XRootD
Loading...
Searching...
No Matches
XrdOucGMap Class Reference

#include <XrdOucGMap.hh>

+ Collaboration diagram for XrdOucGMap:

Public Member Functions

 XrdOucGMap (XrdOucGMapArgs)
 
virtual ~XrdOucGMap ()
 Destructor.
 
virtual int dn2user (const char *dn, char *user, int ulen, time_t now=0)
 
bool isValid () const
 Validity checker.
 

Detailed Description

Definition at line 48 of file XrdOucGMap.hh.

Constructor & Destructor Documentation

◆ XrdOucGMap()

XrdOucGMap::XrdOucGMap ( XrdOucGMapArgs  )

Definition at line 103 of file XrdOucGMap.cc.

104 : valid(0), mf_mtime(-1), notafter(-1), timeout(600), elogger(eDest), tracer(0), dbg(0)
105{
106 // Set tracer
107 //
108 tracer = new XrdOucTrace(eDest);
109
110 // Parse parameters, if any
111 //
112 XrdOucString pp(parms), p;
113 if (pp.length() > 0) {
114 int from = 0;
115 while ((from = pp.tokenize(p, from, '|')) != -1) {
116 // Debug
117 if (p == "debug" || p == "dbg") {
118 dbg = 1;
119 } else if (p.beginswith("to=")) {
120 p.erasefromstart(3);
121 if (p.isdigit()) {
122 timeout = p.atoi();
123 } else {
124 PRINT(tracer, "OucGMap", "timeout value badly formatted ("<<p<<"); ignoring");
125 }
126 }
127 }
128 }
129
130 // Set notafter is timeout is active
131 //
132 if (timeout > 0) notafter = time(0) + (time_t) timeout;
133
134 // Set the file name
135 //
136 mf_name = mapfn;
137 if (mf_name.length() <= 0) {
138 mf_name = getenv("GRIDMAP");
139 if (mf_name.length() <= 0)
140 mf_name = "/etc/grid-security/grid-mapfile";
141 }
142 // Check if it can be read
143 //
144 if (access(mf_name.c_str(), R_OK) != 0) {
145 PRINT(tracer, "OucGMap", "cannot access grid map file '"<< mf_name
146 <<"' in read mode; " <<XrdSysE2T(errno));
147 return;
148 }
149
150 // Load the file
151 //
152 if (load(mf_name.c_str()) != 0) {
153 PRINT(tracer, "OucGMap", "unable to load file "<<mf_name<<" - aborting");
154 return;
155 }
156
157 // Done
158 valid = 1;
159}
static XrdSysError eDest(0,"crypto_")
#define PRINT(y)
#define access(a, b)
Definition XrdPosix.hh:39
const char * XrdSysE2T(int errcode)
Definition XrdSysE2T.cc:99
int erasefromstart(int sz=0)
bool beginswith(char c)
int length() const
bool isdigit(int from=0, int to=-1)
long atoi(int from=0, int to=-1)
const char * c_str() const

References access, XrdOucString::atoi(), XrdOucString::beginswith(), XrdOucString::c_str(), eDest, XrdOucString::erasefromstart(), XrdOucString::isdigit(), XrdOucString::length(), PRINT, and XrdSysE2T().

+ Here is the call graph for this function:

◆ ~XrdOucGMap()

virtual XrdOucGMap::~XrdOucGMap ( )
inlinevirtual

Destructor.

Definition at line 98 of file XrdOucGMap.hh.

98{}

Member Function Documentation

◆ dn2user()

int XrdOucGMap::dn2user ( const char *  dn,
char *  user,
int  ulen,
time_t  now = 0 
)
virtual

Map a distinguished name (dn) to a user name.

Parameters
dn-> Distinguished name.
user-> Buffer where the user name is to be placed. It must end with a null byte.
ulen-> The length of the 'user' buffer.
now-> Current time (result of time(0)) or 0 if not available.
Returns
Success: Zero. Failure: An errno number describing the failure; typically -EFAULT - No valid matching found. -errno - If problems reloading the file

Definition at line 292 of file XrdOucGMap.cc.

293{
294
295 int rc = -1;
296 // Reset output
297 //
298 if (user && ulen > 0) {
299 memset(user, '\0', ulen);
300 } else {
301 PRINT(tracer, "OucGMap::dn2user",
302 "buffer for the user name is undefined or has undefined length");
303 return -(int)EINVAL;
304 }
305
306 // Check if we need to reload the information
307 //
308 if (notafter > 0) {
309 if (now <= 0) now = time(0);
310 if (notafter < now) {
311 // Reload the file
312 if (load(mf_name.c_str()) != 0) {
313 PRINT(tracer, "OucGMap::dn2user",
314 "problems loading file "<<mf_name);
315 return -(int)errno;
316 }
317 if (timeout > 0) notafter = now + (time_t) timeout;
318 }
319 }
320
321 // A shared lock is enough
322 xsl.Lock(xs_Shared);
323
324 // Search
325 //
326 XrdSecGMapEntry_t *mc = 0;
327 // Try the full match first
328 //
329 if ((mc = mappings.Find(dn))) {
330 // Save the associated user
331 int ul = mc->user.length();
332 strncpy(user, mc->user.c_str(), ul);
333 user[ul] = 0;
334 rc = 0;
335 } else {
336 // Else scan the available mappings
337 //
338 mc = new XrdSecGMapEntry_t(dn, "", kFull);
339 mappings.Apply(FindMatchingCondition, (void *)mc);
340 if (mc->user.length() > 0) {
341 int ul = mc->user.length();
342 strncpy(user, mc->user.c_str(), ul);
343 user[ul] = 0;
344 rc = 0;
345 }
346 if (mc) delete mc;
347 }
348 if (rc == 0) {
349 DEBUG(dbg, tracer, "XrdOucGMap::dn2user", "mapping DN '"<<dn<<"' to '"<<user<<"'");
350 } else {
351 DEBUG(dbg, tracer, "XrdOucGMap::dn2user", "no valid match found for DN '"<<dn<<"'");
352 rc = -(int)EFAULT;
353 }
354
355 // Done
356 xsl.UnLock();
357 return rc;
358}
#define DEBUG(x)
@ kFull
Definition XrdOucGMap.cc:54
static int FindMatchingCondition(const char *, XrdSecGMapEntry_t *mc, void *xmp)
Definition XrdOucGMap.cc:64
@ xs_Shared
T * Apply(int(*func)(const char *, T *, void *), void *Arg)
T * Find(const char *KeyVal, time_t *KeyTime=0)
XrdOucString user
Definition XrdOucGMap.hh:44
void Lock(const XrdSysXS_Type usage)
void UnLock(const XrdSysXS_Type usage=xs_None)

References XrdOucHash< T >::Apply(), XrdOucString::c_str(), DEBUG, XrdOucHash< T >::Find(), FindMatchingCondition(), kFull, XrdOucString::length(), XrdSysXSLock::Lock(), PRINT, XrdSysXSLock::UnLock(), XrdSecGMapEntry_t::user, and xs_Shared.

+ Here is the call graph for this function:

◆ isValid()

bool XrdOucGMap::isValid ( ) const
inline

Validity checker.

Definition at line 104 of file XrdOucGMap.hh.

104{ return valid; }

Referenced by XrdOucgetGMap().

+ Here is the caller graph for this function:

The documentation for this class was generated from the following files: