Skip to content

Commit

Permalink
[Acc] Dynamically attach a sliced SecEntity as one of its object attr…
Browse files Browse the repository at this point in the history 
…ibutes.
  • Loading branch information
@abh3
abh3 committed Jun 24, 2020
1 parent efe29b9 commit 4d3b4de
Show file tree
Hide file tree
Showing 2 changed files with 34 additions and 46 deletions.
58 changes: 20 additions & 38 deletions src/XrdAcc/XrdAccEntity.cc
View file
Expand Up @@ -34,38 +34,31 @@
#include "XrdOuc/XrdOucTokenizer.hh"
#include "XrdSec/XrdSecEntity.hh"
#include "XrdSys/XrdSysError.hh"
#include "XrdSys/XrdSysPthread.hh"

/******************************************************************************/
/* X r d A c c E n t i t y C a c h e */
/* S t a t i c M e m b e r s */
/******************************************************************************/

// This is a small cache of recently generated entities. It is a hit or miss
// affair but will get better in release 5 when we can tie this object to
// the secentity object and have it deleted automatically.
//
int XrdAccEntity::accSig = 0;

namespace
{
XrdSysError *eDest = 0;
XrdSysMutex cacheMutex;

static const int cacheSize = 256;
XrdAccEntity *cacheVec[cacheSize] = {0};
XrdSysError *eDest = 0;
}

/******************************************************************************/
/* C o n s t r u c t o r */
/******************************************************************************/

XrdAccEntity::XrdAccEntity(const XrdSecEntity *secP, bool &aOK)
: XrdSecAttr(&accSig)
{
EntityAttr attrInfo;
int have, want = 0;

// Assume all is going to be well and set our unique id.
//
aOK = true;
ueid = secP->ueid;

// Copy out the various attributes we want to tokenize
//
Expand Down Expand Up @@ -127,29 +120,25 @@ XrdAccEntity::XrdAccEntity(const XrdSecEntity *secP, bool &aOK)
/* G e t E n t i t y */
/******************************************************************************/

XrdAccEntity *XrdAccEntity::GetEntity(const XrdSecEntity *secP)
XrdAccEntity *XrdAccEntity::GetEntity(const XrdSecEntity *secP, bool &isNew)
{
XrdAccEntity *aeP;
XrdSecAttr *seP;
bool aOK;

// New versions of xrootd assign a unique ID to every secentity structure.
// If assigned then we can see if we cached this information and reuse it.
// Otherwise, we must generate it anew.
// If we already compiled the identity informaion, reuse it.
//
if (secP->ueid)
{int entNum = secP->ueid % cacheSize;
cacheMutex.Lock();
if ((aeP = cacheVec[entNum]) && aeP->ueid == secP->ueid)
{cacheVec[entNum] = 0;
cacheMutex.UnLock();
return aeP;
}
cacheMutex.UnLock();
if ((seP = secP->Get(&accSig)))
{isNew = false;
return static_cast<XrdAccEntity *>(seP);
}

// At this point we muxt create a new entity for authorization purposes and
// return it if all went well.
// return it if all went well. We do not attach it to its SecEntity object as
// this will be done by the AccEntityInit object upon deletion to avoid
// race conditions and memory leaks. This allows for parallel processing.
//
isNew = true;
aeP = new XrdAccEntity(secP, aOK);
if (aOK) return aeP;

Expand Down Expand Up @@ -197,21 +186,14 @@ bool XrdAccEntity::OneOrZero(char *src, const char *&dest)
/* P u t E n t i t y */
/******************************************************************************/

void XrdAccEntity::PutEntity()
void XrdAccEntity::PutEntity(const XrdSecEntity *secP)
{
XrdAccEntity *aeP;

// Compute cache entry and replace any existing entry with this one. If we
// did replace an entry then delete the it as it can't be in use if cached.
// Add this object to the indicated SecEntity object. There may be one there
// already if some other thread beat us to the punch (unlike). If there is
// we simply delete ourselves to avoid a memory leak.
//
if (!ueid) delete this;
else {int entNum = ueid % cacheSize;
cacheMutex.Lock();
aeP = cacheVec[entNum];
cacheVec[entNum] = this;
cacheMutex.UnLock();
if (aeP) delete aeP;
}
if (!(const_cast<XrdSecEntity*>(secP)->Add(*this))) delete this;
}

/******************************************************************************/
Expand Down
22 changes: 14 additions & 8 deletions src/XrdAcc/XrdAccEntity.hh
View file
Expand Up @@ -32,6 +32,8 @@
#include <stdlib.h>
#include <vector>

#include "XrdSec/XrdSecAttr.hh"

/******************************************************************************/
/* X r d A c c E n t i t y I n f o */
/******************************************************************************/
Expand Down Expand Up @@ -59,12 +61,12 @@ class XrdOucTokenizer;
class XrdSecEntity;
class XrdSysError;

class XrdAccEntity
class XrdAccEntity : public XrdSecAttr
{
public:

static
XrdAccEntity *GetEntity(const XrdSecEntity *secP);
XrdAccEntity *GetEntity(const XrdSecEntity *secP, bool &isNew);

bool Next(int &seq, XrdAccEntityInfo &info)
{if (int(attrVec.size()) <= seq) return false;
Expand All @@ -75,7 +77,7 @@ bool Next(int &seq, XrdAccEntityInfo &info)
return true;
}

void PutEntity();
void PutEntity(const XrdSecEntity *secP);

static
void setError(XrdSysError *errP);
Expand Down Expand Up @@ -106,7 +108,7 @@ std::vector<EntityAttr> attrVec;
char *vorgInfo;
char *roleInfo;
char *grpsInfo;
unsigned int ueid;
static int accSig; // Attribute Object Signture
};

/******************************************************************************/
Expand All @@ -117,13 +119,17 @@ class XrdAccEntityInit
{
public:

XrdAccEntityInit(const XrdSecEntity *secP, XrdAccEntity *&aeR)
{aeR = aeP = XrdAccEntity::GetEntity(secP);}
XrdAccEntityInit(const XrdSecEntity *secP, XrdAccEntity *&aeR) : seP(secP)
{bool isNew;
aeR = XrdAccEntity::GetEntity(secP, isNew);
aeP = (isNew ? aeR : 0);
}

~XrdAccEntityInit() {if (aeP) aeP->PutEntity();}
~XrdAccEntityInit() {if (aeP) aeP->PutEntity(seP);}

private:

XrdAccEntity *aeP;
const XrdSecEntity *seP;
XrdAccEntity *aeP;
};
#endif

0 comments on commit 4d3b4de

Please sign in to comment.