*/
gss_eap_attr_ctx::gss_eap_attr_ctx(void)
{
+ m_flags = 0;
+
for (unsigned int i = ATTR_TYPE_MIN; i <= ATTR_TYPE_MAX; i++) {
gss_eap_attr_provider *provider;
} else {
provider = NULL;
}
-
+
m_providers[i] = provider;
}
}
return &gssEapAttrPrefixes[type];
}
+bool
+gss_eap_attr_ctx::providerEnabled(unsigned int type) const
+{
+ if (type == ATTR_TYPE_LOCAL &&
+ (m_flags & ATTR_FLAG_DISABLE_LOCAL))
+ return false;
+
+ if (m_providers[type] == NULL)
+ return false;
+
+ return true;
+}
+
+void
+gss_eap_attr_ctx::releaseProvider(unsigned int type)
+{
+ delete m_providers[type];
+ m_providers[type] = NULL;
+}
+
/*
* Initialize a context from an existing context.
*/
{
bool ret = true;
+ m_flags = manager->m_flags;
+
for (unsigned int i = ATTR_TYPE_MIN; i <= ATTR_TYPE_MAX; i++) {
- gss_eap_attr_provider *provider = m_providers[i];
+ gss_eap_attr_provider *provider;
- if (provider == NULL)
+ if (!providerEnabled(i)) {
+ releaseProvider(i);
continue;
+ }
+
+ provider = m_providers[i];
ret = provider->initFromExistingContext(this,
manager->m_providers[i]);
- if (ret == false)
+ if (ret == false) {
+ releaseProvider(i);
break;
+ }
}
return ret;
{
bool ret = true;
+ if (cred != GSS_C_NO_CREDENTIAL &&
+ (cred->flags & GSS_EAP_DISABLE_LOCAL_ATTRS_FLAG)) {
+ m_flags |= ATTR_FLAG_DISABLE_LOCAL;
+ }
+
for (unsigned int i = ATTR_TYPE_MIN; i <= ATTR_TYPE_MAX; i++) {
- gss_eap_attr_provider *provider = m_providers[i];
+ gss_eap_attr_provider *provider;
- if (provider == NULL)
+ if (!providerEnabled(i)) {
+ releaseProvider(i);
continue;
+ }
+
+ provider = m_providers[i];
ret = provider->initFromGssContext(this, cred, ctx);
- if (ret == false)
+ if (ret == false) {
+ releaseProvider(i);
break;
+ }
}
return ret;
{
bool ret;
gss_eap_attr_provider *primaryProvider = getPrimaryProvider();
+ gss_buffer_desc primaryBuf;
+
+ if (buffer->length < 4)
+ return false;
- ret = primaryProvider->initFromBuffer(this, buffer);
+ m_flags = load_uint32_be(buffer->value);
+
+ primaryBuf.length = buffer->length - 4;
+ primaryBuf.value = (char *)buffer->value + 4;
+
+ ret = primaryProvider->initFromBuffer(this, &primaryBuf);
if (ret == false)
return ret;
for (unsigned int i = ATTR_TYPE_MIN; i <= ATTR_TYPE_MAX; i++) {
- gss_eap_attr_provider *provider = m_providers[i];
+ gss_eap_attr_provider *provider;
+ if (!providerEnabled(i)) {
+ releaseProvider(i);
+ continue;
+ }
+
+ provider = m_providers[i];
if (provider == primaryProvider)
continue;
ret = provider->initFromGssContext(this,
GSS_C_NO_CREDENTIAL,
GSS_C_NO_CONTEXT);
- if (ret == false)
+ if (ret == false) {
+ releaseProvider(i);
break;
+ }
}
return ret;
gss_eap_attr_provider *
gss_eap_attr_ctx::getPrimaryProvider(void) const
{
- return m_providers[ATTR_TYPE_RADIUS];
+ return m_providers[ATTR_TYPE_MIN];
}
/*
void
gss_eap_attr_ctx::exportToBuffer(gss_buffer_t buffer) const
{
- getPrimaryProvider()->exportToBuffer(buffer);
+ const gss_eap_attr_provider *primaryProvider = getPrimaryProvider();
+ gss_buffer_desc tmp;
+ unsigned char *p;
+ OM_uint32 tmpMinor;
+
+ primaryProvider->exportToBuffer(&tmp);
+
+ buffer->length = 4 + tmp.length;
+ buffer->value = GSSEAP_MALLOC(buffer->length);
+ if (buffer->value == NULL)
+ throw new std::bad_alloc;
+
+ p = (unsigned char *)buffer->value;
+ store_uint32_be(m_flags, p);
+ memcpy(p + 4, tmp.value, tmp.length);
+
+ gss_release_buffer(&tmpMinor, &tmp);
}
/*
return GSS_S_COMPLETE;
}
-OM_uint32
-gssEapAttrProvidersInit(OM_uint32 *minor)
-{
- try {
- if (gss_eap_radius_attr_provider::init() &&
- gss_eap_saml_assertion_provider::init() &&
- gss_eap_saml_attr_provider::init() &&
- gss_eap_shib_attr_provider::init())
- return GSS_S_COMPLETE;
- } catch (std::exception &e) {
- return mapException(minor, e);
- }
-
- return GSS_S_FAILURE;
-}
-
-OM_uint32
-gssEapAttrProvidersFinalize(OM_uint32 *minor)
-{
- try {
- gss_eap_shib_attr_provider::finalize();
- gss_eap_saml_attr_provider::finalize();
- gss_eap_saml_assertion_provider::finalize();
- gss_eap_radius_attr_provider::finalize();
- } catch (std::exception &e) {
- return mapException(minor, e);
- }
-
- return GSS_S_COMPLETE;
-}
-
/*
* Public accessor for initialisng a context from a GSS context. Also
* sets expiry time on GSS context as a side-effect.