2 * Copyright (c) 2014, JANET(UK)
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
16 * 3. Neither the name of JANET(UK) nor the names of its contributors
17 * may be used to endorse or promote products derived from this software
18 * without specific prior written permission.
20 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
21 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
22 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
23 * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
24 * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
25 * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
26 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
27 * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
29 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
30 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
31 * OF THE POSSIBILITY OF SUCH DAMAGE.
35 #include "GSSAcquireCred.h"
36 #include "GSSException.h"
37 #include <cache/GSSNameCache.h>
41 GSSAcquireCred::GSSAcquireCred(gss_acq_cred_type fn) : function(fn)
43 desired_name = GSS_C_NO_NAME;
44 desiredMechs.addOID( GSSOID((char *)"{ 1 3 6 1 5 5 15 1 1 18 }") );
47 GSSAcquireCred::GSSAcquireCred ( const GSSAcquireCred& other )
52 GSSAcquireCred::~GSSAcquireCred()
57 GSSAcquireCred::GSSAcquireCred (
60 ) : GSSCommand ( params )
66 loadParameters(params);
73 bool GSSAcquireCred::loadParameters(JSONObject *params)
76 std::string sCredUsage;
84 // Easy stuff(*params)
85 this->time_req = (*params)["time_req"].integer();
90 if ( ! params->get("cred_usage").isNull() )
92 if (params->get("cred_usage").isString())
94 sCredUsage = params->get("cred_usage").string();
95 if (sCredUsage == "GSS_C_BOTH")
96 this->cred_usage = GSS_C_BOTH;
97 else if (sCredUsage == "GSS_C_INITIATE")
98 this->cred_usage = GSS_C_INITIATE;
99 else if (sCredUsage == "GSS_C_ACCEPT")
100 this->cred_usage = GSS_C_ACCEPT;
102 throw std::invalid_argument( std::string("Invalid cred_usage type given: ") + sCredUsage );
103 } else if (params->get("cred_usage").isInteger())
104 this->cred_usage = (gss_cred_usage_t)( params->get("cred_usage").integer() );
106 throw std::invalid_argument( "Unrecognized argument type for cred_usage." );
112 if ( ! params->get("desired_mechs").isNull() )
114 if ( params->get("desired_mechs").isArray() )
116 for (nDesiredMechs = 0;
117 nDesiredMechs < params->get("desired_mechs").size();
120 std::string mechStr = params->get("desired_mechs")[nDesiredMechs].string();
121 desiredMechs.addOID( GSSOID(mechStr).toGss() );
124 throw std::invalid_argument("Unrecognized desired_mechs array.");
130 if ( ! params->get("desired_name").isNull() )
132 std::string key = params->get("desired_name").string();
133 this->desired_name = GSSNameCache::instance()->retrieve(key);
144 void GSSAcquireCred::execute()
147 gss_cred_id_t output_cred_handle;
148 gss_OID_set actual_mechs;
153 this->retVal = function(
155 this->desired_name.toGss(),
157 this->desiredMechs.toGss(),
164 if (GSS_ERROR(this->retVal) )
166 std::string err("Error acquiring credential for user '");
167 err += desired_name.toString();
169 throw GSSException(err, this->retVal, this->minor_status);
172 this->cred.setValue(output_cred_handle);
173 this->actualMechs = actual_mechs;
179 /* Desired JSON output:
184 * "cred_handle": "###########",
192 JSONObject *GSSAcquireCred::toJSON()
195 JSONObject *values = new JSONObject();
205 values->set("major_status", this->retVal);
206 values->set("minor_status", this->minor_status);
207 values->set("time_rec", (int)this->time_rec );
209 // Objects that generate their own JSONObject
210 temp = this->cred.toJSONValue();
211 values->set("output_cred_handle", *temp );
213 temp = this->actualMechs.toJSONValue();
214 values->set("actual_mechs", *temp);