xrootd
Loading...
Searching...
No Matches
XrdSecgsiOpts.hh
Go to the documentation of this file.
1#ifndef __XRD_GSIOPTS_H__
2#define __XRD_GSIOPTS_H__
3/******************************************************************************/
4/* */
5/* X r d S e c g s i O p t s . h h */
6/* */
7/* (c) 2020 by the Board of Trustees of the Leland Stanford, Jr., University */
8/* Produced by Andrew Hanushevsky for Stanford University under contract */
9/* DE-AC02-76-SFO0515 with the Department of Energy */
10/* */
11/* This file is part of the XRootD software suite. */
12/* */
13/* XRootD is free software: you can redistribute it and/or modify it under */
14/* the terms of the GNU Lesser General Public License as published by the */
15/* Free Software Foundation, either version 3 of the License, or (at your */
16/* option) any later version. */
17/* */
18/* XRootD is distributed in the hope that it will be useful, but WITHOUT */
19/* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or */
20/* FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public */
21/* License for more details. */
22/* */
23/* You should have received a copy of the GNU Lesser General Public License */
24/* along with XRootD in a file called COPYING.LESSER (LGPL license) and file */
25/* COPYING (GPL license). If not, see <http://www.gnu.org/licenses/>. */
26/* */
27/* The copyright holder's institutional names and contributor's names may not */
28/* be used to endorse or promote products derived from this software without */
29/* specific prior written permission of the institution or contributor. */
30/******************************************************************************/
31
32namespace
33{
34/******************************************************************************/
35/* D e f i n e s a n d S t r u c t s */
36/******************************************************************************/
37
38#define WARN(x) std::cerr <<"Secgsi warning: " << x <<'\n' <<std::flush
39
40#define OTINIT(a,b,x) {a, b, sizeof(x)/sizeof(x [0]), x}
41
42#define LIB_XRDVOMS "libXrdVoms.so"
43
44struct OptsMap
45 {const char *optKey;
46 int optVal;
47 };
48
49struct OptsTab
50 {const char *opName;
51 int opDflt;
52 int numMap;
53 struct OptsMap *mapOpts;
54 };
55
56/******************************************************************************/
57/* - a u t h z c a l l */
58/******************************************************************************/
59
60static const int azAlways = 1;
61static const int azNoVoms = 0;
62
63OptsMap azCallKV[] = {{"always", 1},
64 {"novoms", 0}
65 };
66
67OptsTab azCallOpts = OTINIT("-authzcall",1,azCallKV);
68
69/******************************************************************************/
70/* - a u t h z p x y */
71/******************************************************************************/
72
73static const int azFull = 0;
74static const int azLast = 1;
75static const int azCred = 1;
76static const int azEndo = 2;
77
78OptsMap azPxyKV[] = {{"creds=fullchain", azCred+(10*azFull)},
79 {"creds=lastcert", azCred+(10*azLast)},
80 {"endor=fullchain", azEndo+(10*azFull)},
81 {"endor=lastcert", azEndo+(10*azLast)}
82 };
83
84OptsTab azPxyOpts = OTINIT("-authz",0,azPxyKV);
85
86/******************************************************************************/
87/* - c a */
88/******************************************************************************/
89
90static const int caNoVerify = 0;
91static const int caVerifyss = 1;
92static const int caVerify = 2;
93
94OptsMap caVerKV[] = {{"noverify", caNoVerify},
95 {"verifyss", caVerifyss},
96 {"verify", caVerify}
97 };
98
99OptsTab caVerOpts = OTINIT("-ca",caVerifyss,caVerKV);
100
101/******************************************************************************/
102/* - c r l */
103/******************************************************************************/
104
105static const int crlIgnore = 0;
106static const int crlTry = 1;
107static const int crlUse = 2;
108static const int crlRequire = 3;
109static const int crlUpdate = 10;
110static const int crlNoUpdt = 0;
111
112OptsMap crl1KV[] = {{"ignore", crlIgnore},
113 {"try", crlTry},
114 {"use", crlUse},
115 {"use,updt", crlUse+crlUpdate},
116 {"require", crlRequire},
117 {"require,updt", crlRequire+crlUpdate}
118 };
119
120OptsTab crlOpts = OTINIT("-crl",crlTry,crl1KV);
121
122/******************************************************************************/
123/* - d l g p x y */
124/******************************************************************************/
125
126static const int dlgIgnore = 0;
127static const int dlgReqSign = 1;
128static const int dlgSendpxy = 2; // Only client can set this!
129
130OptsMap sDlgKV[] = {{"ignore", dlgIgnore},
131 {"request", dlgReqSign}
132 };
133
134OptsTab sDlgOpts = OTINIT("-dlgpxy",dlgIgnore,sDlgKV);
135
136/******************************************************************************/
137/* - g m a p o p t */
138/******************************************************************************/
139
140static const int gmoNoMap = 0;
141static const int gmoTryMap = 1;
142static const int gmoUseMap = 2;
143static const int gmoEntDN = 10;
144static const int gmoEntDNHash = 0;
145
146OptsMap gmoKV[] = {{"nomap", gmoNoMap},
147 {"nomap,usedn", gmoNoMap+gmoEntDN},
148 {"trymap", gmoTryMap},
149 {"trymap,usedn", gmoTryMap+gmoEntDN},
150 {"usemap", gmoUseMap}
151 };
152
153OptsTab gmoOpts = OTINIT("-gmopts",gmoTryMap,gmoKV);
154
155/******************************************************************************/
156/* - t r u s t d n s */
157/******************************************************************************/
158
159OptsMap tdnsKV[] = {{"false", 0},
160 {"true", 1}
161 };
162
163OptsTab tdnsOpts = OTINIT("-trustdns",0,tdnsKV);
164
165/******************************************************************************/
166/* - v o m s a t */
167/******************************************************************************/
168
169static const int vatIgnore = 0;
170static const int vatExtract = 1;
171static const int vatRequire = 2;
172
173OptsMap vomsatKV[] = {{"ignore", vatIgnore},
174 {"extract", vatExtract},
175 {"require", vatRequire}
176 };
177
178OptsTab vomsatOpts = OTINIT("-vomsat",vatIgnore,vomsatKV);
179
180/******************************************************************************/
181/* g e t O p t N a m e */
182/******************************************************************************/
183
184const char *getOptName(OptsTab &oTab, int opval)
185{
186 for (int i = 0; i < oTab.numMap; i++)
187 if (opval == oTab.mapOpts[i].optVal) return oTab.mapOpts[i].optKey;
188 return "nothing";
189}
190
191/******************************************************************************/
192/* g e t O p t V a l */
193/******************************************************************************/
194
195int getOptVal(OptsTab &oTab, const char *oVal)
196{
197 if (isdigit(*oVal))
198 {int n = atoi(oVal);
199 for (int i = 0; i < oTab.numMap; i++)
200 if (n == oTab.mapOpts[i].optVal) return n;
201 } else {
202 for (int i = 0; i < oTab.numMap; i++)
203 if (!strcmp(oVal, oTab.mapOpts[i].optKey))
204 return oTab.mapOpts[i].optVal;
205 }
206
207 if (oTab.opDflt >= 0)
208 {WARN("invalid " <<oTab.opName <<" argument '" <<oVal <<
209 "'; using '" <<getOptName(oTab, oTab.opDflt) <<"' instead!");
210 }
211 return oTab.opDflt;
212}
213
214/******************************************************************************/
215/*
216int getOptVal(OptsTab &oTab1, OptsTab &oTab2, char *oVal)
217{
218// Check if this is a two-factor option
219//
220 char *comma = index(oVal, ',');
221 if (comma) *comma = 0;
222
223// Handle the first part
224//
225 int flag = getOptVal(oTab1, oVal);
226
227// Get the second part
228//
229 if (comma)
230 {flag += getOptVal(oTab2, comma+1);
231 *comma = ',';
232 }
233 return flag;
234}
235*/
236}
237#endif
WARN
#define WARN(x)
Definition XrdSecgsiOpts.hh:38
OTINIT
#define OTINIT(a, b, x)
Definition XrdSecgsiOpts.hh:40
Generated by doxygen 1.9.8