XrdSecProtocolgsi Class Reference

#include <XrdSecProtocolgsi.hh>

Inheritance diagram for XrdSecProtocolgsi:

Collaboration diagram for XrdSecProtocolgsi:

Public Member Functions
int	Authenticate (XrdSecCredentials *cred, XrdSecParameters **parms, XrdOucErrInfo *einfo=0)
XrdSecCredentials *	getCredentials (XrdSecParameters *parm=0, XrdOucErrInfo *einfo=0)
	XrdSecProtocolgsi (int opts, const char *hname, XrdNetAddrInfo &endPoint, const char *parms=0)
virtual	~XrdSecProtocolgsi ()
void	Delete ()
	Delete the protocol object. DO NOT use C++ delete() on this object.
int	Encrypt (const char *inbuf, int inlen, XrdSecBuffer **outbuf)
int	Decrypt (const char *inbuf, int inlen, XrdSecBuffer **outbuf)
int	Sign (const char *inbuf, int inlen, XrdSecBuffer **outbuf)
int	Verify (const char *inbuf, int inlen, const char *sigbuf, int siglen)
int	getKey (char *kbuf=0, int klen=0)
int	setKey (char *kbuf, int klen)
Public Member Functions inherited from XrdSecProtocol
virtual int	Authenticate (XrdSecCredentials *cred, XrdSecParameters **parms, XrdOucErrInfo *einfo=0)=0
virtual XrdSecCredentials *	getCredentials (XrdSecParameters *parm=0, XrdOucErrInfo *einfo=0)=0
virtual int	Encrypt (const char *inbuff, int inlen, XrdSecBuffer **outbuff)
virtual int	Decrypt (const char *inbuff, int inlen, XrdSecBuffer **outbuff)
virtual int	Sign (const char *inbuff, int inlen, XrdSecBuffer **outbuff)
virtual int	Verify (const char *inbuff, int inlen, const char *sigbuff, int siglen)
virtual int	getKey (char *buff=0, int size=0)
virtual int	setKey (char *buff, int size)
virtual bool	needTLS ()
	Check if this protocol requires TLS to properly function.
virtual void	Delete ()=0
	Delete the protocol object. DO NOT use C++ delete() on this object.
	XrdSecProtocol (const char *pName)
	Constructor.

Static Public Member Functions
static char *	Init (gsiOptions o, XrdOucErrInfo *erp)
static XrdOucTrace *	EnableTracing ()

Private Member Functions
int	ParseClientInput (XrdSutBuffer *br, XrdSutBuffer **bm, String &emsg)
int	ClientDoInit (XrdSutBuffer *br, XrdSutBuffer **bm, String &cmsg)
int	ClientDoCert (XrdSutBuffer *br, XrdSutBuffer **bm, String &cmsg)
int	ClientDoPxyreq (XrdSutBuffer *br, XrdSutBuffer **bm, String &cmsg)
int	ParseServerInput (XrdSutBuffer *br, XrdSutBuffer **bm, String &cmsg)
int	ServerDoCertreq (XrdSutBuffer *br, XrdSutBuffer **bm, String &cmsg)
int	ServerDoCert (XrdSutBuffer *br, XrdSutBuffer **bm, String &cmsg)
int	ServerDoSigpxy (XrdSutBuffer *br, XrdSutBuffer **bm, String &cmsg)
int	ParseCrypto (String cryptlist)
int	ParseCAlist (String calist)
bool	ServerCertNameOK (const char *subject, const char *hname, String &e)
XrdSecCredentials *	ErrC (XrdOucErrInfo *einfo, XrdSutBuffer *b1, XrdSutBuffer *b2, XrdSutBuffer *b3, kXR_int32 ecode, const char *msg1=0, const char *msg2=0, const char *msg3=0)
int	ErrS (String ID, XrdOucErrInfo *einfo, XrdSutBuffer *b1, XrdSutBuffer *b2, XrdSutBuffer *b3, kXR_int32 ecode, const char *msg1=0, const char *msg2=0, const char *msg3=0)
bool	CheckTimeStamp (XrdSutBuffer *b, int skew, String &emsg)
bool	CheckRtag (XrdSutBuffer *bm, String &emsg)
int	AddSerialized (char opt, kXR_int32 step, String ID, XrdSutBuffer *bls, XrdSutBuffer *buf, kXR_int32 type, XrdCryptoCipher *cip)
void	CopyEntity (XrdSecEntity *in, XrdSecEntity *out, int *lout=0)
void	FreeEntity (XrdSecEntity *in)

Static Private Member Functions
static int	GetCA (const char *cahash, XrdCryptoFactory *cryptof, gsiHSVars *hs=0)
static String	GetCApath (const char *cahash)
static bool	VerifyCA (int opt, X509Chain *cca, XrdCryptoFactory *cf)
static int	VerifyCRL (XrdCryptoX509Crl *crl, XrdCryptoX509 *xca, XrdOucString crldir, XrdCryptoFactory *CF, int hashalg)
static XrdSutCacheEntry *	GetSrvCertEnt (XrdSutCERef &gcref, XrdCryptoFactory *cf, time_t timestamp, String &cal)
static XrdCryptoX509Crl *	LoadCRL (XrdCryptoX509 *xca, const char *sjhash, XrdCryptoFactory *CF, int dwld, int &err)
static int	QueryProxy (bool checkcache, XrdSutCache *cache, const char *tag, XrdCryptoFactory *cf, time_t timestamp, ProxyIn_t *pi, ProxyOut_t *po)
static int	InitProxy (ProxyIn_t *pi, XrdCryptoFactory *cf, X509Chain *ch=0, XrdCryptoRSA **key=0)
static void	ErrF (XrdOucErrInfo *einfo, kXR_int32 ecode, const char *msg1, const char *msg2=0, const char *msg3=0)
static XrdSecgsiGMAP_t	LoadGMAPFun (const char *plugin, const char *parms)
static XrdSecgsiAuthz_t	LoadAuthzFun (const char *plugin, const char *parms, int &fmt)
static XrdSecgsiVOMS_t	LoadVOMSFun (const char *plugin, const char *parms, int &fmt)
static void	QueryGMAP (XrdCryptoX509Chain *chain, int now, String &name)

Private Attributes
XrdNetAddrInfo	epAddr
int	options
XrdCryptoFactory *	sessionCF
XrdCryptoCipher *	sessionKey
XrdSutBucket *	bucketKey
XrdCryptoMsgDigest *	sessionMD
XrdCryptoRSA *	sessionKsig
XrdCryptoRSA *	sessionKver
X509Chain *	proxyChain
bool	srvMode
char *	expectedHost
bool	useIV
gsiHSVars *	hs

Static Private Attributes
static XrdSysMutex	gsiContext
static String	CAdir
static String	CRLdir
static String	DefCRLext
static String	SrvCert
static String	SrvKey
static String	UsrProxy
static String	UsrCert
static String	UsrKey
static String	PxyValid
static int	DepLength
static int	DefBits
static int	CACheck
static int	CRLCheck
static int	CRLDownload
static int	CRLRefresh
static String	DefCrypto
static String	DefCipher
static String	DefMD
static String	DefError
static String	GMAPFile
static int	GMAPOpt
static bool	GMAPuseDNname
static int	GMAPCacheTimeOut
static XrdSecgsiGMAP_t	GMAPFun
static XrdSecgsiAuthz_t	AuthzFun
static XrdSecgsiAuthzKey_t	AuthzKey
static int	AuthzCertFmt
static int	AuthzCacheTimeOut
static int	PxyReqOpts
static int	AuthzPxyWhat
static int	AuthzPxyWhere
static int	AuthzAlways
static String	SrvAllowedNames
static int	VOMSAttrOpt
static XrdSecgsiVOMS_t	VOMSFun
static int	VOMSCertFmt
static int	MonInfoOpt
static bool	HashCompatibility
static bool	TrustDNS
static int	ncrypt
static XrdCryptoFactory *	cryptF [XrdCryptoMax]
static int	cryptID [XrdCryptoMax]
static String	cryptName [XrdCryptoMax]
static XrdCryptoCipher *	refcip [XrdCryptoMax]
static XrdSutCache	cacheCA
static XrdSutCache	cacheCert
static XrdSutCache	cachePxy
static XrdSutCache	cacheGMAPFun
static XrdSutCache	cacheAuthzFun
static XrdOucGMap *	servGMap
static GSIStack< XrdCryptoX509Chain >	stackCA
static std::unique_ptr< GSIStack< XrdCryptoX509Crl > >	stackCRL
static time_t	lastGMAPCheck
static XrdSysMutex	mutexGMAP
static int	Debug
static bool	Server
static int	TimeSkew
static XrdSysLogger	Logger
static XrdSysError	eDest
static XrdOucTrace *	GSITrace

Friends
class	gsiOptions
class	gsiHSVars

Additional Inherited Members
Public Attributes inherited from XrdSecProtocol
XrdSecEntity	Entity
Protected Member Functions inherited from XrdSecProtocol
virtual	~XrdSecProtocol ()
	Destructor (prevents use of direct delete).

Constructor & Destructor Documentation

XrdSecProtocolgsi()

XrdSecProtocolgsi::XrdSecProtocolgsi	(	int	opts,
		const char *	hname,
		XrdNetAddrInfo &	endPoint,
		const char *	parms = 0
	)

~XrdSecProtocolgsi()

virtual XrdSecProtocolgsi::~XrdSecProtocolgsi ( )

inlinevirtual

Member Function Documentation

AddSerialized()

int XrdSecProtocolgsi::AddSerialized ( char  opt, kXR_int32  step, String  ID, XrdSutBuffer *  bls, XrdSutBuffer *  buf, kXR_int32  type, XrdCryptoCipher *  cip  )

private

Authenticate()

int XrdSecProtocolgsi::Authenticate ( XrdSecCredentials *  cred, XrdSecParameters **  parms, XrdOucErrInfo *  einfo = 0  )

virtual

Authenticate a client.

Parameters

cred	Credentials supplied by the client.
parms	Place where the address of additional authentication data is to be placed for another autrhentication handshake.
einfo	The error information object where error messages should be placed. The messages are returned to the client. Should einfo be null, messages should be written to stderr.

Returns

> 0 -> parms present (more authentication needed) = 0 -> Entity present (authentication suceeded) < 0 -> einfo present (error has occurred)

Implements XrdSecProtocol.

CheckRtag()

bool XrdSecProtocolgsi::CheckRtag ( XrdSutBuffer *  bm, String &  emsg  )

private

CheckTimeStamp()

bool XrdSecProtocolgsi::CheckTimeStamp ( XrdSutBuffer *  b, int  skew, String &  emsg  )

private

ClientDoCert()

int XrdSecProtocolgsi::ClientDoCert ( XrdSutBuffer *  br, XrdSutBuffer **  bm, String &  cmsg  )

private

ClientDoInit()

int XrdSecProtocolgsi::ClientDoInit ( XrdSutBuffer *  br, XrdSutBuffer **  bm, String &  cmsg  )

private

ClientDoPxyreq()

int XrdSecProtocolgsi::ClientDoPxyreq ( XrdSutBuffer *  br, XrdSutBuffer **  bm, String &  cmsg  )

private

CopyEntity()

void XrdSecProtocolgsi::CopyEntity ( XrdSecEntity *  in, XrdSecEntity *  out, int *  lout = 0  )

private

Decrypt()

int XrdSecProtocolgsi::Decrypt ( const char *  inbuff, int  inlen, XrdSecBuffer **  outbuff  )

virtual

Decrypt data in inbuff using the session key.

Parameters

inbuff	buffer holding data to be decrypted.
inlen	length of the data.
outbuff	place where a pointer to the decrypted data is placed.

Returns

< 0 Failed,the return value is -errno (see Encrypt). = 0 Success, outbuff contains a pointer to the decrypted data. The caller is responsible for deleting the returned object.

Reimplemented from XrdSecProtocol.

Delete()

void XrdSecProtocolgsi::Delete ( )

virtual

Delete the protocol object. DO NOT use C++ delete() on this object.

Implements XrdSecProtocol.

EnableTracing()

static XrdOucTrace * XrdSecProtocolgsi::EnableTracing ( )

static

Encrypt()

int XrdSecProtocolgsi::Encrypt ( const char *  inbuff, int  inlen, XrdSecBuffer **  outbuff  )

virtual

Encrypt data in inbuff using the session key.

Parameters

inbuff	buffer holding data to be encrypted.
inlen	length of the data.
outbuff	place where a pointer to the encrypted data is placed.

Returns

< 0 Failed, the return value is -errno of the reason. Typically, -EINVAL - one or more arguments are invalid. -NOTSUP - encryption not supported by the protocol -ENOENT - Context not innitialized = 0 Success, outbuff contains a pointer to the encrypted data. The caller is responsible for deleting the returned object.

Reimplemented from XrdSecProtocol.

ErrC()

XrdSecCredentials * XrdSecProtocolgsi::ErrC ( XrdOucErrInfo *  einfo, XrdSutBuffer *  b1, XrdSutBuffer *  b2, XrdSutBuffer *  b3, kXR_int32  ecode, const char *  msg1 = 0, const char *  msg2 = 0, const char *  msg3 = 0  )

private

ErrF()

static void XrdSecProtocolgsi::ErrF ( XrdOucErrInfo *  einfo, kXR_int32  ecode, const char *  msg1, const char *  msg2 = 0, const char *  msg3 = 0  )

staticprivate

ErrS()

int XrdSecProtocolgsi::ErrS ( String  ID, XrdOucErrInfo *  einfo, XrdSutBuffer *  b1, XrdSutBuffer *  b2, XrdSutBuffer *  b3, kXR_int32  ecode, const char *  msg1 = 0, const char *  msg2 = 0, const char *  msg3 = 0  )

private

FreeEntity()

void XrdSecProtocolgsi::FreeEntity ( XrdSecEntity *  in )

private

GetCA()

static int XrdSecProtocolgsi::GetCA ( const char *  cahash, XrdCryptoFactory *  cryptof, gsiHSVars *  hs = 0  )

staticprivate

GetCApath()

static String XrdSecProtocolgsi::GetCApath ( const char *  cahash )

staticprivate

getCredentials()

XrdSecCredentials * XrdSecProtocolgsi::getCredentials ( XrdSecParameters *  parm = 0, XrdOucErrInfo *  einfo = 0  )

virtual

Generate client credentials to be used in the authentication process.

Parameters

parm	Pointer to the information returned by the server either in the initial login response or the authmore response.
einfo	The error information object where error messages should be placed. The messages are returned to the client. Should einfo be null, messages should be written to stderr.

Returns

Success: Pointer to credentials to sent to the server. The caller is responsible for deleting the object. Failure: Null pointer with einfo, if supplied, containing the reason for the failure.

Implements XrdSecProtocol.

getKey()

int XrdSecProtocolgsi::getKey ( char *  buff = 0, int  size = 0  )

virtual

Get the current encryption key (i.e. session key)

Parameters

buff	buffer to hold the key, and may be null.
size	size of the buffer.

Returns

< 0 Failed, returned value if -errno (see Encrypt) >= 0 The size of the encyption key. The supplied buffer of length size hold the key. If the buffer address is supplied, the key is placed in the buffer.

Reimplemented from XrdSecProtocol.

GetSrvCertEnt()

static XrdSutCacheEntry * XrdSecProtocolgsi::GetSrvCertEnt ( XrdSutCERef &  gcref, XrdCryptoFactory *  cf, time_t  timestamp, String &  cal  )

staticprivate

Init()

static char * XrdSecProtocolgsi::Init ( gsiOptions  o, XrdOucErrInfo *  erp  )

static

InitProxy()

static int XrdSecProtocolgsi::InitProxy ( ProxyIn_t *  pi, XrdCryptoFactory *  cf, X509Chain *  ch = 0, XrdCryptoRSA **  key = 0  )

staticprivate

LoadAuthzFun()

static XrdSecgsiAuthz_t XrdSecProtocolgsi::LoadAuthzFun ( const char *  plugin, const char *  parms, int &  fmt  )

staticprivate

LoadCRL()

static XrdCryptoX509Crl * XrdSecProtocolgsi::LoadCRL ( XrdCryptoX509 *  xca, const char *  sjhash, XrdCryptoFactory *  CF, int  dwld, int &  err  )

staticprivate

LoadGMAPFun()

static XrdSecgsiGMAP_t XrdSecProtocolgsi::LoadGMAPFun ( const char *  plugin, const char *  parms  )

staticprivate

LoadVOMSFun()

static XrdSecgsiVOMS_t XrdSecProtocolgsi::LoadVOMSFun ( const char *  plugin, const char *  parms, int &  fmt  )

staticprivate

ParseCAlist()

int XrdSecProtocolgsi::ParseCAlist ( String  calist )

private

ParseClientInput()

int XrdSecProtocolgsi::ParseClientInput ( XrdSutBuffer *  br, XrdSutBuffer **  bm, String &  emsg  )

private

ParseCrypto()

int XrdSecProtocolgsi::ParseCrypto ( String  cryptlist )

private

ParseServerInput()

int XrdSecProtocolgsi::ParseServerInput ( XrdSutBuffer *  br, XrdSutBuffer **  bm, String &  cmsg  )

private

QueryGMAP()

static void XrdSecProtocolgsi::QueryGMAP ( XrdCryptoX509Chain *  chain, int  now, String &  name  )

staticprivate

QueryProxy()

static int XrdSecProtocolgsi::QueryProxy ( bool  checkcache, XrdSutCache *  cache, const char *  tag, XrdCryptoFactory *  cf, time_t  timestamp, ProxyIn_t *  pi, ProxyOut_t *  po  )

staticprivate

ServerCertNameOK()

bool XrdSecProtocolgsi::ServerCertNameOK ( const char *  subject, const char *  hname, String &  e  )

private

ServerDoCert()

int XrdSecProtocolgsi::ServerDoCert ( XrdSutBuffer *  br, XrdSutBuffer **  bm, String &  cmsg  )

private

ServerDoCertreq()

int XrdSecProtocolgsi::ServerDoCertreq ( XrdSutBuffer *  br, XrdSutBuffer **  bm, String &  cmsg  )

private

ServerDoSigpxy()

int XrdSecProtocolgsi::ServerDoSigpxy ( XrdSutBuffer *  br, XrdSutBuffer **  bm, String &  cmsg  )

private

setKey()

int XrdSecProtocolgsi::setKey ( char *  buff, int  size  )

virtual

Set the current encryption key

Parameters

buff	buffer that holds the key.
size	size of the key.

Returns

: < 0 Failed, returned value if -errno (see Encrypt) = 0 The new key has been set.

Reimplemented from XrdSecProtocol.

Sign()

int XrdSecProtocolgsi::Sign ( const char *  inbuff, int  inlen, XrdSecBuffer **  outbuff  )

virtual

Sign data in inbuff using the session key.

Parameters

inbuff	buffer holding data to be signed.
inlen	length of the data.
outbuff	place where a pointer to the signature is placed.

Returns

< 0 Failed,the return value is -errno (see Encrypt). = 0 Success, outbuff contains a pointer to the signature. The caller is responsible for deleting the returned object.

Reimplemented from XrdSecProtocol.

Verify()

int XrdSecProtocolgsi::Verify ( const char *  inbuff, int  inlen, const char *  sigbuff, int  siglen  )

virtual

Verify a signature using the session key.

Parameters

inbuff	buffer holding data to be verified.
inlen	length of the data.
sigbuff	pointer to the signature data.
siglen	length of the signature data.

Returns

< 0 Failed,the return value is -errno (see Encrypt). = 0 Success, signature is correct. > 0 Failed to verify, signature does not match inbuff data.

Reimplemented from XrdSecProtocol.

VerifyCA()

static bool XrdSecProtocolgsi::VerifyCA ( int  opt, X509Chain *  cca, XrdCryptoFactory *  cf  )

staticprivate

VerifyCRL()

static int XrdSecProtocolgsi::VerifyCRL ( XrdCryptoX509Crl *  crl, XrdCryptoX509 *  xca, XrdOucString  crldir, XrdCryptoFactory *  CF, int  hashalg  )

staticprivate

Friends And Related Function Documentation

gsiHSVars

friend class gsiHSVars

friend

gsiOptions

friend class gsiOptions

friend

Member Data Documentation

AuthzAlways

int XrdSecProtocolgsi::AuthzAlways

staticprivate

AuthzCacheTimeOut

int XrdSecProtocolgsi::AuthzCacheTimeOut

staticprivate

AuthzCertFmt

int XrdSecProtocolgsi::AuthzCertFmt

staticprivate

AuthzFun

XrdSecgsiAuthz_t XrdSecProtocolgsi::AuthzFun

staticprivate

AuthzKey

XrdSecgsiAuthzKey_t XrdSecProtocolgsi::AuthzKey

staticprivate

AuthzPxyWhat

int XrdSecProtocolgsi::AuthzPxyWhat

staticprivate

AuthzPxyWhere

int XrdSecProtocolgsi::AuthzPxyWhere

staticprivate

bucketKey

XrdSutBucket* XrdSecProtocolgsi::bucketKey

private

cacheAuthzFun

XrdSutCache XrdSecProtocolgsi::cacheAuthzFun

staticprivate

cacheCA

XrdSutCache XrdSecProtocolgsi::cacheCA

staticprivate

cacheCert

XrdSutCache XrdSecProtocolgsi::cacheCert

staticprivate

CACheck

int XrdSecProtocolgsi::CACheck

staticprivate

cacheGMAPFun

XrdSutCache XrdSecProtocolgsi::cacheGMAPFun

staticprivate

cachePxy

XrdSutCache XrdSecProtocolgsi::cachePxy

staticprivate

CAdir

String XrdSecProtocolgsi::CAdir

staticprivate

CRLCheck

int XrdSecProtocolgsi::CRLCheck

staticprivate

CRLdir

String XrdSecProtocolgsi::CRLdir

staticprivate

CRLDownload

int XrdSecProtocolgsi::CRLDownload

staticprivate

CRLRefresh

int XrdSecProtocolgsi::CRLRefresh

staticprivate

cryptF

XrdCryptoFactory* XrdSecProtocolgsi::cryptF[XrdCryptoMax]

staticprivate

cryptID

int XrdSecProtocolgsi::cryptID[XrdCryptoMax]

staticprivate

cryptName

String XrdSecProtocolgsi::cryptName[XrdCryptoMax]

staticprivate

Debug

int XrdSecProtocolgsi::Debug

staticprivate

DefBits

int XrdSecProtocolgsi::DefBits

staticprivate

DefCipher

String XrdSecProtocolgsi::DefCipher

staticprivate

DefCRLext

String XrdSecProtocolgsi::DefCRLext

staticprivate

DefCrypto

String XrdSecProtocolgsi::DefCrypto

staticprivate

DefError

String XrdSecProtocolgsi::DefError

staticprivate

DefMD

String XrdSecProtocolgsi::DefMD

staticprivate

DepLength

int XrdSecProtocolgsi::DepLength

staticprivate

eDest

XrdSysError XrdSecProtocolgsi::eDest

staticprivate

epAddr

XrdNetAddrInfo XrdSecProtocolgsi::epAddr

private

expectedHost

char* XrdSecProtocolgsi::expectedHost

private

GMAPCacheTimeOut

int XrdSecProtocolgsi::GMAPCacheTimeOut

staticprivate

GMAPFile

String XrdSecProtocolgsi::GMAPFile

staticprivate

GMAPFun

XrdSecgsiGMAP_t XrdSecProtocolgsi::GMAPFun

staticprivate

GMAPOpt

int XrdSecProtocolgsi::GMAPOpt

staticprivate

GMAPuseDNname

bool XrdSecProtocolgsi::GMAPuseDNname

staticprivate

gsiContext

XrdSysMutex XrdSecProtocolgsi::gsiContext

staticprivate

GSITrace

XrdOucTrace* XrdSecProtocolgsi::GSITrace

staticprivate

HashCompatibility

bool XrdSecProtocolgsi::HashCompatibility

staticprivate

hs

gsiHSVars* XrdSecProtocolgsi::hs

private

lastGMAPCheck

time_t XrdSecProtocolgsi::lastGMAPCheck

staticprivate

Logger

XrdSysLogger XrdSecProtocolgsi::Logger

staticprivate

MonInfoOpt

int XrdSecProtocolgsi::MonInfoOpt

staticprivate

mutexGMAP

XrdSysMutex XrdSecProtocolgsi::mutexGMAP

staticprivate

ncrypt

int XrdSecProtocolgsi::ncrypt

staticprivate

options

int XrdSecProtocolgsi::options

private

proxyChain

X509Chain* XrdSecProtocolgsi::proxyChain

private

PxyReqOpts

int XrdSecProtocolgsi::PxyReqOpts

staticprivate

PxyValid

String XrdSecProtocolgsi::PxyValid

staticprivate

refcip

XrdCryptoCipher* XrdSecProtocolgsi::refcip[XrdCryptoMax]

staticprivate

Server

bool XrdSecProtocolgsi::Server

staticprivate

servGMap

XrdOucGMap* XrdSecProtocolgsi::servGMap

staticprivate

sessionCF

XrdCryptoFactory* XrdSecProtocolgsi::sessionCF

private

sessionKey

XrdCryptoCipher* XrdSecProtocolgsi::sessionKey

private

sessionKsig

XrdCryptoRSA* XrdSecProtocolgsi::sessionKsig

private

sessionKver

XrdCryptoRSA* XrdSecProtocolgsi::sessionKver

private

sessionMD

XrdCryptoMsgDigest* XrdSecProtocolgsi::sessionMD

private

SrvAllowedNames

String XrdSecProtocolgsi::SrvAllowedNames

staticprivate

SrvCert

String XrdSecProtocolgsi::SrvCert

staticprivate

SrvKey

String XrdSecProtocolgsi::SrvKey

staticprivate

srvMode

bool XrdSecProtocolgsi::srvMode

private

stackCA

GSIStack<XrdCryptoX509Chain> XrdSecProtocolgsi::stackCA

staticprivate

stackCRL

std::unique_ptr<GSIStack<XrdCryptoX509Crl> > XrdSecProtocolgsi::stackCRL

staticprivate

Referenced by gsiHSVars::~gsiHSVars().

TimeSkew

int XrdSecProtocolgsi::TimeSkew

staticprivate

TrustDNS

bool XrdSecProtocolgsi::TrustDNS

staticprivate

useIV

bool XrdSecProtocolgsi::useIV

private

UsrCert

String XrdSecProtocolgsi::UsrCert

staticprivate

UsrKey

String XrdSecProtocolgsi::UsrKey

staticprivate

UsrProxy

String XrdSecProtocolgsi::UsrProxy

staticprivate

VOMSAttrOpt

int XrdSecProtocolgsi::VOMSAttrOpt

staticprivate

VOMSCertFmt

int XrdSecProtocolgsi::VOMSCertFmt

staticprivate

VOMSFun

XrdSecgsiVOMS_t XrdSecProtocolgsi::VOMSFun

staticprivate

---

The documentation for this class was generated from the following file:

• XrdSecProtocolgsi.hh