XRootD
Loading...
Searching...
No Matches
XrdTls Class Reference

#include <XrdTls.hh>

+ Collaboration diagram for XrdTls:

Public Types

typedef void(* msgCB_t) (const char *tid, const char *msg, bool sslmsg)
 
enum  RC {
  TLS_AOK = 0 ,
  TLS_CON_Closed ,
  TLS_CRT_Missing ,
  TLS_CTX_Missing ,
  TLS_HNV_Error ,
  TLS_SSL_Error ,
  TLS_SYS_Error ,
  TLS_UNK_Error ,
  TLS_VER_Error ,
  TLS_WantAccept ,
  TLS_WantConnect ,
  TLS_WantRead ,
  TLS_WantWrite
}
 

Static Public Member Functions

static void ClearErrorQueue ()
 Clear the SSL error queue for the calling thread.
 
static void Emsg (const char *tid, const char *msg=0, bool flush=true)
 
static std::string RC2Text (XrdTls::RC rc, bool dbg=false)
 
static void SetDebug (int opts, msgCB_t logP)
 
static void SetDebug (int opts, XrdSysLogger *logP=0)
 
static void SetMsgCB (msgCB_t cbP)
 
static RC ssl2RC (int sslrc)
 
static const char * ssl2Text (int sslrc, const char *dflt="unknown_error")
 

Static Public Attributes

static const int dbgALL = 7
 Turn debugging for everything.
 
static const int dbgCTX = 1
 Turn debugging in for context operations.
 
static const int dbgOFF = 0
 Turn debugging off (initial deault)
 
static const int dbgOUT = 8
 Force msgs to stderr for easier client debug.
 
static const int dbgSIO = 4
 Turn debugging in for socket I/O.
 
static const int dbgSOK = 2
 Turn debugging in for socket operations.
 

Detailed Description

Definition at line 36 of file XrdTls.hh.

Member Typedef Documentation

◆ msgCB_t

typedef void(* XrdTls::msgCB_t) (const char *tid, const char *msg, bool sslmsg)

Set the message callback.

Parameters
cbPPointer to the message callback function. If nil, messages are sent to stderr. This is a global setting.
Note
You should establish a callback once in the main thread.

Definition at line 87 of file XrdTls.hh.

Member Enumeration Documentation

◆ RC

enum XrdTls::RC
Enumerator
TLS_AOK 

All went well, will always be zero.

TLS_CON_Closed 

TLS connection has been closed.

TLS_CRT_Missing 

The x509 certificate missing.

TLS_CTX_Missing 

The TLS context is missing.

TLS_HNV_Error 

A hostname validation error occuured.

TLS_SSL_Error 

An SSL error occurred.

TLS_SYS_Error 

A system call error occurred.

TLS_UNK_Error 

An unknown error occurred.

TLS_VER_Error 

Certificate verification failed.

TLS_WantAccept 

Reissue call when Accept() completes.

TLS_WantConnect 

Reissue call when Connect() completes.

TLS_WantRead 

Reissue call when reads do not block.

TLS_WantWrite 

Reissue call when writes do not block.

Definition at line 40 of file XrdTls.hh.

40 {TLS_AOK = 0,
53 };
@ TLS_AOK
All went well, will always be zero.
Definition XrdTls.hh:40
@ TLS_WantWrite
Reissue call when writes do not block.
Definition XrdTls.hh:52
@ TLS_HNV_Error
A hostname validation error occuured.
Definition XrdTls.hh:44
@ TLS_CON_Closed
TLS connection has been closed.
Definition XrdTls.hh:41
@ TLS_WantRead
Reissue call when reads do not block.
Definition XrdTls.hh:51
@ TLS_VER_Error
Certificate verification failed.
Definition XrdTls.hh:48
@ TLS_CRT_Missing
The x509 certificate missing.
Definition XrdTls.hh:42
@ TLS_WantAccept
Reissue call when Accept() completes.
Definition XrdTls.hh:49
@ TLS_UNK_Error
An unknown error occurred.
Definition XrdTls.hh:47
@ TLS_SYS_Error
A system call error occurred.
Definition XrdTls.hh:46
@ TLS_WantConnect
Reissue call when Connect() completes.
Definition XrdTls.hh:50
@ TLS_SSL_Error
An SSL error occurred.
Definition XrdTls.hh:45
@ TLS_CTX_Missing
The TLS context is missing.
Definition XrdTls.hh:43

Member Function Documentation

◆ ClearErrorQueue()

void XrdTls::ClearErrorQueue ( )
static

Clear the SSL error queue for the calling thread.

Definition at line 265 of file XrdTls.cc.

266{
267 ERR_clear_error();
268}

Referenced by XrdCl::Tls::ClearErrorQueue(), and XrdXrootdProtocol::Process2().

+ Here is the caller graph for this function:

◆ Emsg()

void XrdTls::Emsg ( const char * tid,
const char * msg = 0,
bool flush = true )
static

Route an optional error message and flush outstanding messages.

Parameters
tid- Optional trace identifier.
msg- An optional message.
flush- If true prints all outstanding ssl messages. Otherwise, it clears all outstanding sll messages.

Definition at line 104 of file XrdTls.cc.

105{
106
107// Setup the trace ID
108//
109 if (!tid) tid = "TLS";
110
111// Print passed in error, if any
112//
113 if (msg)
114 {msgCB(tid, msg, false);
115 if (echoMsg && msgCB != ToStdErr) ToStdErr(tid, msg, false);
116 }
117
118// Flush all openssl errors if so wanted
119//
120 if (flush) ERR_print_errors_cb(ssl_msg_CB, (void *)tid);
121}
XrdSsiLogger::MCB_t * msgCB

Referenced by XrdTlsCrl::Refresh(), XrdTlsContext::SetCrlRefresh(), XrdTlsFlush::Setup_Flusher(), and XrdTlsSocket::Shutdown().

+ Here is the caller graph for this function:

◆ RC2Text()

std::string XrdTls::RC2Text ( XrdTls::RC rc,
bool dbg = false )
static

Convert TLS RC code to a reason string.

Parameters
rc- The TLS return code.
dbg- True to include additional identifying text. Otherwise, a concise message decribing the error is returned.
Returns
A string describing the error.

Definition at line 127 of file XrdTls.cc.

128{
129 switch(rc)
130 {case TLS_CON_Closed:
131 return std::string("connection closed");
132 break;
133 case TLS_CRT_Missing:
134 return std::string("x509 certificate is missing");
135 break;
136 case TLS_CTX_Missing:
137 return std::string("context is missing");
138 break;
139 case TLS_HNV_Error:
140 return std::string("host name verification failed");
141 break;
142 case TLS_SSL_Error:
143 return std::string("TLS fatal error");
144 break;
145 case TLS_SYS_Error:
146 if (errno == 0) return std::string("socket error");
147 return std::string( XrdSysE2T(errno));
148 break;
149 case TLS_UNK_Error:
150 return std::string("unknown error occurred, sorry!");
151 break;
152 case TLS_VER_Error:
153 return std::string("x509 certificate verification failed");
154 break;
155 case TLS_WantAccept:
156 return std::string("unhandled TLS accept");
157 break;
158 case TLS_WantConnect:
159 return std::string("unhandled TLS connect");
160 break;
161 case TLS_WantRead:
162 return std::string("unhandled TLS read want");
163 break;
164 case TLS_WantWrite:
165 return std::string("unhandled TLS write want");
166 break;
167
168 default: break;
169 }
170 return std::string("unfathomable error occurred!");
171}
const char * XrdSysE2T(int errcode)
Definition XrdSysE2T.cc:99

References TLS_CON_Closed, TLS_CRT_Missing, TLS_CTX_Missing, TLS_HNV_Error, TLS_SSL_Error, TLS_SYS_Error, TLS_UNK_Error, TLS_VER_Error, TLS_WantAccept, TLS_WantConnect, TLS_WantRead, TLS_WantWrite, and XrdSysE2T().

Referenced by XrdLinkXeq::TLS_Error().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ SetDebug() [1/2]

void XrdTls::SetDebug ( int opts,
XrdTls::msgCB_t cbP )
static

Definition at line 186 of file XrdTls.cc.

187{
190}
struct myOpts opts
void SetLogger(XrdSysLogger *logp)
XrdSysTrace SysTrace("TLS", 0)

References opts, XrdSysTrace::SetLogger(), XrdTlsGlobal::SysTrace, and XrdSysTrace::What.

+ Here is the call graph for this function:

◆ SetDebug() [2/2]

void XrdTls::SetDebug ( int opts,
XrdSysLogger * logP = 0 )
static

Definition at line 177 of file XrdTls.cc.

178{
181 echoMsg = (opts & dbgOUT) != 0;
182}
static const int dbgOUT
Force msgs to stderr for easier client debug.
Definition XrdTls.hh:104

References dbgOUT, opts, XrdSysTrace::SetLogger(), XrdTlsGlobal::SysTrace, and XrdSysTrace::What.

Referenced by XrdTlsContext::XrdTlsContext().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ SetMsgCB()

void XrdTls::SetMsgCB ( XrdTls::msgCB_t cbP)
static

Definition at line 196 of file XrdTls.cc.

197{
198 msgCB = (cbP ? cbP : ToStdErr);
199}

◆ ssl2RC()

XrdTls::RC XrdTls::ssl2RC ( int sslrc)
static

Convert SSL error to TLS::RC code.

Parameters
sslrc- the SSL error return code.
Returns
The corresponding TLS::RC code.

Definition at line 205 of file XrdTls.cc.

206{
207// Convert SSL error code to the TLS one
208//
209 switch(sslrc)
210 {case SSL_ERROR_NONE: return TLS_AOK;
211 break;
212 case SSL_ERROR_ZERO_RETURN: return TLS_CON_Closed;
213 break;
214 case SSL_ERROR_WANT_READ: return TLS_WantRead;
215 break;
216 case SSL_ERROR_WANT_WRITE: return TLS_WantWrite;
217 break;
218 case SSL_ERROR_WANT_ACCEPT: return TLS_WantAccept;
219 break;
220 case SSL_ERROR_WANT_CONNECT: return TLS_WantConnect;
221 break;
222 case SSL_ERROR_SYSCALL: return TLS_SYS_Error;
223 break;
224 case SSL_ERROR_SSL: return TLS_SSL_Error;
225 break;
226 default: break;
227 }
228 return TLS_UNK_Error;
229}

References TLS_AOK, TLS_CON_Closed, TLS_SSL_Error, TLS_SYS_Error, TLS_UNK_Error, TLS_WantAccept, TLS_WantConnect, TLS_WantRead, and TLS_WantWrite.

Referenced by XrdTlsSocket::Accept(), XrdTlsSocket::Connect(), XrdTlsSocket::Peek(), XrdTlsSocket::Read(), and XrdTlsSocket::Write().

+ Here is the caller graph for this function:

◆ ssl2Text()

const char * XrdTls::ssl2Text ( int sslrc,
const char * dflt = "unknown_error" )
static

Convert SSL error to text.

Parameters
sslrc- the SSL error return code.
dflt- the default to be return when mapping does no exist.
Returns
The corresponding text or the dflt string is returned.
Note
This is provided because some versions of OpenSSL do not provide a reasonable textual reason no matter what you use.

Definition at line 235 of file XrdTls.cc.

236{
237// Convert SSL error code to the TLS one
238//
239 switch(sslrc)
240 {case SSL_ERROR_NONE: return "error_none";
241 break;
242 case SSL_ERROR_ZERO_RETURN: return "zero_return";
243 break;
244 case SSL_ERROR_WANT_READ: return "want_read";
245 break;
246 case SSL_ERROR_WANT_WRITE: return "want_write";
247 break;
248 case SSL_ERROR_WANT_ACCEPT: return "want_accept";
249 break;
250 case SSL_ERROR_WANT_CONNECT: return "want_connect";
251 break;
252 case SSL_ERROR_WANT_X509_LOOKUP: return "want_x509_lookup";
253 break;
254 case SSL_ERROR_SYSCALL: return "error_syscall";
255 break;
256 case SSL_ERROR_SSL: return "error_ssl";
257 break;
258 default: return dflt;
259 }
260}

Member Data Documentation

◆ dbgALL

const int XrdTls::dbgALL = 7
static

Turn debugging for everything.

Definition at line 103 of file XrdTls.hh.

Referenced by XrdTlsContext::XrdTlsContext().

◆ dbgCTX

const int XrdTls::dbgCTX = 1
static

Turn debugging in for context operations.

Definition at line 100 of file XrdTls.hh.

Referenced by XrdTlsContext::XrdTlsContext(), and XrdTlsFlush::Flusher().

◆ dbgOFF

const int XrdTls::dbgOFF = 0
static

Turn debugging off (initial deault)

Set debugging on or off.

Parameters
optsOne of or more of the options below.
logPPointer to XrdSysLogger or the message callback (see above) to route messages. If nil messages are routed to stderr.

Definition at line 99 of file XrdTls.hh.

◆ dbgOUT

const int XrdTls::dbgOUT = 8
static

Force msgs to stderr for easier client debug.

Definition at line 104 of file XrdTls.hh.

Referenced by XrdTlsContext::XrdTlsContext(), and SetDebug().

◆ dbgSIO

const int XrdTls::dbgSIO = 4
static

Turn debugging in for socket I/O.

Definition at line 102 of file XrdTls.hh.

Referenced by XrdTlsContext::XrdTlsContext(), XrdTlsSocket::Peek(), XrdTlsSocket::Read(), and XrdTlsSocket::Write().

◆ dbgSOK

const int XrdTls::dbgSOK = 2
static

Turn debugging in for socket operations.

Definition at line 101 of file XrdTls.hh.

Referenced by XrdTlsContext::XrdTlsContext(), XrdTlsSocket::Accept(), and XrdTlsSocket::Connect().


The documentation for this class was generated from the following files: