[Server] Extend virtual networking to all roles.

[Server] Add cms.vnid directive for containerization/virtualization (new).
[Server] All sysid and vnid options to 'query config' (new).

src/XrdCms/XrdCmsAdmin.cc

@@ -30,6 +30,7 @@
 
 #include <stdio.h>
 #include <limits.h>
+#include <string>
 #include <unistd.h>
 #include <inttypes.h>
 #include <netinet/in.h>
@@ -415,6 +416,36 @@ void XrdCmsAdmin::BegAds()
       Say.Emsg(epname, errno, "start alternate data server monitor");
 }
 
+/******************************************************************************/
+/*                             C h e c k V N i d                              */
+/******************************************************************************/
+
+bool XrdCmsAdmin::CheckVNid(const char *xNid)
+{
+
+// Check if we have a vnid but the server is supplying one or is not the same
+//
+   if (Config.myVNID)
+      {if (!xNid)
+          {Say.Emsg("do_Login", "Warning! No xrootd vnid specified; "
+                                "proceeding only with cmsd vnid.");
+           return true;
+          }
+       if (!strcmp(xNid, Config.myVNID)) return true;
+       std::string msg("xrootd vnid '");
+       msg += xNid; msg += "' does not match cmsd vnid '";
+       msg += Config.myVNID; msg += "'.";
+       Say.Emsg("do_Login", msg.c_str());
+       return false;
+      }
+
+// We don't have a vnid, check if one is present
+//
+   if (xNid) Say.Emsg("do_Login", "Warning! xrootd has a vnid but cmsd does "
+                                  "not; proceeding without a vnid!");
+   return true;
+}
+
 /******************************************************************************/
 /*                               C o n 2 A d s                                */
 /******************************************************************************/
@@ -489,11 +520,12 @@ do{while((snum = adsSocket.Open("localhost", Config.adsPort)) < 0)
 
 int XrdCmsAdmin::do_Login()
 {
+   std::string vnidVal;
    const char *emsg;
    char buff[64], *tp, Ltype = 0;
    int Port = 0;
 
-// Process: login {p | P | s | u} <name> [port <port>]
+// Process: login {p | P | s | u} <name> [port <port>] [nid <nid>]
 //
    if (!(tp = Stream.GetToken()))
       {Say.Emsg("do_Login", "login type not specified");
@@ -537,6 +569,13 @@ int XrdCmsAdmin::do_Login()
                   if (XrdOuca2x::a2i(Say,"login port",tp,&Port,0))
                      return 0;
                  }
+         else if (!strcmp(tp, "vnid"))
+                 {if (!(tp = Stream.GetToken()))
+                     {Say.Emsg("do_Login", "vnid value not specified");
+                      return 0;
+                     }
+                  vnidVal = tp;
+                 }
          else    {Say.Emsg("do_Login", "invalid login option -", tp);
                   return 0;
                  }
@@ -555,6 +594,14 @@ int XrdCmsAdmin::do_Login()
        return 0;
       }
 
+// Verify virtual networking
+//
+   if ((vnidVal.length() || Config.myVNID)
+   && !CheckVNid(vnidVal.length() ? vnidVal.c_str() : 0))
+      {Say.Emsg("do_login", "Server login rejected; virtual networking error.");
+       return 0;
+      }
+
 // Discard login if this is a duplicate primary server
 //
    myMutex.Lock();

src/XrdCms/XrdCmsAdmin.hh

@@ -64,6 +64,7 @@ static void  Relay(int setSock, int newSock);
 private:
 
 void  BegAds();
+bool  CheckVNid(const char *xNid);
 int   Con2Ads(const char *pname);
 int   do_Login();
 void  do_RmDid(int dotrim=0);

src/XrdCms/XrdCmsClientConfig.cc

@@ -85,8 +85,6 @@ int XrdCmsClientConfig::Configure(const char *cfn, configWhat What,
 
   Output:   0 upon success or !0 otherwise.
 */
-   EPNAME("Configure");
-   static const char *mySid = 0;
    XrdOucTList *tpe, *tpl;
    int i, NoGo = 0;
    const char *eText = 0;
@@ -121,18 +119,22 @@ int XrdCmsClientConfig::Configure(const char *cfn, configWhat What,
    XrdOucEnv::Export("XRDCMSPATH", temp);
    XrdOucEnv::Export("XRDOLBPATH", temp); //Compatability
 
+// Determine what type of role we are playing
+//
+        if (What & configServer) sfx = 's';
+   else if (What & configSuper)  sfx = 'u';
+   else                          sfx = 'm';
+
+// Determine which manager list we will be using
+//
+   if (How & configProxy)
+      {sfx = toupper(sfx);
+       tpl = PanList;
+      } else tpl = ManList;
+
 // Generate the system ID for this configuration.
 //
-   tpl = (How & configProxy ? PanList : ManList);
-   if (!mySid)
-      {     if (What & configServer) sfx = 's';
-       else if (What & configSuper)  sfx = 'u';
-       else                          sfx = 'm';
-       if (!(mySid = XrdCmsSecurity::setSystemID(tpl,myName,myHost,cidTag,sfx)))
-          {Say.Emsg("xrootd","Unable to generate system ID; too many managers.");
-           NoGo = 1;
-          } else {DEBUG("Global System Identification: " <<mySid);}
-      }
+   if (!ConfigSID(cfn, tpl, sfx)) NoGo = 1;
 
 // Export the manager list
 //
@@ -232,6 +234,36 @@ int XrdCmsClientConfig::ConfigProc(const char *ConfigFN)
    return NoGo;
 }
 
+/******************************************************************************/
+/*                             C o n f i g S i d                              */
+/******************************************************************************/
+
+bool XrdCmsClientConfig::ConfigSID(const char *cFN, XrdOucTList *tpl, char sfx)
+{
+   char *sidVal;
+
+// Get the node ID if we need to
+//
+   if (VNID_Lib)
+      {myVNID = XrdCmsSecurity::getVnId(Say, cFN, VNID_Lib, VNID_Parms, sfx);
+       if (!myVNID) return false;
+      }
+
+// Generate the system ID and set the cluster ID
+//
+   sidVal = XrdCmsSecurity::setSystemID(tpl, myVNID, cidTag, sfx);
+   if (!sidVal || *sidVal == '!')
+      {const char *msg;
+       if (!sidVal) msg = "too many managers.";
+          else msg = sidVal+1;
+       Say.Emsg("Config ","Unable to generate system ID; ", msg);
+       return false;
+      }
+      else if (QTRACE(Debug))
+              Say.Say("Config ", "Global System Identification: ", sidVal);
+   return true;
+}
+
 /******************************************************************************/
 /*                             C o n f i g X e q                              */
 /******************************************************************************/
@@ -247,6 +279,7 @@ int XrdCmsClientConfig::ConfigXeq(char *var, XrdOucStream &Config)
    TS_Xeq("adminpath",     xapath);
    TS_Xeq("request",       xreqs);
    TS_Xeq("trace",         xtrac);
+   TS_Xeq("vnid",          xvnid);
    return 0;
 }
 
@@ -530,6 +563,7 @@ int XrdCmsClientConfig::xtrac(XrdOucStream &Config)
        {
         {"all",      TRACE_ALL},
         {"debug",    TRACE_Debug},
+        {"files",    TRACE_Files},
         {"forward",  TRACE_Forward},
         {"redirect", TRACE_Redirect},
         {"defer",    TRACE_Defer},
@@ -557,3 +591,44 @@ int XrdCmsClientConfig::xtrac(XrdOucStream &Config)
     Trace.What = trval;
     return 0;
 }
+
+/******************************************************************************/
+/*                                 x v n i d                                  */
+/******************************************************************************/
+
+/* Function: xvnid
+
+   Purpose:  To parse the directive: vnid {=|<|@}<vnarg> [<parms>]
+
+             <vnarg>   = - the actual vnid value
+                       < - the path of the file to be read for the vnid.
+                       @ - the path of the plugin library to be used.
+             <parms>   optional parms to be passed
+
+  Output: 0 upon success or !0 upon failure.
+*/
+
+int XrdCmsClientConfig::xvnid(XrdOucStream &Config)
+{
+    char *val, parms[1024];
+
+// Get the argument
+//
+   if (!(val = Config.GetWord()) || !val[0])
+      {Say.Emsg("Config", "vnid not specified"); return 1;}
+
+// Record the path
+//
+   if (VNID_Lib) free(VNID_Lib);
+   VNID_Lib = strdup(val);
+
+// Record any parms (only if it starts with an @)
+//
+   if (VNID_Parms) {free(VNID_Parms); VNID_Parms = 0;}
+   if (*VNID_Lib == '@')
+      {if (!Config.GetRest(parms, sizeof(parms)))
+          {Say.Emsg("Config", "vnid plug-in parameters too long"); return 1;}
+       if (*parms) VNID_Parms = strdup(parms);
+      }
+   return 0;
+}

src/XrdCms/XrdCmsClientConfig.hh

@@ -60,6 +60,7 @@ int           haveMeta;     // Have a meta manager (only if we are a manager)
 char         *CMSPath;      // Path to the local cmsd for target nodes
 const char   *myHost;
 const char   *myName;
+      char   *myVNID;
       char   *cidTag;
 
 XrdOucTList  *ManList;      // List of managers for remote redirection
@@ -72,23 +73,29 @@ enum {FailOver = 'f', RoundRob = 'r'};
       XrdCmsClientConfig() : ConWait(10), RepWait(3),  RepWaitMS(3000),
                              RepDelay(5), RepNone(8),  PrepWait(33),
                              FwdWait(0),  haveMeta(0), CMSPath(0),
-                             myHost(0),   myName(0),   cidTag(0),
-                             ManList(0),  PanList(0),
+                             myHost(0),   myName(0),   myVNID(0),
+                             cidTag(0),   ManList(0),  PanList(0),
                              SMode(FailOver), SModeP(FailOver),
+                             VNID_Lib(0),  VNID_Parms(0),
                              isMeta(0), isMan(0) {}
      ~XrdCmsClientConfig();
 
 private:
+char *VNID_Lib;
+char *VNID_Parms;
+
 int isMeta;   // We are  a meta manager
 int isMan;    // We are  a      manager
 
 int ConfigProc(const char *cfn);
+bool ConfigSID(const char *cFile, XrdOucTList *tpl, char sfx);
 int ConfigXeq(char *var, XrdOucStream &Config);
 int xapath(XrdOucStream &Config);
 int xcidt(XrdOucStream  &Config);
 int xconw(XrdOucStream  &Config);
 int xmang(XrdOucStream  &Config);
 int xreqs(XrdOucStream  &Config);
 int xtrac(XrdOucStream  &Config);
+int xvnid(XrdOucStream  &Config);
 };
 #endif