diff options
Diffstat (limited to 'src/Core/RequestHandlers/GSSAPIAuthRequestHandler.cpp')
-rw-r--r-- | src/Core/RequestHandlers/GSSAPIAuthRequestHandler.cpp | 113 |
1 files changed, 113 insertions, 0 deletions
diff --git a/src/Core/RequestHandlers/GSSAPIAuthRequestHandler.cpp b/src/Core/RequestHandlers/GSSAPIAuthRequestHandler.cpp new file mode 100644 index 0000000..c1b7e7c --- /dev/null +++ b/src/Core/RequestHandlers/GSSAPIAuthRequestHandler.cpp @@ -0,0 +1,113 @@ +/* + * GSSAPIAuthRequestHandler.cpp + * + * Copyright (C) 2008 Matthias Schiffer <matthias@gamezock.de> + * + * This program is free software: you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. + * See the GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program. If not, see <http://www.gnu.org/licenses/>. + */ + +#include "GSSAPIAuthRequestHandler.h" +#include <Net/Connection.h> + +#include <cstring> + +#include <iostream> + +namespace Mad { +namespace Core { +namespace RequestHandlers { + +// TODO Error handling + +bool GSSAPIAuthRequestHandler::handlePacket(Net::Connection *connection, const Net::Packet &packet) { + if(isFinished()) + return false; + + if(packet.getType() != Net::Packet::GSSAPI_AUTH) + return false; // TODO Logging + + OM_uint32 majStat, minStat; + gss_buffer_desc recvBuffer, sendBuffer; + + if(gssContinue) { + recvBuffer.length = packet.getLength(); + recvBuffer.value = std::malloc(recvBuffer.length); + std::memcpy(recvBuffer.value, packet.getData(), recvBuffer.length); + + majStat = gss_accept_sec_context(&minStat, &gssContext, GSS_C_NO_CREDENTIAL, &recvBuffer, GSS_C_NO_CHANNEL_BINDINGS, 0, 0, &sendBuffer, 0, 0, 0); + + std::free(recvBuffer.value); + + if(majStat == GSS_S_COMPLETE) { + std::cout << "GSS context established." << std::endl; + gssContinue = false; + } + else if(majStat != GSS_S_CONTINUE_NEEDED) { + gss_release_buffer(&minStat, &sendBuffer); + return false; + } + + if(!connection->send(Net::Packet(Net::Packet::GSSAPI_AUTH, packet.getRequestId(), sendBuffer.value, sendBuffer.length))) { + gss_release_buffer(&minStat, &sendBuffer); + return false; + } + + gss_release_buffer(&minStat, &sendBuffer); + } + else if(!sentSignature) { + if(packet.getLength() != 0) + return false; + + const gnutls_datum_t *cert = connection->getCertificate(); + + recvBuffer.length = cert->size; + recvBuffer.value = cert->data; + + majStat = gss_get_mic(&minStat, gssContext, GSS_C_QOP_DEFAULT, &recvBuffer, &sendBuffer); + + if(majStat != GSS_S_COMPLETE) { + gss_release_buffer(&minStat, &sendBuffer); + return false; + } + + if(!connection->send(Net::Packet(Net::Packet::GSSAPI_AUTH, packet.getRequestId(), sendBuffer.value, sendBuffer.length))) { + gss_release_buffer(&minStat, &sendBuffer); + return false; + } + + gss_release_buffer(&minStat, &sendBuffer); + + sentSignature = true; + } + else { + recvBuffer.length = packet.getLength(); + recvBuffer.value = std::malloc(recvBuffer.length); + std::memcpy(recvBuffer.value, packet.getData(), recvBuffer.length); + + majStat = gss_process_context_token(&minStat, gssContext, &recvBuffer); + + std::free(recvBuffer.value); + + if(majStat != GSS_S_COMPLETE) + return false; + + setFinished(); + } + + return true; +} + +} +} +} |