*)xrdctx->Session();
519  }
520 
521  if (!ssl) {
522  TRACEI(DEBUG, " SSL_new returned NULL");
523  ERR_print_errors(sslbio_err);
524  return -1;
525  }
526 
527  // If a secxtractor has been loaded
528  // maybe it wants to add its own initialization bits
529  if (secxtractor)
530  secxtractor->InitSSL(ssl, sslcadir);
531 
532  SSL_set_bio(ssl, sbio, sbio);
533  //SSL_set_connect_state(ssl);
534 
535  //SSL_set_fd(ssl, Link->FDnum());
536  struct timeval tv;
537  tv.tv_sec = 10;
538  tv.tv_usec = 0;
539  setsockopt(Link->FDnum(), SOL_SOCKET, SO_RCVTIMEO, (struct timeval *)&tv, sizeof(struct timeval));
540  setsockopt(Link->FDnum(), SOL_SOCKET, SO_SNDTIMEO, (struct timeval *)&tv, sizeof(struct timeval));
541 
542  TRACEI(DEBUG, " Entering SSL_accept...");
543  int res = SSL_accept(ssl);
544  TRACEI(DEBUG, " SSL_accept returned :" << res);
545  if ((res == -1) && (SSL_get_error(ssl, res) == SSL_ERROR_WANT_READ)) {
546  TRACEI(DEBUG, " SSL_accept wants to read more bytes... err:" << SSL_get_error(ssl, res));
547  return 1;
548  }
549 
550  if(res <= 0) {
551  ERR_print_errors(sslbio_err);
552  if (res < 0) {
553 
554  SSL_free(ssl);
555  ssl = 0;
556  return -1;
557  }
558  }
559 
560  BIO_set_nbio(sbio, 0);
561 
562  strcpy(SecEntity.prot, "https");
563 
564  // Get the voms string and auth information
565  if (tlsClientAuth == XrdTlsContext::ClientAuthSetting::kOn && HandleAuthentication(Link)) {
566  SSL_free(ssl);
567  ssl = 0;
568  return -1;
569  }
570 
571  ssldone = true;
572  if (TRACING(TRACE_AUTH)) {
574  }
575  }
576 
577 
578 
579  if (!DoingLogin) {
580  // Re-invocations triggered by the bridge have lp==0
581  // In this case we keep track of a different request state
582  if (lp) {
583 
584  // This is an invocation that was triggered by a socket event
585  // Read all the data that is available, throw it into the buffer
586  if ((rc = getDataOneShot(BuffAvailable())) < 0) {
587  // Error -> exit
588  return -1;
589  }
590 
591  // If we need more bytes, let's wait for another invokation
592  if (BuffUsed() < ResumeBytes) return 1;
593 
594 
595  } else
597  } else if (!DoneSetInfo && !CurrentReq.userAgent().empty()) { // DoingLogin is true, meaning the login finished.
598  std::string mon_info = "monitor info " + CurrentReq.userAgent();
599  DoneSetInfo = true;
600  if (mon_info.size() >= 1024) {
601  TRACEI(ALL, "User agent string too long");
602  } else if (!Bridge) {
603  TRACEI(ALL, "Internal logic error: Bridge is null after login");
604  } else {
605  TRACEI(DEBUG, "Setting " << mon_info);
606  memset(&CurrentReq.xrdreq, 0, sizeof (ClientRequest));
608  CurrentReq.xrdreq.set.modifier = '\0';
609  memset(CurrentReq.xrdreq.set.reserved, '\0', sizeof(CurrentReq.xrdreq.set.reserved));
610  CurrentReq.xrdreq.set.dlen = htonl(mon_info.size());
611  if (!Bridge->Run((char *) &CurrentReq.xrdreq, (char *) mon_info.c_str(), mon_info.size())) {
612  SendSimpleResp(500, nullptr, nullptr, "Could not set user agent.", 0, false);
613  return -1;
614  }
615  return 0;
616  }
617  } else {
618  DoingLogin = false;
619  }
620 
621  // Read the next request header, that is, read until a double CRLF is found
622 
623 
624  if (!CurrentReq.headerok) {
625 
626  // Read as many lines as possible into the buffer. An empty line breaks
627  while ((rc = BuffgetLine(tmpline)) > 0) {
628  std::string traceLine = tmpline.c_str();
629  if (TRACING(TRACE_DEBUG)) {
630  traceLine = obfuscateAuth(traceLine);
631  }
632  TRACE(DEBUG, " rc:" << rc << " got hdr line: " << traceLine);
633  if ((rc == 2) && (tmpline.length() > 1) && (tmpline[rc - 1] == '\n')) {
634  CurrentReq.headerok = true;
635  TRACE(DEBUG, " rc:" << rc << " detected header end.");
636  break;
637  }
638 
639 
641  TRACE(DEBUG, " Parsing first line: " << traceLine.c_str());
642  int result = CurrentReq.parseFirstLine((char *)tmpline.c_str(), rc);
643  if (result < 0) {
644  TRACE(DEBUG, " Parsing of first line failed with " << result);
645  return -1;
646  }
647  } else {
648  int result = CurrentReq.parseLine((char *) tmpline.c_str(), rc);
649  if(result < 0) {
650  TRACE(DEBUG, " Parsing of header line failed with " << result)
651  SendSimpleResp(400,NULL,NULL,"Malformed header line. Hint: ensure the line finishes with \"\\r\\n\"", 0, false);
652  return -1;
653  }
654  }
655 
656 
657  }
658 
659  // Here we have CurrentReq loaded with the header, or its relevant fields
660 
661  if (!CurrentReq.headerok) {
662  TRACEI(REQ, " rc:" << rc << "Header not yet complete.");
663 
664  // Here a subtle error condition. IF we failed reading a line AND the buffer
665  // has a reasonable amount of data available THEN we consider the header
666  // as corrupted and shutdown the client
667  if ((rc <= 0) && (BuffUsed() >= 16384)) {
668  TRACEI(ALL, "Corrupted header detected, or line too long. Disconnecting client.");
669  return -1;
670  }
671 
672 
673  if (CurrentReq.reqstate > 0)
675  // Waiting for more data
676  return 1;
677  }
678 
679  }
680 
681  // If we are in self-redirect mode, then let's do it
682  // Do selfredirect only with 'simple' requests, otherwise poor clients may misbehave
683  if (ishttps && ssldone && selfhttps2http &&
686  char hash[512];
687  time_t timenow = time(0);
688 
689 
691  &SecEntity,
692  timenow,
693  secretkey);
694 
695 
696 
697  if (hash[0]) {
698 
699  // Workaround... delete the previous opaque information
700  if (CurrentReq.opaque) {
701  delete CurrentReq.opaque;
702  CurrentReq.opaque = 0;
703  }
704 
705  TRACEI(REQ, " rc:" << rc << " self-redirecting to http with security token.");
706 
707  XrdOucString dest = "Location: http://";
708  // Here I should put the IP addr of the server
709 
710  // We have to recompute it here because we don't know to which
711  // interface the client had connected to
712  struct sockaddr_storage sa;
713  socklen_t sl = sizeof(sa);
714  getsockname(this->Link->AddrInfo()->SockFD(), (struct sockaddr*)&sa, &sl);
715 
716  // now get it back and print it
717  char buf[256];
718  bool ok = false;
719 
720  switch (sa.ss_family) {
721  case AF_INET:
722  if (inet_ntop(AF_INET, &(((sockaddr_in*)&sa)->sin_addr), buf, INET_ADDRSTRLEN)) {
723  if (Addr_str) free(Addr_str);
724  Addr_str = strdup(buf);
725  ok = true;
726  }
727  break;
728  case AF_INET6:
729  if (inet_ntop(AF_INET6, &(((sockaddr_in6*)&sa)->sin6_addr), buf, INET6_ADDRSTRLEN)) {
730  if (Addr_str) free(Addr_str);
731  Addr_str = (char *)malloc(strlen(buf)+3);
732  strcpy(Addr_str, "[");
733  strcat(Addr_str, buf);
734  strcat(Addr_str, "]");
735  ok = true;
736  }
737  break;
738  default:
739  TRACEI(REQ, " Can't recognize the address family of the local host.");
740  }
741 
742  if (ok) {
743  dest += Addr_str;
744  dest += ":";
745  dest += Port_str;
746  dest += CurrentReq.resource.c_str();
747  TRACEI(REQ," rc:"<<rc<<" self-redirecting to http with security token: '"
748  << dest.c_str() << "'");
749 
750 
751  CurrentReq.appendOpaque(dest, &SecEntity, hash, timenow);
752  SendSimpleResp(302, NULL, (char *) dest.c_str(), 0, 0, true);
753  CurrentReq.reset();
754  return -1;
755  }
756 
757  TRACEI(REQ, " rc:" << rc << " Can't perform self-redirection.");
758 
759  }
760  else {
761  TRACEI(ALL, " Could not calculate self-redirection hash");
762  }
763  }
764 
765  // If this is not https, then extract the signed information from the url
766  // and fill the SecEntity structure as if we were using https
767  if (!ishttps && !ssldone) {
768 
769 
770  if (CurrentReq.opaque) {
771  char * tk = CurrentReq.opaque->Get("xrdhttptk");
772  // If there is a hash then we use it as authn info
773  if (tk) {
774 
775  time_t tim = 0;
776  char * t = CurrentReq.opaque->Get("xrdhttptime");
777  if (t) tim = atoi(t);
778  if (!t) {
779  TRACEI(REQ, " xrdhttptime not specified. Authentication failed.");
780  return -1;
781  }
782  if (abs(time(0) - tim) > XRHTTP_TK_GRACETIME) {
783  TRACEI(REQ, " Token expired. Authentication failed.");
784  return -1;
785  }
786 
787  // Fill the Secentity from the fields in the URL:name, vo, host
788  char *nfo;
789 
790  nfo = CurrentReq.opaque->Get("xrdhttpvorg");
791  if (nfo) {
792  TRACEI(DEBUG, " Setting vorg: " << nfo);
793  SecEntity.vorg = strdup(nfo);
794  TRACEI(REQ, " Setting vorg: " << SecEntity.vorg);
795  }
796 
797  nfo = CurrentReq.opaque->Get("xrdhttpname");
798  if (nfo) {
799  TRACEI(DEBUG, " Setting name: " << nfo);
800  SecEntity.name = unquote(nfo);
801  TRACEI(REQ, " Setting name: " << SecEntity.name);
802  }
803 
804  nfo = CurrentReq.opaque->Get("xrdhttphost");
805  if (nfo) {
806  TRACEI(DEBUG, " Setting host: " << nfo);
807  if (SecEntity.host) free(SecEntity.host);
808  SecEntity.host = unquote(nfo);
809  TRACEI(REQ, " Setting host: " << SecEntity.host);
810  }
811 
812  nfo = CurrentReq.opaque->Get("xrdhttpdn");
813  if (nfo) {
814  TRACEI(DEBUG, " Setting dn: " << nfo);
815  SecEntity.moninfo = unquote(nfo);
816  TRACEI(REQ, " Setting dn: " << SecEntity.moninfo);
817  }
818 
819  nfo = CurrentReq.opaque->Get("xrdhttprole");
820  if (nfo) {
821  TRACEI(DEBUG, " Setting role: " << nfo);
822  SecEntity.role = unquote(nfo);
823  TRACEI(REQ, " Setting role: " << SecEntity.role);
824  }
825 
826  nfo = CurrentReq.opaque->Get("xrdhttpgrps");
827  if (nfo) {
828  TRACEI(DEBUG, " Setting grps: " << nfo);
829  SecEntity.grps = unquote(nfo);
830  TRACEI(REQ, " Setting grps: " << SecEntity.grps);
831  }
832 
833  nfo = CurrentReq.opaque->Get("xrdhttpendorsements");
834  if (nfo) {
835  TRACEI(DEBUG, " Setting endorsements: " << nfo);
837  TRACEI(REQ, " Setting endorsements: " << SecEntity.endorsements);
838  }
839 
840  nfo = CurrentReq.opaque->Get("xrdhttpcredslen");
841  if (nfo) {
842  TRACEI(DEBUG, " Setting credslen: " << nfo);
843  char *s1 = unquote(nfo);
844  if (s1 && s1[0]) {
845  SecEntity.credslen = atoi(s1);
846  TRACEI(REQ, " Setting credslen: " << SecEntity.credslen);
847  }
848  if (s1) free(s1);
849  }
850 
851  if (SecEntity.credslen) {
852  nfo = CurrentReq.opaque->Get("xrdhttpcreds");
853  if (nfo) {
854  TRACEI(DEBUG, " Setting creds: " << nfo);
855  SecEntity.creds = unquote(nfo);
856  TRACEI(REQ, " Setting creds: " << SecEntity.creds);
857  }
858  }
859 
860  char hash[512];
861 
863  &SecEntity,
864  tim,
865  secretkey);
866 
867  if (compareHash(hash, tk)) {
868  TRACEI(REQ, " Invalid tk '" << tk << "' != '" << hash << "'(calculated). Authentication failed.");
869  return -1;
870  }
871 
872  } else {
873  // Client is plain http. If we have a secret key then we reject it
874  if (secretkey) {
875  TRACEI(ALL, " Rejecting plain http with no valid token as we have a secretkey.");
876  return -1;
877  }
878  }
879 
880  } else {
881  // Client is plain http. If we have a secret key then we reject it
882  if (secretkey) {
883  TRACEI(ALL, " Rejecting plain http with no valid token as we have a secretkey.");
884  return -1;
885  }
886  }
887 
888  ssldone = true;
889  }
890 
891 
892 
893  // Now we have everything that is needed to try the login
894  // Remember that if there is an exthandler then it has the responsibility
895  // for authorization in the paths that it manages
896  if (!Bridge && !FindMatchingExtHandler(CurrentReq)) {
897  if (SecEntity.name)
898  Bridge = XrdXrootd::Bridge::Login(&CurrentReq, Link, &SecEntity, SecEntity.name, ishttps ? "https" : "http");
899  else
900  Bridge = XrdXrootd::Bridge::Login(&CurrentReq, Link, &SecEntity, "unknown", ishttps ? "https" : "http");
901 
902  if (!Bridge) {
903  TRACEI(REQ, " Authorization failed.");
904  return -1;
905  }
906 
907  // Let the bridge process the login, and then reinvoke us
908  DoingLogin = true;
909  return 0;
910  }
911 
912  // Compute and send the response. This may involve further reading from the socket
913  rc = CurrentReq.ProcessHTTPReq();
914  if (rc < 0)
915  CurrentReq.reset();
916 
917 
918 
919  TRACEI(REQ, "Process is exiting rc:" << rc);
920  return rc;
921 }
struct ClientSetRequest set
Definition: XProtocol.hh:871
@ kXR_set
Definition: XProtocol.hh:130
kXR_unt16 requestid
Definition: XProtocol.hh:719
kXR_int32 dlen
Definition: XProtocol.hh:722
kXR_char modifier
Definition: XProtocol.hh:721
kXR_char reserved[15]
Definition: XProtocol.hh:720
short kXR_int16
Definition: XPtypes.hh:66
#define XRHTTP_TK_GRACETIME
#define TRACE_AUTH
Definition: XrdHttpTrace.hh:48
int compareHash(const char *h1, const char *h2)
char * unquote(char *str)
void calcHashes(char *hash, const char *fn, kXR_int16 request, XrdSecEntity *secent, time_t tim, const char *key)
std::string obfuscateAuth(const std::string &input)
#define TRACE_DEBUG
Definition: XrdTrace.hh:36
#define TRACE(act, x)
Definition: XrdTrace.hh:63
#define TRACING(x)
Definition: XrdTrace.hh:70
int bsize
Definition: XrdBuffer.hh:46
static char * secretkey
The key used to calculate the url hashes.
static bool selfhttps2http
If client is HTTPS, self-redirect with HTTP+token.
static char * sslcadir
int reqstate
State machine to talk to the bridge.
Definition: XrdHttpReq.hh:331
XrdOucString resource
The resource specified by the request, stripped of opaque data.
Definition: XrdHttpReq.hh:249
bool headerok
Tells if we have finished reading the header.
Definition: XrdHttpReq.hh:257
ReqType request
The request we got.
Definition: XrdHttpReq.hh:241
int ProcessHTTPReq()
Definition: XrdHttpReq.cc:939
XrdOucEnv * opaque
The opaque data, after parsing.
Definition: XrdHttpReq.hh:251
int parseFirstLine(char *line, int len)
Parse the first line of the header.
Definition: XrdHttpReq.cc:261
int parseLine(char *line, int len)
Parse the header.
Definition: XrdHttpReq.cc:116
void appendOpaque(XrdOucString &s, XrdSecEntity *secent, char *hash, time_t tnow)
Definition: XrdHttpReq.cc:637
const std::string & userAgent() const
Definition: XrdHttpReq.hh:215
virtual void reset()
Definition: XrdHttpReq.cc:2815
virtual int InitSSL(SSL *, char *)
char * Get(const char *varname)
Definition: XrdOucEnv.hh:69
char * vorg
Entity's virtual organization(s)
Definition: XrdSecEntity.hh:71
int credslen
Length of the 'creds' data.
Definition: XrdSecEntity.hh:78
char prot[XrdSecPROTOIDSIZE]
Auth protocol used (e.g. krb5)
Definition: XrdSecEntity.hh:67
char * creds
Raw entity credentials or cert.
Definition: XrdSecEntity.hh:77
char * grps
Entity's group name(s)
Definition: XrdSecEntity.hh:73
char * name
Entity's name.
Definition: XrdSecEntity.hh:69
char * role
Entity's role(s)
Definition: XrdSecEntity.hh:72
char * endorsements
Protocol specific endorsements.
Definition: XrdSecEntity.hh:75
void Display(XrdSysError &mDest)
Definition: XrdSecEntity.cc:58
char * moninfo
Information for monitoring.
Definition: XrdSecEntity.hh:76
char * host
Entity's host name dnr dependent.
Definition: XrdSecEntity.hh:70
bool SetTlsClientAuth(ClientAuthSetting setting)
void * Session()
static Bridge * Login(Result *rsltP, XrdLink *linkP, XrdSecEntity *seceP, const char *nameP, const char *protP)
XrdTlsContext::ClientAuthSetting tlsClientAuth

References Addr_str, XrdLink::AddrInfo(), XrdHttpReq::appendOpaque(), Bridge, XrdBuffer::bsize, XrdBuffer::buff, XrdOucString::c_str(), calcHashes(), compareHash(), XrdSecEntity::creds, XrdSecEntity::credslen, CurrentReq, DEBUG, XrdSecEntity::Display(), ClientSetRequest::dlen, eDest, XrdSecEntity::endorsements, XrdLink::FDnum(), XrdOucEnv::Get(), XrdSecEntity::grps, XrdHttpReq::headerok, XrdSecEntity::host, XrdHttpSecXtractor::InitSSL(), kXR_set, XrdOucString::length(), Link, XrdXrootd::Bridge::Login(), ClientSetRequest::modifier, XrdSecEntity::moninfo, XrdSecEntity::name, obfuscateAuth(), XrdHttpReq::opaque, XrdHttpReq::parseFirstLine(), XrdHttpReq::parseLine(), Port_str, XrdHttpReq::ProcessHTTPReq(), XrdSecEntity::prot, XrdHttpReq::reqstate, XrdHttpReq::request, ClientSetRequest::requestid, ClientSetRequest::reserved, XrdHttpReq::reset(), XrdHttpReq::resource, XrdSecEntity::role, XrdHttpReq::rtGET, XrdHttpReq::rtPROPFIND, XrdHttpReq::rtPUT, XrdHttpReq::rtUnset, XrdXrootd::Bridge::Run(), SecEntity, secretkey, selfhttps2http, XrdTlsContext::Session(), ClientRequest::set, XrdTlsContext::SetTlsClientAuth(), XrdNetAddrInfo::SockFD(), sslcadir, XrdHttpProtoInfo::tlsClientAuth, TRACE, TRACE_AUTH, TRACE_DEBUG, TRACEI, TRACING, unquote(), XrdHttpReq::userAgent(), XrdSecEntity::vorg, XrdHttpProtoInfo::xrdctx, XrdHttpReq::xrdreq, and XRHTTP_TK_GRACETIME.

+ Here is the call graph for this function:

◆ Recycle()

void XrdHttpProtocol::Recycle ( XrdLink lp,
int  consec,
const char *  reason 
)
virtual

Recycle this instance.

Implements XrdProtocol.

Definition at line 929 of file XrdHttpProtocol.cc.

929  {
930 
931  // Release all appendages
932  //
933 
934  Cleanup();
935 
936 
937  // Set fields to starting point (debugging mostly)
938  //
939  Reset();
940 
941  // Push ourselves on the stack
942  //
944 }
void Push(XrdObject< T > *Node)
Definition: XrdObject.hh:101

References ProtLink, ProtStack, and XrdObjectQ< T >::Push().

+ Here is the call graph for this function:

◆ Stats()

int XrdHttpProtocol::Stats ( char *  buff,
int  blen,
int  do_sync = 0 
)
virtual

Get activity stats.

Implements XrdProtocol.

Definition at line 946 of file XrdHttpProtocol.cc.

946  {
947  // Synchronize statistics if need be
948  //
949  // if (do_sync) {
950  //
951  // SI->statsMutex.Lock();
952  // SI->readCnt += numReads;
953  // cumReads += numReads;
954  // numReads = 0;
955  // SI->prerCnt += numReadP;
956  // cumReadP += numReadP;
957  // numReadP = 0;
958  // SI->rvecCnt += numReadV;
959  // cumReadV += numReadV;
960  // numReadV = 0;
961  // SI->rsegCnt += numSegsV;
962  // cumSegsV += numSegsV;
963  // numSegsV = 0;
964  // SI->writeCnt += numWrites;
965  // cumWrites += numWrites;
966  // numWrites = 0;
967  // SI->statsMutex.UnLock();
968  // }
969  //
970  // // Now return the statistics
971  // //
972  // return SI->Stats(buff, blen, do_sync);
973 
974  return 0;
975 }

Friends And Related Function Documentation

◆ XrdHttpExtReq

friend class XrdHttpExtReq
friend

Definition at line 83 of file XrdHttpProtocol.hh.

◆ XrdHttpReq

friend class XrdHttpReq
friend

Definition at line 82 of file XrdHttpProtocol.hh.

Member Data Documentation

◆ Addr_str

char* XrdHttpProtocol::Addr_str
protected

Our IP address, as a string. Please remember that this may not be unique for a given machine, hence we need to keep it here and recompute ad every new connection.

Definition at line 365 of file XrdHttpProtocol.hh.

Referenced by XrdHttpProtocol(), and Process().

◆ BPool

XrdBuffManager * XrdHttpProtocol::BPool = 0
staticprotected

Definition at line 356 of file XrdHttpProtocol.hh.

Referenced by Configure(), and Match().

◆ Bridge

XrdXrootd::Bridge* XrdHttpProtocol::Bridge
protected

The Bridge that we use to exercise the xrootd internals.

Definition at line 371 of file XrdHttpProtocol.hh.

Referenced by doChksum(), doStat(), Process(), and XrdHttpReq::ProcessHTTPReq().

◆ CIA

XrdSecService * XrdHttpProtocol::CIA = 0
staticprotected

Definition at line 358 of file XrdHttpProtocol.hh.

◆ cksumHandler

XrdHttpChecksumHandler XrdHttpProtocol::cksumHandler = XrdHttpChecksumHandler()
static

Definition at line 136 of file XrdHttpProtocol.hh.

Referenced by XrdHttpReq::ProcessHTTPReq().

◆ compatNameGeneration

bool XrdHttpProtocol::compatNameGeneration = false
staticprotected

Definition at line 404 of file XrdHttpProtocol.hh.

◆ crlRefIntervalSec

int XrdHttpProtocol::crlRefIntervalSec = XrdTlsContext::DEFAULT_CRL_REF_INT_SEC
staticprotected

CRL thread refresh interval.

Definition at line 399 of file XrdHttpProtocol.hh.

◆ CurrentReq

XrdHttpReq XrdHttpProtocol::CurrentReq
protected

Area for coordinating request and responses to/from the bridge This also can process HTTP/DAV stuff

Definition at line 376 of file XrdHttpProtocol.hh.

Referenced by doChksum(), doStat(), and Process().

◆ eDest

XrdSysError XrdHttpProtocol::eDest = 0
staticprotected

Definition at line 357 of file XrdHttpProtocol.hh.

Referenced by Configure(), and Process().

◆ embeddedstatic

bool XrdHttpProtocol::embeddedstatic = true
staticprotected

If true, use the embedded css and icons.

Definition at line 425 of file XrdHttpProtocol.hh.

Referenced by XrdHttpReq::ProcessHTTPReq().

◆ gridmap

char * XrdHttpProtocol::gridmap = 0
staticprotected

Gridmap file location. The same used by XrdSecGsi.

Definition at line 402 of file XrdHttpProtocol.hh.

◆ hailWait

int XrdHttpProtocol::hailWait = 60000
staticprotected

Timeout for reading the handshake.

Definition at line 384 of file XrdHttpProtocol.hh.

Referenced by Match().

◆ hdr2cgimap

std::map< std::string, std::string > XrdHttpProtocol::hdr2cgimap
staticprotected

Rules that turn HTTP headers to cgi tokens in the URL, for internal comsumption.

Definition at line 441 of file XrdHttpProtocol.hh.

Referenced by XrdHttpReq::parseLine().

◆ isdesthttps

bool XrdHttpProtocol::isdesthttps = false
staticprotected

True if the redirections must be towards https targets.

Definition at line 413 of file XrdHttpProtocol.hh.

Referenced by XrdHttpReq::Redir().

◆ isRequiredGridmap

bool XrdHttpProtocol::isRequiredGridmap = false
staticprotected

Definition at line 403 of file XrdHttpProtocol.hh.

◆ Link

XrdLink* XrdHttpProtocol::Link
protected

The link we are bound to.

Definition at line 361 of file XrdHttpProtocol.hh.

Referenced by XrdHttpExtReq::GetClientID(), Match(), and Process().

◆ listdeny

bool XrdHttpProtocol::listdeny = false
staticprotected

If true, any form of listing is denied.

Definition at line 419 of file XrdHttpProtocol.hh.

Referenced by XrdHttpReq::ProcessHTTPReq().

◆ listredir

char * XrdHttpProtocol::listredir = 0
staticprotected

Url to redirect to in the case a listing is requested.

Definition at line 416 of file XrdHttpProtocol.hh.

Referenced by XrdHttpReq::ProcessHTTPReq().

◆ m_bio_method

BIO_METHOD * XrdHttpProtocol::m_bio_method = NULL
staticprotected

C-style vptr table for our custom BIO objects.

Definition at line 447 of file XrdHttpProtocol.hh.

◆ m_bio_type

int XrdHttpProtocol::m_bio_type = 0
staticprotected

Type identifier for our custom BIO objects.

Definition at line 444 of file XrdHttpProtocol.hh.

◆ m_staticheader_map

std::unordered_map<std::string, std::vector<std::pair<std::string, std::string> > > XrdHttpProtocol::m_staticheader_map
staticprotected

The static headers to always return; map is from verb to a list of (header, val) pairs.

Definition at line 459 of file XrdHttpProtocol.hh.

◆ m_staticheaders

std::unordered_map<std::string, std::string> XrdHttpProtocol::m_staticheaders
staticprotected

The static string version of m_staticheader_map. After config parsing is done, this is computed and we won't need to reference m_staticheader_map in the response path.

Definition at line 463 of file XrdHttpProtocol.hh.

◆ myRole

kXR_int32 XrdHttpProtocol::myRole = kXR_isManager
staticprotected

Our role.

Definition at line 438 of file XrdHttpProtocol.hh.

Referenced by Configure(), and XrdHttpReq::ProcessHTTPReq().

◆ pmarkHandle

XrdNetPMark * XrdHttpProtocol::pmarkHandle = nullptr
staticprotected

Packet marking handler pointer (assigned from the environment during the Config() call)

Definition at line 453 of file XrdHttpProtocol.hh.

Referenced by XrdHttpExtReq::XrdHttpExtReq(), and XrdHttpReq::parseLine().

◆ Port

int XrdHttpProtocol::Port = 1094
staticprotected

Our port.

Definition at line 390 of file XrdHttpProtocol.hh.

Referenced by Configure().

◆ Port_str

char * XrdHttpProtocol::Port_str = 0
staticprotected

Our port, as a string.

Definition at line 393 of file XrdHttpProtocol.hh.

Referenced by Configure(), and Process().

◆ ProtLink

XrdObject<XrdHttpProtocol> XrdHttpProtocol::ProtLink

Definition at line 129 of file XrdHttpProtocol.hh.

Referenced by Recycle().

◆ ProtStack

XrdObjectQ< XrdHttpProtocol > XrdHttpProtocol::ProtStack
static

Definition at line 128 of file XrdHttpProtocol.hh.

Referenced by Configure(), Match(), and Recycle().

◆ ReadRangeConfig

XrdHttpReadRangeHandler::Configuration XrdHttpProtocol::ReadRangeConfig
static

configuration for the read range handler

Definition at line 139 of file XrdHttpProtocol.hh.

◆ readWait

int XrdHttpProtocol::readWait = 300000
staticprotected

Timeout for reading data.

Definition at line 387 of file XrdHttpProtocol.hh.

◆ Sched

XrdScheduler * XrdHttpProtocol::Sched = 0
staticprotected

Definition at line 355 of file XrdHttpProtocol.hh.

Referenced by Configure().

◆ SecEntity

XrdSecEntity XrdHttpProtocol::SecEntity

Authentication area.

Definition at line 133 of file XrdHttpProtocol.hh.

Referenced by XrdHttpExtReq::XrdHttpExtReq(), XrdHttpExtReq::GetSecEntity(), Match(), Process(), and XrdHttpReq::Redir().

◆ secretkey

char * XrdHttpProtocol::secretkey = 0
staticprotected

The key used to calculate the url hashes.

Definition at line 407 of file XrdHttpProtocol.hh.

Referenced by Process(), and XrdHttpReq::Redir().

◆ selfhttps2http

bool XrdHttpProtocol::selfhttps2http = false
staticprotected

If client is HTTPS, self-redirect with HTTP+token.

Definition at line 422 of file XrdHttpProtocol.hh.

Referenced by Process().

◆ servGMap

XrdOucGMap * XrdHttpProtocol::servGMap = 0
staticprotected

The instance of the DN mapper. Created only when a valid path is given.

Definition at line 368 of file XrdHttpProtocol.hh.

◆ sslcadir

char * XrdHttpProtocol::sslcadir = 0
staticprotected

Definition at line 396 of file XrdHttpProtocol.hh.

Referenced by Process().

◆ sslcafile

char * XrdHttpProtocol::sslcafile = 0
staticprotected

Definition at line 396 of file XrdHttpProtocol.hh.

◆ sslcert

char * XrdHttpProtocol::sslcert = 0
staticprotected

OpenSSL stuff.

Definition at line 396 of file XrdHttpProtocol.hh.

◆ sslcipherfilter

char * XrdHttpProtocol::sslcipherfilter = 0
staticprotected

Definition at line 396 of file XrdHttpProtocol.hh.

◆ sslkey

char * XrdHttpProtocol::sslkey = 0
staticprotected

Definition at line 396 of file XrdHttpProtocol.hh.

◆ sslverifydepth

int XrdHttpProtocol::sslverifydepth = 9
staticprotected

Depth of verification of a certificate chain.

Definition at line 410 of file XrdHttpProtocol.hh.

◆ staticpreload

XrdOucHash< XrdHttpProtocol::StaticPreloadInfo > * XrdHttpProtocol::staticpreload = 0
staticprotected

Definition at line 435 of file XrdHttpProtocol.hh.

Referenced by XrdHttpReq::ProcessHTTPReq().

◆ staticredir

char * XrdHttpProtocol::staticredir = 0
staticprotected

Definition at line 428 of file XrdHttpProtocol.hh.

Referenced by XrdHttpReq::ProcessHTTPReq().

◆ tpcForwardCreds

bool XrdHttpProtocol::tpcForwardCreds = false
staticprotected

If set to true, the HTTP TPC transfers will forward the credentials to redirected hosts.

Definition at line 456 of file XrdHttpProtocol.hh.

Referenced by XrdHttpExtReq::XrdHttpExtReq().

◆ xrd_cslist

char * XrdHttpProtocol::xrd_cslist = nullptr
staticprotected

The list of checksums that were configured via the xrd.cksum parameter on the server config file.

Definition at line 450 of file XrdHttpProtocol.hh.

Referenced by Configure().


The documentation for this class was generated from the following files: