GSSAPI-Authentifikation fertig

author: Matthias Schiffer <matthias@gamezock.de> 2008-09-08 03:50:42 +0200
committer: Matthias Schiffer <matthias@gamezock.de> 2008-09-08 03:50:42 +0200
commit: 87aad429d08b2a352f0f4345e45a03a0a7da2407 (patch)
tree: 2d1edba8fedbf8d6a77acb7223def7012437ce76 /src/Core
parent: 406510059972fdbfb14bc8985980f52c655d5946 (diff)
download: mad-87aad429d08b2a352f0f4345e45a03a0a7da2407.tar
mad-87aad429d08b2a352f0f4345e45a03a0a7da2407.zip
1 files changed, 41 insertions, 5 deletions
diff --git a/src/Core/RequestHandler/GSSAPIAuthRequestHandler.h b/src/Core/RequestHandler/GSSAPIAuthRequestHandler.h
index 204af6f..47538a4 100644
--- a/src/Core/RequestHandler/GSSAPIAuthRequestHandler.h
+++ b/src/Core/RequestHandler/GSSAPIAuthRequestHandler.h
@@ -31,14 +31,16 @@ namespace Mad {
 namespace Core {
 namespace RequestHandler {
 
+// TODO Error handling
+
 class GSSAPIAuthRequestHandler : public Common::RequestHandler {
   private:
     gss_ctx_id_t gssContext;
 
-    bool gssContinue;
+    bool gssContinue, sentSignature;
 
   public:
-    GSSAPIAuthRequestHandler() : gssContext(GSS_C_NO_CONTEXT), gssContinue(true) {}
+    GSSAPIAuthRequestHandler() : gssContext(GSS_C_NO_CONTEXT), gssContinue(true), sentSignature(false) {}
 
     virtual bool handlePacket(Net::Connection *connection, const Net::Packet &packet) {
       if(isFinished())
@@ -55,7 +57,7 @@ class GSSAPIAuthRequestHandler : public Common::RequestHandler {
         recvBuffer.value = std::malloc(recvBuffer.length);
         std::memcpy(recvBuffer.value, packet.getData(), recvBuffer.length);
 
-        majStat = gss_accept_sec_context(&minStat, &gssContext, GSS_C_NO_CREDENTIAL, &recvBuffer, GSS_C_NO_CHANNEL_BINDINGS, NULL, NULL, &sendBuffer, NULL, NULL, NULL);
+        majStat = gss_accept_sec_context(&minStat, &gssContext, GSS_C_NO_CREDENTIAL, &recvBuffer, GSS_C_NO_CHANNEL_BINDINGS, 0, 0, &sendBuffer, 0, 0, 0);
 
         std::free(recvBuffer.value);
 
@@ -75,10 +77,44 @@ class GSSAPIAuthRequestHandler : public Common::RequestHandler {
 
         gss_release_buffer(&minStat, &sendBuffer);
       }
+      else if(!sentSignature) {
+        if(packet.getLength() != 0)
+          return false;
+
+        const gnutls_datum_t *cert = connection->getCertificate();
+
+        recvBuffer.length = cert->size;
+        recvBuffer.value = cert->data;
+
+        majStat = gss_get_mic(&minStat, gssContext, GSS_C_QOP_DEFAULT, &recvBuffer, &sendBuffer);
+
+        if(majStat != GSS_S_COMPLETE) {
+          gss_release_buffer(&minStat, &sendBuffer);
+          return false;
+        }
+
+        if(!connection->send(Net::Packet(Net::Packet::TYPE_GSSAPI_AUTH, packet.getRequestId(), sendBuffer.value, sendBuffer.length))) {
+          gss_release_buffer(&minStat, &sendBuffer);
+          return false;
+        }
+
+        gss_release_buffer(&minStat, &sendBuffer);
+
+        sentSignature = true;
+      }
       else {
-        return false;
+        recvBuffer.length = packet.getLength();
+        recvBuffer.value = std::malloc(recvBuffer.length);
+        std::memcpy(recvBuffer.value, packet.getData(), recvBuffer.length);
+
+        majStat = gss_process_context_token(&minStat, gssContext, &recvBuffer);
+
+        std::free(recvBuffer.value);
+
+        if(majStat != GSS_S_COMPLETE)
+          return false;
 
-        //setFinished();
+        setFinished();
       }
 
       return true;
author	Matthias Schiffer <matthias@gamezock.de>	2008-09-08 03:50:42 +0200
committer	Matthias Schiffer <matthias@gamezock.de>	2008-09-08 03:50:42 +0200
commit	87aad429d08b2a352f0f4345e45a03a0a7da2407 (patch)
tree	2d1edba8fedbf8d6a77acb7223def7012437ce76 /src/Core
parent	406510059972fdbfb14bc8985980f52c655d5946 (diff)
download	mad-87aad429d08b2a352f0f4345e45a03a0a7da2407.tar mad-87aad429d08b2a352f0f4345e45a03a0a7da2407.zip