LSSTApplications  18.0.0+106,18.0.0+50,19.0.0,19.0.0+1,19.0.0+10,19.0.0+11,19.0.0+13,19.0.0+17,19.0.0+2,19.0.0-1-g20d9b18+6,19.0.0-1-g425ff20,19.0.0-1-g5549ca4,19.0.0-1-g580fafe+6,19.0.0-1-g6fe20d0+1,19.0.0-1-g7011481+9,19.0.0-1-g8c57eb9+6,19.0.0-1-gb5175dc+11,19.0.0-1-gdc0e4a7+9,19.0.0-1-ge272bc4+6,19.0.0-1-ge3aa853,19.0.0-10-g448f008b,19.0.0-12-g6990b2c,19.0.0-2-g0d9f9cd+11,19.0.0-2-g3d9e4fb2+11,19.0.0-2-g5037de4,19.0.0-2-gb96a1c4+3,19.0.0-2-gd955cfd+15,19.0.0-3-g2d13df8,19.0.0-3-g6f3c7dc,19.0.0-4-g725f80e+11,19.0.0-4-ga671dab3b+1,19.0.0-4-gad373c5+3,19.0.0-5-ga2acb9c+2,19.0.0-5-gfe96e6c+2,w.2020.01
LSSTDataManagementBasePackage
DbAuth.cc
Go to the documentation of this file.
1 // -*- lsst-c++ -*-
2 
3 /*
4  * LSST Data Management System
5  * Copyright 2008, 2009, 2010, 2016 LSST Corporation.
6  *
7  * This product includes software developed by the
8  * LSST Project (http://www.lsst.org/).
9  *
10  * This program is free software: you can redistribute it and/or modify
11  * it under the terms of the GNU General Public License as published by
12  * the Free Software Foundation, either version 3 of the License, or
13  * (at your option) any later version.
14  *
15  * This program is distributed in the hope that it will be useful,
16  * but WITHOUT ANY WARRANTY; without even the implied warranty of
17  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18  * GNU General Public License for more details.
19  *
20  * You should have received a copy of the LSST License Statement and
21  * the GNU General Public License along with this program. If not,
22  * see <http://www.lsstcorp.org/LegalNotices/>.
23  */
24 
37 #ifndef __GNUC__
38 #define __attribute__(x) /*NOTHING*/
39 #endif
40 static char const* SVNid __attribute__((unused)) = "$Id$";
41 
43 
44 #include <cstdlib>
45 #include <fstream>
46 #include <memory>
47 
48 extern "C" {
49 #include <pwd.h>
50 #include <sys/types.h>
51 #include <sys/stat.h>
52 #include <unistd.h>
53 }
54 
55 #include "lsst/pex/exceptions.h"
56 
57 namespace dafBase = lsst::daf::base;
59 namespace pexPolicy = lsst::pex::policy;
60 
61 static pexPolicy::Policy::Ptr authPolicy(static_cast<pexPolicy::Policy*>(0));
62 
63 static std::pair<std::string, std::string> search(std::string const& host, std::string const& port) {
64  if (authPolicy == 0) {
65  passwd pwd;
66  passwd* pw;
67  long maxbuf = sysconf(_SC_GETPW_R_SIZE_MAX);
68  std::unique_ptr<char[]> buffer(new char[maxbuf]);
69  int ret = getpwuid_r(geteuid(), &pwd, buffer.get(), maxbuf, &pw);
70  if (ret != 0 || pw->pw_dir == 0) {
71  throw LSST_EXCEPT(pexExcept::RuntimeError, "Could not get home directory");
72  }
73  std::string dir = std::string(pw->pw_dir) + "/.lsst";
74  std::string filename = dir + "/db-auth.paf";
75  struct stat st;
76  ret = stat(dir.c_str(), &st);
77  if (ret != 0 || (st.st_mode & (S_IRWXG | S_IRWXO)) != 0) {
78  throw LSST_EXCEPT(pexExcept::RuntimeError, dir + " directory is missing or accessible by others");
79  }
80  ret = stat(filename.c_str(), &st);
81  if (ret != 0 || (st.st_mode & (S_IRWXG | S_IRWXO)) != 0) {
82  throw LSST_EXCEPT(pexExcept::RuntimeError, filename + " is missing or accessible by others");
83  }
84  { authPolicy = pexPolicy::Policy::Ptr(new pexPolicy::Policy(filename)); }
85  }
86  int portNum = atoi(port.c_str());
87  pexPolicy::Policy::PolicyPtrArray authArray = authPolicy->getPolicyArray("database.authInfo");
88  for (pexPolicy::Policy::PolicyPtrArray::const_iterator i = authArray.begin(); i != authArray.end(); ++i) {
89  if ((*i)->getString("host") == host && (*i)->getInt("port") == portNum) {
90  std::string username = (*i)->getString("user");
91  std::string password = (*i)->getString("password");
92  if (username.empty()) {
94  "Empty username for host/port: " + host + ":" + port);
95  }
96  return std::pair<std::string, std::string>(username, password);
97  }
98  }
99  throw LSST_EXCEPT(pexExcept::RuntimeError, "No credentials found for host/port: " + host + ":" + port);
100  return std::pair<std::string, std::string>("", ""); // not reached
101 }
102 
107  authPolicy = pexPolicy::Policy::Ptr(new pexPolicy::Policy(*policy, true));
108 }
109 
112 void dafPersist::DbAuth::resetPolicy() { authPolicy = nullptr; }
113 
120 bool dafPersist::DbAuth::available(std::string const& host, std::string const& port) {
121  try {
122  std::pair<std::string, std::string> result = search(host, port);
123  return true;
124  } catch (...) {
125  return false;
126  }
127  return false; // not reached
128 }
129 
136  std::pair<std::string, std::string> result = search(host, port);
137  return result.first + ":" + result.second;
138 }
139 
146  std::pair<std::string, std::string> result = search(host, port);
147  return result.first;
148 }
149 
156  std::pair<std::string, std::string> result = search(host, port);
157  return result.second;
158 }
std::shared_ptr< Policy > Ptr
Definition: Policy.h:169
T empty(T... args)
Interface for DbAuth class.
#define __attribute__(x)
Definition: DbAuth.cc:38
std::vector< Ptr > PolicyPtrArray
Definition: Policy.h:179
static bool available(std::string const &host, std::string const &port)
Determine whether an authenticator string is available for database access.
Definition: DbAuth.cc:120
a container for holding hierarchical configuration data in memory.
Definition: Policy.h:167
static void setPolicy(lsst::pex::policy::Policy::Ptr policy)
Set the authenticator Policy.
Definition: DbAuth.cc:106
STL class.
static void resetPolicy()
Set the authenticator Policy back to null.
Definition: DbAuth.cc:112
T get(T... args)
static std::string authString(std::string const &host, std::string const &port)
Get the authenticator string for a database.
Definition: DbAuth.cc:135
#define LSST_EXCEPT(type,...)
Create an exception with a given type.
Definition: Exception.h:48
STL class.
T c_str(T... args)
static std::string username(std::string const &host, std::string const &port)
Get the username to use to authenticate to a database.
Definition: DbAuth.cc:145
static std::string password(std::string const &host, std::string const &port)
Get the password to use to authenticate to a database.
Definition: DbAuth.cc:155
py::object result
Definition: _schema.cc:429
Reports errors that are due to events beyond the control of the program.
Definition: Runtime.h:104