XRootD
Loading...
Searching...
No Matches
Classes | Public Member Functions | Static Public Member Functions | Public Attributes | Static Public Attributes | Protected Attributes | Static Protected Attributes | Friends | List of all members
XrdHttpProtocol Class Reference

#include <XrdHttpProtocol.hh>

+ Inheritance diagram for XrdHttpProtocol:
+ Collaboration diagram for XrdHttpProtocol:

Classes

struct  StaticPreloadInfo
 

Public Member Functions

 XrdHttpProtocol (bool imhttps)
 
 XrdHttpProtocol (const XrdHttpProtocol &)=default
 Ctor, dtors and copy ctor.
 
 ~XrdHttpProtocol ()
 
int doChksum (const XrdOucString &fname)
 Perform a checksum request.
 
void DoIt ()
 Override from the base class.
 
int doStat (char *fname)
 Perform a Stat request.
 
bool isHTTPS ()
 called via https
 
XrdProtocolMatch (XrdLink *lp)
 Tells if the oustanding bytes on the socket match this protocol implementation.
 
XrdHttpProtocol operator= (const XrdHttpProtocol &rhs)
 
int Process (XrdLink *lp)
 Process data incoming from the socket.
 
void Recycle (XrdLink *lp, int consec, const char *reason)
 Recycle this instance.
 
int Stats (char *buff, int blen, int do_sync=0)
 Get activity stats.
 
- Public Member Functions inherited from XrdProtocol
 XrdProtocol (const char *jname)
 
virtual ~XrdProtocol ()
 
- Public Member Functions inherited from XrdJob
 XrdJob (const char *desc="")
 
virtual ~XrdJob ()
 

Static Public Member Functions

static int Configure (char *parms, XrdProtocol_Config *pi)
 Read and apply the configuration.
 
static int parseHeader2CGI (XrdOucStream &Config, XrdSysError &err, std::map< std::string, std::string > &header2cgi)
 Use this function to parse header2cgi configurations.
 

Public Attributes

XrdObject< XrdHttpProtocolProtLink
 
XrdSecEntity SecEntity
 Authentication area.
 
- Public Attributes inherited from XrdJob
const char * Comment
 
XrdJobNextJob
 

Static Public Attributes

static XrdHttpChecksumHandler cksumHandler = XrdHttpChecksumHandler()
 
static XrdObjectQ< XrdHttpProtocolProtStack
 
static XrdHttpReadRangeHandler::Configuration ReadRangeConfig
 configuration for the read range handler
 

Protected Attributes

char * Addr_str
 
XrdXrootd::BridgeBridge
 The Bridge that we use to exercise the xrootd internals.
 
XrdHttpReq CurrentReq
 
XrdLinkLink
 The link we are bound to.
 

Static Protected Attributes

static XrdBuffManagerBPool = 0
 
static XrdSecServiceCIA = 0
 
static bool compatNameGeneration = false
 
static int crlRefIntervalSec = XrdTlsContext::DEFAULT_CRL_REF_INT_SEC
 CRL thread refresh interval.
 
static XrdSysError eDest = 0
 
static bool embeddedstatic = true
 If true, use the embedded css and icons.
 
static char * gridmap = 0
 Gridmap file location. The same used by XrdSecGsi.
 
static int hailWait = 60000
 Timeout for reading the handshake.
 
static std::map< std::string, std::string > hdr2cgimap
 Rules that turn HTTP headers to cgi tokens in the URL, for internal comsumption.
 
static bool isdesthttps = false
 True if the redirections must be towards https targets.
 
static bool isRequiredGridmap = false
 
static bool listdeny = false
 If true, any form of listing is denied.
 
static char * listredir = 0
 Url to redirect to in the case a listing is requested.
 
static BIO_METHOD * m_bio_method = NULL
 C-style vptr table for our custom BIO objects.
 
static int m_bio_type = 0
 Type identifier for our custom BIO objects.
 
static int m_maxdelay = -1
 
static std::unordered_map< std::string, std::vector< std::pair< std::string, std::string > > > m_staticheader_map
 The static headers to always return; map is from verb to a list of (header, val) pairs.
 
static std::unordered_map< std::string, std::string > m_staticheaders
 
static kXR_int32 myRole = kXR_isManager
 Our role.
 
static XrdNetPMarkpmarkHandle = nullptr
 Packet marking handler pointer (assigned from the environment during the Config() call)
 
static int Port = 1094
 Our port.
 
static char * Port_str = 0
 Our port, as a string.
 
static int readWait = 300000
 Timeout for reading data.
 
static XrdSchedulerSched = 0
 
static char * secretkey = 0
 The key used to calculate the url hashes.
 
static bool selfhttps2http = false
 If client is HTTPS, self-redirect with HTTP+token.
 
static XrdOucGMapservGMap = 0
 The instance of the DN mapper. Created only when a valid path is given.
 
static char * sslcadir = 0
 
static char * sslcafile = 0
 
static char * sslcert = 0
 OpenSSL stuff.
 
static char * sslcipherfilter = 0
 
static char * sslkey = 0
 
static int sslverifydepth = 9
 Depth of verification of a certificate chain.
 
static XrdOucHash< StaticPreloadInfo > * staticpreload = 0
 
static char * staticredir = 0
 
static bool tpcForwardCreds = false
 If set to true, the HTTP TPC transfers will forward the credentials to redirected hosts.
 
static char * xrd_cslist = nullptr
 The list of checksums that were configured via the xrd.cksum parameter on the server config file.
 
static XrdHttpCorsxrdcors = nullptr
 
static std::string xrdcorsLibPath
 

Friends

class XrdHttpExtReq
 
class XrdHttpReq
 

Detailed Description

Definition at line 81 of file XrdHttpProtocol.hh.

Class Documentation

◆ XrdHttpProtocol::StaticPreloadInfo

struct XrdHttpProtocol::StaticPreloadInfo

Definition at line 441 of file XrdHttpProtocol.hh.

+ Collaboration diagram for XrdHttpProtocol::StaticPreloadInfo:
Class Members
char * data
int len

Constructor & Destructor Documentation

◆ XrdHttpProtocol() [1/2]

XrdHttpProtocol::XrdHttpProtocol ( const XrdHttpProtocol )
default

Ctor, dtors and copy ctor.

◆ XrdHttpProtocol() [2/2]

XrdHttpProtocol::XrdHttpProtocol ( bool  imhttps)

Definition at line 203 of file XrdHttpProtocol.cc.

204: XrdProtocol("HTTP protocol handler"), ProtLink(this),
205SecEntity(""), CurrentReq(this, ReadRangeConfig) {
206 myBuff = 0;
207 Addr_str = 0;
208 Reset();
209 ishttps = imhttps;
210
211}
XrdHttpProtocol::ProtLink
XrdObject< XrdHttpProtocol > ProtLink
Definition XrdHttpProtocol.hh:130
XrdHttpProtocol::ReadRangeConfig
static XrdHttpReadRangeHandler::Configuration ReadRangeConfig
configuration for the read range handler
Definition XrdHttpProtocol.hh:140
XrdHttpProtocol::SecEntity
XrdSecEntity SecEntity
Authentication area.
Definition XrdHttpProtocol.hh:134

References Addr_str.

◆ ~XrdHttpProtocol()

XrdHttpProtocol::~XrdHttpProtocol ( )
inline

Definition at line 125 of file XrdHttpProtocol.hh.

125 {
126 Cleanup();
127 }

Member Function Documentation

◆ Configure()

int XrdHttpProtocol::Configure ( char *  parms,
XrdProtocol_Config pi 
)
static

Read and apply the configuration.

Definition at line 1752 of file XrdHttpProtocol.cc.

1752 {
1753 /*
1754 Function: Establish configuration at load time.
1755
1756 Input: None.
1757
1758 Output: 0 upon success or !0 otherwise.
1759 */
1760
1761 char *rdf;
1762
1763 // Copy out the special info we want to use at top level
1764 //
1765 eDest.logger(pi->eDest->logger());
1766 XrdHttpTrace.SetLogger(pi->eDest->logger());
1767 // SI = new XrdXrootdStats(pi->Stats);
1768 Sched = pi->Sched;
1769 BPool = pi->BPool;
1770 xrd_cslist = getenv("XRD_CSLIST");
1771
1772 Port = pi->Port;
1773
1774 // Copy out the current TLS context
1775 //
1776 xrdctx = pi->tlsCtx;
1777
1778 {
1779 char buf[16];
1780 sprintf(buf, "%d", Port);
1781 Port_str = strdup(buf);
1782 }
1783
1784 // Now process and configuration parameters
1785 //
1786 rdf = (parms && *parms ? parms : pi->ConfigFN);
1787 if (rdf && Config(rdf, pi->theEnv)) return 0;
1788 if (pi->DebugON) XrdHttpTrace.What = TRACE_ALL;
1789
1790 // Set the redirect flag if we are a pure redirector
1791 myRole = kXR_isServer;
1792 if ((rdf = getenv("XRDROLE"))) {
1793 eDest.Emsg("Config", "XRDROLE: ", rdf);
1794
1795 if (!strcasecmp(rdf, "manager") || !strcasecmp(rdf, "supervisor")) {
1796 myRole = kXR_isManager;
1797 eDest.Emsg("Config", "Configured as HTTP(s) redirector.");
1798 } else {
1799
1800 eDest.Emsg("Config", "Configured as HTTP(s) data server.");
1801 }
1802
1803 } else {
1804 eDest.Emsg("Config", "No XRDROLE specified.");
1805 }
1806
1807 // Schedule protocol object cleanup
1808 //
1809 ProtStack.Set(pi->Sched, &XrdHttpTrace,
1810 (XrdHttpTrace.What & TRACE_MEM ? TRACE_MEM : 0));
1811 ProtStack.Set((pi->ConnMax / 3 ? pi->ConnMax / 3 : 30), 60 * 60);
1812
1813 // Return success
1814 //
1815
1816 return 1;
1817}
kXR_isManager
#define kXR_isManager
Definition XProtocol.hh:1156
kXR_isServer
#define kXR_isServer
Definition XProtocol.hh:1157
XrdHttpTrace
XrdSysTrace XrdHttpTrace("http")
TRACE_MEM
#define TRACE_MEM
Definition XrdTrace.hh:38
TRACE_ALL
#define TRACE_ALL
Definition XrdTrace.hh:35
XrdHttpProtocol::Sched
static XrdScheduler * Sched
Definition XrdHttpProtocol.hh:359
XrdHttpProtocol::myRole
static kXR_int32 myRole
Our role.
Definition XrdHttpProtocol.hh:448
XrdHttpProtocol::Port_str
static char * Port_str
Our port, as a string.
Definition XrdHttpProtocol.hh:399
XrdHttpProtocol::eDest
static XrdSysError eDest
Definition XrdHttpProtocol.hh:361
XrdHttpProtocol::xrd_cslist
static char * xrd_cslist
The list of checksums that were configured via the xrd.cksum parameter on the server config file.
Definition XrdHttpProtocol.hh:460
XrdHttpProtocol::ProtStack
static XrdObjectQ< XrdHttpProtocol > ProtStack
Definition XrdHttpProtocol.hh:129
XrdHttpProtocol::Port
static int Port
Our port.
Definition XrdHttpProtocol.hh:396
XrdHttpProtocol::BPool
static XrdBuffManager * BPool
Definition XrdHttpProtocol.hh:360
XrdObjectQ::Set
void Set(int inQMax, time_t agemax=1800)
Definition XrdObject.icc:90
XrdProtocol_Config::BPool
XrdBuffManager * BPool
Definition XrdProtocol.hh:63
XrdProtocol_Config::Sched
XrdScheduler * Sched
Definition XrdProtocol.hh:64
XrdProtocol_Config::Port
int Port
Definition XrdProtocol.hh:73
XrdProtocol_Config::tlsCtx
XrdTlsContext * tlsCtx
Definition XrdProtocol.hh:99
XrdProtocol_Config::ConnMax
int ConnMax
Definition XrdProtocol.hh:90
XrdProtocol_Config::eDest
XrdSysError * eDest
Definition XrdProtocol.hh:61
XrdProtocol_Config::theEnv
XrdOucEnv * theEnv
Definition XrdProtocol.hh:66
XrdProtocol_Config::ConfigFN
char * ConfigFN
Definition XrdProtocol.hh:71
XrdProtocol_Config::DebugON
char DebugON
Definition XrdProtocol.hh:95
XrdSysError::Emsg
int Emsg(const char *esfx, int ecode, const char *text1, const char *text2=0)
Definition XrdSysError.cc:95
XrdSysError::logger
XrdSysLogger * logger(XrdSysLogger *lp=0)
Definition XrdSysError.hh:141
XrdSysTrace::SetLogger
void SetLogger(XrdSysLogger *logp)
Definition XrdSysTrace.cc:65
XrdHttpProtoInfo::xrdctx
XrdTlsContext * xrdctx
Definition XrdHttpProtocol.cc:139

References XrdProtocol_Config::BPool, BPool, XrdProtocol_Config::ConfigFN, XrdProtocol_Config::ConnMax, XrdProtocol_Config::DebugON, XrdProtocol_Config::eDest, eDest, XrdSysError::Emsg(), kXR_isManager, kXR_isServer, XrdSysError::logger(), myRole, XrdProtocol_Config::Port, Port, Port_str, ProtStack, XrdProtocol_Config::Sched, Sched, XrdObjectQ< T >::Set(), XrdSysTrace::SetLogger(), XrdProtocol_Config::theEnv, XrdProtocol_Config::tlsCtx, TRACE_ALL, TRACE_MEM, XrdSysTrace::What, xrd_cslist, XrdHttpProtoInfo::xrdctx, and XrdHttpTrace.

Referenced by XrdgetProtocol().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ doChksum()

int XrdHttpProtocol::doChksum ( const XrdOucString fname)

Perform a checksum request.

Definition at line 3124 of file XrdHttpProtocol.cc.

3124 {
3125 size_t length;
3126 memset(&CurrentReq.xrdreq, 0, sizeof (ClientRequest));
3127 CurrentReq.xrdreq.query.requestid = htons(kXR_query);
3128 CurrentReq.xrdreq.query.infotype = htons(kXR_Qcksum);
3129 memset(CurrentReq.xrdreq.query.reserved1, '\0', sizeof(CurrentReq.xrdreq.query.reserved1));
3130 memset(CurrentReq.xrdreq.query.fhandle, '\0', sizeof(CurrentReq.xrdreq.query.fhandle));
3131 memset(CurrentReq.xrdreq.query.reserved2, '\0', sizeof(CurrentReq.xrdreq.query.reserved2));
3132 length = fname.length() + 1;
3133 CurrentReq.xrdreq.query.dlen = htonl(length);
3134
3135 if (!Bridge) return -1;
3136
3137 return Bridge->Run(reinterpret_cast<char *>(&CurrentReq.xrdreq), const_cast<char *>(fname.c_str()), length) ? 0 : -1;
3138}
ClientQueryRequest::requestid
kXR_unt16 requestid
Definition XProtocol.hh:630
ClientQueryRequest::reserved1
kXR_char reserved1[2]
Definition XProtocol.hh:632
ClientQueryRequest::reserved2
kXR_char reserved2[8]
Definition XProtocol.hh:634
ClientQueryRequest::fhandle
kXR_char fhandle[4]
Definition XProtocol.hh:633
kXR_query
@ kXR_query
Definition XProtocol.hh:113
ClientRequest::query
struct ClientQueryRequest query
Definition XProtocol.hh:866
kXR_Qcksum
@ kXR_Qcksum
Definition XProtocol.hh:617
XrdHttpProtocol::Bridge
XrdXrootd::Bridge * Bridge
The Bridge that we use to exercise the xrootd internals.
Definition XrdHttpProtocol.hh:375
XrdHttpReq::xrdreq
ClientRequest xrdreq
The last issued xrd request, often pending.
Definition XrdHttpReq.hh:322
XrdOucString::length
int length() const
Definition XrdOucString.hh:279
XrdOucString::c_str
const char * c_str() const
Definition XrdOucString.hh:278
XrdXrootd::Bridge::Run
virtual bool Run(const char *xreqP, char *xdataP=0, int xdataL=0)=0

References Bridge, XrdOucString::c_str(), CurrentReq, ClientQueryRequest::dlen, ClientQueryRequest::fhandle, ClientQueryRequest::infotype, kXR_Qcksum, kXR_query, XrdOucString::length(), ClientRequest::query, ClientQueryRequest::requestid, ClientQueryRequest::reserved1, ClientQueryRequest::reserved2, XrdXrootd::Bridge::Run(), and XrdHttpReq::xrdreq.

Referenced by XrdHttpReq::ProcessHTTPReq().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ DoIt()

void XrdHttpProtocol::DoIt ( )
inlinevirtual

Override from the base class.

Implements XrdJob.

Definition at line 92 of file XrdHttpProtocol.hh.

92 {
93 if (Resume) (*this.*Resume)();
94 }

◆ doStat()

int XrdHttpProtocol::doStat ( char *  fname)

Perform a Stat request.

Definition at line 3096 of file XrdHttpProtocol.cc.

3096 {
3097 int l;
3098 bool b;
3099 CurrentReq.filesize = 0;
3100 CurrentReq.fileflags = 0;
3101 CurrentReq.filemodtime = 0;
3102
3103 memset(&CurrentReq.xrdreq, 0, sizeof (ClientRequest));
3104 CurrentReq.xrdreq.stat.requestid = htons(kXR_stat);
3105 memset(CurrentReq.xrdreq.stat.reserved, 0,
3106 sizeof (CurrentReq.xrdreq.stat.reserved));
3107 l = strlen(fname) + 1;
3108 CurrentReq.xrdreq.stat.dlen = htonl(l);
3109
3110 if (!Bridge) return -1;
3111 b = Bridge->Run((char *) &CurrentReq.xrdreq, fname, l);
3112 if (!b) {
3113 return -1;
3114 }
3115
3116
3117 return 0;
3118}
ClientStatRequest::reserved
kXR_char reserved[11]
Definition XProtocol.hh:770
kXR_stat
@ kXR_stat
Definition XProtocol.hh:129
ClientStatRequest::requestid
kXR_unt16 requestid
Definition XProtocol.hh:768
ClientRequest::stat
struct ClientStatRequest stat
Definition XProtocol.hh:873
XrdHttpReq::filemodtime
long filemodtime
Definition XrdHttpReq.hh:339
XrdHttpReq::filesize
long long filesize
Definition XrdHttpReq.hh:337

References Bridge, CurrentReq, ClientStatRequest::dlen, XrdHttpReq::fileflags, XrdHttpReq::filemodtime, XrdHttpReq::filesize, kXR_stat, ClientStatRequest::requestid, ClientStatRequest::reserved, XrdXrootd::Bridge::Run(), ClientRequest::stat, and XrdHttpReq::xrdreq.

Referenced by XrdHttpReq::ProcessHTTPReq().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ isHTTPS()

bool XrdHttpProtocol::isHTTPS ( )
inline

called via https

Definition at line 143 of file XrdHttpProtocol.hh.

143{ return ishttps; }

Referenced by XrdHttpExtReq::XrdHttpExtReq().

+ Here is the caller graph for this function:

◆ Match()

XrdProtocol * XrdHttpProtocol::Match ( XrdLink lp)
virtual

Tells if the oustanding bytes on the socket match this protocol implementation.

Implements XrdProtocol.

Definition at line 229 of file XrdHttpProtocol.cc.

229 {
230 char mybuf[16], mybuf2[1024];
231 XrdHttpProtocol *hp;
232 int dlen;
233 bool myishttps = false;
234
235 // Peek at the first 20 bytes of data
236 //
237 if ((dlen = lp->Peek(mybuf, (int) sizeof (mybuf), hailWait)) < (int) sizeof (mybuf)) {
238 if (dlen <= 0) lp->setEtext("handshake not received");
239 return (XrdProtocol *) 0;
240 }
241 mybuf[dlen - 1] = '\0';
242
243 // Trace the data
244 //
245
246 TRACEI(DEBUG, "received dlen: " << dlen);
247 //TRACEI(REQ, "received buf: " << mybuf);
248 mybuf2[0] = '\0';
249 for (int i = 0; i < dlen; i++) {
250 char mybuf3[16];
251 sprintf(mybuf3, "%.02d ", mybuf[i]);
252 strcat(mybuf2, mybuf3);
253
254 }
255 TRACEI(DEBUG, "received dump: " << mybuf2);
256
257 // Decide if it looks http or not. For now we are happy if all the received characters are alphanumeric
258 bool ismine = true;
259 for (int i = 0; i < dlen - 1; i++)
260 if (!isprint(mybuf[i]) && (mybuf[i] != '\r') && (mybuf[i] != '\n')) {
261 ismine = false;
262 TRACEI(DEBUG, "This does not look like http at pos " << i);
263 break;
264 }
265
266 // If it does not look http then look if it looks like https
267 if ((!ismine) && (dlen >= 4)) {
268 char check[4] = {00, 00, 00, 00};
269 if (memcmp(mybuf, check, 4)) {
270
271 if (httpsmode) {
272 ismine = true;
273 myishttps = true;
274 TRACEI(DEBUG, "This may look like https");
275 } else {
276 TRACEI(ALL, "This may look like https, but https is not configured");
277 }
278
279 }
280 }
281
282 if (!ismine) {
283 TRACEI(DEBUG, "This does not look like https. Protocol not matched.");
284 return (XrdProtocol *) 0;
285 }
286
287 // It does look http or https...
288 // Get a protocol object off the stack (if none, allocate a new one)
289 //
290
291 TRACEI(REQ, "Protocol matched. https: " << myishttps);
292 if (!(hp = ProtStack.Pop())) hp = new XrdHttpProtocol(myishttps);
293 else
294 hp->ishttps = myishttps;
295
296 // We now have to do some work arounds to tell the underlying framework
297 // that is is https without invoking TLS on the actual link. Eventually,
298 // we should just use the link's TLS native implementation.
299 //
300 hp->SecEntity.addrInfo = lp->AddrInfo();
301 XrdNetAddr *netP = const_cast<XrdNetAddr*>(lp->NetAddr());
302 netP->SetDialect("https");
303 netP->SetTLS(true);
304
305 // Allocate 1MB buffer from pool
306 if (!hp->myBuff) {
307 hp->myBuff = BPool->Obtain(1024 * 1024);
308 }
309 hp->myBuffStart = hp->myBuffEnd = hp->myBuff->buff;
310
311 // Bind the protocol to the link and return the protocol
312 //
313 hp->Link = lp;
314 return (XrdProtocol *) hp;
315}
DEBUG
#define DEBUG(x)
Definition XrdBwmTrace.hh:54
TRACEI
#define TRACEI(act, x)
Definition XrdTrace.hh:66
XrdBuffManager::Obtain
XrdBuffer * Obtain(int bsz)
Definition XrdBuffer.cc:140
XrdBuffer::buff
char * buff
Definition XrdBuffer.hh:45
XrdHttpProtocol::hailWait
static int hailWait
Timeout for reading the handshake.
Definition XrdHttpProtocol.hh:390
XrdHttpProtocol::Link
XrdLink * Link
The link we are bound to.
Definition XrdHttpProtocol.hh:365
XrdNetAddr::SetDialect
void SetDialect(const char *dP)
Definition XrdNetAddr.hh:205
XrdNetAddr::SetTLS
void SetTLS(bool val)
Definition XrdNetAddr.cc:590
XrdObjectQ::Pop
T * Pop()
Definition XrdObject.hh:93
XrdSecEntity::addrInfo
XrdNetAddrInfo * addrInfo
Entity's connection details.
Definition XrdSecEntity.hh:80

References XrdLink::AddrInfo(), XrdSecEntity::addrInfo, BPool, XrdBuffer::buff, DEBUG, hailWait, XrdHttpProtoInfo::httpsmode, Link, XrdLink::NetAddr(), XrdBuffManager::Obtain(), XrdLink::Peek(), XrdObjectQ< T >::Pop(), ProtStack, SecEntity, XrdNetAddr::SetDialect(), XrdLink::setEtext(), XrdNetAddr::SetTLS(), and TRACEI.

+ Here is the call graph for this function:

◆ operator=()

XrdHttpProtocol XrdHttpProtocol::operator= ( const XrdHttpProtocol rhs)

Definition at line 218 of file XrdHttpProtocol.cc.

218 {
219
220 return *this;
221}

◆ parseHeader2CGI()

int XrdHttpProtocol::parseHeader2CGI ( XrdOucStream Config,
XrdSysError err,
std::map< std::string, std::string > &  header2cgi 
)
static

Use this function to parse header2cgi configurations.

Definition at line 1822 of file XrdHttpProtocol.cc.

1822 {
1823 char *val, keybuf[1024], parmbuf[1024];
1824 char *parm;
1825
1826 // Get the header key
1827 val = Config.GetWord();
1828 if (!val || !val[0]) {
1829 err.Emsg("Config", "No headerkey specified.");
1830 return 1;
1831 } else {
1832
1833 // Trim the beginning, in place
1834 while ( *val && !isalnum(*val) ) val++;
1835 strcpy(keybuf, val);
1836
1837 // Trim the end, in place
1838 char *pp;
1839 pp = keybuf + strlen(keybuf) - 1;
1840 while ( (pp >= keybuf) && (!isalnum(*pp)) ) {
1841 *pp = '\0';
1842 pp--;
1843 }
1844
1845 parm = Config.GetWord();
1846
1847 // Avoids segfault in case a key is given without value
1848 if(!parm || !parm[0]) {
1849 err.Emsg("Config", "No header2cgi value specified. key: '", keybuf, "'");
1850 return 1;
1851 }
1852
1853 // Trim the beginning, in place
1854 while ( *parm && !isalnum(*parm) ) parm++;
1855 strcpy(parmbuf, parm);
1856
1857 // Trim the end, in place
1858 pp = parmbuf + strlen(parmbuf) - 1;
1859 while ( (pp >= parmbuf) && (!isalnum(*pp)) ) {
1860 *pp = '\0';
1861 pp--;
1862 }
1863
1864 // Add this mapping to the map that will be used
1865 try {
1866 header2cgi[keybuf] = parmbuf;
1867 } catch ( ... ) {
1868 err.Emsg("Config", "Can't insert new header2cgi rule. key: '", keybuf, "'");
1869 return 1;
1870 }
1871
1872 }
1873 return 0;
1874}
XrdCms::Config
XrdCmsConfig Config
Definition XrdCmsConfig.cc:108

References XrdSysError::Emsg().

+ Here is the call graph for this function:

◆ Process()

int XrdHttpProtocol::Process ( XrdLink lp)
virtual

Process data incoming from the socket.

Implements XrdProtocol.

Definition at line 491 of file XrdHttpProtocol.cc.

492{
493 int rc = 0;
494
495 TRACEI(DEBUG, " Process. lp:"<<(void *)lp<<" reqstate: "<<CurrentReq.reqstate);
496
497 if (!myBuff || !myBuff->buff || !myBuff->bsize) {
498 TRACE(ALL, " Process. No buffer available. Internal error.");
499 return -1;
500 }
501
502
503 if (!SecEntity.host) {
504 char *nfo = GetClientIPStr();
505 if (nfo) {
506 TRACEI(REQ, " Setting host: " << nfo);
507 SecEntity.host = nfo;
508 strcpy(SecEntity.prot, "http");
509 }
510 }
511
512
513
514 // If https then check independently for the ssl handshake
515 if (ishttps && !ssldone) {
516
517 if (!ssl) {
518 sbio = CreateBIO(Link);
519 BIO_set_nbio(sbio, 1);
520 ssl = (SSL*)xrdctx->Session();
521 }
522
523 if (!ssl) {
524 TRACEI(DEBUG, " SSL_new returned NULL");
525 ERR_print_errors(sslbio_err);
526 return -1;
527 }
528
529 // If a secxtractor has been loaded
530 // maybe it wants to add its own initialization bits
531 if (secxtractor)
532 secxtractor->InitSSL(ssl, sslcadir);
533
534 SSL_set_bio(ssl, sbio, sbio);
535 //SSL_set_connect_state(ssl);
536
537 //SSL_set_fd(ssl, Link->FDnum());
538 struct timeval tv;
539 tv.tv_sec = 10;
540 tv.tv_usec = 0;
541 setsockopt(Link->FDnum(), SOL_SOCKET, SO_RCVTIMEO, (struct timeval *)&tv, sizeof(struct timeval));
542 setsockopt(Link->FDnum(), SOL_SOCKET, SO_SNDTIMEO, (struct timeval *)&tv, sizeof(struct timeval));
543
544 TRACEI(DEBUG, " Entering SSL_accept...");
545 int res = SSL_accept(ssl);
546 TRACEI(DEBUG, " SSL_accept returned :" << res);
547 if ((res == -1) && (SSL_get_error(ssl, res) == SSL_ERROR_WANT_READ)) {
548 TRACEI(DEBUG, " SSL_accept wants to read more bytes... err:" << SSL_get_error(ssl, res));
549 return 1;
550 }
551
552 if(res <= 0) {
553 ERR_print_errors(sslbio_err);
554 if (res < 0) {
555
556 SSL_free(ssl);
557 ssl = 0;
558 return -1;
559 }
560 }
561
562 BIO_set_nbio(sbio, 0);
563
564 strcpy(SecEntity.prot, "https");
565
566 // Get the voms string and auth information
567 if (tlsClientAuth && HandleAuthentication(Link)) {
568 SSL_free(ssl);
569 ssl = 0;
570 return -1;
571 }
572
573 ssldone = true;
574 if (TRACING(TRACE_AUTH)) {
575 SecEntity.Display(eDest);
576 }
577 }
578
579
580
581 if (!DoingLogin) {
582 // Re-invocations triggered by the bridge have lp==0
583 // In this case we keep track of a different request state
584 if (lp) {
585
586 // This is an invocation that was triggered by a socket event
587 // Read all the data that is available, throw it into the buffer
588 if ((rc = getDataOneShot(BuffAvailable())) < 0) {
589 // Error -> exit
590 return -1;
591 }
592
593 // If we need more bytes, let's wait for another invokation
594 if (BuffUsed() < ResumeBytes) return 1;
595
596
597 } else
598 CurrentReq.reqstate++;
599 } else if (!DoneSetInfo && !CurrentReq.userAgent().empty()) { // DoingLogin is true, meaning the login finished.
600 std::string mon_info = "monitor info " + CurrentReq.userAgent();
601 DoneSetInfo = true;
602 if (mon_info.size() >= 1024) {
603 TRACEI(ALL, "User agent string too long");
604 } else if (!Bridge) {
605 TRACEI(ALL, "Internal logic error: Bridge is null after login");
606 } else {
607 TRACEI(DEBUG, "Setting " << mon_info);
608 memset(&CurrentReq.xrdreq, 0, sizeof (ClientRequest));
609 CurrentReq.xrdreq.set.requestid = htons(kXR_set);
610 CurrentReq.xrdreq.set.modifier = '\0';
611 memset(CurrentReq.xrdreq.set.reserved, '\0', sizeof(CurrentReq.xrdreq.set.reserved));
612 CurrentReq.xrdreq.set.dlen = htonl(mon_info.size());
613 if (!Bridge->Run((char *) &CurrentReq.xrdreq, (char *) mon_info.c_str(), mon_info.size())) {
614 SendSimpleResp(500, nullptr, nullptr, "Could not set user agent.", 0, false);
615 return -1;
616 }
617 return 0;
618 }
619 } else {
620 DoingLogin = false;
621 }
622
623 // Read the next request header, that is, read until a double CRLF is found
624
625
626 if (!CurrentReq.headerok) {
627
628 // Read as many lines as possible into the buffer. An empty line breaks
629 while ((rc = BuffgetLine(tmpline)) > 0) {
630 std::string traceLine = tmpline.c_str();
631 if (TRACING(TRACE_DEBUG)) {
632 traceLine = obfuscateAuth(traceLine);
633 }
634 TRACE(DEBUG, " rc:" << rc << " got hdr line: " << traceLine);
635 if ((rc == 2) && (tmpline.length() > 1) && (tmpline[rc - 1] == '\n')) {
636 CurrentReq.headerok = true;
637 TRACE(DEBUG, " rc:" << rc << " detected header end.");
638 break;
639 }
640
641
642 if (CurrentReq.request == CurrentReq.rtUnset) {
643 TRACE(DEBUG, " Parsing first line: " << traceLine.c_str());
644 int result = CurrentReq.parseFirstLine((char *)tmpline.c_str(), rc);
645 if (result < 0) {
646 TRACE(DEBUG, " Parsing of first line failed with " << result);
647 return -1;
648 }
649 } else {
650 int result = CurrentReq.parseLine((char *) tmpline.c_str(), rc);
651 if(result < 0) {
652 TRACE(DEBUG, " Parsing of header line failed with " << result)
653 SendSimpleResp(400,NULL,NULL,"Malformed header line. Hint: ensure the line finishes with \"\\r\\n\"", 0, false);
654 return -1;
655 }
656 }
657
658
659 }
660
661 // Here we have CurrentReq loaded with the header, or its relevant fields
662
663 if (!CurrentReq.headerok) {
664 TRACEI(REQ, " rc:" << rc << "Header not yet complete.");
665
666 // Here a subtle error condition. IF we failed reading a line AND the buffer
667 // has a reasonable amount of data available THEN we consider the header
668 // as corrupted and shutdown the client
669 if ((rc <= 0) && (BuffUsed() >= 16384)) {
670 TRACEI(ALL, "Corrupted header detected, or line too long. Disconnecting client.");
671 return -1;
672 }
673
674
675 if (CurrentReq.reqstate > 0)
676 CurrentReq.reqstate--;
677 // Waiting for more data
678 return 1;
679 }
680
681 }
682
683 // If we are in self-redirect mode, then let's do it
684 // Do selfredirect only with 'simple' requests, otherwise poor clients may misbehave
685 if (ishttps && ssldone && selfhttps2http &&
686 ( (CurrentReq.request == XrdHttpReq::rtGET) || (CurrentReq.request == XrdHttpReq::rtPUT) ||
687 (CurrentReq.request == XrdHttpReq::rtPROPFIND)) ) {
688 char hash[512];
689 time_t timenow = time(0);
690
691
692 calcHashes(hash, CurrentReq.resource.c_str(), (kXR_int16) CurrentReq.request,
693 &SecEntity,
694 timenow,
695 secretkey);
696
697
698
699 if (hash[0]) {
700
701 // Workaround... delete the previous opaque information
702 if (CurrentReq.opaque) {
703 delete CurrentReq.opaque;
704 CurrentReq.opaque = 0;
705 }
706
707 TRACEI(REQ, " rc:" << rc << " self-redirecting to http with security token.");
708
709 XrdOucString dest = "Location: http://";
710 // Here I should put the IP addr of the server
711
712 // We have to recompute it here because we don't know to which
713 // interface the client had connected to
714 struct sockaddr_storage sa;
715 socklen_t sl = sizeof(sa);
716 getsockname(this->Link->AddrInfo()->SockFD(), (struct sockaddr*)&sa, &sl);
717
718 // now get it back and print it
719 char buf[256];
720 bool ok = false;
721
722 switch (sa.ss_family) {
723 case AF_INET:
724 if (inet_ntop(AF_INET, &(((sockaddr_in*)&sa)->sin_addr), buf, INET_ADDRSTRLEN)) {
725 if (Addr_str) free(Addr_str);
726 Addr_str = strdup(buf);
727 ok = true;
728 }
729 break;
730 case AF_INET6:
731 if (inet_ntop(AF_INET6, &(((sockaddr_in6*)&sa)->sin6_addr), buf, INET6_ADDRSTRLEN)) {
732 if (Addr_str) free(Addr_str);
733 Addr_str = (char *)malloc(strlen(buf)+3);
734 strcpy(Addr_str, "[");
735 strcat(Addr_str, buf);
736 strcat(Addr_str, "]");
737 ok = true;
738 }
739 break;
740 default:
741 TRACEI(REQ, " Can't recognize the address family of the local host.");
742 }
743
744 if (ok) {
745 dest += Addr_str;
746 dest += ":";
747 dest += Port_str;
748 dest += CurrentReq.resource.c_str();
749 TRACEI(REQ," rc:"<<rc<<" self-redirecting to http with security token: '"
750 << dest.c_str() << "'");
751
752
753 CurrentReq.appendOpaque(dest, &SecEntity, hash, timenow);
754 SendSimpleResp(302, NULL, (char *) dest.c_str(), 0, 0, true);
755 CurrentReq.reset();
756 return -1;
757 }
758
759 TRACEI(REQ, " rc:" << rc << " Can't perform self-redirection.");
760
761 }
762 else {
763 TRACEI(ALL, " Could not calculate self-redirection hash");
764 }
765 }
766
767 // If this is not https, then extract the signed information from the url
768 // and fill the SecEntity structure as if we were using https
769 if (!ishttps && !ssldone) {
770
771
772 if (CurrentReq.opaque) {
773 char * tk = CurrentReq.opaque->Get("xrdhttptk");
774 // If there is a hash then we use it as authn info
775 if (tk) {
776
777 time_t tim = 0;
778 char * t = CurrentReq.opaque->Get("xrdhttptime");
779 if (t) tim = atoi(t);
780 if (!t) {
781 TRACEI(REQ, " xrdhttptime not specified. Authentication failed.");
782 return -1;
783 }
784 if (abs(time(0) - tim) > XRHTTP_TK_GRACETIME) {
785 TRACEI(REQ, " Token expired. Authentication failed.");
786 return -1;
787 }
788
789 // Fill the Secentity from the fields in the URL:name, vo, host
790 char *nfo;
791
792 nfo = CurrentReq.opaque->Get("xrdhttpvorg");
793 if (nfo) {
794 TRACEI(DEBUG, " Setting vorg: " << nfo);
795 SecEntity.vorg = strdup(nfo);
796 TRACEI(REQ, " Setting vorg: " << SecEntity.vorg);
797 }
798
799 nfo = CurrentReq.opaque->Get("xrdhttpname");
800 if (nfo) {
801 TRACEI(DEBUG, " Setting name: " << nfo);
802 SecEntity.name = strdup(decode_str(nfo).c_str());
803 TRACEI(REQ, " Setting name: " << SecEntity.name);
804 }
805
806 nfo = CurrentReq.opaque->Get("xrdhttphost");
807 if (nfo) {
808 TRACEI(DEBUG, " Setting host: " << nfo);
809 if (SecEntity.host) free(SecEntity.host);
810 SecEntity.host = strdup(decode_str(nfo).c_str());
811 TRACEI(REQ, " Setting host: " << SecEntity.host);
812 }
813
814 nfo = CurrentReq.opaque->Get("xrdhttpdn");
815 if (nfo) {
816 TRACEI(DEBUG, " Setting dn: " << nfo);
817 SecEntity.moninfo = strdup(decode_str(nfo).c_str());
818 TRACEI(REQ, " Setting dn: " << SecEntity.moninfo);
819 }
820
821 nfo = CurrentReq.opaque->Get("xrdhttprole");
822 if (nfo) {
823 TRACEI(DEBUG, " Setting role: " << nfo);
824 SecEntity.role = strdup(decode_str(nfo).c_str());
825 TRACEI(REQ, " Setting role: " << SecEntity.role);
826 }
827
828 nfo = CurrentReq.opaque->Get("xrdhttpgrps");
829 if (nfo) {
830 TRACEI(DEBUG, " Setting grps: " << nfo);
831 SecEntity.grps = strdup(decode_str(nfo).c_str());
832 TRACEI(REQ, " Setting grps: " << SecEntity.grps);
833 }
834
835 nfo = CurrentReq.opaque->Get("xrdhttpendorsements");
836 if (nfo) {
837 TRACEI(DEBUG, " Setting endorsements: " << nfo);
838 SecEntity.endorsements = strdup(decode_str(nfo).c_str());
839 TRACEI(REQ, " Setting endorsements: " << SecEntity.endorsements);
840 }
841
842 nfo = CurrentReq.opaque->Get("xrdhttpcredslen");
843 if (nfo) {
844 TRACEI(DEBUG, " Setting credslen: " << nfo);
845 char *s1 = strdup(decode_str(nfo).c_str());
846 if (s1 && s1[0]) {
847 SecEntity.credslen = atoi(s1);
848 TRACEI(REQ, " Setting credslen: " << SecEntity.credslen);
849 }
850 if (s1) free(s1);
851 }
852
853 if (SecEntity.credslen) {
854 nfo = CurrentReq.opaque->Get("xrdhttpcreds");
855 if (nfo) {
856 TRACEI(DEBUG, " Setting creds: " << nfo);
857 SecEntity.creds = strdup(decode_str(nfo).c_str());
858 TRACEI(REQ, " Setting creds: " << SecEntity.creds);
859 }
860 }
861
862 char hash[512];
863
864 calcHashes(hash, CurrentReq.resource.c_str(), (kXR_int16) CurrentReq.request,
865 &SecEntity,
866 tim,
867 secretkey);
868
869 if (compareHash(hash, tk)) {
870 TRACEI(REQ, " Invalid tk '" << tk << "' != '" << hash << "'(calculated). Authentication failed.");
871 return -1;
872 }
873
874 } else {
875 // Client is plain http. If we have a secret key then we reject it
876 if (secretkey) {
877 TRACEI(ALL, " Rejecting plain http with no valid token as we have a secretkey.");
878 return -1;
879 }
880 }
881
882 } else {
883 // Client is plain http. If we have a secret key then we reject it
884 if (secretkey) {
885 TRACEI(ALL, " Rejecting plain http with no valid token as we have a secretkey.");
886 return -1;
887 }
888 }
889
890 ssldone = true;
891 }
892
893
894
895 // Now we have everything that is needed to try the login
896 // Remember that if there is an exthandler then it has the responsibility
897 // for authorization in the paths that it manages
898 if (!Bridge && !FindMatchingExtHandler(CurrentReq)) {
899 if (SecEntity.name)
900 Bridge = XrdXrootd::Bridge::Login(&CurrentReq, Link, &SecEntity, SecEntity.name, ishttps ? "https" : "http");
901 else
902 Bridge = XrdXrootd::Bridge::Login(&CurrentReq, Link, &SecEntity, "unknown", ishttps ? "https" : "http");
903
904 if (!Bridge) {
905 TRACEI(REQ, " Authorization failed.");
906 return -1;
907 }
908 if (m_maxdelay > 0) Bridge->SetWait(m_maxdelay, false);
909
910 // Let the bridge process the login, and then reinvoke us
911 DoingLogin = true;
912 return 0;
913 }
914
915 // Compute and send the response. This may involve further reading from the socket
916 rc = CurrentReq.ProcessHTTPReq();
917 if (rc < 0)
918 CurrentReq.reset();
919
920
921
922 TRACEI(REQ, "Process is exiting rc:" << rc);
923 return rc;
924}
ClientRequest::set
struct ClientSetRequest set
Definition XProtocol.hh:871
kXR_set
@ kXR_set
Definition XProtocol.hh:130
ClientSetRequest::requestid
kXR_unt16 requestid
Definition XProtocol.hh:719
ClientSetRequest::modifier
kXR_char modifier
Definition XProtocol.hh:721
ClientSetRequest::reserved
kXR_char reserved[15]
Definition XProtocol.hh:720
kXR_int16
short kXR_int16
Definition XPtypes.hh:66
XRHTTP_TK_GRACETIME
#define XRHTTP_TK_GRACETIME
Definition XrdHttpProtocol.cc:61
TRACE_AUTH
#define TRACE_AUTH
Definition XrdHttpTrace.hh:48
compareHash
int compareHash(const char *h1, const char *h2)
Definition XrdHttpUtils.cc:355
calcHashes
void calcHashes(char *hash, const char *fn, kXR_int16 request, XrdSecEntity *secent, time_t tim, const char *key)
Definition XrdHttpUtils.cc:219
decode_str
std::string decode_str(const std::string &str)
Definition XrdHttpUtils.hh:210
obfuscateAuth
std::string obfuscateAuth(const std::string &input)
Definition XrdOucUtils.cc:1534
TRACE_DEBUG
#define TRACE_DEBUG
Definition XrdTrace.hh:36
TRACE
#define TRACE(act, x)
Definition XrdTrace.hh:63
TRACING
#define TRACING(x)
Definition XrdTrace.hh:70
XrdHttpProtocol::secretkey
static char * secretkey
The key used to calculate the url hashes.
Definition XrdHttpProtocol.hh:413
XrdHttpProtocol::selfhttps2http
static bool selfhttps2http
If client is HTTPS, self-redirect with HTTP+token.
Definition XrdHttpProtocol.hh:428
XrdHttpProtocol::sslcadir
static char * sslcadir
Definition XrdHttpProtocol.hh:402
XrdHttpReq::reqstate
int reqstate
State machine to talk to the bridge.
Definition XrdHttpReq.hh:348
XrdHttpReq::resource
XrdOucString resource
The resource specified by the request, stripped of opaque data.
Definition XrdHttpReq.hh:266
XrdHttpReq::headerok
bool headerok
Tells if we have finished reading the header.
Definition XrdHttpReq.hh:274
XrdHttpReq::userAgent
const std::string & userAgent() const
Definition XrdHttpReq.hh:254
XrdHttpReq::request
ReqType request
The request we got.
Definition XrdHttpReq.hh:258
XrdHttpReq::ProcessHTTPReq
int ProcessHTTPReq()
Definition XrdHttpReq.cc:839
XrdHttpReq::opaque
XrdOucEnv * opaque
The opaque data, after parsing.
Definition XrdHttpReq.hh:268
XrdHttpReq::parseFirstLine
int parseFirstLine(char *line, int len)
Parse the first line of the header.
Definition XrdHttpReq.cc:265
XrdHttpReq::parseLine
int parseLine(char *line, int len)
Parse the header.
Definition XrdHttpReq.cc:117
XrdHttpReq::appendOpaque
void appendOpaque(XrdOucString &s, XrdSecEntity *secent, char *hash, time_t tnow)
Definition XrdHttpReq.cc:639
XrdHttpReq::reset
virtual void reset()
Definition XrdHttpReq.cc:2715
XrdHttpSecXtractor::InitSSL
virtual int InitSSL(SSL *, char *)
Definition XrdHttpSecXtractor.hh:52
XrdOucEnv::Get
char * Get(const char *varname)
Definition XrdOucEnv.hh:69
XrdSecEntity::vorg
char * vorg
Entity's virtual organization(s)
Definition XrdSecEntity.hh:71
XrdSecEntity::credslen
int credslen
Length of the 'creds' data.
Definition XrdSecEntity.hh:78
XrdSecEntity::prot
char prot[XrdSecPROTOIDSIZE]
Auth protocol used (e.g. krb5)
Definition XrdSecEntity.hh:67
XrdSecEntity::creds
char * creds
Raw entity credentials or cert.
Definition XrdSecEntity.hh:77
XrdSecEntity::grps
char * grps
Entity's group name(s)
Definition XrdSecEntity.hh:73
XrdSecEntity::name
char * name
Entity's name.
Definition XrdSecEntity.hh:69
XrdSecEntity::role
char * role
Entity's role(s)
Definition XrdSecEntity.hh:72
XrdSecEntity::endorsements
char * endorsements
Protocol specific endorsements.
Definition XrdSecEntity.hh:75
XrdSecEntity::Display
void Display(XrdSysError &mDest)
Definition XrdSecEntity.cc:58
XrdSecEntity::moninfo
char * moninfo
Information for monitoring.
Definition XrdSecEntity.hh:76
XrdSecEntity::host
char * host
Entity's host name dnr dependent.
Definition XrdSecEntity.hh:70
XrdXrootd::Bridge::Login
static Bridge * Login(Result *rsltP, XrdLink *linkP, XrdSecEntity *seceP, const char *nameP, const char *protP)
Definition XrdXrootdBridge.cc:38
XrdXrootd::Bridge::SetWait
virtual void SetWait(int wtime, bool notify=false)=0

References Addr_str, XrdLink::AddrInfo(), XrdHttpReq::appendOpaque(), Bridge, XrdBuffer::bsize, XrdBuffer::buff, XrdOucString::c_str(), calcHashes(), compareHash(), XrdSecEntity::creds, XrdSecEntity::credslen, CurrentReq, DEBUG, decode_str(), XrdSecEntity::Display(), ClientSetRequest::dlen, eDest, XrdSecEntity::endorsements, XrdLink::FDnum(), XrdOucEnv::Get(), XrdSecEntity::grps, XrdHttpReq::headerok, XrdSecEntity::host, XrdHttpSecXtractor::InitSSL(), kXR_set, XrdOucString::length(), Link, XrdXrootd::Bridge::Login(), m_maxdelay, ClientSetRequest::modifier, XrdSecEntity::moninfo, XrdSecEntity::name, obfuscateAuth(), XrdHttpReq::opaque, XrdHttpReq::parseFirstLine(), XrdHttpReq::parseLine(), Port_str, XrdHttpReq::ProcessHTTPReq(), XrdSecEntity::prot, XrdHttpReq::reqstate, XrdHttpReq::request, ClientSetRequest::requestid, ClientSetRequest::reserved, XrdHttpReq::reset(), XrdHttpReq::resource, XrdSecEntity::role, XrdHttpReq::rtGET, XrdHttpReq::rtPROPFIND, XrdHttpReq::rtPUT, XrdHttpReq::rtUnset, XrdXrootd::Bridge::Run(), SecEntity, secretkey, selfhttps2http, XrdTlsContext::Session(), ClientRequest::set, XrdXrootd::Bridge::SetWait(), XrdNetAddrInfo::SockFD(), sslcadir, XrdHttpProtoInfo::tlsClientAuth, TRACE, TRACE_AUTH, TRACE_DEBUG, TRACEI, TRACING, XrdHttpReq::userAgent(), XrdSecEntity::vorg, XrdHttpProtoInfo::xrdctx, XrdHttpReq::xrdreq, and XRHTTP_TK_GRACETIME.

+ Here is the call graph for this function:

◆ Recycle()

void XrdHttpProtocol::Recycle ( XrdLink lp,
int  consec,
const char *  reason 
)
virtual

Recycle this instance.

Implements XrdProtocol.

Definition at line 932 of file XrdHttpProtocol.cc.

932 {
933
934 // Release all appendages
935 //
936
937 Cleanup();
938
939
940 // Set fields to starting point (debugging mostly)
941 //
942 Reset();
943
944 // Push ourselves on the stack
945 //
946 ProtStack.Push(&ProtLink);
947}
XrdObjectQ::Push
void Push(XrdObject< T > *Node)
Definition XrdObject.hh:101

References ProtLink, ProtStack, and XrdObjectQ< T >::Push().

+ Here is the call graph for this function:

◆ Stats()

int XrdHttpProtocol::Stats ( char *  buff,
int  blen,
int  do_sync = 0 
)
virtual

Get activity stats.

Implements XrdProtocol.

Definition at line 949 of file XrdHttpProtocol.cc.

949 {
950 // Synchronize statistics if need be
951 //
952 // if (do_sync) {
953 //
954 // SI->statsMutex.Lock();
955 // SI->readCnt += numReads;
956 // cumReads += numReads;
957 // numReads = 0;
958 // SI->prerCnt += numReadP;
959 // cumReadP += numReadP;
960 // numReadP = 0;
961 // SI->rvecCnt += numReadV;
962 // cumReadV += numReadV;
963 // numReadV = 0;
964 // SI->rsegCnt += numSegsV;
965 // cumSegsV += numSegsV;
966 // numSegsV = 0;
967 // SI->writeCnt += numWrites;
968 // cumWrites += numWrites;
969 // numWrites = 0;
970 // SI->statsMutex.UnLock();
971 // }
972 //
973 // // Now return the statistics
974 // //
975 // return SI->Stats(buff, blen, do_sync);
976
977 return 0;
978}

Friends And Related Symbol Documentation

◆ XrdHttpExtReq

friend class XrdHttpExtReq
friend

Definition at line 84 of file XrdHttpProtocol.hh.

◆ XrdHttpReq

friend class XrdHttpReq
friend

Definition at line 83 of file XrdHttpProtocol.hh.

Member Data Documentation

◆ Addr_str

char* XrdHttpProtocol::Addr_str
protected

Our IP address, as a string. Please remember that this may not be unique for a given machine, hence we need to keep it here and recompute ad every new connection.

Definition at line 369 of file XrdHttpProtocol.hh.

Referenced by XrdHttpProtocol(), and Process().

◆ BPool

XrdBuffManager * XrdHttpProtocol::BPool = 0
staticprotected

Definition at line 360 of file XrdHttpProtocol.hh.

Referenced by Configure(), and Match().

◆ Bridge

XrdXrootd::Bridge* XrdHttpProtocol::Bridge
protected

The Bridge that we use to exercise the xrootd internals.

Definition at line 375 of file XrdHttpProtocol.hh.

Referenced by doChksum(), doStat(), Process(), and XrdHttpReq::ProcessHTTPReq().

◆ CIA

XrdSecService * XrdHttpProtocol::CIA = 0
staticprotected

Definition at line 362 of file XrdHttpProtocol.hh.

◆ cksumHandler

XrdHttpChecksumHandler XrdHttpProtocol::cksumHandler = XrdHttpChecksumHandler()
static

Definition at line 137 of file XrdHttpProtocol.hh.

Referenced by XrdHttpReq::ProcessHTTPReq().

◆ compatNameGeneration

bool XrdHttpProtocol::compatNameGeneration = false
staticprotected

Definition at line 410 of file XrdHttpProtocol.hh.

◆ crlRefIntervalSec

int XrdHttpProtocol::crlRefIntervalSec = XrdTlsContext::DEFAULT_CRL_REF_INT_SEC
staticprotected

CRL thread refresh interval.

Definition at line 405 of file XrdHttpProtocol.hh.

◆ CurrentReq

XrdHttpReq XrdHttpProtocol::CurrentReq
protected

Area for coordinating request and responses to/from the bridge This also can process HTTP/DAV stuff

Definition at line 380 of file XrdHttpProtocol.hh.

Referenced by doChksum(), doStat(), and Process().

◆ eDest

XrdSysError XrdHttpProtocol::eDest = 0
staticprotected

Definition at line 361 of file XrdHttpProtocol.hh.

Referenced by Configure(), and Process().

◆ embeddedstatic

bool XrdHttpProtocol::embeddedstatic = true
staticprotected

If true, use the embedded css and icons.

Definition at line 431 of file XrdHttpProtocol.hh.

Referenced by XrdHttpReq::ProcessHTTPReq().

◆ gridmap

char * XrdHttpProtocol::gridmap = 0
staticprotected

Gridmap file location. The same used by XrdSecGsi.

Definition at line 408 of file XrdHttpProtocol.hh.

◆ hailWait

int XrdHttpProtocol::hailWait = 60000
staticprotected

Timeout for reading the handshake.

Definition at line 390 of file XrdHttpProtocol.hh.

Referenced by Match().

◆ hdr2cgimap

std::map< std::string, std::string > XrdHttpProtocol::hdr2cgimap
staticprotected

Rules that turn HTTP headers to cgi tokens in the URL, for internal comsumption.

Definition at line 451 of file XrdHttpProtocol.hh.

Referenced by XrdHttpReq::parseLine().

◆ isdesthttps

bool XrdHttpProtocol::isdesthttps = false
staticprotected

True if the redirections must be towards https targets.

Definition at line 419 of file XrdHttpProtocol.hh.

Referenced by XrdHttpReq::Redir().

◆ isRequiredGridmap

bool XrdHttpProtocol::isRequiredGridmap = false
staticprotected

Definition at line 409 of file XrdHttpProtocol.hh.

◆ Link

XrdLink* XrdHttpProtocol::Link
protected

The link we are bound to.

Definition at line 365 of file XrdHttpProtocol.hh.

Referenced by XrdHttpExtReq::GetClientID(), Match(), and Process().

◆ listdeny

bool XrdHttpProtocol::listdeny = false
staticprotected

If true, any form of listing is denied.

Definition at line 425 of file XrdHttpProtocol.hh.

Referenced by XrdHttpReq::ProcessHTTPReq().

◆ listredir

char * XrdHttpProtocol::listredir = 0
staticprotected

Url to redirect to in the case a listing is requested.

Definition at line 422 of file XrdHttpProtocol.hh.

Referenced by XrdHttpReq::ProcessHTTPReq().

◆ m_bio_method

BIO_METHOD * XrdHttpProtocol::m_bio_method = NULL
staticprotected

C-style vptr table for our custom BIO objects.

Definition at line 457 of file XrdHttpProtocol.hh.

◆ m_bio_type

int XrdHttpProtocol::m_bio_type = 0
staticprotected

Type identifier for our custom BIO objects.

Definition at line 454 of file XrdHttpProtocol.hh.

◆ m_maxdelay

int XrdHttpProtocol::m_maxdelay = -1
staticprotected

Definition at line 438 of file XrdHttpProtocol.hh.

Referenced by Process().

◆ m_staticheader_map

decltype(XrdHttpProtocol::m_staticheader_map) XrdHttpProtocol::m_staticheader_map
staticprotected

The static headers to always return; map is from verb to a list of (header, val) pairs.

Definition at line 469 of file XrdHttpProtocol.hh.

◆ m_staticheaders

decltype(XrdHttpProtocol::m_staticheaders) XrdHttpProtocol::m_staticheaders
staticprotected

The static string version of m_staticheader_map. After config parsing is done, this is computed and we won't need to reference m_staticheader_map in the response path.

Definition at line 473 of file XrdHttpProtocol.hh.

◆ myRole

kXR_int32 XrdHttpProtocol::myRole = kXR_isManager
staticprotected

Our role.

Definition at line 448 of file XrdHttpProtocol.hh.

Referenced by Configure(), and XrdHttpReq::ProcessHTTPReq().

◆ pmarkHandle

XrdNetPMark * XrdHttpProtocol::pmarkHandle = nullptr
staticprotected

Packet marking handler pointer (assigned from the environment during the Config() call)

Definition at line 463 of file XrdHttpProtocol.hh.

Referenced by XrdHttpExtReq::XrdHttpExtReq(), and XrdHttpReq::parseLine().

◆ Port

int XrdHttpProtocol::Port = 1094
staticprotected

Our port.

Definition at line 396 of file XrdHttpProtocol.hh.

Referenced by Configure().

◆ Port_str

char * XrdHttpProtocol::Port_str = 0
staticprotected

Our port, as a string.

Definition at line 399 of file XrdHttpProtocol.hh.

Referenced by Configure(), and Process().

◆ ProtLink

XrdObject<XrdHttpProtocol> XrdHttpProtocol::ProtLink

Definition at line 130 of file XrdHttpProtocol.hh.

Referenced by Recycle().

◆ ProtStack

XrdObjectQ< XrdHttpProtocol > XrdHttpProtocol::ProtStack
static

Definition at line 129 of file XrdHttpProtocol.hh.

Referenced by Configure(), Match(), and Recycle().

◆ ReadRangeConfig

XrdHttpReadRangeHandler::Configuration XrdHttpProtocol::ReadRangeConfig
static

configuration for the read range handler

Definition at line 140 of file XrdHttpProtocol.hh.

◆ readWait

int XrdHttpProtocol::readWait = 300000
staticprotected

Timeout for reading data.

Definition at line 393 of file XrdHttpProtocol.hh.

◆ Sched

XrdScheduler * XrdHttpProtocol::Sched = 0
staticprotected

Definition at line 359 of file XrdHttpProtocol.hh.

Referenced by Configure().

◆ SecEntity

XrdSecEntity XrdHttpProtocol::SecEntity

Authentication area.

Definition at line 134 of file XrdHttpProtocol.hh.

Referenced by XrdHttpExtReq::XrdHttpExtReq(), XrdHttpExtReq::GetSecEntity(), Match(), Process(), and XrdHttpReq::Redir().

◆ secretkey

char * XrdHttpProtocol::secretkey = 0
staticprotected

The key used to calculate the url hashes.

Definition at line 413 of file XrdHttpProtocol.hh.

Referenced by Process(), and XrdHttpReq::Redir().

◆ selfhttps2http

bool XrdHttpProtocol::selfhttps2http = false
staticprotected

If client is HTTPS, self-redirect with HTTP+token.

Definition at line 428 of file XrdHttpProtocol.hh.

Referenced by Process().

◆ servGMap

XrdOucGMap * XrdHttpProtocol::servGMap = 0
staticprotected

The instance of the DN mapper. Created only when a valid path is given.

Definition at line 372 of file XrdHttpProtocol.hh.

◆ sslcadir

char * XrdHttpProtocol::sslcadir = 0
staticprotected

Definition at line 402 of file XrdHttpProtocol.hh.

Referenced by Process().

◆ sslcafile

char * XrdHttpProtocol::sslcafile = 0
staticprotected

Definition at line 402 of file XrdHttpProtocol.hh.

◆ sslcert

char * XrdHttpProtocol::sslcert = 0
staticprotected

OpenSSL stuff.

Definition at line 402 of file XrdHttpProtocol.hh.

◆ sslcipherfilter

char * XrdHttpProtocol::sslcipherfilter = 0
staticprotected

Definition at line 402 of file XrdHttpProtocol.hh.

◆ sslkey

char * XrdHttpProtocol::sslkey = 0
staticprotected

Definition at line 402 of file XrdHttpProtocol.hh.

◆ sslverifydepth

int XrdHttpProtocol::sslverifydepth = 9
staticprotected

Depth of verification of a certificate chain.

Definition at line 416 of file XrdHttpProtocol.hh.

◆ staticpreload

XrdOucHash< XrdHttpProtocol::StaticPreloadInfo > * XrdHttpProtocol::staticpreload = 0
staticprotected

Definition at line 445 of file XrdHttpProtocol.hh.

Referenced by XrdHttpReq::ProcessHTTPReq().

◆ staticredir

char * XrdHttpProtocol::staticredir = 0
staticprotected

Definition at line 434 of file XrdHttpProtocol.hh.

Referenced by XrdHttpReq::ProcessHTTPReq().

◆ tpcForwardCreds

bool XrdHttpProtocol::tpcForwardCreds = false
staticprotected

If set to true, the HTTP TPC transfers will forward the credentials to redirected hosts.

Definition at line 466 of file XrdHttpProtocol.hh.

Referenced by XrdHttpExtReq::XrdHttpExtReq().

◆ xrd_cslist

char * XrdHttpProtocol::xrd_cslist = nullptr
staticprotected

The list of checksums that were configured via the xrd.cksum parameter on the server config file.

Definition at line 460 of file XrdHttpProtocol.hh.

Referenced by Configure().

◆ xrdcors

XrdHttpCors * XrdHttpProtocol::xrdcors = nullptr
staticprotected

Definition at line 384 of file XrdHttpProtocol.hh.

◆ xrdcorsLibPath

std::string XrdHttpProtocol::xrdcorsLibPath
staticprotected

Definition at line 382 of file XrdHttpProtocol.hh.

The documentation for this class was generated from the following files: