Search in sources :

Example 1 with XrootdResponse

use of org.dcache.xrootd.protocol.messages.XrootdResponse in project dcache by dCache.

the class XrootdRedirectHandler method doOnOpen.

/**
 * For client-server read and write, the open, if successful, will always result in a redirect
 * response to the proper pool; hence no subsequent requests like sync, read, write or close are
 * expected at the door.
 * <p>
 * For third-party copy where dCache is the source, the interactions are as follows:
 * <p>
 * 1.  The client opens the file to check availability (the 'placement' stage).  An OK response
 * is followed by the client closing the file. 2.  The client opens the file again with
 * rendezvous metadata.  The client will close the file only when notified by the destination
 * server that the transfer has completed. 3.  The destination server will open the file for the
 * actual read.
 * <p>
 * The order of 2, 3 is not deterministic; hence the response here must provide for the
 * possibility that the destination server attempts an open before the client specifies a
 * time-to-live on the rendezvous point.
 * <p>
 * The strategy adopted is therefore as follows:  response to (1) is simply to check file
 * permissions.  No metadata is generated and a "dummy" file handle is returned.  For 2 and 3,
 * whichever occurs first will cause a metadata object to be stored.  If the destination server
 * open occurs first, a wait response will tell the server to try again in a maximum of 3
 * seconds; otherwise, if the request matches and occurs within the ttl, the mover will be
 * started and the destination redirected to the pool. Response to the client will carry a file
 * handle but will not actually open a mover.  The close from the client is handled at the door
 * by removing the rendezvous information.
 * <p>
 * Third-party copy where dCache is the destination should proceed with the usual upload
 * transfer creation, but when the client is redirected to the pool and calls kXR_open there, a
 * third-party client will be started which does read requests from the source and then writes
 * the data to the mover channel.
 * <p>
 * NOTE:  with the changed TPC Lite protocol, the client is not required to open the source
 * again during the copy phase (2) if delegation is being used.
 */
@Override
protected XrootdResponse<OpenRequest> doOnOpen(ChannelHandlerContext ctx, OpenRequest req) {
    /*
         * TODO
         *
         * We ought to process this asynchronously to not block the calling thread during
         * staging or queuing. We should also switch to an asynchronous reply model if
         * the request is nearline or is queued on a pool. The naive approach to always
         * use an asynchronous reply model doesn't work because the xrootd 3.x client
         * introduces an artificial 1 second delay when processing such a response.
         */
    InetSocketAddress localAddress = getDestinationAddress();
    InetSocketAddress remoteAddress = getSourceAddress();
    LoginSessionInfo loginSessionInfo = sessionInfo();
    Map<String, String> opaque;
    try {
        opaque = OpaqueStringParser.getOpaqueMap(req.getOpaque());
        if (opaque.isEmpty()) {
            /*
                 * create a new HashMap as empty opaque map is immutable
                 */
            opaque = new HashMap<>();
        }
    } catch (ParseException e) {
        _log.warn("Ignoring malformed open opaque {}: {}", req.getOpaque(), e.getMessage());
        opaque = new HashMap<>();
    }
    try {
        FsPath path = createFullPath(req.getPath());
        XrootdResponse response = conditionallyHandleThirdPartyRequest(req, loginSessionInfo, opaque, path, remoteAddress.getHostName());
        if (response != null) {
            return response;
        }
        FilePerm neededPerm = req.getRequiredPermission();
        _log.info("Opening {} for {}", req.getPath(), neededPerm.xmlText());
        if (_log.isDebugEnabled()) {
            logDebugOnOpen(req);
        }
        String ioQueue = appSpecificQueue(req);
        Long size = null;
        try {
            String value = opaque.get("oss.asize");
            if (value != null) {
                size = Long.valueOf(value);
            }
        } catch (NumberFormatException exception) {
            _log.warn("Ignoring malformed oss.asize: {}", exception.getMessage());
        }
        _log.info("OPAQUE : {}", opaque);
        Set<String> triedHosts = extractTriedHosts(opaque);
        UUID uuid = UUID.randomUUID();
        opaque.put(UUID_PREFIX, uuid.toString());
        /*
             *  In case this is a third-party open as destination,
             *  pass the client information to the pool.
             */
        opaque.put("org.dcache.xrootd.client", getTpcClientId(req.getSession()));
        String opaqueString = OpaqueStringParser.buildOpaqueString(opaque);
        /*
             * Interact with core dCache to open the requested file.
             */
        XrootdTransfer transfer;
        if (neededPerm == FilePerm.WRITE) {
            /**
             *  boolean createDir = req.isMkPath() has
             *  been changed to default to true
             *  so as to conform to the general expectations that this
             *  behavior should not depend on the client.
             */
            boolean overwrite = req.isDelete() && !req.isNew();
            boolean persistOnSuccessfulClose = (req.getOptions() & XrootdProtocol.kXR_posc) == XrootdProtocol.kXR_posc;
            // TODO: replace with req.isPersistOnSuccessfulClose() with the latest xrootd4j
            transfer = _door.write(remoteAddress, path, triedHosts, ioQueue, uuid, true, overwrite, size, loginSessionInfo.getMaximumUploadSize(), localAddress, loginSessionInfo.getSubject(), loginSessionInfo.getRestriction(), persistOnSuccessfulClose, ((loginSessionInfo.isLoggedIn()) ? loginSessionInfo.getUserRootPath() : _rootPath), req.getSession().getDelegatedCredential(), opaque);
        } else {
            /*
                 * If this is a tpc transfer, then dCache is source here.
                 *
                 * Since we accept (from the destination server) any
                 * valid form of authentication, but without requiring
                 * the associated user to be mapped, we can override
                 * file permission restrictions (since we possess the
                 * 'token' rendezvous key, and the client file permissions
                 * have been checked during its open request).
                 */
            Subject subject;
            if (opaque.get("tpc.key") == null) {
                subject = loginSessionInfo.getSubject();
            } else {
                subject = Subjects.ROOT;
            }
            transfer = _door.read(remoteAddress, path, triedHosts, ioQueue, uuid, localAddress, subject, loginSessionInfo.getRestriction(), opaque);
            /*
                 * Again, if this is a tpc transfer, then dCache is source here.
                 * The transfer is initiated by the destination server
                 * (= current session).  However, we wish the doorinfo
                 * client in billing to reflect the original user connection,
                 * so we overwrite the transfer client address, which
                 * is unused by the mover.
                 */
            String client = opaque.get("tpc.org");
            if (client != null) {
                int index = client.indexOf("@");
                if (index != -1 && index < client.length() - 1) {
                    client = client.substring(index + 1);
                    transfer.setClientAddress(new InetSocketAddress(client, 0));
                }
            }
        }
        /*
             * ok, open was successful
             */
        InetSocketAddress address = transfer.getRedirect();
        /*
             *  Do not use the IP address as host name, as this will block
             *  TLS from working.
             *
             *  According to https://tools.ietf.org/html/rfc5280#section-4.2.1.6
             *  an IP is required to be in the list of Subject Alternative Names
             *  in the host certificate, but these are rarely added in practice.
             *  TLS enforces the RFC and this is a workaround.
             */
        String host = address.getHostName();
        if (InetAddresses.isInetAddress(host)) {
            _log.warn("Unable to resolve IP address {} " + "to a canonical name", host);
        }
        _log.info("Redirecting to {}, {}", host, address);
        return new RedirectResponse<>(req, host, address.getPort(), opaqueString, "");
    } catch (ParseException e) {
        return withError(req, kXR_ArgInvalid, "Path arguments do not parse");
    } catch (FileNotFoundCacheException e) {
        return withError(req, xrootdErrorCode(e.getRc()), "No such file");
    } catch (FileExistsCacheException e) {
        return withError(req, kXR_NotAuthorized, "File already exists");
    } catch (TimeoutCacheException e) {
        return withError(req, xrootdErrorCode(e.getRc()), "Internal timeout");
    } catch (PermissionDeniedCacheException e) {
        return withError(req, xrootdErrorCode(e.getRc()), e.getMessage());
    } catch (FileIsNewCacheException e) {
        return withError(req, xrootdErrorCode(e.getRc()), "File is locked by upload");
    } catch (NotFileCacheException e) {
        return withError(req, xrootdErrorCode(e.getRc()), "Not a file");
    } catch (CacheException e) {
        return withError(req, xrootdErrorCode(e.getRc()), String.format("Failed to open file (%s [%d])", e.getMessage(), e.getRc()));
    } catch (InterruptedException e) {
        /* Interrupt may be caused by cell shutdown or client
             * disconnect.  If the client disconnected, then the error
             * message will never reach the client, so saying that the
             * server shut down is okay.
             */
        return withError(req, kXR_ServerError, "Server shutdown");
    } catch (XrootdException e) {
        return withError(req, e.getError(), e.getMessage());
    }
}
Also used : HashMap(java.util.HashMap) FileIsNewCacheException(diskCacheV111.util.FileIsNewCacheException) FileExistsCacheException(diskCacheV111.util.FileExistsCacheException) FileNotFoundCacheException(diskCacheV111.util.FileNotFoundCacheException) NotFileCacheException(diskCacheV111.util.NotFileCacheException) TimeoutCacheException(diskCacheV111.util.TimeoutCacheException) CacheException(diskCacheV111.util.CacheException) PermissionDeniedCacheException(diskCacheV111.util.PermissionDeniedCacheException) InetSocketAddress(java.net.InetSocketAddress) XrootdResponse(org.dcache.xrootd.protocol.messages.XrootdResponse) FileIsNewCacheException(diskCacheV111.util.FileIsNewCacheException) UUID(java.util.UUID) XrootdException(org.dcache.xrootd.core.XrootdException) FsPath(diskCacheV111.util.FsPath) RedirectResponse(org.dcache.xrootd.protocol.messages.RedirectResponse) FilePerm(org.dcache.xrootd.protocol.XrootdProtocol.FilePerm) Subject(javax.security.auth.Subject) NotFileCacheException(diskCacheV111.util.NotFileCacheException) PermissionDeniedCacheException(diskCacheV111.util.PermissionDeniedCacheException) OptionalLong(java.util.OptionalLong) FileNotFoundCacheException(diskCacheV111.util.FileNotFoundCacheException) ParseException(org.dcache.xrootd.util.ParseException) FileExistsCacheException(diskCacheV111.util.FileExistsCacheException) TimeoutCacheException(diskCacheV111.util.TimeoutCacheException)

Example 2 with XrootdResponse

use of org.dcache.xrootd.protocol.messages.XrootdResponse in project dcache by dCache.

the class AccessLogHandler method write.

@Override
public void write(ChannelHandlerContext ctx, Object msg, ChannelPromise promise) throws Exception {
    if (msg instanceof XrootdResponse<?> && logger.isErrorEnabled()) {
        XrootdResponse<?> response = (XrootdResponse<?>) msg;
        XrootdRequest request = response.getRequest();
        NetLoggerBuilder.Level level;
        if (response instanceof ErrorResponse) {
            level = ERROR;
        } else if (request instanceof WriteRequest || request instanceof ReadRequest || request instanceof ReadVRequest) {
            level = DEBUG;
        } else {
            level = INFO;
        }
        if (level == ERROR || level == INFO && logger.isInfoEnabled() || level == DEBUG && logger.isDebugEnabled()) {
            NetLoggerBuilder log = new NetLoggerBuilder(level, "org.dcache.xrootd.request").omitNullValues();
            log.add("session", CDC.getSession());
            log.add("request", getRequestId(request));
            if (request instanceof PathRequest) {
                log.add("path", (Strings.emptyToNull(((PathRequest) request).getPath())));
                log.add("opaque", (Strings.emptyToNull(((PathRequest) request).getOpaque())));
                if (request instanceof OpenRequest) {
                    if (!((OpenRequest) request).isReadOnly()) {
                        int mode = ((OpenRequest) request).getUMask();
                        if (mode == 0) {
                            log.add("mode", "0");
                        } else {
                            log.add("mode", "0" + Integer.toOctalString(mode));
                        }
                    }
                    log.add("options", "0x" + Integer.toHexString(((OpenRequest) request).getOptions()));
                } else if (request instanceof LocateRequest) {
                    log.add("options", "0x" + Integer.toHexString(((LocateRequest) request).getOptions()));
                } else if (request instanceof MkDirRequest) {
                    log.add("options", "0x" + Integer.toHexString(((MkDirRequest) request).getOptions()));
                } else if (request instanceof StatRequest) {
                    if (((StatRequest) request).getTarget() == Target.FHANDLE) {
                        log.add("handle", ((StatRequest) request).getFhandle());
                    }
                    log.add("vfs", ((StatRequest) request).isVfsSet());
                }
            } else if (request instanceof CloseRequest) {
                log.add("handle", ((CloseRequest) request).getFileHandle());
            } else if (request instanceof LoginRequest) {
                log.add("username", ((LoginRequest) request).getUserName());
                log.add("capver", ((LoginRequest) request).getClientProtocolVersion());
                log.add("pid", ((LoginRequest) request).getPID());
                log.add("token", emptyToNull(((LoginRequest) request).getToken()));
            } else if (request instanceof MvRequest) {
                log.add("source", ((MvRequest) request).getSourcePath());
                log.add("target", ((MvRequest) request).getTargetPath());
            } else if (request instanceof PrepareRequest) {
                log.add("options", "0x" + Integer.toHexString(((PrepareRequest) request).getOptions()));
                if (((PrepareRequest) request).getPathList().length == 1) {
                    log.add("path", ((PrepareRequest) request).getPathList()[0]);
                } else {
                    log.add("files", ((PrepareRequest) request).getPathList().length);
                }
            } else if (request instanceof QueryRequest) {
                log.add("reqcode", getQueryReqCode(request));
                int fhandle = ((QueryRequest) request).getFhandle();
                if (fhandle != 0) {
                    log.add("fhandle", fhandle);
                }
                log.add("args", Strings.emptyToNull(((QueryRequest) request).getArgs()));
            } else if (request instanceof StatxRequest) {
                if (((StatxRequest) request).getPaths().length == 1) {
                    log.add("path", ((StatxRequest) request).getPaths()[0]);
                } else {
                    log.add("files", ((StatxRequest) request).getPaths().length);
                }
            } else if (request instanceof SetRequest) {
                final String APPID_PREFIX = "appid ";
                final int APPID_PREFIX_LENGTH = APPID_PREFIX.length();
                final int APPID_MSG_LENGTH = 80;
                String data = ((SetRequest) request).getData();
                if (data.startsWith(APPID_PREFIX)) {
                    log.add("appid", data.substring(APPID_PREFIX_LENGTH, Math.min(APPID_PREFIX_LENGTH + APPID_MSG_LENGTH, data.length())));
                }
            } else if (request instanceof EndSessionRequest) {
                log.add("sessionId", ((EndSessionRequest) request).getSessionId());
            } else if (request instanceof SyncRequest) {
                log.add("handle", ((SyncRequest) request).getFileHandle());
            }
            log.add("response", getStatusCode(response));
            if (response instanceof ErrorResponse) {
                log.add("error.code", getErrorCode((ErrorResponse) response));
                log.add("error.msg", ((ErrorResponse) response).getErrorMessage());
            } else if (response instanceof RedirectResponse) {
                log.add("host", ((RedirectResponse) response).getHost());
                log.add("port", ((RedirectResponse) response).getPort());
                log.add("token", emptyToNull(((RedirectResponse) response).getToken()));
            } else if (response instanceof StatResponse) {
                log.add("flags", ((StatResponse) response).getFlags());
                log.add("modtime", Instant.ofEpochSecond(((StatResponse) response).getModificationTime()));
                log.add("size", ((StatResponse) response).getSize());
            } else if (response instanceof LoginResponse) {
                log.add("sessionId", ((LoginResponse) response).getSessionId());
                log.add("sec", emptyToNull(((LoginResponse) response).getSec()));
            } else if (response instanceof OpenResponse) {
                log.add("handle", ((OpenResponse) response).getFileHandle());
                FileStatus fs = ((OpenResponse) response).getFileStatus();
                if (fs != null) {
                    log.add("flags", fs.getFlags());
                    log.add("modtime", Instant.ofEpochSecond(fs.getModificationTime()));
                    log.add("size", fs.getSize());
                }
            }
            log.toLogger(logger);
        }
    }
    ctx.write(msg, promise);
}
Also used : FileStatus(org.dcache.xrootd.util.FileStatus) PathRequest(org.dcache.xrootd.protocol.messages.PathRequest) MkDirRequest(org.dcache.xrootd.protocol.messages.MkDirRequest) LoginRequest(org.dcache.xrootd.protocol.messages.LoginRequest) StatxRequest(org.dcache.xrootd.protocol.messages.StatxRequest) StatRequest(org.dcache.xrootd.protocol.messages.StatRequest) XrootdResponse(org.dcache.xrootd.protocol.messages.XrootdResponse) ReadVRequest(org.dcache.xrootd.protocol.messages.ReadVRequest) EndSessionRequest(org.dcache.xrootd.protocol.messages.EndSessionRequest) OpenResponse(org.dcache.xrootd.protocol.messages.OpenResponse) ReadRequest(org.dcache.xrootd.protocol.messages.ReadRequest) PrepareRequest(org.dcache.xrootd.protocol.messages.PrepareRequest) MvRequest(org.dcache.xrootd.protocol.messages.MvRequest) XrootdRequest(org.dcache.xrootd.protocol.messages.XrootdRequest) LoginResponse(org.dcache.xrootd.protocol.messages.LoginResponse) QueryRequest(org.dcache.xrootd.protocol.messages.QueryRequest) WriteRequest(org.dcache.xrootd.protocol.messages.WriteRequest) RedirectResponse(org.dcache.xrootd.protocol.messages.RedirectResponse) XrootdProtocol.kXR_chkpoint(org.dcache.xrootd.protocol.XrootdProtocol.kXR_chkpoint) NetLoggerBuilder(org.dcache.util.NetLoggerBuilder) ErrorResponse(org.dcache.xrootd.protocol.messages.ErrorResponse) LocateRequest(org.dcache.xrootd.protocol.messages.LocateRequest) SetRequest(org.dcache.xrootd.protocol.messages.SetRequest) SyncRequest(org.dcache.xrootd.protocol.messages.SyncRequest) StatResponse(org.dcache.xrootd.protocol.messages.StatResponse) OpenRequest(org.dcache.xrootd.protocol.messages.OpenRequest) CloseRequest(org.dcache.xrootd.protocol.messages.CloseRequest)

Aggregations

RedirectResponse (org.dcache.xrootd.protocol.messages.RedirectResponse)2 XrootdResponse (org.dcache.xrootd.protocol.messages.XrootdResponse)2 CacheException (diskCacheV111.util.CacheException)1 FileExistsCacheException (diskCacheV111.util.FileExistsCacheException)1 FileIsNewCacheException (diskCacheV111.util.FileIsNewCacheException)1 FileNotFoundCacheException (diskCacheV111.util.FileNotFoundCacheException)1 FsPath (diskCacheV111.util.FsPath)1 NotFileCacheException (diskCacheV111.util.NotFileCacheException)1 PermissionDeniedCacheException (diskCacheV111.util.PermissionDeniedCacheException)1 TimeoutCacheException (diskCacheV111.util.TimeoutCacheException)1 InetSocketAddress (java.net.InetSocketAddress)1 HashMap (java.util.HashMap)1 OptionalLong (java.util.OptionalLong)1 UUID (java.util.UUID)1 Subject (javax.security.auth.Subject)1 NetLoggerBuilder (org.dcache.util.NetLoggerBuilder)1 XrootdException (org.dcache.xrootd.core.XrootdException)1 FilePerm (org.dcache.xrootd.protocol.XrootdProtocol.FilePerm)1 XrootdProtocol.kXR_chkpoint (org.dcache.xrootd.protocol.XrootdProtocol.kXR_chkpoint)1 CloseRequest (org.dcache.xrootd.protocol.messages.CloseRequest)1