Back to index

nordugrid-arc-nox  1.1.0~rc6
Public Member Functions | Static Public Member Functions | Private Attributes
Arc::GSSCredential Class Reference

#include <GSSCredential.h>

List of all members.

Public Member Functions

 GSSCredential (const std::string &proxyPath, const std::string &certificatePath, const std::string &keyPath)
 GSSCredential ()
 ~GSSCredential ()
 operator gss_cred_id_t & ()
 operator gss_cred_id_t * ()

Static Public Member Functions

static std::string ErrorStr (OM_uint32 majstat, OM_uint32 minstat)

Private Attributes

gss_cred_id_t credential

Detailed Description

Definition at line 12 of file GSSCredential.h.


Constructor & Destructor Documentation

Arc::GSSCredential::GSSCredential ( const std::string &  proxyPath,
const std::string &  certificatePath,
const std::string &  keyPath 
)

Definition at line 16 of file GSSCredential.cpp.

    : credential(GSS_C_NO_CREDENTIAL) {

    std::string credbuf;
  
    if (!proxyPath.empty()) {
      std::ifstream is(proxyPath.c_str());
      getline(is, credbuf, '\0');
      if(!is || credbuf.empty()) {
       logger.msg(ERROR, "Failed to read proxy file: %s", proxyPath);
       return;
      }
    }
    else if (!certificatePath.empty() && !keyPath.empty()) {
      std::ifstream is(certificatePath.c_str());
      getline(is, credbuf, '\0');
      if(!is || credbuf.empty()) {
       logger.msg(ERROR, "Failed to read certificate file: %s",
                 certificatePath);
       return;
      }
      std::string keybuf;
      std::ifstream ik(keyPath.c_str());
      getline(ik, keybuf, '\0');
      if(!ik || keybuf.empty()) {
       logger.msg(ERROR, "Failed to read private key file: %s", keyPath);
       return;
      }
      credbuf += "\n";
      credbuf += keybuf;
    }

    if(!credbuf.empty()) { 
      //Convert to GSS credental only if find credential content
      OM_uint32 majstat, minstat;
      gss_buffer_desc gbuf;

      gbuf.value = (void*)credbuf.c_str();
      gbuf.length = credbuf.length();

      majstat = gss_import_cred(&minstat, &credential, NULL, 0,
                           &gbuf, GSS_C_INDEFINITE, NULL);

      if (GSS_ERROR(majstat)) {
        logger.msg(ERROR, "Failed to convert GSI credential to "
                    "GSS credential (major: %d, minor: %d)%s", majstat, minstat, ErrorStr(majstat, minstat));
        return;
      }
    }
  }

Here is the call graph for this function:

Definition at line 17 of file GSSCredential.h.

: credential(GSS_C_NO_CREDENTIAL) {};

Definition at line 69 of file GSSCredential.cpp.

                                {

    if (credential != GSS_C_NO_CREDENTIAL) {
      OM_uint32 majstat, minstat;
      majstat = gss_release_cred(&minstat, &credential);
      if (GSS_ERROR(majstat)) {
       logger.msg(ERROR, "Failed to release GSS credential "
                 "(major: %d, minor: %d):%s", majstat, minstat, ErrorStr(majstat, minstat));
       return;
      }
    }
  }

Here is the call graph for this function:


Member Function Documentation

std::string Arc::GSSCredential::ErrorStr ( OM_uint32  majstat,
OM_uint32  minstat 
) [static]

Definition at line 90 of file GSSCredential.cpp.

                                                                  {
    std::string errstr;
    if(majstat & GSS_S_BAD_MECH) errstr+=":GSS_S_BAD_MECH";
    if(majstat & GSS_S_BAD_NAME) errstr+=":GSS_S_BAD_NAME";
    if(majstat & GSS_S_BAD_NAMETYPE) errstr+=":GSS_S_BAD_NAMETYPE";
    if(majstat & GSS_S_BAD_BINDINGS) errstr+=":GSS_S_BAD_BINDINGS";
    if(majstat & GSS_S_BAD_STATUS) errstr+=":GSS_S_BAD_STATUS";
    if(majstat & GSS_S_BAD_SIG) errstr+=":GSS_S_BAD_SIG";
    if(majstat & GSS_S_NO_CRED) errstr+=":GSS_S_NO_CRED";
    if(majstat & GSS_S_NO_CONTEXT) errstr+=":GSS_S_NO_CONTEXT";
    if(majstat & GSS_S_DEFECTIVE_TOKEN) errstr+=":GSS_S_DEFECTIVE_TOKEN";
    if(majstat & GSS_S_DEFECTIVE_CREDENTIAL) errstr+=":GSS_S_DEFECTIVE_CREDENTIAL";
    if(majstat & GSS_S_CREDENTIALS_EXPIRED) errstr+=":GSS_S_CREDENTIALS_EXPIRED";
    if(majstat & GSS_S_CONTEXT_EXPIRED) errstr+=":GSS_S_CONTEXT_EXPIRED";
    if(majstat & GSS_S_FAILURE) errstr+=":GSS_S_FAILURE";
    if(majstat & GSS_S_BAD_QOP) errstr+=":GSS_S_BAD_QOP";
    if(majstat & GSS_S_UNAUTHORIZED) errstr+=":GSS_S_UNAUTHORIZED";
    if(majstat & GSS_S_UNAVAILABLE) errstr+=":GSS_S_UNAVAILABLE";
    if(majstat & GSS_S_DUPLICATE_ELEMENT) errstr+=":GSS_S_DUPLICATE_ELEMENT";
    if(majstat & GSS_S_NAME_NOT_MN) errstr+=":GSS_S_NAME_NOT_MN";
    if(majstat & GSS_S_EXT_COMPAT) errstr+=":GSS_S_EXT_COMPAT";
    return errstr;
  }

Here is the caller graph for this function:

Arc::GSSCredential::operator gss_cred_id_t & ( )

Definition at line 82 of file GSSCredential.cpp.

                                         {
    return credential;
  }
Arc::GSSCredential::operator gss_cred_id_t * ( )

Definition at line 86 of file GSSCredential.cpp.

                                         {
    return &credential;
  }

Member Data Documentation

gss_cred_id_t Arc::GSSCredential::credential [private]

Definition at line 23 of file GSSCredential.h.


The documentation for this class was generated from the following files: