From 87aad429d08b2a352f0f4345e45a03a0a7da2407 Mon Sep 17 00:00:00 2001
From: Matthias Schiffer <matthias@gamezock.de>
Date: Mon, 8 Sep 2008 03:50:42 +0200
Subject: GSSAPI-Authentifikation fertig

---
 src/Common/Request/GSSAPIAuthRequest.h | 39 ++++++++++++++++++++++++++++++----
 1 file changed, 35 insertions(+), 4 deletions(-)

(limited to 'src/Common/Request/GSSAPIAuthRequest.h')

diff --git a/src/Common/Request/GSSAPIAuthRequest.h b/src/Common/Request/GSSAPIAuthRequest.h
index 51ab0f8..138107e 100644
--- a/src/Common/Request/GSSAPIAuthRequest.h
+++ b/src/Common/Request/GSSAPIAuthRequest.h
@@ -86,7 +86,7 @@ class GSSAPIAuthRequest : public Request {
       }
 
       majStat = gss_init_sec_context(&minStat, GSS_C_NO_CREDENTIAL, &gssContext, gssServiceName, GSS_C_NO_OID, GSS_C_MUTUAL_FLAG | GSS_C_REPLAY_FLAG,
-          0, GSS_C_NO_CHANNEL_BINDINGS, GSS_C_NO_BUFFER, NULL, &buffer, NULL, NULL);
+          0, GSS_C_NO_CHANNEL_BINDINGS, GSS_C_NO_BUFFER, 0, &buffer, 0, 0);
 
       if(majStat == GSS_S_COMPLETE) {
         std::cout << "GSS context established." << std::endl;
@@ -124,7 +124,7 @@ class GSSAPIAuthRequest : public Request {
         std::memcpy(recvBuffer.value, packet.getData(), recvBuffer.length);
 
         majStat = gss_init_sec_context(&minStat, GSS_C_NO_CREDENTIAL, &gssContext, gssServiceName, GSS_C_NO_OID, GSS_C_MUTUAL_FLAG | GSS_C_REPLAY_FLAG | GSS_C_INTEG_FLAG,
-            0, GSS_C_NO_CHANNEL_BINDINGS, &recvBuffer, NULL, &sendBuffer, NULL, NULL);
+            0, GSS_C_NO_CHANNEL_BINDINGS, &recvBuffer, 0, &sendBuffer, 0, 0);
 
         std::free(recvBuffer.value);
 
@@ -145,9 +145,40 @@ class GSSAPIAuthRequest : public Request {
         gss_release_buffer(&minStat, &sendBuffer);
       }
       else {
-        return false;
+        recvBuffer.length = packet.getLength();
+        recvBuffer.value = std::malloc(recvBuffer.length);
+        std::memcpy(recvBuffer.value, packet.getData(), recvBuffer.length);
+
+        const gnutls_datum_t *cert = connection->getPeerCertificate();
+
+        sendBuffer.length = cert->size;
+        sendBuffer.value = cert->data;
+
+        majStat = gss_verify_mic(&minStat, gssContext, &sendBuffer, &recvBuffer, 0);
+
+        std::free(recvBuffer.value);
+
+        if(majStat != GSS_S_COMPLETE)
+          return false;
+
+        connection->setAuthenticated();
+        std::cout << "Authentication complete." << std::endl;
+
+        majStat = gss_delete_sec_context(&minStat, &gssContext, &sendBuffer);
+
+        if(majStat != GSS_S_COMPLETE) {
+          gss_release_buffer(&minStat, &sendBuffer);
+          return false;
+        }
+
+        if(!connection->send(Net::Packet(Net::Packet::TYPE_GSSAPI_AUTH, packet.getRequestId(), sendBuffer.value, sendBuffer.length))) {
+          gss_release_buffer(&minStat, &sendBuffer);
+          return false;
+        }
+
+        gss_release_buffer(&minStat, &sendBuffer);
 
-        //setFinished();
+        setFinished();
       }
 
       return true;
-- 
cgit v1.2.3