Example 1 with InboundAuthenticationResponse
use of org.dcache.xrootd.tpc.protocol.messages.InboundAuthenticationResponse in project xrootd4j by dCache.
the class GSIBucketUtils method deserializeData.
public static BucketData deserializeData(InboundAuthenticationResponse response) throws XrootdException {
BucketData data = new BucketData();
ByteBuf buffer = response.getDataBuffer();
data.protocol = deserializeProtocol(buffer);
data.step = deserializeStep(buffer);
try {
data.bucketMap.putAll(GSIBucketUtils.deserializeBuckets(buffer));
/*
* if pxyreq, do not deserialize and unpack the main bucket.
*/
if (data.step != kXGS_pxyreq) {
RawBucket mainBucket = (RawBucket) data.bucketMap.remove(kXRS_main);
ByteBuf mainBuffer = wrappedBuffer(mainBucket.getContent());
/*
* protocol and server step are repeated inside this bucket;
* skip.
*/
mainBuffer.readerIndex(8);
data.bucketMap.putAll(GSIBucketUtils.deserializeBuckets(mainBuffer));
}
} catch (IOException e) {
throw new XrootdException(kXR_IOError, e.toString());
}
response.releaseBuffer();
if (LOGGER.isTraceEnabled()) {
LOGGER.trace(describe("// Inbound Authentication Response", b -> dumpBuckets(b, data.bucketMap.values(), getServerStep(data.step)), response.getStreamId(), response.getRequestId(), response.getStatus()));
}
return data;
}
Also used :
XrootdSecurityProtocol.kXGC_reserved(org.dcache.xrootd.security.XrootdSecurityProtocol.kXGC_reserved)
XrootdSecurityProtocol.getServerStep(org.dcache.xrootd.security.XrootdSecurityProtocol.getServerStep)
XrootdSecurityProtocol.kXGC_certreq(org.dcache.xrootd.security.XrootdSecurityProtocol.kXGC_certreq)
XrootdSecurityProtocol.getClientStep(org.dcache.xrootd.security.XrootdSecurityProtocol.getClientStep)
LoggerFactory(org.slf4j.LoggerFactory)
XrootdEncoder.writeZeroPad(org.dcache.xrootd.core.XrootdEncoder.writeZeroPad)
XrootdDecoder.readAscii(org.dcache.xrootd.core.XrootdDecoder.readAscii)
BucketType.kXRS_version(org.dcache.xrootd.security.XrootdSecurityProtocol.BucketType.kXRS_version)
BucketType(org.dcache.xrootd.security.XrootdSecurityProtocol.BucketType)
ByteBuf(io.netty.buffer.ByteBuf)
Map(java.util.Map)
Unpooled.wrappedBuffer(io.netty.buffer.Unpooled.wrappedBuffer)
BucketType.kXRS_main(org.dcache.xrootd.security.XrootdSecurityProtocol.BucketType.kXRS_main)
Logger(org.slf4j.Logger)
EnumMap(java.util.EnumMap)
Collection(java.util.Collection)
IOException(java.io.IOException)
XrootdProtocol.kXR_IOError(org.dcache.xrootd.protocol.XrootdProtocol.kXR_IOError)
Consumer(java.util.function.Consumer)
List(java.util.List)
XrootdException(org.dcache.xrootd.core.XrootdException)
InboundAuthenticationResponse(org.dcache.xrootd.tpc.protocol.messages.InboundAuthenticationResponse)
AUTHN_PROTOCOL_TYPE_LEN(org.dcache.xrootd.protocol.messages.LoginResponse.AUTHN_PROTOCOL_TYPE_LEN)
XrootdSecurityProtocol.kXGS_pxyreq(org.dcache.xrootd.security.XrootdSecurityProtocol.kXGS_pxyreq)
AuthenticationRequest(org.dcache.xrootd.protocol.messages.AuthenticationRequest)
IOException(java.io.IOException)
ByteBuf(io.netty.buffer.ByteBuf)
XrootdException(org.dcache.xrootd.core.XrootdException)
Example 2 with InboundAuthenticationResponse
use of org.dcache.xrootd.tpc.protocol.messages.InboundAuthenticationResponse in project xrootd4j by dCache.
the class GSIClientAuthenticationHandler method sendAuthenticationRequest.
@Override
protected void sendAuthenticationRequest(ChannelHandlerContext ctx) throws XrootdException {
/*
* sendAuthenticationRequest is called by onLoginResponse first,
* then by onAuthenticationResponse. The request handler
* should be created on the login response.
*/
if (requestHandler == null) {
requestHandler = createRequestHandler();
}
ChannelId id = ctx.channel().id();
int streamId = client.getStreamId();
XrootdTpcInfo tpcInfo = client.getInfo();
OutboundAuthenticationRequest request;
InboundAuthenticationResponse response = client.getAuthResponse();
if (response != null) {
BucketData data = deserializeData(response);
serverStep = data.getStep();
if (!data.getProtocol().equals(PROTOCOL)) {
throw new XrootdException(kGSErrBadProtocol, "server replied " + "with incorrect protocol: " + data.getProtocol());
}
switch(serverStep) {
case kXGS_cert:
request = requestHandler.handleCertStep(response, data, ctx);
LOGGER.debug("sendAuthenticationRequest to {}, channel {}, " + "stream {}, step: cert.", tpcInfo.getSrc(), id, streamId);
break;
case kXGS_pxyreq:
/*
* This is a TPC client only. It tells the server
* it does not sign proxy requests. If this
* step is received here, we should reject it.
* Fall through to exception.
*/
default:
throw new XrootdException(kGSErrBadOpt, "client does not handle requested " + "authentication step " + getServerStep(serverStep) + ".");
}
} else {
request = requestHandler.handleCertReqStep();
LOGGER.debug("sendAuthenticationRequest to {}, channel {}, " + "stream {}, step: cert request.", tpcInfo.getSrc(), id, streamId);
}
requestHandler.updateLastRequest();
client.setExpectedResponse(kXR_auth);
client.setAuthResponse(null);
ctx.writeAndFlush(request, ctx.newPromise()).addListener(FIRE_EXCEPTION_ON_FAILURE);
client.startTimer(ctx);
}
Also used :
XrootdTpcInfo(org.dcache.xrootd.tpc.XrootdTpcInfo)
BucketData(org.dcache.xrootd.plugins.authn.gsi.GSIBucketUtils.BucketData)
OutboundAuthenticationRequest(org.dcache.xrootd.tpc.protocol.messages.OutboundAuthenticationRequest)
ChannelId(io.netty.channel.ChannelId)
XrootdException(org.dcache.xrootd.core.XrootdException)
InboundAuthenticationResponse(org.dcache.xrootd.tpc.protocol.messages.InboundAuthenticationResponse)
Example 3 with InboundAuthenticationResponse
use of org.dcache.xrootd.tpc.protocol.messages.InboundAuthenticationResponse in project xrootd4j by dCache.
the class XrootdClientDecoder method decode.
@Override
protected void decode(ChannelHandlerContext ctx, ByteBuf in, List<Object> out) {
ChannelId id = ctx.channel().id();
int readable = in.readableBytes();
if (readable < SERVER_RESPONSE_LEN) {
return;
}
int pos = in.readerIndex();
int headerFrameLength = in.getInt(pos + 4);
if (headerFrameLength < 0) {
LOGGER.error("Decoder {}, channel {}: received illegal " + "frame length in " + "xrootd header: {}." + " Closing channel.", sourceUrn, id, headerFrameLength);
ctx.channel().close();
return;
}
int length = SERVER_RESPONSE_LEN + headerFrameLength;
if (readable < length) {
return;
}
ByteBuf frame = in.readSlice(length);
int requestId = client.getExpectedResponse();
try {
switch(frame.getUnsignedShort(2)) {
case kXR_error:
LOGGER.debug("Decoder {}, channel {}: adding error response.", sourceUrn, id);
out.add(new InboundErrorResponse(frame));
return;
case kXR_wait:
LOGGER.debug("Decoder {}, channel {}: adding wait response.", sourceUrn, id);
out.add(new InboundWaitResponse(frame, requestId));
return;
case kXR_waitresp:
LOGGER.debug("Decoder {}, channel {}: adding waitresp response.", sourceUrn, id);
out.add(new InboundWaitRespResponse(frame, requestId));
return;
case kXR_redirect:
LOGGER.debug("Decoder {}, channel {}: adding redirect response.", sourceUrn, id);
out.add(new InboundRedirectResponse(frame, requestId));
return;
case kXR_attn:
LOGGER.debug("Decoder {}, channel {}: adding attn response.", sourceUrn, id);
out.add(new InboundAttnResponse(frame, requestId));
return;
}
switch(requestId) {
case kXR_handshake:
LOGGER.debug("Decoder {}, channel {}: adding handshake response.", sourceUrn, id);
out.add(new InboundHandshakeResponse(frame));
break;
case kXR_protocol:
LOGGER.debug("Decoder {}, channel {}: adding protocol response.", sourceUrn, id);
out.add(new InboundProtocolResponse(frame));
break;
case kXR_login:
LOGGER.debug("Decoder {}, channel {}: adding login response.", sourceUrn, id);
out.add(new InboundLoginResponse(frame));
break;
case kXR_auth:
LOGGER.debug("Decoder {}, channel {}: adding authentication response.", sourceUrn, id);
out.add(new InboundAuthenticationResponse(frame));
break;
case kXR_open:
LOGGER.debug("Decoder {}, channel {}: adding open response.", sourceUrn, id);
out.add(new InboundOpenReadOnlyResponse(frame));
break;
case kXR_read:
LOGGER.debug("Decoder {}, channel {}: adding read response.", sourceUrn, id);
out.add(new InboundReadResponse(frame));
break;
case kXR_query:
LOGGER.debug("Decoder {}, channel {}: adding query response.", sourceUrn, id);
out.add(new InboundChecksumResponse(frame));
break;
case kXR_close:
LOGGER.debug("Decoder {}, channel {}: adding close response.", sourceUrn, id);
out.add(new InboundCloseResponse(frame));
break;
case kXR_endsess:
LOGGER.debug("Decoder {}, channel {}: adding endsess response.", sourceUrn, id);
out.add(new InboundEndSessionResponse(frame));
break;
default:
LOGGER.debug("Decoder {}, channel {}, received incorrect " + "response of request type {}.", sourceUrn, id, requestId);
throw new XrootdException(kXR_error, "received incorrect response type.");
}
} catch (ParseException | XrootdException e) {
LOGGER.error("Decoder {}, channel {}: error for request type {}: {}. " + "Closing channel.", requestId, id, e.getMessage());
client.setError(e);
client.shutDown(ctx);
}
}
Also used :
InboundReadResponse(org.dcache.xrootd.tpc.protocol.messages.InboundReadResponse)
InboundProtocolResponse(org.dcache.xrootd.tpc.protocol.messages.InboundProtocolResponse)
InboundCloseResponse(org.dcache.xrootd.tpc.protocol.messages.InboundCloseResponse)
InboundChecksumResponse(org.dcache.xrootd.tpc.protocol.messages.InboundChecksumResponse)
InboundErrorResponse(org.dcache.xrootd.tpc.protocol.messages.InboundErrorResponse)
InboundWaitResponse(org.dcache.xrootd.tpc.protocol.messages.InboundWaitResponse)
InboundHandshakeResponse(org.dcache.xrootd.tpc.protocol.messages.InboundHandshakeResponse)
InboundLoginResponse(org.dcache.xrootd.tpc.protocol.messages.InboundLoginResponse)
ChannelId(io.netty.channel.ChannelId)
ByteBuf(io.netty.buffer.ByteBuf)
InboundAttnResponse(org.dcache.xrootd.tpc.protocol.messages.InboundAttnResponse)
InboundRedirectResponse(org.dcache.xrootd.tpc.protocol.messages.InboundRedirectResponse)
InboundWaitRespResponse(org.dcache.xrootd.tpc.protocol.messages.InboundWaitRespResponse)
InboundEndSessionResponse(org.dcache.xrootd.tpc.protocol.messages.InboundEndSessionResponse)
InboundOpenReadOnlyResponse(org.dcache.xrootd.tpc.protocol.messages.InboundOpenReadOnlyResponse)
ParseException(org.dcache.xrootd.util.ParseException)
XrootdException(org.dcache.xrootd.core.XrootdException)
InboundAuthenticationResponse(org.dcache.xrootd.tpc.protocol.messages.InboundAuthenticationResponse)
Aggregations
XrootdException (org.dcache.xrootd.core.XrootdException)3
InboundAuthenticationResponse (org.dcache.xrootd.tpc.protocol.messages.InboundAuthenticationResponse)3
ByteBuf (io.netty.buffer.ByteBuf)2
ChannelId (io.netty.channel.ChannelId)2
Unpooled.wrappedBuffer (io.netty.buffer.Unpooled.wrappedBuffer)1
IOException (java.io.IOException)1
Collection (java.util.Collection)1
EnumMap (java.util.EnumMap)1
List (java.util.List)1
Map (java.util.Map)1
Consumer (java.util.function.Consumer)1
XrootdDecoder.readAscii (org.dcache.xrootd.core.XrootdDecoder.readAscii)1
XrootdEncoder.writeZeroPad (org.dcache.xrootd.core.XrootdEncoder.writeZeroPad)1
BucketData (org.dcache.xrootd.plugins.authn.gsi.GSIBucketUtils.BucketData)1
XrootdProtocol.kXR_IOError (org.dcache.xrootd.protocol.XrootdProtocol.kXR_IOError)1
AuthenticationRequest (org.dcache.xrootd.protocol.messages.AuthenticationRequest)1
AUTHN_PROTOCOL_TYPE_LEN (org.dcache.xrootd.protocol.messages.LoginResponse.AUTHN_PROTOCOL_TYPE_LEN)1
BucketType (org.dcache.xrootd.security.XrootdSecurityProtocol.BucketType)1
BucketType.kXRS_main (org.dcache.xrootd.security.XrootdSecurityProtocol.BucketType.kXRS_main)1
BucketType.kXRS_version (org.dcache.xrootd.security.XrootdSecurityProtocol.BucketType.kXRS_version)1
