Commit 25ef0fb3 authored by Elvin Sindrilaru's avatar Elvin Sindrilaru
Browse files

XROOTD: Refactor the way the error objects are used and how error messages are set

        Fix indentation and whitespace cleaning
parent 5500c37b
......@@ -18,7 +18,7 @@
*
*
* @author Castor Dev team, castor-dev@cern.ch
*
*
******************************************************************************/
/*-----------------------------------------------------------------------------*/
......@@ -90,11 +90,7 @@ XrdxCastor2Acc::XrdxCastor2Acc():
mAuthKeyfile(""),
mRequireCapability(false),
mAllowLocal(true)
{
Logging::Init();
Logging::SetLogPriority(LOG_INFO);
xcastor_info("logging configured");
}
{ }
//------------------------------------------------------------------------------
......@@ -281,7 +277,7 @@ XrdxCastor2Acc::Init()
else
{
mPublicKey = X509_get_pubkey(x509public);
if (mPublicKey == NULL)
{
xcastor_err("no public key in file:%s", mAuthCertfile.c_str());
......@@ -300,11 +296,11 @@ XrdxCastor2Acc::Init()
xcastor_err("error opening private cert. file:%s", mAuthKeyfile.c_str());
return false;
}
// Get private key
mPrivateKey = PEM_read_PrivateKey(fpkey, NULL, NULL, NULL);
fclose(fpkey);
if (mPrivateKey == NULL)
{
xcastor_err("error accessing private key in file:%s", mAuthKeyfile.c_str());
......@@ -412,7 +408,7 @@ XrdxCastor2Acc::VerifyUnbase64(const char* data,
int modlength;
int inputlen = strlen((const char*)base64buffer);
unsigned char* input = base64buffer;
for (int i = 0; i < (inputlen + 1); i++)
{
// Add a '\n' every 64 characters which have been removed to be
......@@ -422,35 +418,35 @@ XrdxCastor2Acc::VerifyUnbase64(const char* data,
modinput[cpcnt] = '\n';
cpcnt++;
}
modinput[cpcnt] = input[i];
cpcnt++;
}
modinput[cpcnt] = 0;
modlength = cpcnt - 1;
b64 = BIO_new(BIO_f_base64());
if (!b64)
if (!b64)
{
xcastor_err("unable to allocate new BIO");
return false;
}
bmem = BIO_new_mem_buf(modinput, modlength);
if (!bmem)
{
xcastor_err("unable to allocate new mem buf");
BIO_free_all(b64);
return false;
}
bmem = BIO_push(b64, bmem);
sig_len = BIO_read(bmem, sig_buf, modlength);
BIO_free_all(bmem);
if (sig_len <= 0)
if (sig_len <= 0)
{
xcastor_err("error while decoding base64 message for path=%s", path);
return false;
......@@ -488,7 +484,7 @@ XrdxCastor2Acc::Decode(const char* opaque, AuthzInfo& authz)
// Convert the '&' seperated tokens into '\n' seperated tokens for parsing
tmp_str.replace("&", "\n");
XrdOucTokenizer authztokens((char*)tmp_str.c_str());
while ((stoken = authztokens.GetLine()))
{
XrdOucString token = stoken;
......@@ -514,7 +510,7 @@ XrdxCastor2Acc::Decode(const char* opaque, AuthzInfo& authz)
ntoken++;
continue;
}
if (token.beginswith("castor2fs.id="))
{
authz.id = (token.c_str() + 13);
......@@ -580,12 +576,12 @@ XrdxCastor2Acc::Decode(const char* opaque, AuthzInfo& authz)
// Build the auhorization token from the information held in the AuthzInfo
// structure and sign all this with the private key of the server.
//------------------------------------------------------------------------------
std::string
std::string
XrdxCastor2Acc::GetOpaqueAcc(AuthzInfo& authz, bool doSign)
{
// Build authorization token
std::string token = BuildToken(authz);
if (token.empty())
{
xcastor_err("authorization token is empty - nothing to sign");
......@@ -619,6 +615,8 @@ XrdxCastor2Acc::GetOpaqueAcc(AuthzInfo& authz, bool doSign)
<< "castor2fs.exptime=" << (int)authz.exptime << "&"
<< "castor2fs.signature=" << authz.signature << "&"
<< "castor2fs.manager=" << authz.manager << "&";
xcastor_debug("opaque_acc=%s", sstr.str().c_str());
return sstr.str();
}
......@@ -626,18 +624,18 @@ XrdxCastor2Acc::GetOpaqueAcc(AuthzInfo& authz, bool doSign)
//------------------------------------------------------------------------------
// Build the autorization token used for signing
//------------------------------------------------------------------------------
std::string
std::string
XrdxCastor2Acc::BuildToken(const AuthzInfo& authz)
{
std::ostringstream sstr;
sstr << authz.sfn
<< authz.pfn1
<< authz.pfn1
<< authz.pfn2
<< authz.id
<< authz.client_sec_uid
<< authz.client_sec_uid
<< authz.client_sec_gid
<< (int)authz.accessop
<< (int)authz.exptime
<< (int)authz.accessop
<< (int)authz.exptime
<< authz.manager;
return sstr.str();
}
......@@ -654,8 +652,8 @@ XrdxCastor2Acc::Access(const XrdSecEntity* Entity,
XrdOucEnv* Env)
{
xcastor_debug("path=%s, operation=%i", path, oper);
// We take care in XrdxCastorOfs::open that a user cannot give a fake
// We take care in XrdxCastorOfs::open that a user cannot give a fake
// opaque to get all permissions!
if (Env && Env->Get("castor2ofsproc") &&
(strncmp(Env->Get("castor2ofsproc"), "true", 4) == 0))
......@@ -682,11 +680,11 @@ XrdxCastor2Acc::Access(const XrdSecEntity* Entity,
AccEroute.Emsg("Access", EIO, "no opaque information for path=", path);
return XrdAccPriv_None;
}
int envlen = 0;
char* opaque = Env->Env(envlen);
if (!opaque)
{
AccEroute.Emsg("Access", EIO, "no opaque information for sfn=", path);
......@@ -695,7 +693,7 @@ XrdxCastor2Acc::Access(const XrdSecEntity* Entity,
xcastor_debug("path=%s, operation=%i, env=%s", path, oper, opaque);
time_t now = time(NULL);
// This is not nice, but ROOT puts a ? into the opaque string,
// if there is a user opaque info
for (unsigned int i = 0; i < strlen(opaque); i++)
......@@ -717,10 +715,10 @@ XrdxCastor2Acc::Access(const XrdSecEntity* Entity,
AccEroute.Emsg("Access", EACCES, "decode access token for sfn=", path);
return XrdAccPriv_None;
}
// Build the token from the received information
std::string ref_token = BuildToken(authz);
if (ref_token.empty())
{
AccEroute.Emsg("Access", EACCES, "build reference token for sfn=", path);
......@@ -728,7 +726,7 @@ XrdxCastor2Acc::Access(const XrdSecEntity* Entity,
}
// Verify the signature of authz information
if ((!VerifyUnbase64(ref_token.c_str(),
if ((!VerifyUnbase64(ref_token.c_str(),
(unsigned char*)authz.signature.c_str(), path)))
{
AccEroute.Emsg("Access", EACCES, "verify signature in request sfn=", path);
......@@ -757,4 +755,3 @@ XrdxCastor2Acc::Access(const XrdSecEntity* Entity,
return XrdAccPriv_All;
}
......@@ -107,8 +107,8 @@ class XrdxCastor2Acc: public XrdAccAuthorize, public LogId
//! by the XRootD headnode
//----------------------------------------------------------------------------
std::string GetOpaqueAcc(AuthzInfo& authz, bool doSign);
//----------------------------------------------------------------------------
//! Indicates whether or not the user/host is permitted access to the
//! path for the specified operation. The default implementation that is
......@@ -125,13 +125,12 @@ class XrdxCastor2Acc: public XrdAccAuthorize, public LogId
//! @param env environmental information at the time of the
//! @param operation as supplied by the path CGI string. This is optional
//! and the pointer may be zero.
//!
//----------------------------------------------------------------------------
virtual XrdAccPrivs Access(const XrdSecEntity* Entity,
const char* path,
const Access_Operation oper,
XrdOucEnv* Env = 0);
//----------------------------------------------------------------------------
//! Not used
......@@ -144,7 +143,7 @@ class XrdxCastor2Acc: public XrdAccAuthorize, public LogId
{
return 0;
}
//----------------------------------------------------------------------------
//! Check whether the specified operation is permitted. If permitted it
......@@ -155,9 +154,10 @@ class XrdxCastor2Acc: public XrdAccAuthorize, public LogId
{
return 0;
}
private:
//----------------------------------------------------------------------------
//! Build the autorization token used for signing. The token is made up of all
//! the values of the parameters passed in the opaque information except of
......@@ -189,8 +189,8 @@ class XrdxCastor2Acc: public XrdAccAuthorize, public LogId
int inputlen,
std::string& sb64,
int& sb64len);
//----------------------------------------------------------------------------
//! The reverse of the SignBase64 method. For this to be successful the
//! hashed value of the data buffer must be the same as the value obtained
......@@ -205,8 +205,8 @@ class XrdxCastor2Acc: public XrdAccAuthorize, public LogId
bool VerifyUnbase64(const char* data,
unsigned char* base64buffer,
const char* path);
//----------------------------------------------------------------------------
//! Decode the opaque information
//!
......@@ -216,8 +216,8 @@ class XrdxCastor2Acc: public XrdAccAuthorize, public LogId
//! @return true if decoding successful, otherwise false
//----------------------------------------------------------------------------
bool Decode(const char* opaque, AuthzInfo& authz);
std::string mAuthCertfile; ///< file name of public key for signature verification
std::string mAuthKeyfile; ///< file name of private key for signature creation
bool mRequireCapability; ///< client has to show up with a capability in the
......@@ -229,4 +229,3 @@ class XrdxCastor2Acc: public XrdAccAuthorize, public LogId
XrdSysMutex mDecodeMutex; ///< mutex for decoding
XrdSysMutex mEncodeMutex; ///< mutex for encoding
};
......@@ -25,16 +25,20 @@
#include <pwd.h>
#include <grp.h>
/*-----------------------------------------------------------------------------*/
#include "Cthread_api.h"
/*-----------------------------------------------------------------------------*/
#include "XrdVersion.hh"
#include "XrdOss/XrdOss.hh"
#include "XrdOuc/XrdOucTList.hh"
#include "XrdSys/XrdSysError.hh"
#include "XrdSys/XrdSysDNS.hh"
#include "XrdSys/XrdSysPlugin.hh"
#include "XrdSec/XrdSecEntity.hh"
#include "XrdSfs/XrdSfsAio.hh"
#include "XrdCl/XrdClFileSystem.hh"
#include "XrdOuc/XrdOucTList.hh"
#include "XrdOuc/XrdOucStream.hh"
#include "XrdOfs/XrdOfsTrace.hh"
#include "XrdOuc/XrdOucTrace.hh"
/*-----------------------------------------------------------------------------*/
#include "XrdxCastor2Fs.hpp"
#include "XrdxCastor2FsFile.hpp"
......@@ -44,8 +48,6 @@
#include "XrdxCastor2FsSecurity.hpp"
#include "XrdxCastorClient.hpp"
/*-----------------------------------------------------------------------------*/
#include "Cthread_api.h"
/*-----------------------------------------------------------------------------*/
/******************************************************************************/
/* O S D i r e c t o r y H a n d l i n g I n t e r f a c e */
......@@ -62,7 +64,8 @@ XrdOucHash<XrdOucString>* XrdxCastor2Stager::msDelayStore;
xcastor::XrdxCastorClient* XrdxCastor2Fs::msCastorClient;
int XrdxCastor2Fs::msTokenLockTime = 5;
XrdxCastor2Fs* gMgr;
XrdSysError OfsEroute(0, "xCastor2Fs_");
XrdSysError OfsEroute(0);
XrdOucTrace OfsTrace(&OfsEroute);
XrdVERSIONINFO(XrdSfsGetFileSystem, xCastor2Fs);
//------------------------------------------------------------------------------
......@@ -74,6 +77,7 @@ XrdSfsFileSystem* XrdSfsGetFileSystem(XrdSfsFileSystem* native_fs,
const char* configfn)
{
OfsEroute.logger(lp);
OfsEroute.SetPrefix("xCastor2Fs_");
static XrdxCastor2Fs myFS;
OfsEroute.Say("++++++ (c) 2014 CERN/IT-DSS xCastor2Fs v1.0");
......@@ -106,6 +110,7 @@ XrdSfsFileSystem* XrdSfsGetFileSystem(XrdSfsFileSystem* native_fs,
// Constructor
//------------------------------------------------------------------------------
XrdxCastor2Fs::XrdxCastor2Fs():
XrdSfsFileSystem(),
LogId(),
mIssueCapability(false),
mProc(0),
......@@ -128,7 +133,7 @@ XrdxCastor2Fs::Init()
if (!msCastorClient)
{
OfsEroute.Emsg("Config", "failed to create castor client object");
OfsEroute.Emsg("Init", "failed to create castor client object");
return false;
}
......@@ -369,7 +374,7 @@ XrdxCastor2Fs::chmod(const char* path,
const XrdSecEntity* client,
const char* info)
{
static const char* epname = "chmod";
EPNAME("chmod");
mode_t acc_mode = Mode & S_IAMB;
XrdOucEnv chmod_Env(info);
xcastor_debug("path=%s", path);
......@@ -389,7 +394,7 @@ XrdxCastor2Fs::chmod(const char* path,
SetIdentity(client);
if (XrdxCastor2FsUFS::Chmod(map_path.c_str(), acc_mode))
return XrdxCastor2Fs::Emsg(epname, error, serrno, "change mode on", map_path.c_str());
return Emsg(epname, error, serrno, "change mode on", map_path.c_str());
return SFS_OK;
}
......@@ -405,7 +410,7 @@ XrdxCastor2Fs::exists(const char* path,
const XrdSecEntity* client,
const char* info)
{
static const char* epname = "exists";
EPNAME("exists");
XrdOucEnv exists_Env(info);
xcastor_debug("path=%s", path);
AUTHORIZE(client, &exists_Env, AOP_Stat, "execute exists", path, error)
......@@ -434,7 +439,7 @@ XrdxCastor2Fs::_exists(const char* path,
const XrdSecEntity* client,
const char* info)
{
static const char* epname = "exists";
EPNAME("_exists");
struct Cns_filestatcs fstat;
// Set client identity
SetIdentity(client);
......@@ -459,7 +464,7 @@ XrdxCastor2Fs::_exists(const char* path,
}
// An error occured, return the error info
return XrdxCastor2Fs::Emsg(epname, error, serrno, "locate", path);
return Emsg(epname, error, serrno, "locate", path);
}
......@@ -503,7 +508,7 @@ XrdxCastor2Fs::_mkdir(const char* path,
const char* info)
{
static const char* epname = "mkdir";
EPNAME("mkdir");
mode_t acc_mode = (Mode & S_IAMB) | S_IFDIR;
// Set client identity
......@@ -566,7 +571,7 @@ XrdxCastor2Fs::_mkdir(const char* path,
// Perform the actual creation
if (XrdxCastor2FsUFS::Mkdir(path, acc_mode) && (serrno != EEXIST))
return XrdxCastor2Fs::Emsg(epname, error, serrno, "create directory", path);
return Emsg(epname, error, serrno, "create directory", path);
// Set acl on directory
if (client)
......@@ -585,7 +590,7 @@ XrdxCastor2Fs::stageprepare(const char* path,
const XrdSecEntity* client,
const char* ininfo)
{
static const char* epname = "stageprepare";
EPNAME("stageprepare");
XrdOucString sinfo = (ininfo ? ininfo : "");
const char* info = 0;
int qpos = 0;
......@@ -612,7 +617,7 @@ XrdxCastor2Fs::stageprepare(const char* path,
struct Cns_filestatcs cstat;
if (XrdxCastor2FsUFS::Statfn(map_path.c_str(), &cstat))
return XrdxCastor2Fs::Emsg(epname, error, serrno, "stat", map_path.c_str());
return Emsg(epname, error, serrno, "stat", map_path.c_str());
char* val;
std::string desired_svc = "";
......@@ -623,8 +628,8 @@ XrdxCastor2Fs::stageprepare(const char* path,
std::string allowed_svc = GetAllowedSvc(map_path.c_str(), desired_svc);
if (allowed_svc.empty())
return XrdxCastor2Fs::Emsg(epname, error, EINVAL, "stageprepare - cannot find any"
" valid service class mapping for fn = ", map_path.c_str());
return Emsg(epname, error, EINVAL, "stageprepare - cannot find any"
" valid service class mapping for fn = ", map_path.c_str());
// Get the allowed service class, preference for the default one
TIMING("STAGERQUERY", &preparetiming);
......@@ -650,7 +655,7 @@ XrdxCastor2Fs::prepare(XrdSfsPrep& pargs,
XrdOucErrInfo& error,
const XrdSecEntity* client)
{
static const char* epname = "prepare";
EPNAME("prepare");
const char* tident = error.getErrUser();
xcastor::Timing preparetiming("prepare");
TIMING("START", &preparetiming);
......@@ -710,14 +715,14 @@ XrdxCastor2Fs::prepare(XrdSfsPrep& pargs,
TIMING("CNSUNLINK", &preparetiming);
if ((!oenv.Get("uid")) || (!oenv.Get("gid")))
return XrdxCastor2Fs::Emsg(epname, error, EINVAL, "missing sec uid/gid", map_path.c_str());
return Emsg(epname, error, EINVAL, "missing sec uid/gid", map_path.c_str());
xcastor_debug("running rm as uid:%i, gid:%i", oenv.Get("uid"), oenv.Get("gid"));
// Do the unlink as the authorized user in the open
XrdxCastor2FsUFS::SetId(atoi(oenv.Get("uid")), atoi(oenv.Get("gid")));
if (XrdxCastor2FsUFS::Unlink(map_path.c_str()))
return XrdxCastor2Fs::Emsg(epname, error, serrno, "unlink", map_path.c_str());
return Emsg(epname, error, serrno, "unlink", map_path.c_str());
}
TIMING("END", &preparetiming);
......@@ -738,7 +743,7 @@ XrdxCastor2Fs::rem(const char* path,
const XrdSecEntity* client,
const char* info)
{
static const char* epname = "rem";
EPNAME("rem");
xcastor::Timing rmtiming("fileremove");
TIMING("START", &rmtiming);
XrdOucEnv env(info);
......@@ -774,8 +779,8 @@ XrdxCastor2Fs::rem(const char* path,
if (allowed_svc.empty())
{
return XrdxCastor2Fs::Emsg(epname, error, EINVAL, "rem - cannot find a valid service "
"class mapping for fn = ", map_path.c_str());
return Emsg(epname, error, EINVAL, "rem - cannot find a valid service "
"class mapping for fn = ", map_path.c_str());
}
// Here we have the allowed stager/service class setting to issue the stage_rm request
......@@ -814,12 +819,12 @@ XrdxCastor2Fs::_rem(const char* path,
XrdOucErrInfo& error,
const char* /*info*/)
{
static const char* epname = "rem";
EPNAME("rem");
xcastor_debug("path=%s", path);
// Perform the actual deletion
if (XrdxCastor2FsUFS::Unlink(path))
return XrdxCastor2Fs::Emsg(epname, error, serrno, "remove", path);
return Emsg(epname, error, serrno, "remove", path);
return SFS_OK;
}
......@@ -834,7 +839,7 @@ XrdxCastor2Fs::remdir(const char* path,
const XrdSecEntity* client,
const char* info)
{
static const char* epname = "remdir";
EPNAME("remdir");
XrdOucEnv remdir_Env(info);
xcastor_debug("path=%s", path);
AUTHORIZE(client, &remdir_Env, AOP_Delete, "remove", path, error)
......@@ -862,12 +867,12 @@ XrdxCastor2Fs::_remdir(const char* path,
const XrdSecEntity* client,
const char* /*info*/)
{
static const char* epname = "remdir";
EPNAME("_remdir");
SetIdentity(client);
// Perform the actual deletion
if (XrdxCastor2FsUFS::Remdir(path))
return XrdxCastor2Fs::Emsg(epname, error, serrno, "remove", path);
return Emsg(epname, error, serrno, "remove", path);
return SFS_OK;
}
......@@ -885,7 +890,7 @@ XrdxCastor2Fs::rename(const char* old_name,
const char* infoN)
{
static const char* epname = "rename";
EPNAME("rename");
XrdOucString source, destination;
XrdOucEnv renameo_Env(infoO);
XrdOucEnv renamen_Env(infoN);
......@@ -922,7 +927,7 @@ XrdxCastor2Fs::rename(const char* old_name,
size_t npos = oldn.rfind('/');
if (npos == std::string::npos)
return XrdxCastor2Fs::Emsg(epname, error, EINVAL, "rename", oldn.c_str());
return Emsg(epname, error, EINVAL, "rename", oldn.c_str());
sourcebase = oldn.substr(0, npos);
// Use XrdOucString for the replace functionality
......@@ -946,7 +951,7 @@ XrdxCastor2Fs::rename(const char* old_name,
}
if (XrdxCastor2FsUFS::Rename(oldn.c_str(), newn.c_str()))
return XrdxCastor2Fs::Emsg(epname, error, serrno, "rename", oldn.c_str());
return Emsg(epname, error, serrno, "rename", oldn.c_str());
xcastor_debug("namespace rename done: %s => %s", oldn.c_str(), newn.c_str());
return SFS_OK;
......@@ -963,7 +968,7 @@ XrdxCastor2Fs::stat(const char* path,
const XrdSecEntity* client,
const char* info)
{
static const char* epname = "stat";
EPNAME("stat");
xcastor::Timing stattiming("filestat");
XrdOucEnv Open_Env(info);
std::string stage_status = "";
......@@ -986,7 +991,7 @@ XrdxCastor2Fs::stat(const char* path,
struct Cns_filestatcs cstat;
if (XrdxCastor2FsUFS::Statfn(map_path.c_str(), &cstat))
return XrdxCastor2Fs::Emsg(epname, error, serrno, "stat", map_path.c_str());
return Emsg(epname, error, serrno, "stat", map_path.c_str());
if (!(Open_Env.Get("nostagerquery")))
{
......@@ -1098,7 +1103,7 @@ XrdxCastor2Fs::lstat(const char* path,
const XrdSecEntity* client,
const char* info)
{
static const char* epname = "lstat";
EPNAME("lstat");
XrdOucEnv lstat_Env(info);
xcastor::Timing stattiming("filelstat");
TIMING("START", &stattiming);
......@@ -1136,7 +1141,7 @@ XrdxCastor2Fs::lstat(const char* path,
TIMING("CNSLSTAT", &stattiming);
if (XrdxCastor2FsUFS::Lstatfn(map_path.c_str(), &cstat))
return XrdxCastor2Fs::Emsg(epname, error, serrno, "lstat", map_path.c_str());
return Emsg(epname, error, serrno, "lstat", map_path.c_str());
if (mProc)
mStats.IncStat();
......@@ -1189,7 +1194,7 @@ XrdxCastor2Fs::readlink(const char* path,
const XrdSecEntity* client,
const char* info)
{
static const char* epname = "readlink";
EPNAME("readlink");
XrdOucEnv rl_Env(info);
xcastor_debug("path=%s", path);
AUTHORIZE(client, &rl_Env, AOP_Stat, "readlink", path, error)
......@@ -1207,7 +1212,7 @@ XrdxCastor2Fs::readlink(const char* path,
int nlen;
if ((nlen = XrdxCastor2FsUFS::Readlink(map_path.c_str(), lp, 4096)) == -1)
return XrdxCastor2Fs::Emsg(epname, error, serrno, "readlink", map_path.c_str());
return Emsg(epname, error, serrno, "readlink", map_path.c_str());
lp[nlen] = 0;
linkpath = lp;
......@@ -1225,7 +1230,7 @@ XrdxCastor2Fs::symlink(const char* path,
const XrdSecEntity* client,
const char* info)
{
static const char* epname = "symlink";
EPNAME("symlink");
XrdOucEnv sl_Env(info);
xcastor_debug("path=%s", path);
AUTHORIZE(client, &sl_Env, AOP_Create, "symlink", linkpath, error)
......@@ -1254,7 +1259,7 @@ XrdxCastor2Fs::symlink(const char* path,
}
if (XrdxCastor2FsUFS::Symlink(source.c_str(), destination.c_str()))
return XrdxCastor2Fs::Emsg(epname, error, serrno, "symlink", source.c_str());
return Emsg(epname, error, serrno, "symlink", source.c_str());
SetAcl(destination.c_str(), client_uid, client_gid, 1);
return SFS_OK;
......@@ -1271,7 +1276,7 @@ XrdxCastor2Fs::access(const char* path,
const XrdSecEntity* client,
const char* info)
{