gssweb.git
4 years agoFinal fixes for getting GSSWeb to work again. master
Mark Donnelly [Sun, 2 Aug 2015 13:57:07 +0000 (09:57 -0400)]
Final fixes for getting GSSWeb to work again.

4 years agoEnsure init_sec_context endpoint is the document host.
Mark Donnelly [Fri, 31 Jul 2015 19:24:17 +0000 (15:24 -0400)]
Ensure init_sec_context endpoint is the document host.

* Hook calls to import_name and remember the hostname associated with the result
* Check on calls to init_sec_context that the hostname for the supplied target handle

4 years agoRework the invalid argument for init sec context exception
Mark Donnelly [Fri, 31 Jul 2015 16:33:49 +0000 (12:33 -0400)]
Rework the invalid argument for init sec context exception

* GSSException:
  * Separate out messages for major an minor error messages
  * Reduce the what() message
  * Change the flow so that major and minor messages are calculated at initialization time, so that everything else can be guaranteed not to throw any exceptions
* GSSRequest:
  * Standardize the formatting of the errors returned by a GSSException
* GSSInitSecContext
  * Throw GSSException instead of invalid_argument when the mech is unacceptable

4 years agoMoving the cmd cleanup back to the error path, as the cmd was used later in the succe...
Mark Donnelly [Thu, 16 Jul 2015 15:06:35 +0000 (11:06 -0400)]
Moving the cmd cleanup back to the error path, as the cmd was used later in the success path.

4 years agoanother couple of things to ignore
Mark Donnelly [Mon, 13 Jul 2015 20:14:28 +0000 (16:14 -0400)]
another couple of things to ignore

4 years agoReturn an error when GSSInitSecContext is called with an unacceptable mechanism.
Mark Donnelly [Mon, 13 Jul 2015 19:02:56 +0000 (15:02 -0400)]
Return an error when GSSInitSecContext is called with an unacceptable mechanism.

* Throw std::invalid_argument when the argument doesn't match the GSS_EAP mechanism
* Catch the std::invalid_argument exception within GSSRequest, and generate a somewhat meaningful JSON response with it:
  { method: "method_name",
    return_values:
    { major_status: -1,
      minor_status: -1,
      errors:
      { major_status_message: "An error occurred in parsing the JSON arguments.",
        minor_status_message: "1.2.3.4 must be 1.3.6.1.5.5.15.1.1.*"
      }
    }
  }

  Note that the status codes are -1, which will never happen in GSS itself - those values are unsigned.

4 years agoAdd prefix matching test for OIDs.
Mark Donnelly [Mon, 13 Jul 2015 18:34:14 +0000 (14:34 -0400)]
Add prefix matching test for OIDs.

* Add ability to test whether this OID matches a given prefix
* Add convenience function for the mech_eap OID prefix test

4 years agoRename gssEap to gss
Mark Donnelly [Thu, 9 Jul 2015 18:23:07 +0000 (14:23 -0400)]
Rename gssEap to gss

* Rename the GSSEap functions to GSS
* Renanme navigator.gssEap.js to navigator.gss.js

4 years agoChange from eap-aes-256 to eap-aes-128
Mark Donnelly [Wed, 8 Jul 2015 19:17:08 +0000 (15:17 -0400)]
Change from eap-aes-256 to eap-aes-128

128 is the only one registered in the spec.

4 years agoIgnore debug/ directory
Mark Donnelly [Wed, 8 Jul 2015 17:03:56 +0000 (13:03 -0400)]
Ignore debug/ directory

4 years agoAdd a ruby script for interactive command line testing of json_gssapi
Mark Donnelly [Wed, 8 Jul 2015 17:03:04 +0000 (13:03 -0400)]
Add a ruby script for interactive command line testing of json_gssapi

4 years agoUse acquired credentials in GSSInitSecContext.
Mark Donnelly [Wed, 8 Jul 2015 17:02:08 +0000 (13:02 -0400)]
Use acquired credentials in GSSInitSecContext.

4 years agoChange the license on the distributable file to the MIT license
Mark Donnelly [Mon, 6 Jul 2015 18:10:37 +0000 (14:10 -0400)]
Change the license on the distributable file to the MIT license

4 years agoGSSAcquireCred works.
Mark Donnelly [Tue, 30 Jun 2015 18:50:46 +0000 (14:50 -0400)]
GSSAcquireCred works.

* Add a cache of acquired credentials
* Implement the Acquire Cred
* Serialize credentials appropriately

4 years agoIgnore build and editor junk files
Mark Donnelly [Wed, 24 Jun 2015 19:27:24 +0000 (15:27 -0400)]
Ignore build and editor junk files

4 years agoFix the build broken by the previous commit
Mark Donnelly [Wed, 24 Jun 2015 19:20:09 +0000 (15:20 -0400)]
Fix the build broken by the previous commit

4 years agoAdd copyright comment headers to appropriate files
Mark Donnelly [Wed, 24 Jun 2015 16:42:39 +0000 (12:42 -0400)]
Add copyright comment headers to appropriate files

4 years agoMerge branch 'master' of ssh://moonshot.suchdamage.org/srv/git/gssweb
Margaret Wasserman [Fri, 29 May 2015 20:26:17 +0000 (16:26 -0400)]
Merge branch 'master' of ssh://moonshot.suchdamage.org/srv/git/gssweb

Conflicts:
browsers/chrome/CMakeLists.txt
browsers/firefox/CMakeLists.txt

4 years agoChange gssEAP to gss in navigator.gss(Eap).js and make corresponding changes.
Margaret Wasserman [Fri, 29 May 2015 20:17:22 +0000 (16:17 -0400)]
Change gssEAP to gss in navigator.gss(Eap).js and make corresponding changes.
Change default mechanism OID to eap-aes128.

4 years agoAdd copyrights to files that didn't have them.
Margaret Wasserman [Fri, 29 May 2015 15:02:35 +0000 (11:02 -0400)]
Add copyrights to files that didn't have them.

4 years agoUpdate xpi unpack
Sam hartman [Fri, 22 May 2015 18:19:22 +0000 (19:19 +0100)]
Update xpi unpack

The macros I found don't appear to have made it into RHEL yet, so
expand them out to something that will work for RHEL6 and 7.

4 years agoInclude firefox extension packaging for centos
Sam Hartman [Thu, 21 May 2015 19:05:40 +0000 (15:05 -0400)]
Include firefox extension packaging for centos

4 years agoInitial RPM spec
Sam hartman [Fri, 23 Jan 2015 18:24:00 +0000 (18:24 +0000)]
Initial RPM spec

4 years agoUse gnu installation directories
Sam hartman [Fri, 23 Jan 2015 20:12:08 +0000 (20:12 +0000)]
Use gnu installation directories

4 years agoUse template for nullify to avoid aliasing issue.
Sam Hartman [Fri, 23 Jan 2015 19:52:11 +0000 (14:52 -0500)]
Use template for nullify to avoid aliasing issue.

4 years agoPut a max version in, because browser compatibility checks fail without it. They...
Mark Donnelly [Thu, 21 May 2015 18:12:09 +0000 (14:12 -0400)]
Put a max version in, because browser compatibility checks fail without it. They succeed, even if the browser version is less than your current browser version.

4 years agoMerge branch 'master' of ssh://moonshot.suchdamage.org/srv/git/gssweb
Mark Donnelly [Wed, 13 May 2015 10:42:10 +0000 (06:42 -0400)]
Merge branch 'master' of ssh://moonshot.suchdamage.org/srv/git/gssweb

4 years agoLocal packaging for firefox add-on.
Mark Donnelly [Wed, 13 May 2015 10:34:37 +0000 (06:34 -0400)]
Local packaging for firefox add-on.

The firefox add-on used to be dependant on the Mozilla add-on SDK, but this SDK did not work with the build process.  Instead, we have now added in the files from the addon
SDK packaging, and use a system 'zip' function to bundle it all up.

4 years agoAvoid copying the chrome encryption key during build
Mark Donnelly [Wed, 13 May 2015 10:32:54 +0000 (06:32 -0400)]
Avoid copying the chrome encryption key during build

4 years agoAdd firefox and chrome extensions to win-build.bat
Kevin Wasserman [Thu, 30 Apr 2015 15:29:33 +0000 (11:29 -0400)]
Add firefox and chrome extensions to win-build.bat

4 years agoMove util_ files into utils directory, move main.cpp into src
Margaret Wasserman [Tue, 28 Apr 2015 19:32:15 +0000 (15:32 -0400)]
Move util_ files into utils directory, move main.cpp into src

4 years agobuild chrom crx on windows
Kevin Wasserman [Mon, 27 Apr 2015 13:24:00 +0000 (09:24 -0400)]
build chrom crx on windows

4 years agoDisable browser subtrees on windows until they build
Kevin Wasserman [Tue, 21 Apr 2015 19:03:50 +0000 (15:03 -0400)]
Disable browser subtrees on windows until they build

4 years agoRemove abandoned approach to make chrome package; reformat for readability
Mark Donnelly [Fri, 10 Apr 2015 20:59:40 +0000 (16:59 -0400)]
Remove abandoned approach to make chrome package; reformat for readability

4 years agoPackage a firefox .xpi file
Mark Donnelly [Fri, 10 Apr 2015 20:53:12 +0000 (16:53 -0400)]
Package a firefox .xpi file

Add CMakeFile.txt commands to create an .xpi file, using the addon-sdk's cfx command.

4 years agoPackage the Chrome files into a .crx bundle.
Mark Donnelly [Thu, 9 Apr 2015 20:52:12 +0000 (16:52 -0400)]
Package the Chrome files into a .crx bundle.

Running cmake over the top level directory will now create a set of makefiles that will recurse not only to json_gssapi, but also to browsers/chrome.  As a result, ${build}/browsers/chrome/gssweb.crx is now built.

Note that this requires a file, 'chrome.pem', to exist in the top-level directory.  This file contains encryption keying.

4 years agoSample JSON GSS message should not be in git
Mark Donnelly [Wed, 8 Apr 2015 14:51:16 +0000 (10:51 -0400)]
Sample JSON GSS message should not be in git

4 years agoRemoving unused files
Mark Donnelly [Wed, 8 Apr 2015 14:49:39 +0000 (10:49 -0400)]
Removing unused files

4 years agoRemove a wasted check of XMLHttpResponse state
Mark Donnelly [Thu, 2 Apr 2015 21:31:15 +0000 (17:31 -0400)]
Remove a wasted check of XMLHttpResponse state

The state was checked immediately after the send() call - which yields unpredictable results because of the inherent multithreading - and then does nothing more than log a message about it.  So, this winds up logging error messages at times when everything is perfectly fine, but doesn't recover from any sort of error.

4 years agoRemove duplicate contentscript.js file from chrome section.
Margaret Wasserman [Thu, 2 Apr 2015 18:10:50 +0000 (14:10 -0400)]
Remove duplicate contentscript.js file from chrome section.

4 years agoAdd copyright to browser plug-in file, finish code reorg and cleanup.
Margaret Wasserman [Thu, 2 Apr 2015 18:07:40 +0000 (14:07 -0400)]
Add copyright to browser plug-in file, finish code reorg and cleanup.

4 years agoFinish cleanup of firefox files, create common contentscript.js, remove empty and...
Margaret Wasserman [Thu, 2 Apr 2015 17:46:31 +0000 (13:46 -0400)]
Finish cleanup of firefox files, create common contentscript.js, remove empty and unused file.

4 years agoChange name of navigator.gssEap.js in chrome scripts, remove gssweb_utils.js.
Margaret Wasserman [Thu, 2 Apr 2015 15:32:24 +0000 (11:32 -0400)]
Change name of navigator.gssEap.js in chrome scripts, remove gssweb_utils.js.

4 years agoRemove duplicated navigator js file from chrome/app directory.
Margaret Wasserman [Thu, 2 Apr 2015 15:25:49 +0000 (11:25 -0400)]
Remove duplicated navigator js file from chrome/app directory.

4 years agoCreate browsers directory and browsers/common for common navigator.gssEap.js, move...
Margaret Wasserman [Thu, 2 Apr 2015 15:24:35 +0000 (11:24 -0400)]
Create browsers directory and browsers/common for common navigator.gssEap.js, move browser code under browsers.

4 years agoVersion and install for library
Sam Hartman [Wed, 21 Jan 2015 19:41:27 +0000 (14:41 -0500)]
Version and install for library

* Establish a SOVERSION target property so we get correct .so links

* Include CMAKE_LIBRARY_ARCHITECTURE for Debian and Ubuntu multiarch.

4 years agoAdd top-level cmake file for packaging.
Sam Hartman [Wed, 21 Jan 2015 18:35:27 +0000 (13:35 -0500)]
Add top-level cmake file for packaging.

Update existing cmake configuration to permit running cmake from top.

4 years agofix windows dll name
Kevin Wasserman [Thu, 15 Jan 2015 20:11:38 +0000 (15:11 -0500)]
fix windows dll name

4 years agoAdd KRB5_CALLCONV decorator
Kevin Wasserman [Thu, 15 Jan 2015 18:19:46 +0000 (13:19 -0500)]
Add KRB5_CALLCONV decorator

Also improve type safety

4 years agoadd 'what' parameter on error
Kevin Wasserman [Thu, 15 Jan 2015 18:17:36 +0000 (13:17 -0500)]
add 'what' parameter on error

4 years agotarget x86, not x64 in win-build.bat
Kevin Wasserman [Thu, 8 Jan 2015 21:59:09 +0000 (16:59 -0500)]
target x86, not x64 in win-build.bat

4 years agoSupport both x86 and x64 targets on Windows
Kevin Wasserman [Thu, 8 Jan 2015 21:57:40 +0000 (16:57 -0500)]
Support both x86 and x64 targets on Windows

4 years agofix signed/unsigned warning
Kevin Wasserman [Thu, 8 Jan 2015 21:45:28 +0000 (16:45 -0500)]
fix signed/unsigned warning

4 years agouse _read() instead of read() on windows
Kevin Wasserman [Tue, 6 Jan 2015 13:16:51 +0000 (08:16 -0500)]
use _read() instead of read() on windows

4 years agowindows fix main.cpp for windows chrome
Kevin Wasserman [Tue, 23 Dec 2014 19:01:22 +0000 (14:01 -0500)]
windows fix main.cpp for windows chrome

4 years agoChange chrome to match the camelCase navigator.gssEap
Mark Donnelly [Tue, 13 Jan 2015 14:30:48 +0000 (09:30 -0500)]
Change chrome to match the camelCase navigator.gssEap

During the firefox development we opted to standardize on camelCase for navigator.gssEap, but forgot
to update the provided object from the chrome library here, so the tester, etc., broke.

4 years agoinstall jsongssapi shared libray
Kevin Wasserman [Mon, 22 Dec 2014 20:55:21 +0000 (15:55 -0500)]
install jsongssapi shared libray

4 years agoAdd error handling for sending POSTs.
Margaret Wasserman [Tue, 16 Dec 2014 21:20:51 +0000 (16:20 -0500)]
Add error handling for sending POSTs.

4 years agoRename gss_eap to gssEap in calling functions
Mark Donnelly [Fri, 5 Dec 2014 19:21:38 +0000 (14:21 -0500)]
Rename gss_eap to gssEap in calling functions

4 years agoGSS now works for Firefox!
Mark Donnelly [Thu, 4 Dec 2014 17:50:23 +0000 (12:50 -0500)]
GSS now works for Firefox!

* Change main.js to load gssweb.contentscript.js intead of navigator.gss.js

* Make some attempts to convert gssweb.contentscript.js into something that
  will work on both Chrome/Chromium and Firefox

* GSS Calls now work in firefox!
  ... authenticate doesn't yet work, because Firefox sends its content-type
       with a character encoding
       ("application/x-www-form-urlencoded; Charset: UTF-8) which causes the
       apache module problems with double-freeing memory, but that's a problem
       for a different commit.

4 years agoRemoved no longer needed console logging upon bootup.
Mark Donnelly [Wed, 3 Dec 2014 21:42:41 +0000 (16:42 -0500)]
Removed no longer needed console logging upon bootup.

4 years agoRequests originating in content scripts now generate responses to the content scripts
Mark Donnelly [Wed, 3 Dec 2014 21:26:56 +0000 (16:26 -0500)]
Requests originating in content scripts now generate responses to the content scripts

4 years agoPassing messages between the add-on and the content script
Mark Donnelly [Wed, 3 Dec 2014 20:52:49 +0000 (15:52 -0500)]
Passing messages between the add-on and the content script

4 years agoRename 'xpi' to 'firefox' for better clarity
Mark Donnelly [Wed, 3 Dec 2014 20:51:32 +0000 (15:51 -0500)]
Rename 'xpi' to 'firefox' for better clarity

4 years agoHandle errors of garbled JSON sent to the native host
Mark Donnelly [Wed, 3 Dec 2014 17:28:52 +0000 (12:28 -0500)]
Handle errors of garbled JSON sent to the native host

4 years agoGet the navigator.gss_eap object to appear on firefox
Mark Donnelly [Wed, 3 Dec 2014 17:24:01 +0000 (12:24 -0500)]
Get the navigator.gss_eap object to appear on firefox

4 years agoWaypoint towards trying to get Firefox communication with native code. Not currently...
Mark Donnelly [Mon, 1 Dec 2014 16:13:36 +0000 (11:13 -0500)]
Waypoint towards trying to get Firefox communication with native code.  Not currently useful.

4 years agoinclude string.h for strdup
Kevin Wasserman [Sat, 29 Nov 2014 14:05:43 +0000 (09:05 -0500)]
include string.h for strdup

4 years agoFixup new firefox entrypoints for windows
Kevin Wasserman [Sat, 29 Nov 2014 13:54:38 +0000 (08:54 -0500)]
Fixup new firefox entrypoints for windows

4 years agoSilence errors when assigning random values to test data
Mark Donnelly [Wed, 26 Nov 2014 18:45:25 +0000 (13:45 -0500)]
Silence errors when assigning random values to test data

4 years agoRefactor Chrome entrypoint to funnel through the FF entrypoint
Mark Donnelly [Wed, 26 Nov 2014 17:21:05 +0000 (12:21 -0500)]
Refactor Chrome entrypoint to funnel through the FF entrypoint

4 years agoA thought of new exception handling; add entrypoint for FireFox
Mark Donnelly [Wed, 26 Nov 2014 17:20:07 +0000 (12:20 -0500)]
A thought of new exception handling; add entrypoint for FireFox

4 years agoStart work on firefox support
Mark Donnelly [Wed, 26 Nov 2014 17:18:52 +0000 (12:18 -0500)]
Start work on firefox support

4 years agoEnable -Wall -Werror with GCC; fix warnings
Kevin Wasserman [Tue, 25 Nov 2014 21:48:23 +0000 (16:48 -0500)]
Enable -Wall -Werror with GCC; fix warnings

4 years agoTreat warnings as errors on windows
Kevin Wasserman [Tue, 25 Nov 2014 21:24:09 +0000 (16:24 -0500)]
Treat warnings as errors on windows

4 years agoFix integer precision warnings
Kevin Wasserman [Tue, 25 Nov 2014 18:05:16 +0000 (13:05 -0500)]
Fix integer precision warnings

4 years agofix unreferencd local parameter warning
Kevin Wasserman [Tue, 25 Nov 2014 17:08:15 +0000 (12:08 -0500)]
fix unreferencd local parameter warning

4 years agofix int to size_t warnings in GSSBuffer
Kevin Wasserman [Tue, 25 Nov 2014 16:32:31 +0000 (11:32 -0500)]
fix int to size_t warnings in GSSBuffer

4 years agoInclude dependency on pthreads
Mark Donnelly [Tue, 25 Nov 2014 16:24:03 +0000 (11:24 -0500)]
Include dependency on pthreads

4 years agoInherit from GSSCommand publicly, rather than privately.
Mark Donnelly [Tue, 25 Nov 2014 16:11:37 +0000 (11:11 -0500)]
Inherit from GSSCommand publicly, rather than privately.

The code to process commands from the user interface relies on the inheritance from the GSSCommand interface, which doesn't work if that inheritance is private.

4 years agoRemove calls to GSSCommand constructor from derived classes
Mark Donnelly [Tue, 25 Nov 2014 15:56:27 +0000 (10:56 -0500)]
Remove calls to GSSCommand constructor from derived classes

The GSSCommand class has evolved into little more than an interface, and calls to its constructor from its derived classes were all implemented incorrectly anyway.  This change removes the calls to the constructor from the remaining inheriting classes: GSSAcquireCred, GSSImportName, GSSInitSecContext, and GSSPseudoRandom.

4 years agoUse location.hostname as part of the name of the other end; reorder calls for debugga...
Mark Donnelly [Mon, 24 Nov 2014 21:07:15 +0000 (16:07 -0500)]
Use location.hostname as part of the name of the other end; reorder calls for debuggability.

The location.host includes the port number in the URL, if specified; the hostname does not.
The reordering of calls makes it easier to tell whether the crash is happening during a 200/Success or 401/Unauthorized response.

4 years agoAdd win-build.bat for buildbot
Kevin Wasserman [Mon, 24 Nov 2014 18:04:15 +0000 (13:04 -0500)]
Add win-build.bat for buildbot

4 years agoAdd importname.txt which is a simple single-command
Kevin Wasserman [Thu, 20 Nov 2014 14:33:49 +0000 (09:33 -0500)]
Add importname.txt which is a simple single-command

useful for testing on windows

4 years agoOn windows, change json_gssapi.exe to take filepath as arg
Kevin Wasserman [Thu, 20 Nov 2014 14:30:35 +0000 (09:30 -0500)]
On windows, change json_gssapi.exe to take filepath as arg

Reads entire file as a single command

4 years agoNo unistd.h in windows
Kevin Wasserman [Fri, 7 Nov 2014 11:29:33 +0000 (06:29 -0500)]
No unistd.h in windows

4 years agoSupport for windows builds
Kevin Wasserman [Fri, 7 Nov 2014 02:47:00 +0000 (21:47 -0500)]
Support for windows builds

4 years agodisable unit tests on windows
Kevin Wasserman [Fri, 7 Nov 2014 02:45:36 +0000 (21:45 -0500)]
disable unit tests on windows

4 years agoadd util_base64 and util_random
Kevin Wasserman [Fri, 7 Nov 2014 16:25:06 +0000 (11:25 -0500)]
add util_base64 and util_random

4 years agoAdd cast to eliminate msvc warning
Kevin Wasserman [Thu, 6 Nov 2014 18:17:44 +0000 (13:17 -0500)]
Add cast to eliminate msvc warning

4 years agoRemove redundant definition of gss_imp_name_type
Kevin Wasserman [Thu, 6 Nov 2014 18:15:31 +0000 (13:15 -0500)]
Remove redundant definition of gss_imp_name_type

4 years agotake mit-krb5 out of include path
Kevin Wasserman [Thu, 6 Nov 2014 18:01:31 +0000 (13:01 -0500)]
take mit-krb5 out of include path

4 years agoAdd KRB5_CALLCONV decoration where required
Kevin Wasserman [Thu, 6 Nov 2014 18:00:01 +0000 (13:00 -0500)]
Add KRB5_CALLCONV decoration where required

4 years agoDon't try to free() gss_OID's
Kevin Wasserman [Thu, 20 Nov 2014 22:35:28 +0000 (17:35 -0500)]
Don't try to free() gss_OID's

4 years agoDon't return pointers to memory held by local std::string buffers
Kevin Wasserman [Thu, 20 Nov 2014 22:32:37 +0000 (17:32 -0500)]
Don't return pointers to memory held by local std::string buffers

4 years agoFix type to eliminate compile error
Kevin Wasserman [Thu, 20 Nov 2014 22:12:18 +0000 (17:12 -0500)]
Fix type to eliminate compile error

4 years agoUpdate tests to deal with GSSCommand objects now taking only the 'argument' part...
Mark Donnelly [Thu, 20 Nov 2014 19:52:38 +0000 (14:52 -0500)]
Update tests to deal with GSSCommand objects now taking only the 'argument' part of the input JSON

4 years agoMerge branch 'master' of ssh://moonshot.suchdamage.org/srv/git/gssweb
Mark Donnelly [Thu, 20 Nov 2014 19:44:59 +0000 (14:44 -0500)]
Merge branch 'master' of ssh://moonshot.suchdamage.org/srv/git/gssweb

4 years agoUpdate tests to deal with GSSCommand objects now taking only the 'argument' part...
Mark Donnelly [Thu, 20 Nov 2014 19:44:53 +0000 (14:44 -0500)]
Update tests to deal with GSSCommand objects now taking only the 'argument' part of the input JSON

4 years agoNul-terminate gss_buffer contents to work around krb5 bug
Kevin Wasserman [Thu, 20 Nov 2014 15:48:29 +0000 (10:48 -0500)]
Nul-terminate gss_buffer contents to work around krb5 bug