summaryrefslogtreecommitdiffstats
path: root/src/Common/Request/GSSAPIAuthRequest.h
diff options
context:
space:
mode:
Diffstat (limited to 'src/Common/Request/GSSAPIAuthRequest.h')
-rw-r--r--src/Common/Request/GSSAPIAuthRequest.h149
1 files changed, 7 insertions, 142 deletions
diff --git a/src/Common/Request/GSSAPIAuthRequest.h b/src/Common/Request/GSSAPIAuthRequest.h
index 6882f36..dd2afbb 100644
--- a/src/Common/Request/GSSAPIAuthRequest.h
+++ b/src/Common/Request/GSSAPIAuthRequest.h
@@ -21,19 +21,15 @@
#define MAD_COMMON_REQUEST_GSSAPIAUTHREQUEST_H_
#include "Request.h"
-#include "../RequestManager.h"
-#include <Net/Connection.h>
-#include <Net/Packet.h>
#include <string>
-#include <cstring>
#include <gssapi/gssapi.h>
-#include <iostream>
-
namespace Mad {
namespace Common {
-namespace Request {
+class RequestManager;
+
+namespace Request {
// TODO Logging & error handling!
@@ -48,147 +44,16 @@ class GSSAPIAuthRequest : public Request {
GSSAPIAuthRequest(const std::string &serviceName0) : serviceName(serviceName0), gssServiceName(GSS_C_NO_NAME), gssContext(GSS_C_NO_CONTEXT), gssContinue(true) {}
public:
- virtual ~GSSAPIAuthRequest() {
- OM_uint32 minStat;
-
- if(gssServiceName != GSS_C_NO_NAME)
- gss_release_name(&minStat, &gssServiceName);
- }
-
- static bool send(Net::Connection *connection, RequestManager &requestManager, const std::string &serviceName0) {
- GSSAPIAuthRequest *request = new GSSAPIAuthRequest(serviceName0);
-
- if(requestManager.sendRequest(connection, request))
- return true;
-
- delete request;
- return false;
- }
-
- virtual bool sendRequest(Net::Connection *connection, uint16_t requestId) {
- if(isSent())
- return false;
-
- OM_uint32 majStat, minStat;
- gss_buffer_desc buffer;
-
- buffer.length = serviceName.length();
- buffer.value = std::malloc(buffer.length);
- std::memcpy(buffer.value, serviceName.c_str(), buffer.length);
-
- majStat = gss_import_name(&minStat, &buffer, GSS_C_NT_HOSTBASED_SERVICE, &gssServiceName);
-
- std::free(buffer.value);
-
- if(majStat != GSS_S_COMPLETE) {
- gssServiceName = GSS_C_NO_NAME;
- return false;
- }
-
- majStat = gss_init_sec_context(&minStat, GSS_C_NO_CREDENTIAL, &gssContext, gssServiceName, GSS_C_NO_OID, GSS_C_MUTUAL_FLAG | GSS_C_REPLAY_FLAG,
- 0, GSS_C_NO_CHANNEL_BINDINGS, GSS_C_NO_BUFFER, 0, &buffer, 0, 0);
-
- if(majStat == GSS_S_COMPLETE) {
- std::cout << "GSS context established." << std::endl;
- gssContinue = false;
- }
- else if(majStat != GSS_S_CONTINUE_NEEDED) {
- gss_release_buffer(&minStat, &buffer);
- return false;
- }
-
- if(!connection->send(Net::Packet(Net::Packet::GSSAPI_AUTH, requestId, buffer.value, buffer.length))) {
- gss_release_buffer(&minStat, &buffer);
- return false;
- }
-
- gss_release_buffer(&minStat, &buffer);
-
- setSent();
- return true;
- }
-
- virtual bool handlePacket(Net::Connection *connection, const Net::Packet &packet) {
- if(isFinished())
- return false;
+ virtual ~GSSAPIAuthRequest();
- if(packet.getType() != Net::Packet::GSSAPI_AUTH)
- return false; // TODO Logging
+ static bool send(Net::Connection *connection, RequestManager &requestManager, const std::string &serviceName0);
- OM_uint32 majStat, minStat;
- gss_buffer_desc recvBuffer, sendBuffer;
-
- if(gssContinue) {
- recvBuffer.length = packet.getLength();
- recvBuffer.value = std::malloc(recvBuffer.length);
- std::memcpy(recvBuffer.value, packet.getData(), recvBuffer.length);
-
- majStat = gss_init_sec_context(&minStat, GSS_C_NO_CREDENTIAL, &gssContext, gssServiceName, GSS_C_NO_OID, GSS_C_MUTUAL_FLAG | GSS_C_REPLAY_FLAG | GSS_C_INTEG_FLAG,
- 0, GSS_C_NO_CHANNEL_BINDINGS, &recvBuffer, 0, &sendBuffer, 0, 0);
-
- std::free(recvBuffer.value);
-
- if(majStat == GSS_S_COMPLETE) {
- std::cout << "GSS context established." << std::endl;
- gssContinue = false;
- }
- else if(majStat != GSS_S_CONTINUE_NEEDED) {
- gss_release_buffer(&minStat, &sendBuffer);
- return false;
- }
-
- if(!connection->send(Net::Packet(Net::Packet::GSSAPI_AUTH, packet.getRequestId(), sendBuffer.value, sendBuffer.length))) {
- gss_release_buffer(&minStat, &sendBuffer);
- return false;
- }
-
- gss_release_buffer(&minStat, &sendBuffer);
- }
- else {
- recvBuffer.length = packet.getLength();
- recvBuffer.value = std::malloc(recvBuffer.length);
- std::memcpy(recvBuffer.value, packet.getData(), recvBuffer.length);
-
- const gnutls_datum_t *cert = connection->getPeerCertificate();
-
- sendBuffer.length = cert->size;
- sendBuffer.value = cert->data;
-
- majStat = gss_verify_mic(&minStat, gssContext, &sendBuffer, &recvBuffer, 0);
-
- std::free(recvBuffer.value);
-
- if(majStat != GSS_S_COMPLETE)
- return false;
-
- connection->setAuthenticated();
- std::cout << "Authentication complete." << std::endl;
-
- majStat = gss_delete_sec_context(&minStat, &gssContext, &sendBuffer);
-
- if(majStat != GSS_S_COMPLETE) {
- gss_release_buffer(&minStat, &sendBuffer);
- return false;
- }
-
- if(!connection->send(Net::Packet(Net::Packet::GSSAPI_AUTH, packet.getRequestId(), sendBuffer.value, sendBuffer.length))) {
- gss_release_buffer(&minStat, &sendBuffer);
- return false;
- }
-
- gss_release_buffer(&minStat, &sendBuffer);
-
- setFinished();
- }
-
- return true;
- }
+ virtual bool sendRequest(Net::Connection *connection, uint16_t requestId);
+ virtual bool handlePacket(Net::Connection *connection, const Net::Packet &packet);
};
}
-
}
-
}
#endif /* MAD_COMMON_REQUEST_GSSAPIAUTHREQUEST_H_ */
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-01 11:09:03 +0200