XRootD
XrdHttpProtocol Class Reference

#include <XrdHttpProtocol.hh>

+ Inheritance diagram for XrdHttpProtocol:
+ Collaboration diagram for XrdHttpProtocol:

Classes

struct  StaticPreloadInfo
 

Public Member Functions

 XrdHttpProtocol (bool imhttps)
 
 XrdHttpProtocol (const XrdHttpProtocol &)=default
 Ctor, dtors and copy ctor. More...
 
 ~XrdHttpProtocol ()
 
int doChksum (const XrdOucString &fname)
 Perform a checksum request. More...
 
void DoIt ()
 Override from the base class. More...
 
int doStat (char *fname)
 Perform a Stat request. More...
 
bool isHTTPS ()
 called via https More...
 
XrdProtocolMatch (XrdLink *lp)
 Tells if the oustanding bytes on the socket match this protocol implementation. More...
 
XrdHttpProtocol operator= (const XrdHttpProtocol &rhs)
 
int Process (XrdLink *lp)
 Process data incoming from the socket. More...
 
void Recycle (XrdLink *lp, int consec, const char *reason)
 Recycle this instance. More...
 
int Stats (char *buff, int blen, int do_sync=0)
 Get activity stats. More...
 
- Public Member Functions inherited from XrdProtocol
 XrdProtocol (const char *jname)
 
virtual ~XrdProtocol ()
 
- Public Member Functions inherited from XrdJob
 XrdJob (const char *desc="")
 
virtual ~XrdJob ()
 

Static Public Member Functions

static int Configure (char *parms, XrdProtocol_Config *pi)
 Read and apply the configuration. More...
 
static int parseHeader2CGI (XrdOucStream &Config, XrdSysError &err, std::map< std::string, std::string > &header2cgi)
 Use this function to parse header2cgi configurations. More...
 

Public Attributes

XrdObject< XrdHttpProtocolProtLink
 
XrdSecEntity SecEntity
 Authentication area. More...
 
- Public Attributes inherited from XrdJob
const char * Comment
 
XrdJobNextJob
 

Static Public Attributes

static XrdHttpChecksumHandler cksumHandler = XrdHttpChecksumHandler()
 
static XrdObjectQ< XrdHttpProtocolProtStack
 
static XrdHttpReadRangeHandler::Configuration ReadRangeConfig
 configuration for the read range handler More...
 

Protected Attributes

char * Addr_str
 
XrdXrootd::BridgeBridge
 The Bridge that we use to exercise the xrootd internals. More...
 
XrdHttpReq CurrentReq
 
XrdLinkLink
 The link we are bound to. More...
 

Static Protected Attributes

static XrdBuffManagerBPool = 0
 
static XrdSecServiceCIA = 0
 
static bool compatNameGeneration = false
 
static int crlRefIntervalSec = XrdTlsContext::DEFAULT_CRL_REF_INT_SEC
 CRL thread refresh interval. More...
 
static XrdSysError eDest = 0
 
static bool embeddedstatic = true
 If true, use the embedded css and icons. More...
 
static char * gridmap = 0
 Gridmap file location. The same used by XrdSecGsi. More...
 
static int hailWait = 60000
 Timeout for reading the handshake. More...
 
static std::map< std::string, std::string > hdr2cgimap
 Rules that turn HTTP headers to cgi tokens in the URL, for internal comsumption. More...
 
static bool isdesthttps = false
 True if the redirections must be towards https targets. More...
 
static bool isRequiredGridmap = false
 
static bool listdeny = false
 If true, any form of listing is denied. More...
 
static char * listredir = 0
 Url to redirect to in the case a listing is requested. More...
 
static BIO_METHOD * m_bio_method = NULL
 C-style vptr table for our custom BIO objects. More...
 
static int m_bio_type = 0
 Type identifier for our custom BIO objects. More...
 
static std::unordered_map< std::string, std::vector< std::pair< std::string, std::string > > > m_staticheader_map
 The static headers to always return; map is from verb to a list of (header, val) pairs. More...
 
static std::unordered_map< std::string, std::string > m_staticheaders
 
static kXR_int32 myRole = kXR_isManager
 Our role. More...
 
static XrdNetPMarkpmarkHandle = nullptr
 Packet marking handler pointer (assigned from the environment during the Config() call) More...
 
static int Port = 1094
 Our port. More...
 
static char * Port_str = 0
 Our port, as a string. More...
 
static int readWait = 300000
 Timeout for reading data. More...
 
static XrdSchedulerSched = 0
 
static char * secretkey = 0
 The key used to calculate the url hashes. More...
 
static bool selfhttps2http = false
 If client is HTTPS, self-redirect with HTTP+token. More...
 
static XrdOucGMapservGMap = 0
 The instance of the DN mapper. Created only when a valid path is given. More...
 
static char * sslcadir = 0
 
static char * sslcafile = 0
 
static char * sslcert = 0
 OpenSSL stuff. More...
 
static char * sslcipherfilter = 0
 
static char * sslkey = 0
 
static int sslverifydepth = 9
 Depth of verification of a certificate chain. More...
 
static XrdOucHash< StaticPreloadInfo > * staticpreload = 0
 
static char * staticredir = 0
 
static bool tpcForwardCreds = false
 If set to true, the HTTP TPC transfers will forward the credentials to redirected hosts. More...
 
static char * xrd_cslist = nullptr
 The list of checksums that were configured via the xrd.cksum parameter on the server config file. More...
 

Friends

class XrdHttpExtReq
 
class XrdHttpReq
 

Detailed Description

Definition at line 80 of file XrdHttpProtocol.hh.


Class Documentation

◆ XrdHttpProtocol::StaticPreloadInfo

struct XrdHttpProtocol::StaticPreloadInfo

Definition at line 430 of file XrdHttpProtocol.hh.

+ Collaboration diagram for XrdHttpProtocol::StaticPreloadInfo:
Class Members
char * data
int len

Constructor & Destructor Documentation

◆ XrdHttpProtocol() [1/2]

XrdHttpProtocol::XrdHttpProtocol ( const XrdHttpProtocol )
default

Ctor, dtors and copy ctor.

Referenced by Match().

+ Here is the caller graph for this function:

◆ XrdHttpProtocol() [2/2]

XrdHttpProtocol::XrdHttpProtocol ( bool  imhttps)

Definition at line 196 of file XrdHttpProtocol.cc.

197 : XrdProtocol("HTTP protocol handler"), ProtLink(this),
199  myBuff = 0;
200  Addr_str = 0;
201  Reset();
202  ishttps = imhttps;
203 
204 }
XrdObject< XrdHttpProtocol > ProtLink
XrdHttpReq CurrentReq
static XrdHttpReadRangeHandler::Configuration ReadRangeConfig
configuration for the read range handler
XrdSecEntity SecEntity
Authentication area.
XrdProtocol(const char *jname)
Definition: XrdProtocol.hh:156

References Addr_str.

◆ ~XrdHttpProtocol()

XrdHttpProtocol::~XrdHttpProtocol ( )
inline

Definition at line 124 of file XrdHttpProtocol.hh.

124  {
125  Cleanup();
126  }

Member Function Documentation

◆ Configure()

int XrdHttpProtocol::Configure ( char *  parms,
XrdProtocol_Config pi 
)
static

Read and apply the configuration.

Definition at line 1734 of file XrdHttpProtocol.cc.

1734  {
1735  /*
1736  Function: Establish configuration at load time.
1737 
1738  Input: None.
1739 
1740  Output: 0 upon success or !0 otherwise.
1741  */
1742 
1743  char *rdf;
1744 
1745  // Copy out the special info we want to use at top level
1746  //
1747  eDest.logger(pi->eDest->logger());
1749  // SI = new XrdXrootdStats(pi->Stats);
1750  Sched = pi->Sched;
1751  BPool = pi->BPool;
1752  xrd_cslist = getenv("XRD_CSLIST");
1753 
1754  Port = pi->Port;
1755 
1756  // Copy out the current TLS context
1757  //
1758  xrdctx = pi->tlsCtx;
1759 
1760  {
1761  char buf[16];
1762  sprintf(buf, "%d", Port);
1763  Port_str = strdup(buf);
1764  }
1765 
1766  // Now process and configuration parameters
1767  //
1768  rdf = (parms && *parms ? parms : pi->ConfigFN);
1769  if (rdf && Config(rdf, pi->theEnv)) return 0;
1770  if (pi->DebugON) XrdHttpTrace.What = TRACE_ALL;
1771 
1772  // Set the redirect flag if we are a pure redirector
1773  myRole = kXR_isServer;
1774  if ((rdf = getenv("XRDROLE"))) {
1775  eDest.Emsg("Config", "XRDROLE: ", rdf);
1776 
1777  if (!strcasecmp(rdf, "manager") || !strcasecmp(rdf, "supervisor")) {
1779  eDest.Emsg("Config", "Configured as HTTP(s) redirector.");
1780  } else {
1781 
1782  eDest.Emsg("Config", "Configured as HTTP(s) data server.");
1783  }
1784 
1785  } else {
1786  eDest.Emsg("Config", "No XRDROLE specified.");
1787  }
1788 
1789  // Schedule protocol object cleanup
1790  //
1792  (XrdHttpTrace.What & TRACE_MEM ? TRACE_MEM : 0));
1793  ProtStack.Set((pi->ConnMax / 3 ? pi->ConnMax / 3 : 30), 60 * 60);
1794 
1795  // Return success
1796  //
1797 
1798  return 1;
1799 }
#define kXR_isManager
Definition: XProtocol.hh:1156
#define kXR_isServer
Definition: XProtocol.hh:1157
XrdSysTrace XrdHttpTrace("http")
#define TRACE_MEM
Definition: XrdTrace.hh:38
#define TRACE_ALL
Definition: XrdTrace.hh:35
static XrdScheduler * Sched
static kXR_int32 myRole
Our role.
static char * Port_str
Our port, as a string.
static XrdSysError eDest
static char * xrd_cslist
The list of checksums that were configured via the xrd.cksum parameter on the server config file.
static XrdObjectQ< XrdHttpProtocol > ProtStack
static int Port
Our port.
static XrdBuffManager * BPool
void Set(int inQMax, time_t agemax=1800)
Definition: XrdObject.icc:90
XrdBuffManager * BPool
Definition: XrdProtocol.hh:63
XrdScheduler * Sched
Definition: XrdProtocol.hh:64
XrdTlsContext * tlsCtx
Definition: XrdProtocol.hh:99
XrdSysError * eDest
Definition: XrdProtocol.hh:61
XrdOucEnv * theEnv
Definition: XrdProtocol.hh:66
int Emsg(const char *esfx, int ecode, const char *text1, const char *text2=0)
Definition: XrdSysError.cc:95
XrdSysLogger * logger(XrdSysLogger *lp=0)
Definition: XrdSysError.hh:141
void SetLogger(XrdSysLogger *logp)
Definition: XrdSysTrace.cc:65
XrdTlsContext * xrdctx

References XrdProtocol_Config::BPool, BPool, XrdCms::Config, XrdProtocol_Config::ConfigFN, XrdProtocol_Config::ConnMax, XrdProtocol_Config::DebugON, XrdProtocol_Config::eDest, eDest, XrdSysError::Emsg(), kXR_isManager, kXR_isServer, XrdSysError::logger(), myRole, XrdProtocol_Config::Port, Port, Port_str, ProtStack, XrdProtocol_Config::Sched, Sched, XrdObjectQ< T >::Set(), XrdSysTrace::SetLogger(), XrdProtocol_Config::theEnv, XrdProtocol_Config::tlsCtx, TRACE_ALL, TRACE_MEM, XrdSysTrace::What, xrd_cslist, XrdHttpProtoInfo::xrdctx, and XrdHttpTrace.

Referenced by XrdgetProtocol().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ doChksum()

int XrdHttpProtocol::doChksum ( const XrdOucString fname)

Perform a checksum request.

Definition at line 3056 of file XrdHttpProtocol.cc.

3056  {
3057  size_t length;
3058  memset(&CurrentReq.xrdreq, 0, sizeof (ClientRequest));
3062  memset(CurrentReq.xrdreq.query.fhandle, '\0', sizeof(CurrentReq.xrdreq.query.fhandle));
3064  length = fname.length() + 1;
3065  CurrentReq.xrdreq.query.dlen = htonl(length);
3066 
3067  if (!Bridge) return -1;
3068 
3069  return Bridge->Run(reinterpret_cast<char *>(&CurrentReq.xrdreq), const_cast<char *>(fname.c_str()), length) ? 0 : -1;
3070 }
kXR_unt16 requestid
Definition: XProtocol.hh:630
kXR_char reserved1[2]
Definition: XProtocol.hh:632
kXR_unt16 infotype
Definition: XProtocol.hh:631
kXR_char reserved2[8]
Definition: XProtocol.hh:634
kXR_char fhandle[4]
Definition: XProtocol.hh:633
@ kXR_query
Definition: XProtocol.hh:113
struct ClientQueryRequest query
Definition: XProtocol.hh:866
@ kXR_Qcksum
Definition: XProtocol.hh:617
XrdXrootd::Bridge * Bridge
The Bridge that we use to exercise the xrootd internals.
ClientRequest xrdreq
The last issued xrd request, often pending.
Definition: XrdHttpReq.hh:298
const char * c_str() const
int length() const
virtual bool Run(const char *xreqP, char *xdataP=0, int xdataL=0)=0

References Bridge, XrdOucString::c_str(), CurrentReq, ClientQueryRequest::dlen, ClientQueryRequest::fhandle, ClientQueryRequest::infotype, kXR_Qcksum, kXR_query, XrdOucString::length(), ClientRequest::query, ClientQueryRequest::requestid, ClientQueryRequest::reserved1, ClientQueryRequest::reserved2, XrdXrootd::Bridge::Run(), and XrdHttpReq::xrdreq.

Referenced by XrdHttpReq::ProcessHTTPReq().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ DoIt()

void XrdHttpProtocol::DoIt ( )
inlinevirtual

Override from the base class.

Implements XrdJob.

Definition at line 91 of file XrdHttpProtocol.hh.

91  {
92  if (Resume) (*this.*Resume)();
93  }

◆ doStat()

int XrdHttpProtocol::doStat ( char *  fname)

Perform a Stat request.

Definition at line 3028 of file XrdHttpProtocol.cc.

3028  {
3029  int l;
3030  bool b;
3031  CurrentReq.filesize = 0;
3032  CurrentReq.fileflags = 0;
3033  CurrentReq.filemodtime = 0;
3034 
3035  memset(&CurrentReq.xrdreq, 0, sizeof (ClientRequest));
3037  memset(CurrentReq.xrdreq.stat.reserved, 0,
3038  sizeof (CurrentReq.xrdreq.stat.reserved));
3039  l = strlen(fname) + 1;
3040  CurrentReq.xrdreq.stat.dlen = htonl(l);
3041 
3042  if (!Bridge) return -1;
3043  b = Bridge->Run((char *) &CurrentReq.xrdreq, fname, l);
3044  if (!b) {
3045  return -1;
3046  }
3047 
3048 
3049  return 0;
3050 }
kXR_char reserved[11]
Definition: XProtocol.hh:770
@ kXR_stat
Definition: XProtocol.hh:129
kXR_unt16 requestid
Definition: XProtocol.hh:768
struct ClientStatRequest stat
Definition: XProtocol.hh:873
kXR_int32 dlen
Definition: XProtocol.hh:772
long fileflags
Definition: XrdHttpReq.hh:314
long filemodtime
Definition: XrdHttpReq.hh:315
long long filesize
Definition: XrdHttpReq.hh:313

References Bridge, CurrentReq, ClientStatRequest::dlen, XrdHttpReq::fileflags, XrdHttpReq::filemodtime, XrdHttpReq::filesize, kXR_stat, ClientStatRequest::requestid, ClientStatRequest::reserved, XrdXrootd::Bridge::Run(), ClientRequest::stat, and XrdHttpReq::xrdreq.

Referenced by XrdHttpReq::ProcessHTTPReq().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ isHTTPS()

bool XrdHttpProtocol::isHTTPS ( )
inline

called via https

Definition at line 142 of file XrdHttpProtocol.hh.

142 { return ishttps; }

Referenced by XrdHttpExtReq::XrdHttpExtReq().

+ Here is the caller graph for this function:

◆ Match()

XrdProtocol * XrdHttpProtocol::Match ( XrdLink lp)
virtual

Tells if the oustanding bytes on the socket match this protocol implementation.

Implements XrdProtocol.

Definition at line 222 of file XrdHttpProtocol.cc.

222  {
223  char mybuf[16], mybuf2[1024];
224  XrdHttpProtocol *hp;
225  int dlen;
226  bool myishttps = false;
227 
228  // Peek at the first 20 bytes of data
229  //
230  if ((dlen = lp->Peek(mybuf, (int) sizeof (mybuf), hailWait)) < (int) sizeof (mybuf)) {
231  if (dlen <= 0) lp->setEtext("handshake not received");
232  return (XrdProtocol *) 0;
233  }
234  mybuf[dlen - 1] = '\0';
235 
236  // Trace the data
237  //
238 
239  TRACEI(DEBUG, "received dlen: " << dlen);
240  //TRACEI(REQ, "received buf: " << mybuf);
241  mybuf2[0] = '\0';
242  for (int i = 0; i < dlen; i++) {
243  char mybuf3[16];
244  sprintf(mybuf3, "%.02d ", mybuf[i]);
245  strcat(mybuf2, mybuf3);
246 
247  }
248  TRACEI(DEBUG, "received dump: " << mybuf2);
249 
250  // Decide if it looks http or not. For now we are happy if all the received characters are alphanumeric
251  bool ismine = true;
252  for (int i = 0; i < dlen - 1; i++)
253  if (!isprint(mybuf[i]) && (mybuf[i] != '\r') && (mybuf[i] != '\n')) {
254  ismine = false;
255  TRACEI(DEBUG, "This does not look like http at pos " << i);
256  break;
257  }
258 
259  // If it does not look http then look if it looks like https
260  if ((!ismine) && (dlen >= 4)) {
261  char check[4] = {00, 00, 00, 00};
262  if (memcmp(mybuf, check, 4)) {
263 
264  if (httpsmode) {
265  ismine = true;
266  myishttps = true;
267  TRACEI(DEBUG, "This may look like https");
268  } else {
269  TRACEI(ALL, "This may look like https, but https is not configured");
270  }
271 
272  }
273  }
274 
275  if (!ismine) {
276  TRACEI(DEBUG, "This does not look like https. Protocol not matched.");
277  return (XrdProtocol *) 0;
278  }
279 
280  // It does look http or https...
281  // Get a protocol object off the stack (if none, allocate a new one)
282  //
283 
284  TRACEI(REQ, "Protocol matched. https: " << myishttps);
285  if (!(hp = ProtStack.Pop())) hp = new XrdHttpProtocol(myishttps);
286  else
287  hp->ishttps = myishttps;
288 
289  // We now have to do some work arounds to tell the underlying framework
290  // that is is https without invoking TLS on the actual link. Eventually,
291  // we should just use the link's TLS native implementation.
292  //
293  hp->SecEntity.addrInfo = lp->AddrInfo();
294  XrdNetAddr *netP = const_cast<XrdNetAddr*>(lp->NetAddr());
295  netP->SetDialect("https");
296  netP->SetTLS(true);
297 
298  // Allocate 1MB buffer from pool
299  if (!hp->myBuff) {
300  hp->myBuff = BPool->Obtain(1024 * 1024);
301  }
302  hp->myBuffStart = hp->myBuffEnd = hp->myBuff->buff;
303 
304  // Bind the protocol to the link and return the protocol
305  //
306  hp->Link = lp;
307  return (XrdProtocol *) hp;
308 }
#define DEBUG(x)
Definition: XrdBwmTrace.hh:54
#define TRACEI(act, x)
Definition: XrdTrace.hh:66
XrdBuffer * Obtain(int bsz)
Definition: XrdBuffer.cc:140
char * buff
Definition: XrdBuffer.hh:45
static int hailWait
Timeout for reading the handshake.
XrdLink * Link
The link we are bound to.
XrdHttpProtocol(const XrdHttpProtocol &)=default
Ctor, dtors and copy ctor.
void SetDialect(const char *dP)
Definition: XrdNetAddr.hh:205
void SetTLS(bool val)
Definition: XrdNetAddr.cc:590
T * Pop()
Definition: XrdObject.hh:93
XrdNetAddrInfo * addrInfo
Entity's connection details.
Definition: XrdSecEntity.hh:80

References XrdHttpProtocol(), XrdLink::AddrInfo(), XrdSecEntity::addrInfo, BPool, XrdBuffer::buff, DEBUG, hailWait, XrdHttpProtoInfo::httpsmode, Link, XrdLink::NetAddr(), XrdBuffManager::Obtain(), XrdLink::Peek(), XrdObjectQ< T >::Pop(), ProtStack, SecEntity, XrdNetAddr::SetDialect(), XrdLink::setEtext(), XrdNetAddr::SetTLS(), and TRACEI.

+ Here is the call graph for this function:

◆ operator=()

XrdHttpProtocol XrdHttpProtocol::operator= ( const XrdHttpProtocol rhs)

Definition at line 211 of file XrdHttpProtocol.cc.

211  {
212 
213  return *this;
214 }

◆ parseHeader2CGI()

int XrdHttpProtocol::parseHeader2CGI ( XrdOucStream Config,
XrdSysError err,
std::map< std::string, std::string > &  header2cgi 
)
static

Use this function to parse header2cgi configurations.

Definition at line 1804 of file XrdHttpProtocol.cc.

1804  {
1805  char *val, keybuf[1024], parmbuf[1024];
1806  char *parm;
1807 
1808  // Get the header key
1809  val = Config.GetWord();
1810  if (!val || !val[0]) {
1811  err.Emsg("Config", "No headerkey specified.");
1812  return 1;
1813  } else {
1814 
1815  // Trim the beginning, in place
1816  while ( *val && !isalnum(*val) ) val++;
1817  strcpy(keybuf, val);
1818 
1819  // Trim the end, in place
1820  char *pp;
1821  pp = keybuf + strlen(keybuf) - 1;
1822  while ( (pp >= keybuf) && (!isalnum(*pp)) ) {
1823  *pp = '\0';
1824  pp--;
1825  }
1826 
1827  parm = Config.GetWord();
1828 
1829  // Avoids segfault in case a key is given without value
1830  if(!parm || !parm[0]) {
1831  err.Emsg("Config", "No header2cgi value specified. key: '", keybuf, "'");
1832  return 1;
1833  }
1834 
1835  // Trim the beginning, in place
1836  while ( *parm && !isalnum(*parm) ) parm++;
1837  strcpy(parmbuf, parm);
1838 
1839  // Trim the end, in place
1840  pp = parmbuf + strlen(parmbuf) - 1;
1841  while ( (pp >= parmbuf) && (!isalnum(*pp)) ) {
1842  *pp = '\0';
1843  pp--;
1844  }
1845 
1846  // Add this mapping to the map that will be used
1847  try {
1848  header2cgi[keybuf] = parmbuf;
1849  } catch ( ... ) {
1850  err.Emsg("Config", "Can't insert new header2cgi rule. key: '", keybuf, "'");
1851  return 1;
1852  }
1853 
1854  }
1855  return 0;
1856 }
XrdCmsConfig Config

References XrdCms::Config, and XrdSysError::Emsg().

+ Here is the call graph for this function:

◆ Process()

int XrdHttpProtocol::Process ( XrdLink lp)
virtual

Process data incoming from the socket.

Implements XrdProtocol.

Definition at line 484 of file XrdHttpProtocol.cc.

485 {
486  int rc = 0;
487 
488  TRACEI(DEBUG, " Process. lp:"<<(void *)lp<<" reqstate: "<<CurrentReq.reqstate);
489 
490  if (!myBuff || !myBuff->buff || !myBuff->bsize) {
491  TRACE(ALL, " Process. No buffer available. Internal error.");
492  return -1;
493  }
494 
495 
496  if (!SecEntity.host) {
497  char *nfo = GetClientIPStr();
498  if (nfo) {
499  TRACEI(REQ, " Setting host: " << nfo);
500  SecEntity.host = nfo;
501  strcpy(SecEntity.prot, "http");
502  }
503  }
504 
505 
506 
507  // If https then check independently for the ssl handshake
508  if (ishttps && !ssldone) {
509 
510  if (!ssl) {
511  sbio = CreateBIO(Link);
512  BIO_set_nbio(sbio, 1);
513  ssl = (SSL*)xrdctx->Session();
514  }
515 
516  if (!ssl) {
517  TRACEI(DEBUG, " SSL_new returned NULL");
518  ERR_print_errors(sslbio_err);
519  return -1;
520  }
521 
522  // If a secxtractor has been loaded
523  // maybe it wants to add its own initialization bits
524  if (secxtractor)
525  secxtractor->InitSSL(ssl, sslcadir);
526 
527  SSL_set_bio(ssl, sbio, sbio);
528  //SSL_set_connect_state(ssl);
529 
530  //SSL_set_fd(ssl, Link->FDnum());
531  struct timeval tv;
532  tv.tv_sec = 10;
533  tv.tv_usec = 0;
534  setsockopt(Link->FDnum(), SOL_SOCKET, SO_RCVTIMEO, (struct timeval *)&tv, sizeof(struct timeval));
535  setsockopt(Link->FDnum(), SOL_SOCKET, SO_SNDTIMEO, (struct timeval *)&tv, sizeof(struct timeval));
536 
537  TRACEI(DEBUG, " Entering SSL_accept...");
538  int res = SSL_accept(ssl);
539  TRACEI(DEBUG, " SSL_accept returned :" << res);
540  if ((res == -1) && (SSL_get_error(ssl, res) == SSL_ERROR_WANT_READ)) {
541  TRACEI(DEBUG, " SSL_accept wants to read more bytes... err:" << SSL_get_error(ssl, res));
542  return 1;
543  }
544 
545  if(res <= 0) {
546  ERR_print_errors(sslbio_err);
547  if (res < 0) {
548 
549  SSL_free(ssl);
550  ssl = 0;
551  return -1;
552  }
553  }
554 
555  BIO_set_nbio(sbio, 0);
556 
557  strcpy(SecEntity.prot, "https");
558 
559  // Get the voms string and auth information
560  if (HandleAuthentication(Link)) {
561  SSL_free(ssl);
562  ssl = 0;
563  return -1;
564  }
565 
566  ssldone = true;
567  if (TRACING(TRACE_AUTH)) {
569  }
570  }
571 
572 
573 
574  if (!DoingLogin) {
575  // Re-invocations triggered by the bridge have lp==0
576  // In this case we keep track of a different request state
577  if (lp) {
578 
579  // This is an invocation that was triggered by a socket event
580  // Read all the data that is available, throw it into the buffer
581  if ((rc = getDataOneShot(BuffAvailable())) < 0) {
582  // Error -> exit
583  return -1;
584  }
585 
586  // If we need more bytes, let's wait for another invokation
587  if (BuffUsed() < ResumeBytes) return 1;
588 
589 
590  } else
592  } else if (!DoneSetInfo && !CurrentReq.userAgent().empty()) { // DoingLogin is true, meaning the login finished.
593  std::string mon_info = "monitor info " + CurrentReq.userAgent();
594  DoneSetInfo = true;
595  if (mon_info.size() >= 1024) {
596  TRACEI(ALL, "User agent string too long");
597  } else if (!Bridge) {
598  TRACEI(ALL, "Internal logic error: Bridge is null after login");
599  } else {
600  TRACEI(DEBUG, "Setting " << mon_info);
601  memset(&CurrentReq.xrdreq, 0, sizeof (ClientRequest));
603  CurrentReq.xrdreq.set.modifier = '\0';
604  memset(CurrentReq.xrdreq.set.reserved, '\0', sizeof(CurrentReq.xrdreq.set.reserved));
605  CurrentReq.xrdreq.set.dlen = htonl(mon_info.size());
606  if (!Bridge->Run((char *) &CurrentReq.xrdreq, (char *) mon_info.c_str(), mon_info.size())) {
607  SendSimpleResp(500, nullptr, nullptr, "Could not set user agent.", 0, false);
608  return -1;
609  }
610  return 0;
611  }
612  } else {
613  DoingLogin = false;
614  }
615 
616  // Read the next request header, that is, read until a double CRLF is found
617 
618 
619  if (!CurrentReq.headerok) {
620 
621  // Read as many lines as possible into the buffer. An empty line breaks
622  while ((rc = BuffgetLine(tmpline)) > 0) {
623  std::string traceLine = tmpline.c_str();
624  if (TRACING(TRACE_DEBUG)) {
625  traceLine = obfuscateAuth(traceLine);
626  }
627  TRACE(DEBUG, " rc:" << rc << " got hdr line: " << traceLine);
628  if ((rc == 2) && (tmpline.length() > 1) && (tmpline[rc - 1] == '\n')) {
629  CurrentReq.headerok = true;
630  TRACE(DEBUG, " rc:" << rc << " detected header end.");
631  break;
632  }
633 
634 
636  TRACE(DEBUG, " Parsing first line: " << traceLine.c_str());
637  int result = CurrentReq.parseFirstLine((char *)tmpline.c_str(), rc);
638  if (result < 0) {
639  TRACE(DEBUG, " Parsing of first line failed with " << result);
640  return -1;
641  }
642  } else {
643  int result = CurrentReq.parseLine((char *) tmpline.c_str(), rc);
644  if(result < 0) {
645  TRACE(DEBUG, " Parsing of header line failed with " << result)
646  SendSimpleResp(400,NULL,NULL,"Malformed header line. Hint: ensure the line finishes with \"\\r\\n\"", 0, false);
647  return -1;
648  }
649  }
650 
651 
652  }
653 
654  // Here we have CurrentReq loaded with the header, or its relevant fields
655 
656  if (!CurrentReq.headerok) {
657  TRACEI(REQ, " rc:" << rc << "Header not yet complete.");
658 
659  // Here a subtle error condition. IF we failed reading a line AND the buffer
660  // has a reasonable amount of data available THEN we consider the header
661  // as corrupted and shutdown the client
662  if ((rc <= 0) && (BuffUsed() >= 16384)) {
663  TRACEI(ALL, "Corrupted header detected, or line too long. Disconnecting client.");
664  return -1;
665  }
666 
667 
668  if (CurrentReq.reqstate > 0)
670  // Waiting for more data
671  return 1;
672  }
673 
674  }
675 
676  // If we are in self-redirect mode, then let's do it
677  // Do selfredirect only with 'simple' requests, otherwise poor clients may misbehave
678  if (ishttps && ssldone && selfhttps2http &&
681  char hash[512];
682  time_t timenow = time(0);
683 
684 
686  &SecEntity,
687  timenow,
688  secretkey);
689 
690 
691 
692  if (hash[0]) {
693 
694  // Workaround... delete the previous opaque information
695  if (CurrentReq.opaque) {
696  delete CurrentReq.opaque;
697  CurrentReq.opaque = 0;
698  }
699 
700  TRACEI(REQ, " rc:" << rc << " self-redirecting to http with security token.");
701 
702  XrdOucString dest = "Location: http://";
703  // Here I should put the IP addr of the server
704 
705  // We have to recompute it here because we don't know to which
706  // interface the client had connected to
707  struct sockaddr_storage sa;
708  socklen_t sl = sizeof(sa);
709  getsockname(this->Link->AddrInfo()->SockFD(), (struct sockaddr*)&sa, &sl);
710 
711  // now get it back and print it
712  char buf[256];
713  bool ok = false;
714 
715  switch (sa.ss_family) {
716  case AF_INET:
717  if (inet_ntop(AF_INET, &(((sockaddr_in*)&sa)->sin_addr), buf, INET_ADDRSTRLEN)) {
718  if (Addr_str) free(Addr_str);
719  Addr_str = strdup(buf);
720  ok = true;
721  }
722  break;
723  case AF_INET6:
724  if (inet_ntop(AF_INET6, &(((sockaddr_in6*)&sa)->sin6_addr), buf, INET6_ADDRSTRLEN)) {
725  if (Addr_str) free(Addr_str);
726  Addr_str = (char *)malloc(strlen(buf)+3);
727  strcpy(Addr_str, "[");
728  strcat(Addr_str, buf);
729  strcat(Addr_str, "]");
730  ok = true;
731  }
732  break;
733  default:
734  TRACEI(REQ, " Can't recognize the address family of the local host.");
735  }
736 
737  if (ok) {
738  dest += Addr_str;
739  dest += ":";
740  dest += Port_str;
741  dest += CurrentReq.resource.c_str();
742  TRACEI(REQ," rc:"<<rc<<" self-redirecting to http with security token: '"
743  << dest.c_str() << "'");
744 
745 
746  CurrentReq.appendOpaque(dest, &SecEntity, hash, timenow);
747  SendSimpleResp(302, NULL, (char *) dest.c_str(), 0, 0, true);
748  CurrentReq.reset();
749  return -1;
750  }
751 
752  TRACEI(REQ, " rc:" << rc << " Can't perform self-redirection.");
753 
754  }
755  else {
756  TRACEI(ALL, " Could not calculate self-redirection hash");
757  }
758  }
759 
760  // If this is not https, then extract the signed information from the url
761  // and fill the SecEntity structure as if we were using https
762  if (!ishttps && !ssldone) {
763 
764 
765  if (CurrentReq.opaque) {
766  char * tk = CurrentReq.opaque->Get("xrdhttptk");
767  // If there is a hash then we use it as authn info
768  if (tk) {
769 
770  time_t tim = 0;
771  char * t = CurrentReq.opaque->Get("xrdhttptime");
772  if (t) tim = atoi(t);
773  if (!t) {
774  TRACEI(REQ, " xrdhttptime not specified. Authentication failed.");
775  return -1;
776  }
777  if (abs(time(0) - tim) > XRHTTP_TK_GRACETIME) {
778  TRACEI(REQ, " Token expired. Authentication failed.");
779  return -1;
780  }
781 
782  // Fill the Secentity from the fields in the URL:name, vo, host
783  char *nfo;
784 
785  nfo = CurrentReq.opaque->Get("xrdhttpvorg");
786  if (nfo) {
787  TRACEI(DEBUG, " Setting vorg: " << nfo);
788  SecEntity.vorg = strdup(nfo);
789  TRACEI(REQ, " Setting vorg: " << SecEntity.vorg);
790  }
791 
792  nfo = CurrentReq.opaque->Get("xrdhttpname");
793  if (nfo) {
794  TRACEI(DEBUG, " Setting name: " << nfo);
795  SecEntity.name = unquote(nfo);
796  TRACEI(REQ, " Setting name: " << SecEntity.name);
797  }
798 
799  nfo = CurrentReq.opaque->Get("xrdhttphost");
800  if (nfo) {
801  TRACEI(DEBUG, " Setting host: " << nfo);
802  if (SecEntity.host) free(SecEntity.host);
803  SecEntity.host = unquote(nfo);
804  TRACEI(REQ, " Setting host: " << SecEntity.host);
805  }
806 
807  nfo = CurrentReq.opaque->Get("xrdhttpdn");
808  if (nfo) {
809  TRACEI(DEBUG, " Setting dn: " << nfo);
810  SecEntity.moninfo = unquote(nfo);
811  TRACEI(REQ, " Setting dn: " << SecEntity.moninfo);
812  }
813 
814  nfo = CurrentReq.opaque->Get("xrdhttprole");
815  if (nfo) {
816  TRACEI(DEBUG, " Setting role: " << nfo);
817  SecEntity.role = unquote(nfo);
818  TRACEI(REQ, " Setting role: " << SecEntity.role);
819  }
820 
821  nfo = CurrentReq.opaque->Get("xrdhttpgrps");
822  if (nfo) {
823  TRACEI(DEBUG, " Setting grps: " << nfo);
824  SecEntity.grps = unquote(nfo);
825  TRACEI(REQ, " Setting grps: " << SecEntity.grps);
826  }
827 
828  nfo = CurrentReq.opaque->Get("xrdhttpendorsements");
829  if (nfo) {
830  TRACEI(DEBUG, " Setting endorsements: " << nfo);
832  TRACEI(REQ, " Setting endorsements: " << SecEntity.endorsements);
833  }
834 
835  nfo = CurrentReq.opaque->Get("xrdhttpcredslen");
836  if (nfo) {
837  TRACEI(DEBUG, " Setting credslen: " << nfo);
838  char *s1 = unquote(nfo);
839  if (s1 && s1[0]) {
840  SecEntity.credslen = atoi(s1);
841  TRACEI(REQ, " Setting credslen: " << SecEntity.credslen);
842  }
843  if (s1) free(s1);
844  }
845 
846  if (SecEntity.credslen) {
847  nfo = CurrentReq.opaque->Get("xrdhttpcreds");
848  if (nfo) {
849  TRACEI(DEBUG, " Setting creds: " << nfo);
850  SecEntity.creds = unquote(nfo);
851  TRACEI(REQ, " Setting creds: " << SecEntity.creds);
852  }
853  }
854 
855  char hash[512];
856 
858  &SecEntity,
859  tim,
860  secretkey);
861 
862  if (compareHash(hash, tk)) {
863  TRACEI(REQ, " Invalid tk '" << tk << "' != '" << hash << "'(calculated). Authentication failed.");
864  return -1;
865  }
866 
867  } else {
868  // Client is plain http. If we have a secret key then we reject it
869  if (secretkey) {
870  TRACEI(ALL, " Rejecting plain http with no valid token as we have a secretkey.");
871  return -1;
872  }
873  }
874 
875  } else {
876  // Client is plain http. If we have a secret key then we reject it
877  if (secretkey) {
878  TRACEI(ALL, " Rejecting plain http with no valid token as we have a secretkey.");
879  return -1;
880  }
881  }
882 
883  ssldone = true;
884  }
885 
886 
887 
888  // Now we have everything that is needed to try the login
889  // Remember that if there is an exthandler then it has the responsibility
890  // for authorization in the paths that it manages
891  if (!Bridge && !FindMatchingExtHandler(CurrentReq)) {
892  if (SecEntity.name)
893  Bridge = XrdXrootd::Bridge::Login(&CurrentReq, Link, &SecEntity, SecEntity.name, ishttps ? "https" : "http");
894  else
895  Bridge = XrdXrootd::Bridge::Login(&CurrentReq, Link, &SecEntity, "unknown", ishttps ? "https" : "http");
896 
897  if (!Bridge) {
898  TRACEI(REQ, " Authorization failed.");
899  return -1;
900  }
901 
902  // Let the bridge process the login, and then reinvoke us
903  DoingLogin = true;
904  return 0;
905  }
906 
907  // Compute and send the response. This may involve further reading from the socket
908  rc = CurrentReq.ProcessHTTPReq();
909  if (rc < 0)
910  CurrentReq.reset();
911 
912 
913 
914  TRACEI(REQ, "Process is exiting rc:" << rc);
915  return rc;
916 }
struct ClientSetRequest set
Definition: XProtocol.hh:871
@ kXR_set
Definition: XProtocol.hh:130
kXR_unt16 requestid
Definition: XProtocol.hh:719
kXR_int32 dlen
Definition: XProtocol.hh:722
kXR_char modifier
Definition: XProtocol.hh:721
kXR_char reserved[15]
Definition: XProtocol.hh:720
short kXR_int16
Definition: XPtypes.hh:66
#define XRHTTP_TK_GRACETIME
#define TRACE_AUTH
Definition: XrdHttpTrace.hh:48
int compareHash(const char *h1, const char *h2)
char * unquote(char *str)
void calcHashes(char *hash, const char *fn, kXR_int16 request, XrdSecEntity *secent, time_t tim, const char *key)
std::string obfuscateAuth(const std::string &input)
#define TRACE_DEBUG
Definition: XrdTrace.hh:36
#define TRACE(act, x)
Definition: XrdTrace.hh:63
#define TRACING(x)
Definition: XrdTrace.hh:70
int bsize
Definition: XrdBuffer.hh:46
static char * secretkey
The key used to calculate the url hashes.
static bool selfhttps2http
If client is HTTPS, self-redirect with HTTP+token.
static char * sslcadir
int reqstate
State machine to talk to the bridge.
Definition: XrdHttpReq.hh:324
XrdOucString resource
The resource specified by the request, stripped of opaque data.
Definition: XrdHttpReq.hh:246
bool headerok
Tells if we have finished reading the header.
Definition: XrdHttpReq.hh:254
ReqType request
The request we got.
Definition: XrdHttpReq.hh:238
int ProcessHTTPReq()
Definition: XrdHttpReq.cc:936
XrdOucEnv * opaque
The opaque data, after parsing.
Definition: XrdHttpReq.hh:248
int parseFirstLine(char *line, int len)
Parse the first line of the header.
Definition: XrdHttpReq.cc:261
int parseLine(char *line, int len)
Parse the header.
Definition: XrdHttpReq.cc:116
void appendOpaque(XrdOucString &s, XrdSecEntity *secent, char *hash, time_t tnow)
Definition: XrdHttpReq.cc:634
const std::string & userAgent() const
Definition: XrdHttpReq.hh:212
virtual void reset()
Definition: XrdHttpReq.cc:2781
virtual int InitSSL(SSL *, char *)
char * Get(const char *varname)
Definition: XrdOucEnv.hh:69
char * vorg
Entity's virtual organization(s)
Definition: XrdSecEntity.hh:71
int credslen
Length of the 'creds' data.
Definition: XrdSecEntity.hh:78
char prot[XrdSecPROTOIDSIZE]
Auth protocol used (e.g. krb5)
Definition: XrdSecEntity.hh:67
char * creds
Raw entity credentials or cert.
Definition: XrdSecEntity.hh:77
char * grps
Entity's group name(s)
Definition: XrdSecEntity.hh:73
char * name
Entity's name.
Definition: XrdSecEntity.hh:69
char * role
Entity's role(s)
Definition: XrdSecEntity.hh:72
char * endorsements
Protocol specific endorsements.
Definition: XrdSecEntity.hh:75
void Display(XrdSysError &mDest)
Definition: XrdSecEntity.cc:58
char * moninfo
Information for monitoring.
Definition: XrdSecEntity.hh:76
char * host
Entity's host name dnr dependent.
Definition: XrdSecEntity.hh:70
void * Session()
static Bridge * Login(Result *rsltP, XrdLink *linkP, XrdSecEntity *seceP, const char *nameP, const char *protP)

References Addr_str, XrdLink::AddrInfo(), XrdHttpReq::appendOpaque(), Bridge, XrdBuffer::bsize, XrdBuffer::buff, XrdOucString::c_str(), calcHashes(), compareHash(), XrdSecEntity::creds, XrdSecEntity::credslen, CurrentReq, DEBUG, XrdSecEntity::Display(), ClientSetRequest::dlen, eDest, XrdSecEntity::endorsements, XrdLink::FDnum(), XrdOucEnv::Get(), XrdSecEntity::grps, XrdHttpReq::headerok, XrdSecEntity::host, XrdHttpSecXtractor::InitSSL(), kXR_set, XrdOucString::length(), Link, XrdXrootd::Bridge::Login(), ClientSetRequest::modifier, XrdSecEntity::moninfo, XrdSecEntity::name, obfuscateAuth(), XrdHttpReq::opaque, XrdHttpReq::parseFirstLine(), XrdHttpReq::parseLine(), Port_str, XrdHttpReq::ProcessHTTPReq(), XrdSecEntity::prot, XrdHttpReq::reqstate, XrdHttpReq::request, ClientSetRequest::requestid, ClientSetRequest::reserved, XrdHttpReq::reset(), XrdHttpReq::resource, XrdSecEntity::role, XrdHttpReq::rtGET, XrdHttpReq::rtPROPFIND, XrdHttpReq::rtPUT, XrdHttpReq::rtUnset, XrdXrootd::Bridge::Run(), SecEntity, secretkey, selfhttps2http, XrdTlsContext::Session(), ClientRequest::set, XrdNetAddrInfo::SockFD(), sslcadir, TRACE, TRACE_AUTH, TRACE_DEBUG, TRACEI, TRACING, unquote(), XrdHttpReq::userAgent(), XrdSecEntity::vorg, XrdHttpProtoInfo::xrdctx, XrdHttpReq::xrdreq, and XRHTTP_TK_GRACETIME.

+ Here is the call graph for this function:

◆ Recycle()

void XrdHttpProtocol::Recycle ( XrdLink lp,
int  consec,
const char *  reason 
)
virtual

Recycle this instance.

Implements XrdProtocol.

Definition at line 924 of file XrdHttpProtocol.cc.

924  {
925 
926  // Release all appendages
927  //
928 
929  Cleanup();
930 
931 
932  // Set fields to starting point (debugging mostly)
933  //
934  Reset();
935 
936  // Push ourselves on the stack
937  //
939 }
void Push(XrdObject< T > *Node)
Definition: XrdObject.hh:101

References ProtLink, ProtStack, and XrdObjectQ< T >::Push().

+ Here is the call graph for this function:

◆ Stats()

int XrdHttpProtocol::Stats ( char *  buff,
int  blen,
int  do_sync = 0 
)
virtual

Get activity stats.

Implements XrdProtocol.

Definition at line 941 of file XrdHttpProtocol.cc.

941  {
942  // Synchronize statistics if need be
943  //
944  // if (do_sync) {
945  //
946  // SI->statsMutex.Lock();
947  // SI->readCnt += numReads;
948  // cumReads += numReads;
949  // numReads = 0;
950  // SI->prerCnt += numReadP;
951  // cumReadP += numReadP;
952  // numReadP = 0;
953  // SI->rvecCnt += numReadV;
954  // cumReadV += numReadV;
955  // numReadV = 0;
956  // SI->rsegCnt += numSegsV;
957  // cumSegsV += numSegsV;
958  // numSegsV = 0;
959  // SI->writeCnt += numWrites;
960  // cumWrites += numWrites;
961  // numWrites = 0;
962  // SI->statsMutex.UnLock();
963  // }
964  //
965  // // Now return the statistics
966  // //
967  // return SI->Stats(buff, blen, do_sync);
968 
969  return 0;
970 }

Friends And Related Function Documentation

◆ XrdHttpExtReq

friend class XrdHttpExtReq
friend

Definition at line 83 of file XrdHttpProtocol.hh.

◆ XrdHttpReq

friend class XrdHttpReq
friend

Definition at line 82 of file XrdHttpProtocol.hh.

Member Data Documentation

◆ Addr_str

char* XrdHttpProtocol::Addr_str
protected

Our IP address, as a string. Please remember that this may not be unique for a given machine, hence we need to keep it here and recompute ad every new connection.

Definition at line 364 of file XrdHttpProtocol.hh.

Referenced by XrdHttpProtocol(), and Process().

◆ BPool

XrdBuffManager * XrdHttpProtocol::BPool = 0
staticprotected

Definition at line 355 of file XrdHttpProtocol.hh.

Referenced by Configure(), and Match().

◆ Bridge

XrdXrootd::Bridge* XrdHttpProtocol::Bridge
protected

The Bridge that we use to exercise the xrootd internals.

Definition at line 370 of file XrdHttpProtocol.hh.

Referenced by doChksum(), doStat(), Process(), and XrdHttpReq::ProcessHTTPReq().

◆ CIA

XrdSecService * XrdHttpProtocol::CIA = 0
staticprotected

Definition at line 357 of file XrdHttpProtocol.hh.

◆ cksumHandler

XrdHttpChecksumHandler XrdHttpProtocol::cksumHandler = XrdHttpChecksumHandler()
static

Definition at line 136 of file XrdHttpProtocol.hh.

Referenced by XrdHttpReq::ProcessHTTPReq().

◆ compatNameGeneration

bool XrdHttpProtocol::compatNameGeneration = false
staticprotected

Definition at line 403 of file XrdHttpProtocol.hh.

◆ crlRefIntervalSec

int XrdHttpProtocol::crlRefIntervalSec = XrdTlsContext::DEFAULT_CRL_REF_INT_SEC
staticprotected

CRL thread refresh interval.

Definition at line 398 of file XrdHttpProtocol.hh.

◆ CurrentReq

XrdHttpReq XrdHttpProtocol::CurrentReq
protected

Area for coordinating request and responses to/from the bridge This also can process HTTP/DAV stuff

Definition at line 375 of file XrdHttpProtocol.hh.

Referenced by doChksum(), doStat(), and Process().

◆ eDest

XrdSysError XrdHttpProtocol::eDest = 0
staticprotected

Definition at line 356 of file XrdHttpProtocol.hh.

Referenced by Configure(), and Process().

◆ embeddedstatic

bool XrdHttpProtocol::embeddedstatic = true
staticprotected

If true, use the embedded css and icons.

Definition at line 424 of file XrdHttpProtocol.hh.

Referenced by XrdHttpReq::ProcessHTTPReq().

◆ gridmap

char * XrdHttpProtocol::gridmap = 0
staticprotected

Gridmap file location. The same used by XrdSecGsi.

Definition at line 401 of file XrdHttpProtocol.hh.

◆ hailWait

int XrdHttpProtocol::hailWait = 60000
staticprotected

Timeout for reading the handshake.

Definition at line 383 of file XrdHttpProtocol.hh.

Referenced by Match().

◆ hdr2cgimap

std::map< std::string, std::string > XrdHttpProtocol::hdr2cgimap
staticprotected

Rules that turn HTTP headers to cgi tokens in the URL, for internal comsumption.

Definition at line 440 of file XrdHttpProtocol.hh.

Referenced by XrdHttpReq::parseLine().

◆ isdesthttps

bool XrdHttpProtocol::isdesthttps = false
staticprotected

True if the redirections must be towards https targets.

Definition at line 412 of file XrdHttpProtocol.hh.

Referenced by XrdHttpReq::Redir().

◆ isRequiredGridmap

bool XrdHttpProtocol::isRequiredGridmap = false
staticprotected

Definition at line 402 of file XrdHttpProtocol.hh.

◆ Link

XrdLink* XrdHttpProtocol::Link
protected

The link we are bound to.

Definition at line 360 of file XrdHttpProtocol.hh.

Referenced by XrdHttpExtReq::GetClientID(), Match(), and Process().

◆ listdeny

bool XrdHttpProtocol::listdeny = false
staticprotected

If true, any form of listing is denied.

Definition at line 418 of file XrdHttpProtocol.hh.

Referenced by XrdHttpReq::ProcessHTTPReq().

◆ listredir

char * XrdHttpProtocol::listredir = 0
staticprotected

Url to redirect to in the case a listing is requested.

Definition at line 415 of file XrdHttpProtocol.hh.

Referenced by XrdHttpReq::ProcessHTTPReq().

◆ m_bio_method

BIO_METHOD * XrdHttpProtocol::m_bio_method = NULL
staticprotected

C-style vptr table for our custom BIO objects.

Definition at line 446 of file XrdHttpProtocol.hh.

◆ m_bio_type

int XrdHttpProtocol::m_bio_type = 0
staticprotected

Type identifier for our custom BIO objects.

Definition at line 443 of file XrdHttpProtocol.hh.

◆ m_staticheader_map

std::unordered_map<std::string, std::vector<std::pair<std::string, std::string> > > XrdHttpProtocol::m_staticheader_map
staticprotected

The static headers to always return; map is from verb to a list of (header, val) pairs.

Definition at line 458 of file XrdHttpProtocol.hh.

◆ m_staticheaders

std::unordered_map<std::string, std::string> XrdHttpProtocol::m_staticheaders
staticprotected

The static string version of m_staticheader_map. After config parsing is done, this is computed and we won't need to reference m_staticheader_map in the response path.

Definition at line 462 of file XrdHttpProtocol.hh.

◆ myRole

kXR_int32 XrdHttpProtocol::myRole = kXR_isManager
staticprotected

Our role.

Definition at line 437 of file XrdHttpProtocol.hh.

Referenced by Configure(), and XrdHttpReq::ProcessHTTPReq().

◆ pmarkHandle

XrdNetPMark * XrdHttpProtocol::pmarkHandle = nullptr
staticprotected

Packet marking handler pointer (assigned from the environment during the Config() call)

Definition at line 452 of file XrdHttpProtocol.hh.

Referenced by XrdHttpExtReq::XrdHttpExtReq(), and XrdHttpReq::parseLine().

◆ Port

int XrdHttpProtocol::Port = 1094
staticprotected

Our port.

Definition at line 389 of file XrdHttpProtocol.hh.

Referenced by Configure().

◆ Port_str

char * XrdHttpProtocol::Port_str = 0
staticprotected

Our port, as a string.

Definition at line 392 of file XrdHttpProtocol.hh.

Referenced by Configure(), and Process().

◆ ProtLink

XrdObject<XrdHttpProtocol> XrdHttpProtocol::ProtLink

Definition at line 129 of file XrdHttpProtocol.hh.

Referenced by Recycle().

◆ ProtStack

XrdObjectQ< XrdHttpProtocol > XrdHttpProtocol::ProtStack
static

Definition at line 128 of file XrdHttpProtocol.hh.

Referenced by Configure(), Match(), and Recycle().

◆ ReadRangeConfig

XrdHttpReadRangeHandler::Configuration XrdHttpProtocol::ReadRangeConfig
static

configuration for the read range handler

Definition at line 139 of file XrdHttpProtocol.hh.

◆ readWait

int XrdHttpProtocol::readWait = 300000
staticprotected

Timeout for reading data.

Definition at line 386 of file XrdHttpProtocol.hh.

◆ Sched

XrdScheduler * XrdHttpProtocol::Sched = 0
staticprotected

Definition at line 354 of file XrdHttpProtocol.hh.

Referenced by Configure().

◆ SecEntity

XrdSecEntity XrdHttpProtocol::SecEntity

Authentication area.

Definition at line 133 of file XrdHttpProtocol.hh.

Referenced by XrdHttpExtReq::XrdHttpExtReq(), XrdHttpExtReq::GetSecEntity(), Match(), Process(), and XrdHttpReq::Redir().

◆ secretkey

char * XrdHttpProtocol::secretkey = 0
staticprotected

The key used to calculate the url hashes.

Definition at line 406 of file XrdHttpProtocol.hh.

Referenced by Process(), and XrdHttpReq::Redir().

◆ selfhttps2http

bool XrdHttpProtocol::selfhttps2http = false
staticprotected

If client is HTTPS, self-redirect with HTTP+token.

Definition at line 421 of file XrdHttpProtocol.hh.

Referenced by Process().

◆ servGMap

XrdOucGMap * XrdHttpProtocol::servGMap = 0
staticprotected

The instance of the DN mapper. Created only when a valid path is given.

Definition at line 367 of file XrdHttpProtocol.hh.

◆ sslcadir

char * XrdHttpProtocol::sslcadir = 0
staticprotected

Definition at line 395 of file XrdHttpProtocol.hh.

Referenced by Process().

◆ sslcafile

char * XrdHttpProtocol::sslcafile = 0
staticprotected

Definition at line 395 of file XrdHttpProtocol.hh.

◆ sslcert

char * XrdHttpProtocol::sslcert = 0
staticprotected

OpenSSL stuff.

Definition at line 395 of file XrdHttpProtocol.hh.

◆ sslcipherfilter

char * XrdHttpProtocol::sslcipherfilter = 0
staticprotected

Definition at line 395 of file XrdHttpProtocol.hh.

◆ sslkey

char * XrdHttpProtocol::sslkey = 0
staticprotected

Definition at line 395 of file XrdHttpProtocol.hh.

◆ sslverifydepth

int XrdHttpProtocol::sslverifydepth = 9
staticprotected

Depth of verification of a certificate chain.

Definition at line 409 of file XrdHttpProtocol.hh.

◆ staticpreload

XrdOucHash< XrdHttpProtocol::StaticPreloadInfo > * XrdHttpProtocol::staticpreload = 0
staticprotected

Definition at line 434 of file XrdHttpProtocol.hh.

Referenced by XrdHttpReq::ProcessHTTPReq().

◆ staticredir

char * XrdHttpProtocol::staticredir = 0
staticprotected

Definition at line 427 of file XrdHttpProtocol.hh.

Referenced by XrdHttpReq::ProcessHTTPReq().

◆ tpcForwardCreds

bool XrdHttpProtocol::tpcForwardCreds = false
staticprotected

If set to true, the HTTP TPC transfers will forward the credentials to redirected hosts.

Definition at line 455 of file XrdHttpProtocol.hh.

Referenced by XrdHttpExtReq::XrdHttpExtReq().

◆ xrd_cslist

char * XrdHttpProtocol::xrd_cslist = nullptr
staticprotected

The list of checksums that were configured via the xrd.cksum parameter on the server config file.

Definition at line 449 of file XrdHttpProtocol.hh.

Referenced by Configure().


The documentation for this class was generated from the following files: