XrdHttpProtocol.hh

Go to the documentation of this file.

//------------------------------------------------------------------------------
// This file is part of XrdHTTP: A pragmatic implementation of the
// HTTP/WebDAV protocol for the Xrootd framework
//
// Copyright (c) 2013 by European Organization for Nuclear Research (CERN)
// Author: Fabrizio Furano <furano@cern.ch>
// File Date: Nov 2012
//------------------------------------------------------------------------------
// XRootD is free software: you can redistribute it and/or modify
// it under the terms of the GNU Lesser General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// XRootD is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU Lesser General Public License
// along with XRootD.  If not, see <http://www.gnu.org/licenses/>.
//------------------------------------------------------------------------------
 
 
#ifndef __XRDHTTP_PROTOCOL_H__
#define __XRDHTTP_PROTOCOL_H__

 
#include "XrdSys/XrdSysError.hh"
#include "XrdSys/XrdSysPthread.hh"
#include "XrdSec/XrdSecInterface.hh"
#include "Xrd/XrdObject.hh"
#include "XrdXrootd/XrdXrootdBridge.hh"
#include "XrdOuc/XrdOucStream.hh"
#include "Xrd/XrdProtocol.hh"
#include "XrdOuc/XrdOucHash.hh"
#include "XrdHttpChecksumHandler.hh"
#include "XrdHttpReadRangeHandler.hh"
#include "XrdNet/XrdNetPMark.hh"
#include "XrdHttpCors/XrdHttpCors.hh"
#include "XrdHttpReq.hh"
 
#include <chrono>
#include <cstdlib>
#include <openssl/ssl.h>
#include <sys/types.h>
#include <unistd.h>
#include <unordered_map>
#include <unordered_set>
#include <vector>
 
 
/******************************************************************************/
/*                               D e f i n e s                                */
/******************************************************************************/
 
 
#ifndef __GNUC__
#define __attribute__(x)
#endif
 
class XrdOucTokenizer;
class XrdOucTrace;
class XrdBuffer;
class XrdLink;
class XrdHttpMon;
class XrdXrootdProtocol;
class XrdHttpSecXtractor;
class XrdHttpExtHandler;
struct XrdVersionInfo;
class XrdOucGMap;
class XrdCryptoFactory;
 
class XrdHttpProtocol : public XrdProtocol {
  
  friend class XrdHttpReq;
  friend class XrdHttpExtReq;
  
public:

  static int Configure(char *parms, XrdProtocol_Config *pi);

  void DoIt() {
    if (Resume) (*this.*Resume)();
  }

  static int parseHeader2CGI(XrdOucStream &Config, XrdSysError & err, std::map<std::string, std::string> & header2cgi);

  XrdProtocol *Match(XrdLink *lp);

  int Process(XrdLink *lp); //  Sync: Job->Link.DoIt->Process
 
  
  void Recycle(XrdLink *lp, int consec, const char *reason);

  int Stats(char *buff, int blen, int do_sync = 0);
 
 
 

  int doStat(char *fname);

  int doChksum(const XrdOucString &fname);

  XrdHttpProtocol(const XrdHttpProtocol&) = default;
  XrdHttpProtocol operator =(const XrdHttpProtocol &rhs);
  XrdHttpProtocol(bool imhttps);
  ~XrdHttpProtocol() {
    Cleanup();
  }
 
  static XrdObjectQ<XrdHttpProtocol> ProtStack;
  XrdObject<XrdHttpProtocol> ProtLink;
 

  XrdSecEntity SecEntity;
 
  // XrdHttp checksum handling class
  static XrdHttpChecksumHandler cksumHandler;

  static XrdHttpReadRangeHandler::Configuration ReadRangeConfig;

  bool isHTTPS() { return ishttps; }
 
private:
 

  int (XrdHttpProtocol::*Resume)();

  static bool InitTLS();

  static bool InitSecurity();

  int StartSimpleResp(int code, const char *desc, const char *header_to_add, long long bodylen, bool keepalive);

  int SendData(const char *body, int bodylen);

  void Cleanup();

  void Reset();

  int HandleAuthentication(XrdLink* lp);

  int GetVOMSData(XrdLink *lp);
 
  // Handle gridmap file mapping if present
  // Second argument is the OpenSSL hash of the EEC, if present; this allows
  // a consistent fallback if the user is not in the mapfile.
  //
  // @return 0 if successful, otherwise !0
  int HandleGridMap(XrdLink* lp, const char * eechash);

  int getDataOneShot(int blen, bool wait=false);

  static BIO *CreateBIO(XrdLink *lp);
  
  struct extHInfo
        {XrdOucString extHName;  // The instance name (1 to 16 characters)
         XrdOucString extHPath;  // The shared library path
         XrdOucString extHParm;  // The parameter (sort of)
         bool extHNoTlsOK;     // If true the exthandler can be loaded if TLS has NOT been configured
         extHInfo(const char *hName, const char *hPath, const char *hParm, const bool hNoTlsOK)
                 : extHName(hName), extHPath(hPath), extHParm(hParm), extHNoTlsOK(hNoTlsOK) {}
        ~extHInfo() {}
  };
  static int Config(const char *fn, XrdOucEnv *myEnv);
  static const char *Configed();
  static int xtrace(XrdOucStream &Config);
  static int xsslcert(XrdOucStream &Config);
  static int xsslkey(XrdOucStream &Config);
  static int xsecxtractor(XrdOucStream &Config);
  static int xcors(XrdOucStream &Config);
  static int xexthandler(XrdOucStream & Config, std::vector<extHInfo> &hiVec);
  static int xsslcadir(XrdOucStream &Config);
  static int xsslcipherfilter(XrdOucStream &Config);
  static int xdesthttps(XrdOucStream &Config);
  static int xlistdeny(XrdOucStream &Config);
  static int xlisting(XrdOucStream &Config);
  static int xlistredir(XrdOucStream &Config);
  static int xselfhttps2http(XrdOucStream &Config);
  static int xembeddedstatic(XrdOucStream &Config);
  static int xstaticheader(XrdOucStream &Config);
  static int xstaticredir(XrdOucStream &Config);
  static int xstaticpreload(XrdOucStream &Config);
  static int xgmap(XrdOucStream &Config);
  static int xsslcafile(XrdOucStream &Config);
  static int xsslverifydepth(XrdOucStream &Config);
  static int xsecretkey(XrdOucStream &Config);
  static int xheader2cgi(XrdOucStream &Config);
  static int xhttpsmode(XrdOucStream &Config);
  static int xtlsreuse(XrdOucStream &Config);
  static int xauth(XrdOucStream &Config);
  static int xtlsclientauth(XrdOucStream &Config);
  static int xmaxdelay(XrdOucStream &Config);
 
  static bool isRequiredXtractor; // If true treat secxtractor errors as fatal
  static XrdHttpSecXtractor *secxtractor;
  
  static bool usingEC;   // using XrdEC
  static bool hasCache;  // This is a caching server
  // Loads the SecXtractor plugin, if available
  static int LoadSecXtractor(XrdSysError *eDest, const char *libName,
                      const char *libParms);
  
  // An oldstyle struct array to hold exthandlers
  #define MAX_XRDHTTPEXTHANDLERS 4
  static struct XrdHttpExtHandlerInfo {
    char name[16];
    XrdHttpExtHandler *ptr;
  } exthandler[MAX_XRDHTTPEXTHANDLERS];
  static int exthandlercnt;
 
  static int LoadExtHandlerNoTls(std::vector<extHInfo> &hiVec,
                                 const char *cFN, XrdOucEnv &myEnv);
 
  // Loads the ExtHandler plugin, if available
  static int LoadExtHandler(std::vector<extHInfo> &hiVec,
                            const char *cFN, XrdOucEnv &myEnv);
 
  static int LoadExtHandler(XrdSysError *eDest, const char *libName,
                            const char *configFN, const char *libParms,
                            XrdOucEnv *myEnv, const char *instName);
 
  static int LoadCorsHandler(XrdSysError *eDest, const char * libname);
  // Determines whether one of the loaded ExtHandlers are interested in
  // handling a given request.
  //
  // Returns NULL if there is no matching handler.
  static XrdHttpExtHandler *FindMatchingExtHandler(const XrdHttpReq &);
 
  // Tells if an ext handler with the given name has already been loaded
  static bool ExtHandlerLoaded(const char *handlername);
  
  XrdBuffer *myBuff;
  char *myBuffStart, *myBuffEnd;
  
  XrdOucString tmpline;
  
  int BuffAvailable();
  int BuffUsed();
  int BuffFree();
  
  void BuffConsume(int blen);
  int BuffgetData(int blen, char **data, bool wait);
  int BuffgetLine(XrdOucString &dest);

  int SendSimpleResp(int code, const char *desc, const char *header_to_add, const char *body, long long bodylen, bool keepalive);

  //  API.
  int StartChunkedResp(int code, const char *desc, const char *header_to_add, long long bodylen, bool keepalive);

  //  invoking with NULL body indicates that this is the last chunk in the response.
  //  invoking with bodylen=-1 indicates that this is a trailer
  int ChunkResp(const char *body, long long bodylen);

  //  of the chunk is known but the body is not immediately available.
  int ChunkRespHeader(long long bodylen);

  int ChunkRespFooter();

  char *GetClientIPStr();

  bool DoingLogin;

  bool DoneSetInfo;
  
  long ResumeBytes;
  
  SSL *ssl;

  BIO *sbio;

  static BIO *sslbio_err;

  bool ishttps;

  bool ssldone;
  static XrdCryptoFactory *myCryptoFactory;
 
protected:
 
  // Statistical area
  //
//  static XrdXrootdStats *SI;
//  int numReads; // Count for kXR_read
//  int numReadP; // Count for kXR_read pre-preads
//  int numReadV; // Count for kR_readv
//  int numSegsV; // Count for kR_readv segmens
//  int numWrites; // Count
//  int numFiles; // Count
//
//  int cumReads; // Count less numReads
//  int cumReadP; // Count less numReadP
//  int cumReadV; // Count less numReadV
//  int cumSegsV; // Count less numSegsV
//  int cumWrites; // Count less numWrites
//  long long totReadP; // Bytes
 
  static XrdScheduler *Sched; // System scheduler
  static XrdBuffManager *BPool; // Buffer manager
  static XrdSysError eDest; // Error message handler
  static XrdSecService *CIA; // Authentication Server

  XrdLink *Link;
  
  char *Addr_str;
  
  static XrdOucGMap      *servGMap;  // Grid mapping service
   
  XrdXrootd::Bridge *Bridge;
 
  
  XrdHttpReq CurrentReq;
 
  static std::string xrdcorsLibPath;
 
  static XrdHttpCors * xrdcors;
  //
  // Processing configuration values
  //

  static int hailWait;

  static int readWait;

  static int Port;
  
  static char * Port_str;

  static char *sslcert, *sslkey, *sslcadir, *sslcafile, *sslcipherfilter;

  static int crlRefIntervalSec;
 
  // Allows missing CRL for CA verification
  static bool allowMissingCRL;

  static char *gridmap;// [s] gridmap file [/etc/grid-security/gridmap]
  static bool isRequiredGridmap; // If true treat gridmap errors as fatal
  static bool compatNameGeneration; // If true, utilize the old algorithm for username generation for unknown users.

  static char *secretkey;

  static int sslverifydepth;

  static bool isdesthttps;
  
  static char *listredir;
  
  static bool listdeny;
  
  static bool selfhttps2http;

  static std::unordered_set<std::string> strp_cgi_params;
  
  static bool embeddedstatic;
  
  // Url to redirect to in the case a /static is requested
  static char *staticredir;
 
  // Maximum amount of time an operation on the bridge can be
  // delayed
  static int m_maxdelay;
 
  // Hash that keeps preloaded files
  struct StaticPreloadInfo {
    char *data;
    int len;
  };
  static XrdOucHash<StaticPreloadInfo> *staticpreload;

  static kXR_int32 myRole;
  
  static std::map< std::string, std::string > hdr2cgimap;

  static int m_bio_type;

  static BIO_METHOD *m_bio_method;

  static char * xrd_cslist;

  static XrdNetPMark * pmarkHandle;

  static bool tpcForwardCreds;

  static std::unordered_map<std::string, std::vector<std::pair<std::string, std::string>>> m_staticheader_map;

  static std::unordered_map<std::string, std::string> m_staticheaders;
};
#endif