XrdSecInterface.hh File Reference

#include <errno.h>
#include <sys/param.h>
#include <stdlib.h>
#include <stdio.h>
#include <string.h>
#include "XrdSec/XrdSecEntity.hh"

Include dependency graph for XrdSecInterface.hh:

Go to the source code of this file.

Classes

struct  XrdSecBuffer
 Generic structure to pass security information back and forth. More...
class  XrdSecProtocol
class  XrdSecService

Typedefs

typedef XrdSecBuffer XrdSecCredentials
typedef XrdSecBuffer XrdSecParameters
typedef XrdSecProtocol *(*) XrdSecGetProt_t (const char *, XrdNetAddrInfo &, XrdSecParameters &, XrdOucErrInfo *)
 Typedef to simplify the encoding of methods returning XrdSecProtocol.
typedef XrdSecService *(*) XrdSecGetServ_t (XrdSysLogger *, const char *)


Typedef Documentation

typedef XrdSecBuffer XrdSecCredentials

When the buffer is used for credentials, the start of the buffer always holds the credential protocol name (e.g., krb4) as a string. The client will get credentials and the size will be filled out so that the contents of buffer can be easily transmitted to the server.

typedef XrdSecProtocol*(*) XrdSecGetProt_t(const char *, XrdNetAddrInfo &, XrdSecParameters &, XrdOucErrInfo *)

Typedef to simplify the encoding of methods returning XrdSecProtocol.

Create a client security context and get a supported XrdSecProtocol object for one of the protocols suggested by the server and possibly based on the server's hostname or host address, as needed.

Parameters:
hostname The client's host name or the IP address as text. An IP may be supplied if the host address is not resolvable. Use endPoint to get the hostname only if it's actually needed.
endPoint the XrdNetAddrInfo object describing the server end-point.
sectoken The security token supplied by the server.
einfo The structure to record any error messages. These are normally sent to the client. If einfo is a null pointer, the messages should be sent to standard error.
Returns:
Success: Address of protocol object to be used for authentication. If cred was null, a host protocol object should be returned if so allowed. The object's delete method should be called to release the storage. Failure: Null, no protocol can be returned. The einfo parameter, if supplied, has the reason.
Notes: 1) There should be one protocol object per physical TCP/IP connections. 2) When the connection is closed, the protocol's Delete() method should be called to properly delete the object. 3) The method and the returned object should be MT-safe. 4) When replacing the default implementation with a plug-in the extern "C" function below must exist in your shared library. 5) Additionally, you *should* declare the xrootd version you used to compile your plug-in using XrdVERSIONINFO where <name> is the 1- to 15-character unquoted name of your plugin. This is a mandatory requirement!

typedef XrdSecService*(*) XrdSecGetServ_t(XrdSysLogger *, const char *)

typedef XrdSecBuffer XrdSecParameters

When the buffer is used for parameters, the contents must be interpreted in the context that it is used. For instance, the server will send the security configuration parameters on the initial login. The format differs from, say, the x.500 continuation paremeters that would be sent during PKI authentication via an "authmore" return status.


Generated on 13 Mar 2017 for xrootd by  doxygen 1.4.7