XRootD
Loading...
Searching...
No Matches
XrdHttpProtocol Class Reference

#include <XrdHttpProtocol.hh>

+ Inheritance diagram for XrdHttpProtocol:
+ Collaboration diagram for XrdHttpProtocol:

Classes

struct  StaticPreloadInfo
 

Public Member Functions

 XrdHttpProtocol (bool imhttps)
 
 XrdHttpProtocol (const XrdHttpProtocol &)=default
 Ctor, dtors and copy ctor.
 
 ~XrdHttpProtocol ()
 
int doChksum (const XrdOucString &fname)
 Perform a checksum request.
 
void DoIt ()
 Override from the base class.
 
int doStat (char *fname)
 Perform a Stat request.
 
bool isHTTPS ()
 called via https
 
XrdProtocolMatch (XrdLink *lp)
 Tells if the oustanding bytes on the socket match this protocol implementation.
 
XrdHttpProtocol operator= (const XrdHttpProtocol &rhs)
 
int Process (XrdLink *lp)
 Process data incoming from the socket.
 
void Recycle (XrdLink *lp, int consec, const char *reason)
 Recycle this instance.
 
int Stats (char *buff, int blen, int do_sync=0)
 Get activity stats.
 
- Public Member Functions inherited from XrdProtocol
 XrdProtocol (const char *jname)
 
virtual ~XrdProtocol ()
 
- Public Member Functions inherited from XrdJob
 XrdJob (const char *desc="")
 
virtual ~XrdJob ()
 

Static Public Member Functions

static int Configure (char *parms, XrdProtocol_Config *pi)
 Read and apply the configuration.
 
static int parseHeader2CGI (XrdOucStream &Config, XrdSysError &err, std::map< std::string, std::string > &header2cgi)
 Use this function to parse header2cgi configurations.
 

Public Attributes

XrdObject< XrdHttpProtocolProtLink
 
XrdSecEntity SecEntity
 Authentication area.
 
- Public Attributes inherited from XrdJob
const char * Comment
 
XrdJobNextJob
 

Static Public Attributes

static XrdHttpChecksumHandler cksumHandler = XrdHttpChecksumHandler()
 
static XrdObjectQ< XrdHttpProtocolProtStack
 
static XrdHttpReadRangeHandler::Configuration ReadRangeConfig
 configuration for the read range handler
 

Protected Attributes

char * Addr_str
 
XrdXrootd::BridgeBridge
 The Bridge that we use to exercise the xrootd internals.
 
XrdHttpReq CurrentReq
 
XrdLinkLink
 The link we are bound to.
 

Static Protected Attributes

static XrdBuffManagerBPool = 0
 
static XrdSecServiceCIA = 0
 
static bool compatNameGeneration = false
 
static int crlRefIntervalSec = XrdTlsContext::DEFAULT_CRL_REF_INT_SEC
 CRL thread refresh interval.
 
static XrdSysError eDest = 0
 
static bool embeddedstatic = true
 If true, use the embedded css and icons.
 
static char * gridmap = 0
 Gridmap file location. The same used by XrdSecGsi.
 
static int hailWait = 60000
 Timeout for reading the handshake.
 
static std::map< std::string, std::string > hdr2cgimap
 Rules that turn HTTP headers to cgi tokens in the URL, for internal comsumption.
 
static bool isdesthttps = false
 True if the redirections must be towards https targets.
 
static bool isRequiredGridmap = false
 
static bool listdeny = false
 If true, any form of listing is denied.
 
static char * listredir = 0
 Url to redirect to in the case a listing is requested.
 
static BIO_METHOD * m_bio_method = NULL
 C-style vptr table for our custom BIO objects.
 
static int m_bio_type = 0
 Type identifier for our custom BIO objects.
 
static std::unordered_map< std::string, std::vector< std::pair< std::string, std::string > > > m_staticheader_map
 The static headers to always return; map is from verb to a list of (header, val) pairs.
 
static std::unordered_map< std::string, std::string > m_staticheaders
 
static kXR_int32 myRole = kXR_isManager
 Our role.
 
static XrdNetPMarkpmarkHandle = nullptr
 Packet marking handler pointer (assigned from the environment during the Config() call)
 
static int Port = 1094
 Our port.
 
static char * Port_str = 0
 Our port, as a string.
 
static int readWait = 300000
 Timeout for reading data.
 
static XrdSchedulerSched = 0
 
static char * secretkey = 0
 The key used to calculate the url hashes.
 
static bool selfhttps2http = false
 If client is HTTPS, self-redirect with HTTP+token.
 
static XrdOucGMapservGMap = 0
 The instance of the DN mapper. Created only when a valid path is given.
 
static char * sslcadir = 0
 
static char * sslcafile = 0
 
static char * sslcert = 0
 OpenSSL stuff.
 
static char * sslcipherfilter = 0
 
static char * sslkey = 0
 
static int sslverifydepth = 9
 Depth of verification of a certificate chain.
 
static XrdOucHash< StaticPreloadInfo > * staticpreload = 0
 
static char * staticredir = 0
 
static bool tpcForwardCreds = false
 If set to true, the HTTP TPC transfers will forward the credentials to redirected hosts.
 
static char * xrd_cslist = nullptr
 The list of checksums that were configured via the xrd.cksum parameter on the server config file.
 

Friends

class XrdHttpExtReq
 
class XrdHttpReq
 

Detailed Description

Definition at line 80 of file XrdHttpProtocol.hh.


Class Documentation

◆ XrdHttpProtocol::StaticPreloadInfo

struct XrdHttpProtocol::StaticPreloadInfo

Definition at line 430 of file XrdHttpProtocol.hh.

+ Collaboration diagram for XrdHttpProtocol::StaticPreloadInfo:
Class Members
char * data
int len

Constructor & Destructor Documentation

◆ XrdHttpProtocol() [1/2]

XrdHttpProtocol::XrdHttpProtocol ( const XrdHttpProtocol & )
default

Ctor, dtors and copy ctor.

Referenced by Match().

+ Here is the caller graph for this function:

◆ XrdHttpProtocol() [2/2]

XrdHttpProtocol::XrdHttpProtocol ( bool imhttps)

Definition at line 196 of file XrdHttpProtocol.cc.

197: XrdProtocol("HTTP protocol handler"), ProtLink(this),
199 myBuff = 0;
200 Addr_str = 0;
201 Reset();
202 ishttps = imhttps;
203
204}
XrdObject< XrdHttpProtocol > ProtLink
static XrdHttpReadRangeHandler::Configuration ReadRangeConfig
configuration for the read range handler
XrdSecEntity SecEntity
Authentication area.
XrdProtocol(const char *jname)

References Addr_str.

◆ ~XrdHttpProtocol()

XrdHttpProtocol::~XrdHttpProtocol ( )
inline

Definition at line 124 of file XrdHttpProtocol.hh.

124 {
125 Cleanup();
126 }

Member Function Documentation

◆ Configure()

int XrdHttpProtocol::Configure ( char * parms,
XrdProtocol_Config * pi )
static

Read and apply the configuration.

Definition at line 1734 of file XrdHttpProtocol.cc.

1734 {
1735 /*
1736 Function: Establish configuration at load time.
1737
1738 Input: None.
1739
1740 Output: 0 upon success or !0 otherwise.
1741 */
1742
1743 char *rdf;
1744
1745 // Copy out the special info we want to use at top level
1746 //
1747 eDest.logger(pi->eDest->logger());
1749 // SI = new XrdXrootdStats(pi->Stats);
1750 Sched = pi->Sched;
1751 BPool = pi->BPool;
1752 xrd_cslist = getenv("XRD_CSLIST");
1753
1754 Port = pi->Port;
1755
1756 // Copy out the current TLS context
1757 //
1758 xrdctx = pi->tlsCtx;
1759
1760 {
1761 char buf[16];
1762 sprintf(buf, "%d", Port);
1763 Port_str = strdup(buf);
1764 }
1765
1766 // Now process and configuration parameters
1767 //
1768 rdf = (parms && *parms ? parms : pi->ConfigFN);
1769 if (rdf && Config(rdf, pi->theEnv)) return 0;
1771
1772 // Set the redirect flag if we are a pure redirector
1774 if ((rdf = getenv("XRDROLE"))) {
1775 eDest.Emsg("Config", "XRDROLE: ", rdf);
1776
1777 if (!strcasecmp(rdf, "manager") || !strcasecmp(rdf, "supervisor")) {
1779 eDest.Emsg("Config", "Configured as HTTP(s) redirector.");
1780 } else {
1781
1782 eDest.Emsg("Config", "Configured as HTTP(s) data server.");
1783 }
1784
1785 } else {
1786 eDest.Emsg("Config", "No XRDROLE specified.");
1787 }
1788
1789 // Schedule protocol object cleanup
1790 //
1793 ProtStack.Set((pi->ConnMax / 3 ? pi->ConnMax / 3 : 30), 60 * 60);
1794
1795 // Return success
1796 //
1797
1798 return 1;
1799}
#define kXR_isManager
#define kXR_isServer
XrdSysTrace XrdHttpTrace("http")
#define TRACE_MEM
Definition XrdTrace.hh:38
#define TRACE_ALL
Definition XrdTrace.hh:35
static XrdScheduler * Sched
static kXR_int32 myRole
Our role.
static char * Port_str
Our port, as a string.
static XrdSysError eDest
static char * xrd_cslist
The list of checksums that were configured via the xrd.cksum parameter on the server config file.
static XrdObjectQ< XrdHttpProtocol > ProtStack
static int Port
Our port.
static XrdBuffManager * BPool
void Set(int inQMax, time_t agemax=1800)
Definition XrdObject.icc:90
XrdBuffManager * BPool
XrdScheduler * Sched
XrdTlsContext * tlsCtx
XrdSysError * eDest
XrdOucEnv * theEnv
int Emsg(const char *esfx, int ecode, const char *text1, const char *text2=0)
XrdSysLogger * logger(XrdSysLogger *lp=0)
void SetLogger(XrdSysLogger *logp)
XrdTlsContext * xrdctx

References XrdProtocol_Config::BPool, BPool, XrdProtocol_Config::ConfigFN, XrdProtocol_Config::ConnMax, XrdProtocol_Config::DebugON, XrdProtocol_Config::eDest, eDest, XrdSysError::Emsg(), kXR_isManager, kXR_isServer, XrdSysError::logger(), myRole, XrdProtocol_Config::Port, Port, Port_str, ProtStack, XrdProtocol_Config::Sched, Sched, XrdObjectQ< T >::Set(), XrdSysTrace::SetLogger(), XrdProtocol_Config::theEnv, XrdProtocol_Config::tlsCtx, TRACE_ALL, TRACE_MEM, XrdSysTrace::What, xrd_cslist, XrdHttpProtoInfo::xrdctx, and XrdHttpTrace.

Referenced by XrdgetProtocol().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ doChksum()

int XrdHttpProtocol::doChksum ( const XrdOucString & fname)

Perform a checksum request.

Definition at line 3056 of file XrdHttpProtocol.cc.

3056 {
3057 size_t length;
3058 memset(&CurrentReq.xrdreq, 0, sizeof (ClientRequest));
3064 length = fname.length() + 1;
3065 CurrentReq.xrdreq.query.dlen = htonl(length);
3066
3067 if (!Bridge) return -1;
3068
3069 return Bridge->Run(reinterpret_cast<char *>(&CurrentReq.xrdreq), const_cast<char *>(fname.c_str()), length) ? 0 : -1;
3070}
kXR_unt16 requestid
Definition XProtocol.hh:630
kXR_char reserved1[2]
Definition XProtocol.hh:632
kXR_char reserved2[8]
Definition XProtocol.hh:634
kXR_char fhandle[4]
Definition XProtocol.hh:633
@ kXR_query
Definition XProtocol.hh:113
struct ClientQueryRequest query
Definition XProtocol.hh:866
@ kXR_Qcksum
Definition XProtocol.hh:617
XrdXrootd::Bridge * Bridge
The Bridge that we use to exercise the xrootd internals.
ClientRequest xrdreq
The last issued xrd request, often pending.
int length() const
const char * c_str() const
virtual bool Run(const char *xreqP, char *xdataP=0, int xdataL=0)=0

References Bridge, XrdOucString::c_str(), CurrentReq, ClientQueryRequest::dlen, ClientQueryRequest::fhandle, ClientQueryRequest::infotype, kXR_Qcksum, kXR_query, XrdOucString::length(), ClientRequest::query, ClientQueryRequest::requestid, ClientQueryRequest::reserved1, ClientQueryRequest::reserved2, XrdXrootd::Bridge::Run(), and XrdHttpReq::xrdreq.

Referenced by XrdHttpReq::ProcessHTTPReq().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ DoIt()

void XrdHttpProtocol::DoIt ( )
inlinevirtual

Override from the base class.

Implements XrdJob.

Definition at line 91 of file XrdHttpProtocol.hh.

91 {
92 if (Resume) (*this.*Resume)();
93 }

◆ doStat()

int XrdHttpProtocol::doStat ( char * fname)

Perform a Stat request.

Definition at line 3028 of file XrdHttpProtocol.cc.

3028 {
3029 int l;
3030 bool b;
3031 CurrentReq.filesize = 0;
3034
3035 memset(&CurrentReq.xrdreq, 0, sizeof (ClientRequest));
3037 memset(CurrentReq.xrdreq.stat.reserved, 0,
3038 sizeof (CurrentReq.xrdreq.stat.reserved));
3039 l = strlen(fname) + 1;
3040 CurrentReq.xrdreq.stat.dlen = htonl(l);
3041
3042 if (!Bridge) return -1;
3043 b = Bridge->Run((char *) &CurrentReq.xrdreq, fname, l);
3044 if (!b) {
3045 return -1;
3046 }
3047
3048
3049 return 0;
3050}
kXR_char reserved[11]
Definition XProtocol.hh:770
@ kXR_stat
Definition XProtocol.hh:129
kXR_unt16 requestid
Definition XProtocol.hh:768
struct ClientStatRequest stat
Definition XProtocol.hh:873
long filemodtime
long long filesize

References Bridge, CurrentReq, ClientStatRequest::dlen, XrdHttpReq::fileflags, XrdHttpReq::filemodtime, XrdHttpReq::filesize, kXR_stat, ClientStatRequest::requestid, ClientStatRequest::reserved, XrdXrootd::Bridge::Run(), ClientRequest::stat, and XrdHttpReq::xrdreq.

Referenced by XrdHttpReq::ProcessHTTPReq().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ isHTTPS()

bool XrdHttpProtocol::isHTTPS ( )
inline

called via https

Definition at line 142 of file XrdHttpProtocol.hh.

142{ return ishttps; }

Referenced by XrdHttpExtReq::XrdHttpExtReq().

+ Here is the caller graph for this function:

◆ Match()

XrdProtocol * XrdHttpProtocol::Match ( XrdLink * lp)
virtual

Tells if the oustanding bytes on the socket match this protocol implementation.

Implements XrdProtocol.

Definition at line 222 of file XrdHttpProtocol.cc.

222 {
223 char mybuf[16], mybuf2[1024];
224 XrdHttpProtocol *hp;
225 int dlen;
226 bool myishttps = false;
227
228 // Peek at the first 20 bytes of data
229 //
230 if ((dlen = lp->Peek(mybuf, (int) sizeof (mybuf), hailWait)) < (int) sizeof (mybuf)) {
231 if (dlen <= 0) lp->setEtext("handshake not received");
232 return (XrdProtocol *) 0;
233 }
234 mybuf[dlen - 1] = '\0';
235
236 // Trace the data
237 //
238
239 TRACEI(DEBUG, "received dlen: " << dlen);
240 //TRACEI(REQ, "received buf: " << mybuf);
241 mybuf2[0] = '\0';
242 for (int i = 0; i < dlen; i++) {
243 char mybuf3[16];
244 sprintf(mybuf3, "%.02d ", mybuf[i]);
245 strcat(mybuf2, mybuf3);
246
247 }
248 TRACEI(DEBUG, "received dump: " << mybuf2);
249
250 // Decide if it looks http or not. For now we are happy if all the received characters are alphanumeric
251 bool ismine = true;
252 for (int i = 0; i < dlen - 1; i++)
253 if (!isprint(mybuf[i]) && (mybuf[i] != '\r') && (mybuf[i] != '\n')) {
254 ismine = false;
255 TRACEI(DEBUG, "This does not look like http at pos " << i);
256 break;
257 }
258
259 // If it does not look http then look if it looks like https
260 if ((!ismine) && (dlen >= 4)) {
261 char check[4] = {00, 00, 00, 00};
262 if (memcmp(mybuf, check, 4)) {
263
264 if (httpsmode) {
265 ismine = true;
266 myishttps = true;
267 TRACEI(DEBUG, "This may look like https");
268 } else {
269 TRACEI(ALL, "This may look like https, but https is not configured");
270 }
271
272 }
273 }
274
275 if (!ismine) {
276 TRACEI(DEBUG, "This does not look like https. Protocol not matched.");
277 return (XrdProtocol *) 0;
278 }
279
280 // It does look http or https...
281 // Get a protocol object off the stack (if none, allocate a new one)
282 //
283
284 TRACEI(REQ, "Protocol matched. https: " << myishttps);
285 if (!(hp = ProtStack.Pop())) hp = new XrdHttpProtocol(myishttps);
286 else
287 hp->ishttps = myishttps;
288
289 // We now have to do some work arounds to tell the underlying framework
290 // that is is https without invoking TLS on the actual link. Eventually,
291 // we should just use the link's TLS native implementation.
292 //
293 hp->SecEntity.addrInfo = lp->AddrInfo();
294 XrdNetAddr *netP = const_cast<XrdNetAddr*>(lp->NetAddr());
295 netP->SetDialect("https");
296 netP->SetTLS(true);
297
298 // Allocate 1MB buffer from pool
299 if (!hp->myBuff) {
300 hp->myBuff = BPool->Obtain(1024 * 1024);
301 }
302 hp->myBuffStart = hp->myBuffEnd = hp->myBuff->buff;
303
304 // Bind the protocol to the link and return the protocol
305 //
306 hp->Link = lp;
307 return (XrdProtocol *) hp;
308}
#define DEBUG(x)
#define TRACEI(act, x)
Definition XrdTrace.hh:66
XrdBuffer * Obtain(int bsz)
Definition XrdBuffer.cc:140
char * buff
Definition XrdBuffer.hh:45
static int hailWait
Timeout for reading the handshake.
XrdLink * Link
The link we are bound to.
XrdHttpProtocol(const XrdHttpProtocol &)=default
Ctor, dtors and copy ctor.
void SetDialect(const char *dP)
void SetTLS(bool val)
T * Pop()
Definition XrdObject.hh:93
XrdNetAddrInfo * addrInfo
Entity's connection details.

References XrdHttpProtocol(), XrdLink::AddrInfo(), XrdSecEntity::addrInfo, BPool, XrdBuffer::buff, DEBUG, hailWait, XrdHttpProtoInfo::httpsmode, Link, XrdLink::NetAddr(), XrdBuffManager::Obtain(), XrdLink::Peek(), XrdObjectQ< T >::Pop(), ProtStack, SecEntity, XrdNetAddr::SetDialect(), XrdLink::setEtext(), XrdNetAddr::SetTLS(), and TRACEI.

+ Here is the call graph for this function:

◆ operator=()

XrdHttpProtocol XrdHttpProtocol::operator= ( const XrdHttpProtocol & rhs)

Definition at line 211 of file XrdHttpProtocol.cc.

211 {
212
213 return *this;
214}

◆ parseHeader2CGI()

int XrdHttpProtocol::parseHeader2CGI ( XrdOucStream & Config,
XrdSysError & err,
std::map< std::string, std::string > & header2cgi )
static

Use this function to parse header2cgi configurations.

Definition at line 1804 of file XrdHttpProtocol.cc.

1804 {
1805 char *val, keybuf[1024], parmbuf[1024];
1806 char *parm;
1807
1808 // Get the header key
1809 val = Config.GetWord();
1810 if (!val || !val[0]) {
1811 err.Emsg("Config", "No headerkey specified.");
1812 return 1;
1813 } else {
1814
1815 // Trim the beginning, in place
1816 while ( *val && !isalnum(*val) ) val++;
1817 strcpy(keybuf, val);
1818
1819 // Trim the end, in place
1820 char *pp;
1821 pp = keybuf + strlen(keybuf) - 1;
1822 while ( (pp >= keybuf) && (!isalnum(*pp)) ) {
1823 *pp = '\0';
1824 pp--;
1825 }
1826
1827 parm = Config.GetWord();
1828
1829 // Avoids segfault in case a key is given without value
1830 if(!parm || !parm[0]) {
1831 err.Emsg("Config", "No header2cgi value specified. key: '", keybuf, "'");
1832 return 1;
1833 }
1834
1835 // Trim the beginning, in place
1836 while ( *parm && !isalnum(*parm) ) parm++;
1837 strcpy(parmbuf, parm);
1838
1839 // Trim the end, in place
1840 pp = parmbuf + strlen(parmbuf) - 1;
1841 while ( (pp >= parmbuf) && (!isalnum(*pp)) ) {
1842 *pp = '\0';
1843 pp--;
1844 }
1845
1846 // Add this mapping to the map that will be used
1847 try {
1848 header2cgi[keybuf] = parmbuf;
1849 } catch ( ... ) {
1850 err.Emsg("Config", "Can't insert new header2cgi rule. key: '", keybuf, "'");
1851 return 1;
1852 }
1853
1854 }
1855 return 0;
1856}
XrdCmsConfig Config

References XrdSysError::Emsg().

+ Here is the call graph for this function:

◆ Process()

int XrdHttpProtocol::Process ( XrdLink * lp)
virtual

Process data incoming from the socket.

Implements XrdProtocol.

Definition at line 484 of file XrdHttpProtocol.cc.

485{
486 int rc = 0;
487
488 TRACEI(DEBUG, " Process. lp:"<<(void *)lp<<" reqstate: "<<CurrentReq.reqstate);
489
490 if (!myBuff || !myBuff->buff || !myBuff->bsize) {
491 TRACE(ALL, " Process. No buffer available. Internal error.");
492 return -1;
493 }
494
495
496 if (!SecEntity.host) {
497 char *nfo = GetClientIPStr();
498 if (nfo) {
499 TRACEI(REQ, " Setting host: " << nfo);
500 SecEntity.host = nfo;
501 strcpy(SecEntity.prot, "http");
502 }
503 }
504
505
506
507 // If https then check independently for the ssl handshake
508 if (ishttps && !ssldone) {
509
510 if (!ssl) {
511 sbio = CreateBIO(Link);
512 BIO_set_nbio(sbio, 1);
513 ssl = (SSL*)xrdctx->Session();
514 }
515
516 if (!ssl) {
517 TRACEI(DEBUG, " SSL_new returned NULL");
518 ERR_print_errors(sslbio_err);
519 return -1;
520 }
521
522 // If a secxtractor has been loaded
523 // maybe it wants to add its own initialization bits
524 if (secxtractor)
525 secxtractor->InitSSL(ssl, sslcadir);
526
527 SSL_set_bio(ssl, sbio, sbio);
528 //SSL_set_connect_state(ssl);
529
530 //SSL_set_fd(ssl, Link->FDnum());
531 struct timeval tv;
532 tv.tv_sec = 10;
533 tv.tv_usec = 0;
534 setsockopt(Link->FDnum(), SOL_SOCKET, SO_RCVTIMEO, (struct timeval *)&tv, sizeof(struct timeval));
535 setsockopt(Link->FDnum(), SOL_SOCKET, SO_SNDTIMEO, (struct timeval *)&tv, sizeof(struct timeval));
536
537 TRACEI(DEBUG, " Entering SSL_accept...");
538 int res = SSL_accept(ssl);
539 TRACEI(DEBUG, " SSL_accept returned :" << res);
540 if ((res == -1) && (SSL_get_error(ssl, res) == SSL_ERROR_WANT_READ)) {
541 TRACEI(DEBUG, " SSL_accept wants to read more bytes... err:" << SSL_get_error(ssl, res));
542 return 1;
543 }
544
545 if(res <= 0) {
546 ERR_print_errors(sslbio_err);
547 if (res < 0) {
548
549 SSL_free(ssl);
550 ssl = 0;
551 return -1;
552 }
553 }
554
555 BIO_set_nbio(sbio, 0);
556
557 strcpy(SecEntity.prot, "https");
558
559 // Get the voms string and auth information
560 if (HandleAuthentication(Link)) {
561 SSL_free(ssl);
562 ssl = 0;
563 return -1;
564 }
565
566 ssldone = true;
567 if (TRACING(TRACE_AUTH)) {
569 }
570 }
571
572
573
574 if (!DoingLogin) {
575 // Re-invocations triggered by the bridge have lp==0
576 // In this case we keep track of a different request state
577 if (lp) {
578
579 // This is an invocation that was triggered by a socket event
580 // Read all the data that is available, throw it into the buffer
581 if ((rc = getDataOneShot(BuffAvailable())) < 0) {
582 // Error -> exit
583 return -1;
584 }
585
586 // If we need more bytes, let's wait for another invokation
587 if (BuffUsed() < ResumeBytes) return 1;
588
589
590 } else
592 } else if (!DoneSetInfo && !CurrentReq.userAgent().empty()) { // DoingLogin is true, meaning the login finished.
593 std::string mon_info = "monitor info " + CurrentReq.userAgent();
594 DoneSetInfo = true;
595 if (mon_info.size() >= 1024) {
596 TRACEI(ALL, "User agent string too long");
597 } else if (!Bridge) {
598 TRACEI(ALL, "Internal logic error: Bridge is null after login");
599 } else {
600 TRACEI(DEBUG, "Setting " << mon_info);
601 memset(&CurrentReq.xrdreq, 0, sizeof (ClientRequest));
604 memset(CurrentReq.xrdreq.set.reserved, '\0', sizeof(CurrentReq.xrdreq.set.reserved));
605 CurrentReq.xrdreq.set.dlen = htonl(mon_info.size());
606 if (!Bridge->Run((char *) &CurrentReq.xrdreq, (char *) mon_info.c_str(), mon_info.size())) {
607 SendSimpleResp(500, nullptr, nullptr, "Could not set user agent.", 0, false);
608 return -1;
609 }
610 return 0;
611 }
612 } else {
613 DoingLogin = false;
614 }
615
616 // Read the next request header, that is, read until a double CRLF is found
617
618
619 if (!CurrentReq.headerok) {
620
621 // Read as many lines as possible into the buffer. An empty line breaks
622 while ((rc = BuffgetLine(tmpline)) > 0) {
623 std::string traceLine = tmpline.c_str();
624 if (TRACING(TRACE_DEBUG)) {
625 traceLine = obfuscateAuth(traceLine);
626 }
627 TRACE(DEBUG, " rc:" << rc << " got hdr line: " << traceLine);
628 if ((rc == 2) && (tmpline.length() > 1) && (tmpline[rc - 1] == '\n')) {
629 CurrentReq.headerok = true;
630 TRACE(DEBUG, " rc:" << rc << " detected header end.");
631 break;
632 }
633
634
636 TRACE(DEBUG, " Parsing first line: " << traceLine.c_str());
637 int result = CurrentReq.parseFirstLine((char *)tmpline.c_str(), rc);
638 if (result < 0) {
639 TRACE(DEBUG, " Parsing of first line failed with " << result);
640 return -1;
641 }
642 } else {
643 int result = CurrentReq.parseLine((char *) tmpline.c_str(), rc);
644 if(result < 0) {
645 TRACE(DEBUG, " Parsing of header line failed with " << result)
646 SendSimpleResp(400,NULL,NULL,"Malformed header line. Hint: ensure the line finishes with \"\\r\\n\"", 0, false);
647 return -1;
648 }
649 }
650
651
652 }
653
654 // Here we have CurrentReq loaded with the header, or its relevant fields
655
656 if (!CurrentReq.headerok) {
657 TRACEI(REQ, " rc:" << rc << "Header not yet complete.");
658
659 // Here a subtle error condition. IF we failed reading a line AND the buffer
660 // has a reasonable amount of data available THEN we consider the header
661 // as corrupted and shutdown the client
662 if ((rc <= 0) && (BuffUsed() >= 16384)) {
663 TRACEI(ALL, "Corrupted header detected, or line too long. Disconnecting client.");
664 return -1;
665 }
666
667
668 if (CurrentReq.reqstate > 0)
670 // Waiting for more data
671 return 1;
672 }
673
674 }
675
676 // If we are in self-redirect mode, then let's do it
677 // Do selfredirect only with 'simple' requests, otherwise poor clients may misbehave
678 if (ishttps && ssldone && selfhttps2http &&
681 char hash[512];
682 time_t timenow = time(0);
683
684
686 &SecEntity,
687 timenow,
688 secretkey);
689
690
691
692 if (hash[0]) {
693
694 // Workaround... delete the previous opaque information
695 if (CurrentReq.opaque) {
696 delete CurrentReq.opaque;
697 CurrentReq.opaque = 0;
698 }
699
700 TRACEI(REQ, " rc:" << rc << " self-redirecting to http with security token.");
701
702 XrdOucString dest = "Location: http://";
703 // Here I should put the IP addr of the server
704
705 // We have to recompute it here because we don't know to which
706 // interface the client had connected to
707 struct sockaddr_storage sa;
708 socklen_t sl = sizeof(sa);
709 getsockname(this->Link->AddrInfo()->SockFD(), (struct sockaddr*)&sa, &sl);
710
711 // now get it back and print it
712 char buf[256];
713 bool ok = false;
714
715 switch (sa.ss_family) {
716 case AF_INET:
717 if (inet_ntop(AF_INET, &(((sockaddr_in*)&sa)->sin_addr), buf, INET_ADDRSTRLEN)) {
718 if (Addr_str) free(Addr_str);
719 Addr_str = strdup(buf);
720 ok = true;
721 }
722 break;
723 case AF_INET6:
724 if (inet_ntop(AF_INET6, &(((sockaddr_in6*)&sa)->sin6_addr), buf, INET6_ADDRSTRLEN)) {
725 if (Addr_str) free(Addr_str);
726 Addr_str = (char *)malloc(strlen(buf)+3);
727 strcpy(Addr_str, "[");
728 strcat(Addr_str, buf);
729 strcat(Addr_str, "]");
730 ok = true;
731 }
732 break;
733 default:
734 TRACEI(REQ, " Can't recognize the address family of the local host.");
735 }
736
737 if (ok) {
738 dest += Addr_str;
739 dest += ":";
740 dest += Port_str;
741 dest += CurrentReq.resource.c_str();
742 TRACEI(REQ," rc:"<<rc<<" self-redirecting to http with security token: '"
743 << dest.c_str() << "'");
744
745
746 CurrentReq.appendOpaque(dest, &SecEntity, hash, timenow);
747 SendSimpleResp(302, NULL, (char *) dest.c_str(), 0, 0, true);
749 return -1;
750 }
751
752 TRACEI(REQ, " rc:" << rc << " Can't perform self-redirection.");
753
754 }
755 else {
756 TRACEI(ALL, " Could not calculate self-redirection hash");
757 }
758 }
759
760 // If this is not https, then extract the signed information from the url
761 // and fill the SecEntity structure as if we were using https
762 if (!ishttps && !ssldone) {
763
764
765 if (CurrentReq.opaque) {
766 char * tk = CurrentReq.opaque->Get("xrdhttptk");
767 // If there is a hash then we use it as authn info
768 if (tk) {
769
770 time_t tim = 0;
771 char * t = CurrentReq.opaque->Get("xrdhttptime");
772 if (t) tim = atoi(t);
773 if (!t) {
774 TRACEI(REQ, " xrdhttptime not specified. Authentication failed.");
775 return -1;
776 }
777 if (abs(time(0) - tim) > XRHTTP_TK_GRACETIME) {
778 TRACEI(REQ, " Token expired. Authentication failed.");
779 return -1;
780 }
781
782 // Fill the Secentity from the fields in the URL:name, vo, host
783 char *nfo;
784
785 nfo = CurrentReq.opaque->Get("xrdhttpvorg");
786 if (nfo) {
787 TRACEI(DEBUG, " Setting vorg: " << nfo);
788 SecEntity.vorg = strdup(nfo);
789 TRACEI(REQ, " Setting vorg: " << SecEntity.vorg);
790 }
791
792 nfo = CurrentReq.opaque->Get("xrdhttpname");
793 if (nfo) {
794 TRACEI(DEBUG, " Setting name: " << nfo);
795 SecEntity.name = unquote(nfo);
796 TRACEI(REQ, " Setting name: " << SecEntity.name);
797 }
798
799 nfo = CurrentReq.opaque->Get("xrdhttphost");
800 if (nfo) {
801 TRACEI(DEBUG, " Setting host: " << nfo);
802 if (SecEntity.host) free(SecEntity.host);
803 SecEntity.host = unquote(nfo);
804 TRACEI(REQ, " Setting host: " << SecEntity.host);
805 }
806
807 nfo = CurrentReq.opaque->Get("xrdhttpdn");
808 if (nfo) {
809 TRACEI(DEBUG, " Setting dn: " << nfo);
811 TRACEI(REQ, " Setting dn: " << SecEntity.moninfo);
812 }
813
814 nfo = CurrentReq.opaque->Get("xrdhttprole");
815 if (nfo) {
816 TRACEI(DEBUG, " Setting role: " << nfo);
817 SecEntity.role = unquote(nfo);
818 TRACEI(REQ, " Setting role: " << SecEntity.role);
819 }
820
821 nfo = CurrentReq.opaque->Get("xrdhttpgrps");
822 if (nfo) {
823 TRACEI(DEBUG, " Setting grps: " << nfo);
824 SecEntity.grps = unquote(nfo);
825 TRACEI(REQ, " Setting grps: " << SecEntity.grps);
826 }
827
828 nfo = CurrentReq.opaque->Get("xrdhttpendorsements");
829 if (nfo) {
830 TRACEI(DEBUG, " Setting endorsements: " << nfo);
832 TRACEI(REQ, " Setting endorsements: " << SecEntity.endorsements);
833 }
834
835 nfo = CurrentReq.opaque->Get("xrdhttpcredslen");
836 if (nfo) {
837 TRACEI(DEBUG, " Setting credslen: " << nfo);
838 char *s1 = unquote(nfo);
839 if (s1 && s1[0]) {
840 SecEntity.credslen = atoi(s1);
841 TRACEI(REQ, " Setting credslen: " << SecEntity.credslen);
842 }
843 if (s1) free(s1);
844 }
845
846 if (SecEntity.credslen) {
847 nfo = CurrentReq.opaque->Get("xrdhttpcreds");
848 if (nfo) {
849 TRACEI(DEBUG, " Setting creds: " << nfo);
850 SecEntity.creds = unquote(nfo);
851 TRACEI(REQ, " Setting creds: " << SecEntity.creds);
852 }
853 }
854
855 char hash[512];
856
858 &SecEntity,
859 tim,
860 secretkey);
861
862 if (compareHash(hash, tk)) {
863 TRACEI(REQ, " Invalid tk '" << tk << "' != '" << hash << "'(calculated). Authentication failed.");
864 return -1;
865 }
866
867 } else {
868 // Client is plain http. If we have a secret key then we reject it
869 if (secretkey) {
870 TRACEI(ALL, " Rejecting plain http with no valid token as we have a secretkey.");
871 return -1;
872 }
873 }
874
875 } else {
876 // Client is plain http. If we have a secret key then we reject it
877 if (secretkey) {
878 TRACEI(ALL, " Rejecting plain http with no valid token as we have a secretkey.");
879 return -1;
880 }
881 }
882
883 ssldone = true;
884 }
885
886
887
888 // Now we have everything that is needed to try the login
889 // Remember that if there is an exthandler then it has the responsibility
890 // for authorization in the paths that it manages
891 if (!Bridge && !FindMatchingExtHandler(CurrentReq)) {
892 if (SecEntity.name)
893 Bridge = XrdXrootd::Bridge::Login(&CurrentReq, Link, &SecEntity, SecEntity.name, ishttps ? "https" : "http");
894 else
895 Bridge = XrdXrootd::Bridge::Login(&CurrentReq, Link, &SecEntity, "unknown", ishttps ? "https" : "http");
896
897 if (!Bridge) {
898 TRACEI(REQ, " Authorization failed.");
899 return -1;
900 }
901
902 // Let the bridge process the login, and then reinvoke us
903 DoingLogin = true;
904 return 0;
905 }
906
907 // Compute and send the response. This may involve further reading from the socket
909 if (rc < 0)
911
912
913
914 TRACEI(REQ, "Process is exiting rc:" << rc);
915 return rc;
916}
struct ClientSetRequest set
Definition XProtocol.hh:871
@ kXR_set
Definition XProtocol.hh:130
kXR_unt16 requestid
Definition XProtocol.hh:719
kXR_char modifier
Definition XProtocol.hh:721
kXR_char reserved[15]
Definition XProtocol.hh:720
short kXR_int16
Definition XPtypes.hh:66
#define XRHTTP_TK_GRACETIME
#define TRACE_AUTH
int compareHash(const char *h1, const char *h2)
char * unquote(char *str)
void calcHashes(char *hash, const char *fn, kXR_int16 request, XrdSecEntity *secent, time_t tim, const char *key)
std::string obfuscateAuth(const std::string &input)
#define TRACE_DEBUG
Definition XrdTrace.hh:36
#define TRACE(act, x)
Definition XrdTrace.hh:63
#define TRACING(x)
Definition XrdTrace.hh:70
static char * secretkey
The key used to calculate the url hashes.
static bool selfhttps2http
If client is HTTPS, self-redirect with HTTP+token.
static char * sslcadir
int reqstate
State machine to talk to the bridge.
XrdOucString resource
The resource specified by the request, stripped of opaque data.
bool headerok
Tells if we have finished reading the header.
const std::string & userAgent() const
ReqType request
The request we got.
int ProcessHTTPReq()
XrdOucEnv * opaque
The opaque data, after parsing.
int parseFirstLine(char *line, int len)
Parse the first line of the header.
int parseLine(char *line, int len)
Parse the header.
void appendOpaque(XrdOucString &s, XrdSecEntity *secent, char *hash, time_t tnow)
virtual void reset()
virtual int InitSSL(SSL *, char *)
char * Get(const char *varname)
Definition XrdOucEnv.hh:69
char * vorg
Entity's virtual organization(s)
int credslen
Length of the 'creds' data.
char prot[XrdSecPROTOIDSIZE]
Auth protocol used (e.g. krb5)
char * creds
Raw entity credentials or cert.
char * grps
Entity's group name(s)
char * name
Entity's name.
char * role
Entity's role(s)
char * endorsements
Protocol specific endorsements.
void Display(XrdSysError &mDest)
char * moninfo
Information for monitoring.
char * host
Entity's host name dnr dependent.
static Bridge * Login(Result *rsltP, XrdLink *linkP, XrdSecEntity *seceP, const char *nameP, const char *protP)

References Addr_str, XrdLink::AddrInfo(), XrdHttpReq::appendOpaque(), Bridge, XrdBuffer::bsize, XrdBuffer::buff, XrdOucString::c_str(), calcHashes(), compareHash(), XrdSecEntity::creds, XrdSecEntity::credslen, CurrentReq, DEBUG, XrdSecEntity::Display(), ClientSetRequest::dlen, eDest, XrdSecEntity::endorsements, XrdLink::FDnum(), XrdOucEnv::Get(), XrdSecEntity::grps, XrdHttpReq::headerok, XrdSecEntity::host, XrdHttpSecXtractor::InitSSL(), kXR_set, XrdOucString::length(), Link, XrdXrootd::Bridge::Login(), ClientSetRequest::modifier, XrdSecEntity::moninfo, XrdSecEntity::name, obfuscateAuth(), XrdHttpReq::opaque, XrdHttpReq::parseFirstLine(), XrdHttpReq::parseLine(), Port_str, XrdHttpReq::ProcessHTTPReq(), XrdSecEntity::prot, XrdHttpReq::reqstate, XrdHttpReq::request, ClientSetRequest::requestid, ClientSetRequest::reserved, XrdHttpReq::reset(), XrdHttpReq::resource, XrdSecEntity::role, XrdHttpReq::rtGET, XrdHttpReq::rtPROPFIND, XrdHttpReq::rtPUT, XrdHttpReq::rtUnset, XrdXrootd::Bridge::Run(), SecEntity, secretkey, selfhttps2http, XrdTlsContext::Session(), ClientRequest::set, XrdNetAddrInfo::SockFD(), sslcadir, TRACE, TRACE_AUTH, TRACE_DEBUG, TRACEI, TRACING, unquote(), XrdHttpReq::userAgent(), XrdSecEntity::vorg, XrdHttpProtoInfo::xrdctx, XrdHttpReq::xrdreq, and XRHTTP_TK_GRACETIME.

+ Here is the call graph for this function:

◆ Recycle()

void XrdHttpProtocol::Recycle ( XrdLink * lp,
int consec,
const char * reason )
virtual

Recycle this instance.

Implements XrdProtocol.

Definition at line 924 of file XrdHttpProtocol.cc.

924 {
925
926 // Release all appendages
927 //
928
929 Cleanup();
930
931
932 // Set fields to starting point (debugging mostly)
933 //
934 Reset();
935
936 // Push ourselves on the stack
937 //
939}
void Push(XrdObject< T > *Node)
Definition XrdObject.hh:101

References ProtLink, ProtStack, and XrdObjectQ< T >::Push().

+ Here is the call graph for this function:

◆ Stats()

int XrdHttpProtocol::Stats ( char * buff,
int blen,
int do_sync = 0 )
virtual

Get activity stats.

Implements XrdProtocol.

Definition at line 941 of file XrdHttpProtocol.cc.

941 {
942 // Synchronize statistics if need be
943 //
944 // if (do_sync) {
945 //
946 // SI->statsMutex.Lock();
947 // SI->readCnt += numReads;
948 // cumReads += numReads;
949 // numReads = 0;
950 // SI->prerCnt += numReadP;
951 // cumReadP += numReadP;
952 // numReadP = 0;
953 // SI->rvecCnt += numReadV;
954 // cumReadV += numReadV;
955 // numReadV = 0;
956 // SI->rsegCnt += numSegsV;
957 // cumSegsV += numSegsV;
958 // numSegsV = 0;
959 // SI->writeCnt += numWrites;
960 // cumWrites += numWrites;
961 // numWrites = 0;
962 // SI->statsMutex.UnLock();
963 // }
964 //
965 // // Now return the statistics
966 // //
967 // return SI->Stats(buff, blen, do_sync);
968
969 return 0;
970}

Friends And Related Symbol Documentation

◆ XrdHttpExtReq

friend class XrdHttpExtReq
friend

Definition at line 83 of file XrdHttpProtocol.hh.

◆ XrdHttpReq

friend class XrdHttpReq
friend

Definition at line 82 of file XrdHttpProtocol.hh.

Member Data Documentation

◆ Addr_str

char* XrdHttpProtocol::Addr_str
protected

Our IP address, as a string. Please remember that this may not be unique for a given machine, hence we need to keep it here and recompute ad every new connection.

Definition at line 364 of file XrdHttpProtocol.hh.

Referenced by XrdHttpProtocol(), and Process().

◆ BPool

XrdBuffManager * XrdHttpProtocol::BPool = 0
staticprotected

Definition at line 355 of file XrdHttpProtocol.hh.

Referenced by Configure(), and Match().

◆ Bridge

XrdXrootd::Bridge* XrdHttpProtocol::Bridge
protected

The Bridge that we use to exercise the xrootd internals.

Definition at line 370 of file XrdHttpProtocol.hh.

Referenced by doChksum(), doStat(), Process(), and XrdHttpReq::ProcessHTTPReq().

◆ CIA

XrdSecService * XrdHttpProtocol::CIA = 0
staticprotected

Definition at line 357 of file XrdHttpProtocol.hh.

◆ cksumHandler

XrdHttpChecksumHandler XrdHttpProtocol::cksumHandler = XrdHttpChecksumHandler()
static

Definition at line 136 of file XrdHttpProtocol.hh.

Referenced by XrdHttpReq::ProcessHTTPReq().

◆ compatNameGeneration

bool XrdHttpProtocol::compatNameGeneration = false
staticprotected

Definition at line 403 of file XrdHttpProtocol.hh.

◆ crlRefIntervalSec

int XrdHttpProtocol::crlRefIntervalSec = XrdTlsContext::DEFAULT_CRL_REF_INT_SEC
staticprotected

CRL thread refresh interval.

Definition at line 398 of file XrdHttpProtocol.hh.

◆ CurrentReq

XrdHttpReq XrdHttpProtocol::CurrentReq
protected

Area for coordinating request and responses to/from the bridge This also can process HTTP/DAV stuff

Definition at line 375 of file XrdHttpProtocol.hh.

Referenced by doChksum(), doStat(), and Process().

◆ eDest

XrdSysError XrdHttpProtocol::eDest = 0
staticprotected

Definition at line 356 of file XrdHttpProtocol.hh.

Referenced by Configure(), and Process().

◆ embeddedstatic

bool XrdHttpProtocol::embeddedstatic = true
staticprotected

If true, use the embedded css and icons.

Definition at line 424 of file XrdHttpProtocol.hh.

Referenced by XrdHttpReq::ProcessHTTPReq().

◆ gridmap

char * XrdHttpProtocol::gridmap = 0
staticprotected

Gridmap file location. The same used by XrdSecGsi.

Definition at line 401 of file XrdHttpProtocol.hh.

◆ hailWait

int XrdHttpProtocol::hailWait = 60000
staticprotected

Timeout for reading the handshake.

Definition at line 383 of file XrdHttpProtocol.hh.

Referenced by Match().

◆ hdr2cgimap

std::map< std::string, std::string > XrdHttpProtocol::hdr2cgimap
staticprotected

Rules that turn HTTP headers to cgi tokens in the URL, for internal comsumption.

Definition at line 440 of file XrdHttpProtocol.hh.

Referenced by XrdHttpReq::parseLine().

◆ isdesthttps

bool XrdHttpProtocol::isdesthttps = false
staticprotected

True if the redirections must be towards https targets.

Definition at line 412 of file XrdHttpProtocol.hh.

Referenced by XrdHttpReq::Redir().

◆ isRequiredGridmap

bool XrdHttpProtocol::isRequiredGridmap = false
staticprotected

Definition at line 402 of file XrdHttpProtocol.hh.

◆ Link

XrdLink* XrdHttpProtocol::Link
protected

The link we are bound to.

Definition at line 360 of file XrdHttpProtocol.hh.

Referenced by XrdHttpExtReq::GetClientID(), Match(), and Process().

◆ listdeny

bool XrdHttpProtocol::listdeny = false
staticprotected

If true, any form of listing is denied.

Definition at line 418 of file XrdHttpProtocol.hh.

Referenced by XrdHttpReq::ProcessHTTPReq().

◆ listredir

char * XrdHttpProtocol::listredir = 0
staticprotected

Url to redirect to in the case a listing is requested.

Definition at line 415 of file XrdHttpProtocol.hh.

Referenced by XrdHttpReq::ProcessHTTPReq().

◆ m_bio_method

BIO_METHOD * XrdHttpProtocol::m_bio_method = NULL
staticprotected

C-style vptr table for our custom BIO objects.

Definition at line 446 of file XrdHttpProtocol.hh.

◆ m_bio_type

int XrdHttpProtocol::m_bio_type = 0
staticprotected

Type identifier for our custom BIO objects.

Definition at line 443 of file XrdHttpProtocol.hh.

◆ m_staticheader_map

decltype(XrdHttpProtocol::m_staticheader_map) XrdHttpProtocol::m_staticheader_map
staticprotected

The static headers to always return; map is from verb to a list of (header, val) pairs.

Definition at line 458 of file XrdHttpProtocol.hh.

◆ m_staticheaders

decltype(XrdHttpProtocol::m_staticheaders) XrdHttpProtocol::m_staticheaders
staticprotected

The static string version of m_staticheader_map. After config parsing is done, this is computed and we won't need to reference m_staticheader_map in the response path.

Definition at line 462 of file XrdHttpProtocol.hh.

◆ myRole

kXR_int32 XrdHttpProtocol::myRole = kXR_isManager
staticprotected

Our role.

Definition at line 437 of file XrdHttpProtocol.hh.

Referenced by Configure(), and XrdHttpReq::ProcessHTTPReq().

◆ pmarkHandle

XrdNetPMark * XrdHttpProtocol::pmarkHandle = nullptr
staticprotected

Packet marking handler pointer (assigned from the environment during the Config() call)

Definition at line 452 of file XrdHttpProtocol.hh.

Referenced by XrdHttpExtReq::XrdHttpExtReq(), and XrdHttpReq::parseLine().

◆ Port

int XrdHttpProtocol::Port = 1094
staticprotected

Our port.

Definition at line 389 of file XrdHttpProtocol.hh.

Referenced by Configure().

◆ Port_str

char * XrdHttpProtocol::Port_str = 0
staticprotected

Our port, as a string.

Definition at line 392 of file XrdHttpProtocol.hh.

Referenced by Configure(), and Process().

◆ ProtLink

XrdObject<XrdHttpProtocol> XrdHttpProtocol::ProtLink

Definition at line 129 of file XrdHttpProtocol.hh.

Referenced by Recycle().

◆ ProtStack

XrdObjectQ< XrdHttpProtocol > XrdHttpProtocol::ProtStack
static

Definition at line 128 of file XrdHttpProtocol.hh.

Referenced by Configure(), Match(), and Recycle().

◆ ReadRangeConfig

XrdHttpReadRangeHandler::Configuration XrdHttpProtocol::ReadRangeConfig
static

configuration for the read range handler

Definition at line 139 of file XrdHttpProtocol.hh.

◆ readWait

int XrdHttpProtocol::readWait = 300000
staticprotected

Timeout for reading data.

Definition at line 386 of file XrdHttpProtocol.hh.

◆ Sched

XrdScheduler * XrdHttpProtocol::Sched = 0
staticprotected

Definition at line 354 of file XrdHttpProtocol.hh.

Referenced by Configure().

◆ SecEntity

XrdSecEntity XrdHttpProtocol::SecEntity

Authentication area.

Definition at line 133 of file XrdHttpProtocol.hh.

Referenced by XrdHttpExtReq::XrdHttpExtReq(), XrdHttpExtReq::GetSecEntity(), Match(), Process(), and XrdHttpReq::Redir().

◆ secretkey

char * XrdHttpProtocol::secretkey = 0
staticprotected

The key used to calculate the url hashes.

Definition at line 406 of file XrdHttpProtocol.hh.

Referenced by Process(), and XrdHttpReq::Redir().

◆ selfhttps2http

bool XrdHttpProtocol::selfhttps2http = false
staticprotected

If client is HTTPS, self-redirect with HTTP+token.

Definition at line 421 of file XrdHttpProtocol.hh.

Referenced by Process().

◆ servGMap

XrdOucGMap * XrdHttpProtocol::servGMap = 0
staticprotected

The instance of the DN mapper. Created only when a valid path is given.

Definition at line 367 of file XrdHttpProtocol.hh.

◆ sslcadir

char * XrdHttpProtocol::sslcadir = 0
staticprotected

Definition at line 395 of file XrdHttpProtocol.hh.

Referenced by Process().

◆ sslcafile

char * XrdHttpProtocol::sslcafile = 0
staticprotected

Definition at line 395 of file XrdHttpProtocol.hh.

◆ sslcert

char * XrdHttpProtocol::sslcert = 0
staticprotected

OpenSSL stuff.

Definition at line 395 of file XrdHttpProtocol.hh.

◆ sslcipherfilter

char * XrdHttpProtocol::sslcipherfilter = 0
staticprotected

Definition at line 395 of file XrdHttpProtocol.hh.

◆ sslkey

char * XrdHttpProtocol::sslkey = 0
staticprotected

Definition at line 395 of file XrdHttpProtocol.hh.

◆ sslverifydepth

int XrdHttpProtocol::sslverifydepth = 9
staticprotected

Depth of verification of a certificate chain.

Definition at line 409 of file XrdHttpProtocol.hh.

◆ staticpreload

XrdOucHash< XrdHttpProtocol::StaticPreloadInfo > * XrdHttpProtocol::staticpreload = 0
staticprotected

Definition at line 434 of file XrdHttpProtocol.hh.

Referenced by XrdHttpReq::ProcessHTTPReq().

◆ staticredir

char * XrdHttpProtocol::staticredir = 0
staticprotected

Definition at line 427 of file XrdHttpProtocol.hh.

Referenced by XrdHttpReq::ProcessHTTPReq().

◆ tpcForwardCreds

bool XrdHttpProtocol::tpcForwardCreds = false
staticprotected

If set to true, the HTTP TPC transfers will forward the credentials to redirected hosts.

Definition at line 455 of file XrdHttpProtocol.hh.

Referenced by XrdHttpExtReq::XrdHttpExtReq().

◆ xrd_cslist

char * XrdHttpProtocol::xrd_cslist = nullptr
staticprotected

The list of checksums that were configured via the xrd.cksum parameter on the server config file.

Definition at line 449 of file XrdHttpProtocol.hh.

Referenced by Configure().


The documentation for this class was generated from the following files: