diff options
Diffstat (limited to 'src/Common/Request/GSSAPIAuthRequest.h')
-rw-r--r-- | src/Common/Request/GSSAPIAuthRequest.h | 149 |
1 files changed, 7 insertions, 142 deletions
diff --git a/src/Common/Request/GSSAPIAuthRequest.h b/src/Common/Request/GSSAPIAuthRequest.h index 6882f36..dd2afbb 100644 --- a/src/Common/Request/GSSAPIAuthRequest.h +++ b/src/Common/Request/GSSAPIAuthRequest.h @@ -21,19 +21,15 @@ #define MAD_COMMON_REQUEST_GSSAPIAUTHREQUEST_H_ #include "Request.h" -#include "../RequestManager.h" -#include <Net/Connection.h> -#include <Net/Packet.h> #include <string> -#include <cstring> #include <gssapi/gssapi.h> -#include <iostream> - namespace Mad { namespace Common { -namespace Request { +class RequestManager; + +namespace Request { // TODO Logging & error handling! @@ -48,147 +44,16 @@ class GSSAPIAuthRequest : public Request { GSSAPIAuthRequest(const std::string &serviceName0) : serviceName(serviceName0), gssServiceName(GSS_C_NO_NAME), gssContext(GSS_C_NO_CONTEXT), gssContinue(true) {} public: - virtual ~GSSAPIAuthRequest() { - OM_uint32 minStat; - - if(gssServiceName != GSS_C_NO_NAME) - gss_release_name(&minStat, &gssServiceName); - } - - static bool send(Net::Connection *connection, RequestManager &requestManager, const std::string &serviceName0) { - GSSAPIAuthRequest *request = new GSSAPIAuthRequest(serviceName0); - - if(requestManager.sendRequest(connection, request)) - return true; - - delete request; - return false; - } - - virtual bool sendRequest(Net::Connection *connection, uint16_t requestId) { - if(isSent()) - return false; - - OM_uint32 majStat, minStat; - gss_buffer_desc buffer; - - buffer.length = serviceName.length(); - buffer.value = std::malloc(buffer.length); - std::memcpy(buffer.value, serviceName.c_str(), buffer.length); - - majStat = gss_import_name(&minStat, &buffer, GSS_C_NT_HOSTBASED_SERVICE, &gssServiceName); - - std::free(buffer.value); - - if(majStat != GSS_S_COMPLETE) { - gssServiceName = GSS_C_NO_NAME; - return false; - } - - majStat = gss_init_sec_context(&minStat, GSS_C_NO_CREDENTIAL, &gssContext, gssServiceName, GSS_C_NO_OID, GSS_C_MUTUAL_FLAG | GSS_C_REPLAY_FLAG, - 0, GSS_C_NO_CHANNEL_BINDINGS, GSS_C_NO_BUFFER, 0, &buffer, 0, 0); - - if(majStat == GSS_S_COMPLETE) { - std::cout << "GSS context established." << std::endl; - gssContinue = false; - } - else if(majStat != GSS_S_CONTINUE_NEEDED) { - gss_release_buffer(&minStat, &buffer); - return false; - } - - if(!connection->send(Net::Packet(Net::Packet::GSSAPI_AUTH, requestId, buffer.value, buffer.length))) { - gss_release_buffer(&minStat, &buffer); - return false; - } - - gss_release_buffer(&minStat, &buffer); - - setSent(); - return true; - } - - virtual bool handlePacket(Net::Connection *connection, const Net::Packet &packet) { - if(isFinished()) - return false; + virtual ~GSSAPIAuthRequest(); - if(packet.getType() != Net::Packet::GSSAPI_AUTH) - return false; // TODO Logging + static bool send(Net::Connection *connection, RequestManager &requestManager, const std::string &serviceName0); - OM_uint32 majStat, minStat; - gss_buffer_desc recvBuffer, sendBuffer; - - if(gssContinue) { - recvBuffer.length = packet.getLength(); - recvBuffer.value = std::malloc(recvBuffer.length); - std::memcpy(recvBuffer.value, packet.getData(), recvBuffer.length); - - majStat = gss_init_sec_context(&minStat, GSS_C_NO_CREDENTIAL, &gssContext, gssServiceName, GSS_C_NO_OID, GSS_C_MUTUAL_FLAG | GSS_C_REPLAY_FLAG | GSS_C_INTEG_FLAG, - 0, GSS_C_NO_CHANNEL_BINDINGS, &recvBuffer, 0, &sendBuffer, 0, 0); - - std::free(recvBuffer.value); - - if(majStat == GSS_S_COMPLETE) { - std::cout << "GSS context established." << std::endl; - gssContinue = false; - } - else if(majStat != GSS_S_CONTINUE_NEEDED) { - gss_release_buffer(&minStat, &sendBuffer); - return false; - } - - if(!connection->send(Net::Packet(Net::Packet::GSSAPI_AUTH, packet.getRequestId(), sendBuffer.value, sendBuffer.length))) { - gss_release_buffer(&minStat, &sendBuffer); - return false; - } - - gss_release_buffer(&minStat, &sendBuffer); - } - else { - recvBuffer.length = packet.getLength(); - recvBuffer.value = std::malloc(recvBuffer.length); - std::memcpy(recvBuffer.value, packet.getData(), recvBuffer.length); - - const gnutls_datum_t *cert = connection->getPeerCertificate(); - - sendBuffer.length = cert->size; - sendBuffer.value = cert->data; - - majStat = gss_verify_mic(&minStat, gssContext, &sendBuffer, &recvBuffer, 0); - - std::free(recvBuffer.value); - - if(majStat != GSS_S_COMPLETE) - return false; - - connection->setAuthenticated(); - std::cout << "Authentication complete." << std::endl; - - majStat = gss_delete_sec_context(&minStat, &gssContext, &sendBuffer); - - if(majStat != GSS_S_COMPLETE) { - gss_release_buffer(&minStat, &sendBuffer); - return false; - } - - if(!connection->send(Net::Packet(Net::Packet::GSSAPI_AUTH, packet.getRequestId(), sendBuffer.value, sendBuffer.length))) { - gss_release_buffer(&minStat, &sendBuffer); - return false; - } - - gss_release_buffer(&minStat, &sendBuffer); - - setFinished(); - } - - return true; - } + virtual bool sendRequest(Net::Connection *connection, uint16_t requestId); + virtual bool handlePacket(Net::Connection *connection, const Net::Packet &packet); }; } - } - } #endif /* MAD_COMMON_REQUEST_GSSAPIAUTHREQUEST_H_ */ |