VOMS CC API 1.5.0
|
#include <voms_api.h>
Public Member Functions | |
vomsdata (std::string voms_dir="", std::string cert_dir="") | |
bool | LoadSystemContacts (std::string dir="") |
bool | LoadUserContacts (std::string dir="") |
std::vector< contactdata > | FindByAlias (std::string alias) |
std::vector< contactdata > | FindByVO (std::string vo) |
void | Order (std::string att) |
void | ResetOrder (void) |
void | AddTarget (std::string target) |
std::vector< std::string > | ListTargets (void) |
void | ResetTargets (void) |
std::string | ServerErrors (void) |
bool | Retrieve (X509 *cert, STACK_OF(X509) *chain, recurse_type how=RECURSE_CHAIN) |
bool | Contact (std::string hostname, int port, std::string servsubject, std::string command) |
bool | Contact (std::string hostname, int port, std::string servsubject, std::string command, int timeout) |
bool | ContactRaw (std::string hostname, int port, std::string servsubject, std::string command, std::string &raw, int &version) |
bool | ContactRaw (std::string hostname, int port, std::string servsubject, std::string command, std::string &raw, int &version, int timeout) |
void | SetVerificationType (verify_type how) |
void | SetLifetime (int lifetime) |
bool | Import (std::string buffer) |
bool | Export (std::string &data) |
bool | DefaultData (voms &) |
std::string | ErrorMessage (void) |
bool | RetrieveFromCtx (gss_ctx_id_t context, recurse_type how) |
bool | RetrieveFromCred (gss_cred_id_t credential, recurse_type how) |
bool | Retrieve (X509_EXTENSION *ext) |
bool | RetrieveFromProxy (recurse_type how) |
bool | Retrieve (FILE *file, recurse_type how) |
bool | Retrieve (AC *ac) |
~vomsdata () | |
vomsdata (const vomsdata &) | |
void | SetRetryCount (int retryCount) |
void | SetVerificationTime (time_t) |
bool | LoadCredentials (X509 *, EVP_PKEY *, STACK_OF(X509) *) |
bool | ContactRESTRaw (const std::string &, int, const std::string &, std::string &, int, int) |
Static Public Member Functions | |
static void | SkipSslInitialization () |
Data Fields | |
verror_type | error |
std::vector< voms > | data |
std::string | workvo |
std::string | extra_data |
Definition at line 197 of file voms_api.h.
vomsdata::vomsdata | ( | std::string | voms_dir = "" , |
std::string | cert_dir = "" |
||
) |
voms_dir | The directory which contains the certificate of the VOMS server |
cert_dir | The directory which contains the certificate of the CA |
If voms_dir is empty, the value of the environment variable X509_VOMS_DIR is taken.
If cert_dir is empty, the value of the environment variable X509_CERT_DIR is taken.
vomsdata::~vomsdata | ( | ) |
vomsdata::vomsdata | ( | const vomsdata & | ) |
void vomsdata::AddTarget | ( | std::string | target | ) |
Adds a target to the AC.
\param target The target to be added. it should be a FQDN.
bool vomsdata::Contact | ( | std::string | hostname, |
int | port, | ||
std::string | servsubject, | ||
std::string | command | ||
) |
Contacts a VOMS server to get a certificate
It is the equivalent of the voms_proxy_init command, but without the --include functionality. \param hostname FQDN of the VOMS server \param port the port on which the VOMS server is listening \param servsubject the subject of the server's certificate \param command the command sent to the server \return failure (F) or success (T)
bool vomsdata::Contact | ( | std::string | hostname, |
int | port, | ||
std::string | servsubject, | ||
std::string | command, | ||
int | timeout | ||
) |
Contacts a VOMS server to get a certificate
It is the equivalent of the voms_proxy_init command, but without the --include functionality. \param hostname FQDN of the VOMS server \param port the port on which the VOMS server is listening \param servsubject the subject of the server's certificate \param command the command sent to the server \param timeout Timeout for server connections in seconds \return failure (F) or success (T)
bool vomsdata::ContactRaw | ( | std::string | hostname, |
int | port, | ||
std::string | servsubject, | ||
std::string | command, | ||
std::string & | raw, | ||
int & | version | ||
) |
Same as Contact, however it does not start the verification process, and the message receviedfrom the server is not parsed.
hostname | FQDN of the VOMS server |
port | the port on which the VOMS server is listening |
servsubject | the subject of the server's certificate |
command | the command sent to the server |
raw | OUTPUT PARAMETER the answer from the server |
version | OUTPUT PARAMETER the version of the answer |
bool vomsdata::ContactRaw | ( | std::string | hostname, |
int | port, | ||
std::string | servsubject, | ||
std::string | command, | ||
std::string & | raw, | ||
int & | version, | ||
int | timeout | ||
) |
Same as Contact, however it does not start the verification process, and the message receviedfrom the server is not parsed.
hostname | FQDN of the VOMS server |
port | the port on which the VOMS server is listening |
servsubject | the subject of the server's certificate |
command | the command sent to the server |
raw | OUTPUT PARAMETER the answer from the server |
version | OUTPUT PARAMETER the version of the answer |
timeout | Timeout for server connections in seconds |
bool vomsdata::ContactRESTRaw | ( | const std::string & | , |
int | , | ||
const std::string & | , | ||
std::string & | , | ||
int | , | ||
int | |||
) |
bool vomsdata::DefaultData | ( | voms & | ) |
Get the default data extension from those present in the pseudo certificate
std::string vomsdata::ErrorMessage | ( | void | ) |
Gets a textual description of the error.
bool vomsdata::Export | ( | std::string & | data | ) |
Exports data from vomsdata::data to the format used for inclusion into a certificate.
The function doesn't verify the data
data | The certificate extension |
std::vector< contactdata > vomsdata::FindByAlias | ( | std::string | alias | ) |
Finds servers which share a common alias.
alias | The alias to look for. |
std::vector< contactdata > vomsdata::FindByVO | ( | std::string | vo | ) |
Finds servers which serve a common VO
vo | The VO name to look for. |
bool vomsdata::Import | ( | std::string | buffer | ) |
Converts data from the format used for inclusion into a certificate to the internal format
The function does verify the data.
buffer | contains the data to be converted |
std::vector< std::string > vomsdata::ListTargets | ( | void | ) |
Returns the list of targets.
bool vomsdata::LoadCredentials | ( | X509 * | , |
EVP_PKEY * | , | ||
STACK_OF(X509) * | |||
) |
bool vomsdata::LoadSystemContacts | ( | std::string | dir = "" | ) |
Loads the system wide configuration files.
dir | The directory in which the files are stored. |
If dir is empty, defaults to /opt/edg/etc/vomses.
bool vomsdata::LoadUserContacts | ( | std::string | dir = "" | ) |
Loads the user-specific configuration files.
dir | The directory in which the files are stored. |
If dir is empty, defaults to $VOMS_USERCONF. If this is empty too, defaults to $HOME/.edg/vomses, or to ~/.edg/vomses as a last resort.
void vomsdata::Order | ( | std::string | att | ) |
Sets up the ordering of the results.
Defines the ordering of the data returned by Contact(). Results are ordered in the same order as the calls to this function. \param att The attribute to be ordered.
void vomsdata::ResetOrder | ( | void | ) |
Resets the ordering.
void vomsdata::ResetTargets | ( | void | ) |
Resets the target list.
bool vomsdata::Retrieve | ( | AC * | ac | ) |
Gets VOMS information from the AC
ac | The extension to parse. |
bool vomsdata::Retrieve | ( | FILE * | file, |
recurse_type | how | ||
) |
Gets VOMS information from a proxy saved as a file.
file | the file name |
how | Recursion type |
Note: Does NOT verify that the proxy is valid. Such verification must be obtained through other means.
bool vomsdata::Retrieve | ( | X509 * | cert, |
STACK_OF(X509) * | chain, | ||
recurse_type | how = RECURSE_CHAIN |
||
) |
Extracts the VOMS extension from an X.509 certificate. The function doesn't check the validity of the certificates, but it does check the content of the user data.
cert | The certificate with the VOMS extensions |
chain | The chain of the validation certificates (only the intermediate ones) |
how | Recursion type |
bool vomsdata::Retrieve | ( | X509_EXTENSION * | ext | ) |
Gets VOMS information from the given extension
ext | The extension to parse. |
bool vomsdata::RetrieveFromCred | ( | gss_cred_id_t | credential, |
recurse_type | how | ||
) |
Gets VOMS information from the given globus credential
credential | The credential from which to retrieve the certificate. |
how | Recursion type |
bool vomsdata::RetrieveFromCtx | ( | gss_ctx_id_t | context, |
recurse_type | how | ||
) |
Gets VOMS information from the given globus context
context | The context from which to retrieve the certificate. |
how | Recursion type |
bool vomsdata::RetrieveFromProxy | ( | recurse_type | how | ) |
Gets VOMS information from an existing globus proxy
how | Recursion type |
std::string vomsdata::ServerErrors | ( | void | ) |
Gets the error message returned by the server
void vomsdata::SetLifetime | ( | int | lifetime | ) |
Set requested lifetime for the Contact() call.
lifetime | Requested lifetime, in seconds |
void vomsdata::SetRetryCount | ( | int | retryCount | ) |
void vomsdata::SetVerificationTime | ( | time_t | ) |
void vomsdata::SetVerificationType | ( | verify_type | how | ) |
Sets the type of verification done on the data.
how | The type of verification. |
|
static |
std::vector<voms> vomsdata::data |
User's info, as in the certificate extension. It may contain data gathered from more than one VOMS server,
Definition at line 375 of file voms_api.h.
verror_type vomsdata::error |
Error code
Definition at line 216 of file voms_api.h.
std::string vomsdata::extra_data |
The data specified by the user with the –include switch.
Note that this field doesn't contain the result of a request to the VOMS server, but instead data specified by the user.
The reason for the introduction of this extension is to let a user include important data into his proxy certificate, like, for example, a kerberos ticket
Definition at line 379 of file voms_api.h.
std::string vomsdata::workvo |
The value of the -vo option of the voms-proxy-init command
Definition at line 378 of file voms_api.h.