From d710e7dc5e8f3895f5d1aa6bd1db0ef3151af8ca Mon Sep 17 00:00:00 2001 From: Matthias Schiffer Date: Sat, 13 Sep 2008 04:39:42 +0200 Subject: Und wieder eine Umbenennungsorgie... --- .../RequestHandlers/GSSAPIAuthRequestHandler.cpp | 113 +++++++++++++++++++++ 1 file changed, 113 insertions(+) create mode 100644 src/Core/RequestHandlers/GSSAPIAuthRequestHandler.cpp (limited to 'src/Core/RequestHandlers/GSSAPIAuthRequestHandler.cpp') diff --git a/src/Core/RequestHandlers/GSSAPIAuthRequestHandler.cpp b/src/Core/RequestHandlers/GSSAPIAuthRequestHandler.cpp new file mode 100644 index 0000000..c1b7e7c --- /dev/null +++ b/src/Core/RequestHandlers/GSSAPIAuthRequestHandler.cpp @@ -0,0 +1,113 @@ +/* + * GSSAPIAuthRequestHandler.cpp + * + * Copyright (C) 2008 Matthias Schiffer + * + * This program is free software: you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. + * See the GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program. If not, see . + */ + +#include "GSSAPIAuthRequestHandler.h" +#include + +#include + +#include + +namespace Mad { +namespace Core { +namespace RequestHandlers { + +// TODO Error handling + +bool GSSAPIAuthRequestHandler::handlePacket(Net::Connection *connection, const Net::Packet &packet) { + if(isFinished()) + return false; + + if(packet.getType() != Net::Packet::GSSAPI_AUTH) + return false; // TODO Logging + + OM_uint32 majStat, minStat; + gss_buffer_desc recvBuffer, sendBuffer; + + if(gssContinue) { + recvBuffer.length = packet.getLength(); + recvBuffer.value = std::malloc(recvBuffer.length); + std::memcpy(recvBuffer.value, packet.getData(), recvBuffer.length); + + majStat = gss_accept_sec_context(&minStat, &gssContext, GSS_C_NO_CREDENTIAL, &recvBuffer, GSS_C_NO_CHANNEL_BINDINGS, 0, 0, &sendBuffer, 0, 0, 0); + + std::free(recvBuffer.value); + + if(majStat == GSS_S_COMPLETE) { + std::cout << "GSS context established." << std::endl; + gssContinue = false; + } + else if(majStat != GSS_S_CONTINUE_NEEDED) { + gss_release_buffer(&minStat, &sendBuffer); + return false; + } + + if(!connection->send(Net::Packet(Net::Packet::GSSAPI_AUTH, packet.getRequestId(), sendBuffer.value, sendBuffer.length))) { + gss_release_buffer(&minStat, &sendBuffer); + return false; + } + + gss_release_buffer(&minStat, &sendBuffer); + } + else if(!sentSignature) { + if(packet.getLength() != 0) + return false; + + const gnutls_datum_t *cert = connection->getCertificate(); + + recvBuffer.length = cert->size; + recvBuffer.value = cert->data; + + majStat = gss_get_mic(&minStat, gssContext, GSS_C_QOP_DEFAULT, &recvBuffer, &sendBuffer); + + if(majStat != GSS_S_COMPLETE) { + gss_release_buffer(&minStat, &sendBuffer); + return false; + } + + if(!connection->send(Net::Packet(Net::Packet::GSSAPI_AUTH, packet.getRequestId(), sendBuffer.value, sendBuffer.length))) { + gss_release_buffer(&minStat, &sendBuffer); + return false; + } + + gss_release_buffer(&minStat, &sendBuffer); + + sentSignature = true; + } + else { + recvBuffer.length = packet.getLength(); + recvBuffer.value = std::malloc(recvBuffer.length); + std::memcpy(recvBuffer.value, packet.getData(), recvBuffer.length); + + majStat = gss_process_context_token(&minStat, gssContext, &recvBuffer); + + std::free(recvBuffer.value); + + if(majStat != GSS_S_COMPLETE) + return false; + + setFinished(); + } + + return true; +} + +} +} +} -- cgit v1.2.3