LSSTApplications  17.0+124,17.0+14,17.0+73,18.0.0+37,18.0.0+80,18.0.0-4-g68ffd23+4,18.1.0-1-g0001055+12,18.1.0-1-g03d53ef+5,18.1.0-1-g1349e88+55,18.1.0-1-g2505f39+44,18.1.0-1-g5315e5e+4,18.1.0-1-g5e4b7ea+14,18.1.0-1-g7e8fceb+4,18.1.0-1-g85f8cd4+48,18.1.0-1-g8ff0b9f+4,18.1.0-1-ga2c679d+1,18.1.0-1-gd55f500+35,18.1.0-10-gb58edde+2,18.1.0-11-g0997b02+4,18.1.0-13-gfe4edf0b+12,18.1.0-14-g259bd21+21,18.1.0-19-gdb69f3f+2,18.1.0-2-g5f9922c+24,18.1.0-2-gd3b74e5+11,18.1.0-2-gfbf3545+32,18.1.0-26-g728bddb4+5,18.1.0-27-g6ff7ca9+2,18.1.0-3-g52aa583+25,18.1.0-3-g8ea57af+9,18.1.0-3-gb69f684+42,18.1.0-3-gfcaddf3+6,18.1.0-32-gd8786685a,18.1.0-4-gf3f9b77+6,18.1.0-5-g1dd662b+2,18.1.0-5-g6dbcb01+41,18.1.0-6-gae77429+3,18.1.0-7-g9d75d83+9,18.1.0-7-gae09a6d+30,18.1.0-9-gc381ef5+4,w.2019.45
LSSTDataManagementBasePackage
DbAuth.cc
Go to the documentation of this file.
1 // -*- lsst-c++ -*-
2 
3 /*
4  * LSST Data Management System
5  * Copyright 2008, 2009, 2010, 2016 LSST Corporation.
6  *
7  * This product includes software developed by the
8  * LSST Project (http://www.lsst.org/).
9  *
10  * This program is free software: you can redistribute it and/or modify
11  * it under the terms of the GNU General Public License as published by
12  * the Free Software Foundation, either version 3 of the License, or
13  * (at your option) any later version.
14  *
15  * This program is distributed in the hope that it will be useful,
16  * but WITHOUT ANY WARRANTY; without even the implied warranty of
17  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18  * GNU General Public License for more details.
19  *
20  * You should have received a copy of the LSST License Statement and
21  * the GNU General Public License along with this program. If not,
22  * see <http://www.lsstcorp.org/LegalNotices/>.
23  */
24 
37 #ifndef __GNUC__
38 #define __attribute__(x) /*NOTHING*/
39 #endif
40 static char const* SVNid __attribute__((unused)) = "$Id$";
41 
43 
44 #include <cstdlib>
45 #include <fstream>
46 #include <memory>
47 
48 extern "C" {
49 #include <pwd.h>
50 #include <sys/types.h>
51 #include <sys/stat.h>
52 #include <unistd.h>
53 }
54 
55 #include "lsst/pex/exceptions.h"
56 
57 namespace dafBase = lsst::daf::base;
59 namespace pexPolicy = lsst::pex::policy;
60 
61 static pexPolicy::Policy::Ptr authPolicy(static_cast<pexPolicy::Policy*>(0));
62 
63 static std::pair<std::string, std::string> search(std::string const& host, std::string const& port) {
64  if (authPolicy == 0) {
65  passwd pwd;
66  passwd* pw;
67  long maxbuf = sysconf(_SC_GETPW_R_SIZE_MAX);
68  std::unique_ptr<char[]> buffer(new char[maxbuf]);
69  int ret = getpwuid_r(geteuid(), &pwd, buffer.get(), maxbuf, &pw);
70  if (ret != 0 || pw->pw_dir == 0) {
71  throw LSST_EXCEPT(pexExcept::RuntimeError, "Could not get home directory");
72  }
73  std::string dir = std::string(pw->pw_dir) + "/.lsst";
74  std::string filename = dir + "/db-auth.paf";
75  struct stat st;
76  ret = stat(dir.c_str(), &st);
77  if (ret != 0 || (st.st_mode & (S_IRWXG | S_IRWXO)) != 0) {
78  throw LSST_EXCEPT(pexExcept::RuntimeError, dir + " directory is missing or accessible by others");
79  }
80  ret = stat(filename.c_str(), &st);
81  if (ret != 0 || (st.st_mode & (S_IRWXG | S_IRWXO)) != 0) {
82  throw LSST_EXCEPT(pexExcept::RuntimeError, filename + " is missing or accessible by others");
83  }
84  { authPolicy = pexPolicy::Policy::Ptr(new pexPolicy::Policy(filename)); }
85  }
86  int portNum = atoi(port.c_str());
87  pexPolicy::Policy::PolicyPtrArray authArray = authPolicy->getPolicyArray("database.authInfo");
88  for (pexPolicy::Policy::PolicyPtrArray::const_iterator i = authArray.begin(); i != authArray.end(); ++i) {
89  if ((*i)->getString("host") == host && (*i)->getInt("port") == portNum) {
90  std::string username = (*i)->getString("user");
91  std::string password = (*i)->getString("password");
92  if (username.empty()) {
94  "Empty username for host/port: " + host + ":" + port);
95  }
96  return std::pair<std::string, std::string>(username, password);
97  }
98  }
99  throw LSST_EXCEPT(pexExcept::RuntimeError, "No credentials found for host/port: " + host + ":" + port);
100  return std::pair<std::string, std::string>("", ""); // not reached
101 }
102 
107  authPolicy = pexPolicy::Policy::Ptr(new pexPolicy::Policy(*policy, true));
108 }
109 
112 void dafPersist::DbAuth::resetPolicy() { authPolicy = nullptr; }
113 
120 bool dafPersist::DbAuth::available(std::string const& host, std::string const& port) {
121  try {
122  std::pair<std::string, std::string> result = search(host, port);
123  return true;
124  } catch (...) {
125  return false;
126  }
127  return false; // not reached
128 }
129 
136  std::pair<std::string, std::string> result = search(host, port);
137  return result.first + ":" + result.second;
138 }
139 
146  std::pair<std::string, std::string> result = search(host, port);
147  return result.first;
148 }
149 
156  std::pair<std::string, std::string> result = search(host, port);
157  return result.second;
158 }
std::shared_ptr< Policy > Ptr
Definition: Policy.h:169
T empty(T... args)
Interface for DbAuth class.
#define __attribute__(x)
Definition: DbAuth.cc:38
std::vector< Ptr > PolicyPtrArray
Definition: Policy.h:179
static bool available(std::string const &host, std::string const &port)
Determine whether an authenticator string is available for database access.
Definition: DbAuth.cc:120
a container for holding hierarchical configuration data in memory.
Definition: Policy.h:167
static void setPolicy(lsst::pex::policy::Policy::Ptr policy)
Set the authenticator Policy.
Definition: DbAuth.cc:106
STL class.
static void resetPolicy()
Set the authenticator Policy back to null.
Definition: DbAuth.cc:112
T get(T... args)
static std::string authString(std::string const &host, std::string const &port)
Get the authenticator string for a database.
Definition: DbAuth.cc:135
#define LSST_EXCEPT(type,...)
Create an exception with a given type.
Definition: Exception.h:48
STL class.
T c_str(T... args)
static std::string username(std::string const &host, std::string const &port)
Get the username to use to authenticate to a database.
Definition: DbAuth.cc:145
static std::string password(std::string const &host, std::string const &port)
Get the password to use to authenticate to a database.
Definition: DbAuth.cc:155
py::object result
Definition: _schema.cc:429
Reports errors that are due to events beyond the control of the program.
Definition: Runtime.h:104