Particle Physics Group



gridsite.h File Reference

Go to the source code of this file.

Data Structures

struct  GRSTgaclAcl
struct  GRSTgaclCred
struct  GRSTgaclEntry
struct  GRSTgaclNamevalue
struct  GRSTgaclUser
struct  GRSThttpBody
struct  GRSThttpCharsList


typedef int GRSTgaclAction
typedef unsigned int GRSTgaclPerm


int GRSTgaclInit (void)
GRSTgaclCredGRSTgaclCredNew (char *)
int GRSTgaclCredAddValue (GRSTgaclCred *, char *, char *)
int GRSTgaclCredFree (GRSTgaclCred *)
int GRSTgaclEntryAddCred (GRSTgaclEntry *, GRSTgaclCred *)
int GRSTgaclEntryDelCred (GRSTgaclEntry *, GRSTgaclCred *)
int GRSTgaclCredCredPrint (GRSTgaclCred *, FILE *)
GRSTgaclEntryGRSTgaclEntryNew (void)
int GRSTgaclEntryFree (GRSTgaclEntry *)
int GRSTgaclAclAddEntry (GRSTgaclAcl *, GRSTgaclEntry *)
int GRSTgaclEntryPrint (GRSTgaclEntry *, FILE *)
int GRSTgaclPermPrint (GRSTgaclPerm, FILE *)
int GRSTgaclEntryAllowPerm (GRSTgaclEntry *, GRSTgaclPerm)
int GRSTgaclEntryUnallowPerm (GRSTgaclEntry *, GRSTgaclPerm)
int GRSTgaclEntryDenyPerm (GRSTgaclEntry *, GRSTgaclPerm)
int GRSTgaclUndenyPerm (GRSTgaclEntry *, GRSTgaclPerm)
char * GRSTgaclPermToChar (GRSTgaclPerm)
GRSTgaclPerm GRSTgaclPermFromChar (char *)
GRSTgaclAclGRSTgaclAclNew (void)
int GRSTgaclAclFree (GRSTgaclAcl *)
int GRSTgaclAclPrint (GRSTgaclAcl *, FILE *)
int GRSTgaclAclSave (GRSTgaclAcl *, char *)
GRSTgaclAclGRSTgaclAclLoadFile (char *)
char * GRSTgaclFileFindAclname (char *)
GRSTgaclAclGRSTgaclAclLoadforFile (char *)
int GRSTgaclFileIsAcl (char *)
GRSTgaclUserGRSTgaclUserNew (GRSTgaclCred *)
int GRSTgaclUserFree (GRSTgaclUser *)
int GRSTgaclUserAddCred (GRSTgaclUser *, GRSTgaclCred *)
int GRSTgaclUserHasCred (GRSTgaclUser *, GRSTgaclCred *)
int GRSTgaclUserSetDNlists (GRSTgaclUser *, char *)
GRSTgaclCredGRSTgaclUserFindCredtype (GRSTgaclUser *, char *)
int GRSTgaclDNlistHasUser (char *, GRSTgaclUser *)
GRSTgaclPerm GRSTgaclAclTestUser (GRSTgaclAcl *, GRSTgaclUser *)
GRSTgaclPerm GRSTgaclAclTestexclUser (GRSTgaclAcl *, GRSTgaclUser *)
char * GRSThttpUrlDecode (char *)
char * GRSThttpUrlEncode (char *)
char * GRSThttpUrlMildencode (char *)
int GRSTx509KnownCriticalExts (X509 *)
 Check critical extensions. More...

time_t GRSTasn1TimeToTimeT (char *)
 ASN1 time string (in a char *) to time_t. More...

int GRSTx509IsCA (X509 *)
 Check if certificate can be used as a CA to sign standard X509 certs. More...

int GRSTx509CheckChain (X509_STORE_CTX *)
 Check certificate chain for GSI proxy acceptability. More...

int GRSTx509VerifyCallback (int, X509_STORE_CTX *)
 Example VerifyCallback routine. More...

int GRSTx509GetVomsCreds (int *, int, size_t, char *, X509 *, X509 *)
 Get the VOMS attributes in the extensions to the given cert. More...

GRSTgaclCredGRSTx509CompactToCred (char *)
 Turn a Compact Cred line into a GRSTgaclCred object. More...

int GRSTx509CompactCreds (int *, int, size_t, char *, STACK_OF(X509)*)
 Get the credentials in an X509 cert/GSI proxy, including any VOMS. More...

void GRSThttpBodyInit (GRSThttpBody *)
void GRSThttpPrintf (GRSThttpBody *, char *,...)
int GRSThttpCopy (GRSThttpBody *, char *)
void GRSThttpWriteOut (GRSThttpBody *)
int GRSThttpPrintHeaderFooter (GRSThttpBody *, char *, char *)
char * GRSThttpGetCGI (char *)

Typedef Documentation

typedef int GRSTgaclAction

typedef unsigned int GRSTgaclPerm

Function Documentation

time_t GRSTasn1TimeToTimeT char *    asn1time

ASN1 time string (in a char *) to time_t.

(Use ASN1_STRING_data() to convert ASN1_GENERALIZEDTIME to char * if necessary)

int GRSTgaclAclAddEntry GRSTgaclAcl  ,

int GRSTgaclAclFree GRSTgaclAcl  

GRSTgaclAcl* GRSTgaclAclLoadFile char *   

GRSTgaclAcl* GRSTgaclAclLoadforFile char *   

GRSTgaclAcl* GRSTgaclAclNew void   

int GRSTgaclAclPrint GRSTgaclAcl  ,
FILE *   

int GRSTgaclAclSave GRSTgaclAcl  ,
char *   

GRSTgaclPerm GRSTgaclAclTestexclUser GRSTgaclAcl  ,

GRSTgaclPerm GRSTgaclAclTestUser GRSTgaclAcl  ,

int GRSTgaclCredAddValue GRSTgaclCred  ,
char *   ,
char *   

int GRSTgaclCredCredPrint GRSTgaclCred  ,
FILE *   

int GRSTgaclCredFree GRSTgaclCred  

GRSTgaclCred* GRSTgaclCredNew char *   

int GRSTgaclDNlistHasUser char *   ,

int GRSTgaclEntryAddCred GRSTgaclEntry  ,

int GRSTgaclEntryAllowPerm GRSTgaclEntry  ,

int GRSTgaclEntryDelCred GRSTgaclEntry  ,

int GRSTgaclEntryDenyPerm GRSTgaclEntry  ,

int GRSTgaclEntryFree GRSTgaclEntry  

GRSTgaclEntry* GRSTgaclEntryNew void   

int GRSTgaclEntryPrint GRSTgaclEntry  ,
FILE *   

int GRSTgaclEntryUnallowPerm GRSTgaclEntry  ,

char* GRSTgaclFileFindAclname char *   

int GRSTgaclFileIsAcl char *   

int GRSTgaclInit void   

GRSTgaclPerm GRSTgaclPermFromChar char *   

int GRSTgaclPermPrint GRSTgaclPerm   ,
FILE *   

char* GRSTgaclPermToChar GRSTgaclPerm   

int GRSTgaclUndenyPerm GRSTgaclEntry  ,

int GRSTgaclUserAddCred GRSTgaclUser  ,

GRSTgaclCred* GRSTgaclUserFindCredtype GRSTgaclUser  ,
char *   

int GRSTgaclUserFree GRSTgaclUser  

int GRSTgaclUserHasCred GRSTgaclUser  ,

GRSTgaclUser* GRSTgaclUserNew GRSTgaclCred  

int GRSTgaclUserSetDNlists GRSTgaclUser  ,
char *   

void GRSThttpBodyInit GRSThttpBody  

int GRSThttpCopy GRSThttpBody  ,
char *   

char* GRSThttpGetCGI char *   

void GRSThttpPrintf GRSThttpBody  ,
char *   ,

int GRSThttpPrintHeaderFooter GRSThttpBody  ,
char *   ,
char *   

char* GRSThttpUrlDecode char *   

char* GRSThttpUrlEncode char *   

char* GRSThttpUrlMildencode char *   

void GRSThttpWriteOut GRSThttpBody  

int GRSTx509CheckChain X509_STORE_CTX *    ctx

Check certificate chain for GSI proxy acceptability.

Returns X509_V_OK/GRST_RET_OK if valid; OpenSSL X509 errors otherwise.

Adapted from GSIcheck written by Mike Jones, SVE, Manchester Computing, The University of Manchester.

The GridSite version handles old and new style Globus proxies, and proxies derived from user certificates issued with "X509v3 Basic Constraints: CA:FALSE" (eg UK e-Science CA)

TODO: we do not yet check ProxyCertInfo and ProxyCertPolicy extensions (although via GRSTx509KnownCriticalExts() we can accept them.) we do not yet check chain links between certs

int GRSTx509CompactCreds int *    lastcred,
int    maxcreds,
size_t    credlen,
char *    creds,
STACK_OF(X509)*    certstack

Get the credentials in an X509 cert/GSI proxy, including any VOMS.

Credentials are placed in Compact Creds string array at *creds.

Function returns GRST_RET_OK on success, or GRST_RET_FAILED if some inconsistency found in certificate.

GRSTgaclCred* GRSTx509CompactToCred char *    grst_cred

Turn a Compact Cred line into a GRSTgaclCred object.

Returns pointer to created GRSTgaclCred or NULL or failure.

int GRSTx509GetVomsCreds int *   ,
int   ,
size_t   ,
char *   ,
X509 *   ,
X509 *   

Get the VOMS attributes in the extensions to the given cert.

int GRSTx509IsCA X509 *   

Check if certificate can be used as a CA to sign standard X509 certs.

int GRSTx509KnownCriticalExts X509 *    cert

Check critical extensions.

Returning GRST_RET_OK if all of extensions are known to us or OpenSSL; GRST_REF_FAILED otherwise.

Since this function relies on functionality (X509_supported_extension) introduced in 0.9.7, then we do nothing and report an error (GRST_RET_FAILED) if one of the associated defines (X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION) is absent.

int GRSTx509VerifyCallback int    ok,
X509_STORE_CTX *    ctx

Example VerifyCallback routine.

Generated on Thu Nov 27 10:49:01 2003 by doxygen1.2.14 written by Dimitri van Heesch, © 1997-2002

Last modified Fri 28 November 2003 . View page history
Switch to HTTPS . Website Help . Print View . Built with GridSite 2.2.6