XRootD
Loading...
Searching...
No Matches
XrdTlsTempCA.hh
Go to the documentation of this file.
1/******************************************************************************/
2/* */
3/* X r d T l s T e m p C A . h h */
4/* */
5/* (c) 2021 by the Board of Trustees of the Leland Stanford, Jr., University */
6/* Produced by Brian Bockelman */
7/* */
8/* This file is part of the XRootD software suite. */
9/* */
10/* XRootD is free software: you can redistribute it and/or modify it under */
11/* the terms of the GNU Lesser General Public License as published by the */
12/* Free Software Foundation, either version 3 of the License, or (at your */
13/* option) any later version. */
14/* */
15/* XRootD is distributed in the hope that it will be useful, but WITHOUT */
16/* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or */
17/* FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public */
18/* License for more details. */
19/* */
20/* You should have received a copy of the GNU Lesser General Public License */
21/* along with XRootD in a file called COPYING.LESSER (LGPL license) and file */
22/* COPYING (GPL license). If not, see <http://www.gnu.org/licenses/>. */
23/* */
24/* The copyright holder's institutional names and contributor's names may not */
25/* be used to endorse or promote products derived from this software without */
26/* specific prior written permission of the institution or contributor. */
27/******************************************************************************/
28
29#include <string>
30#include <memory>
31
32// Forward dec'ls.
33class XrdSysError;
34
44public:
45 class TempCAGuard;
46
47 XrdTlsTempCA(XrdSysError *log, std::string ca_dir);
49
53 bool IsValid() const {return m_ca_file.get() && m_crl_file.get();}
54
58 std::string CAFilename() const {auto file_ref = m_ca_file; return file_ref ? *file_ref : "";}
59
63 std::string CRLFilename() const {auto file_ref = m_crl_file; return file_ref ? *file_ref : "";}
64
69 bool atLeastOneValidCRLFound() const { return m_atLeastOneCRLFound; }
70
75 public:
76 static std::unique_ptr<TempCAGuard> create(XrdSysError &, const std::string &ca_tmp_dir);
77
78 int getCAFD() const {return m_ca_fd;}
79 std::string getCAFilename() const {return m_ca_fname;}
80
81 int getCRLFD() const {return m_crl_fd;}
82 std::string getCRLFilename() const {return m_crl_fname;}
83
87 bool commit();
88
89 TempCAGuard(const TempCAGuard &) = delete;
90
92
93 private:
94 TempCAGuard(int ca_fd, int crl_fd, const std::string &ca_tmp_dir, const std::string &ca_fname, const std::string &crl_fname);
95
96 int m_ca_fd{-1};
97 int m_crl_fd{-1};
98 std::string m_ca_tmp_dir;
99 std::string m_ca_fname;
100 std::string m_crl_fname;
101 };
102
103
104private:
111 bool Maintenance();
112
116 static void *MaintenanceThread(void *myself_raw);
117
122 int m_maintenance_pipe_r{-1};
123 int m_maintenance_pipe_w{-1};
124 int m_maintenance_thread_pipe_r{-1};
125 int m_maintenance_thread_pipe_w{-1};
126 XrdSysError &m_log;
127 const std::string m_ca_dir;
128 std::shared_ptr<std::string> m_ca_file;
129 std::shared_ptr<std::string> m_crl_file;
130 bool m_atLeastOneCRLFound = false;
131
132 // After success, how long to wait until the next CA reload.
133 static constexpr unsigned m_update_interval = 900;
134 // After failure, how long to wait until the next CA reload.
135 static constexpr unsigned m_update_interval_failure = 10;
136};
static std::unique_ptr< TempCAGuard > create(XrdSysError &, const std::string &ca_tmp_dir)
std::string getCRLFilename() const
std::string getCAFilename() const
TempCAGuard(const TempCAGuard &)=delete
bool atLeastOneValidCRLFound() const
XrdTlsTempCA(XrdSysError *log, std::string ca_dir)
bool IsValid() const
std::string CAFilename() const
std::string CRLFilename() const