Logo ROOT   6.30.04
Reference Guide
 All Namespaces Files Pages
TRootAuth.cxx
Go to the documentation of this file.
1 // @(#)root/auth:$Id$
2 // Author: Gerardo Ganis 08/07/05
3 
4 /*************************************************************************
5  * Copyright (C) 1995-2005, Rene Brun and Fons Rademakers. *
6  * All rights reserved. *
7  * *
8  * For the licensing terms see $ROOTSYS/LICENSE. *
9  * For the list of contributors see $ROOTSYS/README/CREDITS. *
10  *************************************************************************/
11 
12 //////////////////////////////////////////////////////////////////////////
13 // //
14 // TRootAuth //
15 // //
16 // TVirtualAuth implementation based on the old client authentication //
17 // code. //
18 // //
19 //////////////////////////////////////////////////////////////////////////
20 
21 #include "TAuthenticate.h"
22 #include "TEnv.h"
23 #include "TError.h"
24 #include "THostAuth.h"
25 #include "TRootAuth.h"
26 #include "TRootSecContext.h"
27 #include "TSocket.h"
28 #include "TSystem.h"
29 #include "TUrl.h"
30 
31 ////////////////////////////////////////////////////////////////////////////////
32 /// Runs authentication on socket s.
33 /// Invoked when dynamic loading is needed.
34 /// Returns 1 on success, 0 on failure.
35 
36 TSecContext *TRootAuth::Authenticate(TSocket *s, const char *host,
37  const char *user, Option_t *opts)
38 {
39  TSecContext *ctx = 0;
40  Int_t rc = 0;
41 
42  Int_t rproto = s->GetRemoteProtocol() % 1000;
43  if (s->GetServType() == (Int_t)TSocket::kROOTD) {
44  if (rproto > 6 && rproto < 10) {
45  // Middle aged versions expect client protocol now
46  s->Send(Form("%d", TSocket::GetClientProtocol()), kROOTD_PROTOCOL2);
47  Int_t kind = 0;
48  if (s->Recv(rproto, kind) < 0) {
49  Error("Authenticate", "receiving remote protocol");
50  return ctx;
51  }
52  s->SetRemoteProtocol(rproto);
53  }
54  }
55 
56  Bool_t isPROOF = (s->GetServType() == (Int_t)TSocket::kPROOFD);
57  Bool_t isPROOFserv = (opts[0] == 'P') ? kTRUE : kFALSE;
58 
59  // Build the protocol string for TAuthenticate
60  TString proto = TUrl(s->GetUrl()).GetProtocol();
61  if (proto == "") {
62  proto = "root";
63  } else if (proto.Contains("sockd") || proto.Contains("rootd") ||
64  proto.Contains("proofd")) {
65  proto.ReplaceAll("d",1,"",0);
66  }
67  proto += Form(":%d",rproto);
68 
69  // Init authentication
70  TAuthenticate *auth =
71  new TAuthenticate(s, host, proto, user);
72 
73  // Attempt authentication
74  if (!auth->Authenticate()) {
75  // Close the socket if unsuccessful
76  if (auth->HasTimedOut() > 0)
77  Error("Authenticate",
78  "timeout expired for %s@%s", auth->GetUser(), host);
79  else
80  Error("Authenticate",
81  "authentication failed for %s@%s", auth->GetUser(), host);
82  // This is to terminate properly remote proofd in case of failure
83  if (isPROOF)
84  s->Send(Form("%d %s", gSystem->GetPid(), host), kROOTD_CLEANUP);
85  } else {
86  // Set return flag;
87  rc = 1;
88  // Search pointer to relevant TSecContext
89  ctx = auth->GetSecContext();
90  s->SetSecContext(ctx);
91  }
92  // Cleanup
93  delete auth;
94 
95  // If we are talking to a recent proofd send over a buffer with the
96  // remaining authentication related stuff
97  if (rc && isPROOF && rproto > 11) {
98  Bool_t client = !isPROOFserv;
99  if (TAuthenticate::ProofAuthSetup(s, client) !=0 ) {
100  Error("Authenticate", "PROOF: failed to finalize setup");
101  }
102  }
103 
104  // We are done
105  return ctx;
106 }
107 
108 ////////////////////////////////////////////////////////////////////////////////
109 /// Return client version;
110 
111 Int_t TRootAuth::ClientVersion()
112 {
113  return TSocket::GetClientProtocol();
114 }
115 
116 ////////////////////////////////////////////////////////////////////////////////
117 /// Print error string corresponding to ecode, prepending location
118 
119 void TRootAuth::ErrorMsg(const char *where, Int_t ecode)
120 {
121  TAuthenticate::AuthError(where, ecode);
122 }