From da8df1d8f162951a0e8d0113cd06449d20ae62cf Mon Sep 17 00:00:00 2001 From: Andrew Hanushevsky Date: Tue, 8 Oct 2019 09:35:59 -0700 Subject: [PATCH] [Server] Add appname to SecEntity attribute set. [Server] Assign a unique ID to each SecEntity instance. --- src/XProtocol/XProtocol.hh | 2 ++ src/XrdSec/XrdSecEntity.cc | 2 +- src/XrdSec/XrdSecEntity.hh | 2 +- src/XrdXrootd/XrdXrootdProtocol.cc | 6 ++++++ src/XrdXrootd/XrdXrootdProtocol.hh | 1 + src/XrdXrootd/XrdXrootdXeq.cc | 9 +++++++++ 6 files changed, 20 insertions(+), 2 deletions(-) diff --git a/src/XProtocol/XProtocol.hh b/src/XProtocol/XProtocol.hh index 74130a91d45..bed24ade32c 100644 --- a/src/XProtocol/XProtocol.hh +++ b/src/XProtocol/XProtocol.hh @@ -92,6 +92,8 @@ #define kXR_anongpf 0x00800000 #define kXR_supgetf 0x00400000 #define kXR_supputf 0x00200000 +#define kXR_suppgwr 0x00100000 +#define kXR_supcsoc 0x00080000 #define kXR_haveTLS 0x80000000 #define kXR_gotoTLS 0x40000000 diff --git a/src/XrdSec/XrdSecEntity.cc b/src/XrdSec/XrdSecEntity.cc index 94349d78d54..b1ed29e097b 100644 --- a/src/XrdSec/XrdSecEntity.cc +++ b/src/XrdSec/XrdSecEntity.cc @@ -198,7 +198,7 @@ void XrdSecEntity::Reset(bool isnew, const char *spV, const char *dpV) moninfo = 0; creds = 0; credslen = 0; - rsvd = 0; + entityID = 0; addrInfo = 0; tident = 0; sessvar = 0; diff --git a/src/XrdSec/XrdSecEntity.hh b/src/XrdSec/XrdSecEntity.hh index 25480a5472d..4c19da80d6b 100644 --- a/src/XrdSec/XrdSecEntity.hh +++ b/src/XrdSec/XrdSecEntity.hh @@ -76,7 +76,7 @@ public: char *moninfo; //!< Information for monitoring char *creds; //!< Raw entity credentials or cert int credslen; //!< Length of the 'creds' data - int rsvd; //!< Reserved field +unsigned int entityID; //!< Unique ID of entity instance XrdNetAddrInfo *addrInfo; //!< Entity's connection details const char *tident; //!< Trace identifier always preset void *sessvar; //!< Plugin settable storage pointer, diff --git a/src/XrdXrootd/XrdXrootdProtocol.cc b/src/XrdXrootd/XrdXrootdProtocol.cc index 7883058b697..f5e7b2bdd44 100644 --- a/src/XrdXrootd/XrdXrootdProtocol.cc +++ b/src/XrdXrootd/XrdXrootdProtocol.cc @@ -226,6 +226,7 @@ XrdXrootdProtocol::XrdXrootdProtocol() : XrdProtocol("xrootd protocol handler"), ProtLink(this), Entity(0,"xroot") { + AppName = 0; Reset(); } @@ -873,6 +874,10 @@ void XrdXrootdProtocol::Cleanup() // Handle writev appendage // if (wvInfo) {free(wvInfo); wvInfo = 0;} + +// Release aplication name +// + if (AppName) {free(AppName); AppName = 0;} } /******************************************************************************/ @@ -956,4 +961,5 @@ void XrdXrootdProtocol::Reset() Entity.Reset(0, "xroot"); memset(Stream, 0, sizeof(Stream)); PrepareCount = 0; + if (AppName) {free(AppName); AppName = 0;} } diff --git a/src/XrdXrootd/XrdXrootdProtocol.hh b/src/XrdXrootd/XrdXrootdProtocol.hh index 89a5ef6310f..fec7c73efa3 100644 --- a/src/XrdXrootd/XrdXrootdProtocol.hh +++ b/src/XrdXrootd/XrdXrootdProtocol.hh @@ -386,6 +386,7 @@ XrdSecEntity *Client; XrdSecProtocol *AuthProt; XrdSecEntity Entity; XrdSecProtect *Protect; +char *AppName; ClientRequest sigReq2Ver; // Request to verify SecurityRequest sigReq; // Signature request diff --git a/src/XrdXrootd/XrdXrootdXeq.cc b/src/XrdXrootd/XrdXrootdXeq.cc index 2cebc5be2cf..9e4e7d58c81 100644 --- a/src/XrdXrootd/XrdXrootdXeq.cc +++ b/src/XrdXrootd/XrdXrootdXeq.cc @@ -1000,6 +1000,7 @@ int XrdXrootdProtocol::do_Login() (clientPV & XrdOucEI::uIPv4 ? '4' : '6')); Entity.moninfo = strdup(apBuff); } + if (appXQ) AppName = strdup(appXQ); } // Allocate a monitoring object, if needed for this connection @@ -3664,6 +3665,14 @@ bool XrdXrootdProtocol::logLogin(bool xauth) {eDest.Emsg("Xeq", "Unable to require TLS for", Link->ID); return false; } + +// Record the appname in the final SecEntity object +// + if (AppName) Client->Add("xrd.appname", (std::string)AppName, true); + +// Assign unique identifier to the final SecEntity object +// + Client->entityID = mySID; return true; }