#ifndef _UTIL_ATTR_H_
#define _UTIL_ATTR_H_ 1
+#ifdef __cplusplus
+#include <string>
+
+struct gss_eap_attr_provider;
+struct gss_eap_attr_ctx;
+
+typedef bool
+(*gss_eap_attr_enumeration_cb)(const gss_eap_attr_provider *source,
+ const gss_buffer_t attribute,
+ void *data);
+
#define ATTR_TYPE_RADIUS 0U
#define ATTR_TYPE_SAML_ASSERTION 1U
#define ATTR_TYPE_SAML 2U
#define ATTR_TYPE_LOCAL 3U
#define ATTR_TYPE_MIN ATTR_TYPE_RADIUS
-#define ATTR_TYPE_MAX (ATTR_TYPE_LOCAL + 1U)
-
-#ifdef __cplusplus
-#include <string>
-
-struct gss_eap_attr_ctx;
+#define ATTR_TYPE_MAX ATTR_TYPE_LOCAL
+/*
+ * Attribute provider: this represents a source of attributes derived
+ * from the security context.
+ */
struct gss_eap_attr_provider
{
public:
gss_eap_attr_provider(void) {}
virtual ~gss_eap_attr_provider(void) {}
- virtual bool initFromExistingContext(const gss_eap_attr_ctx *source,
- const gss_eap_attr_provider *ctx)
+ bool initWithManager(const gss_eap_attr_ctx *manager)
{
- m_source = source;
+ m_manager = manager;
return true;
}
- virtual bool initFromGssContext(const gss_eap_attr_ctx *source,
+ virtual bool initFromExistingContext(const gss_eap_attr_ctx *manager,
+ const gss_eap_attr_provider *ctx)
+ {
+ return initWithManager(manager);
+ }
+
+ virtual bool initFromGssContext(const gss_eap_attr_ctx *manager,
const gss_cred_id_t cred,
const gss_ctx_id_t ctx)
{
- m_source = source;
- return true;
+ return initWithManager(manager);
}
- typedef bool
- gss_eap_attr_enumeration_cb(const gss_eap_attr_provider *provider,
- const gss_buffer_t attribute,
- void *data);
-
virtual bool getAttributeTypes(gss_eap_attr_enumeration_cb, void *data) const
{
return false;
virtual void releaseAnyNameMapping(gss_buffer_t type_id,
gss_any_t input) const {}
- virtual void marshall(gss_buffer_t buffer) const {}
- virtual bool unmarshall(const gss_eap_attr_ctx *ctx,
- const gss_buffer_t buffer) { return false; }
+ virtual void exportToBuffer(gss_buffer_t buffer) const {}
+ virtual bool initFromBuffer(const gss_eap_attr_ctx *manager,
+ const gss_buffer_t buffer)
+ {
+ return initWithManager(manager);
+ }
+
+ virtual time_t getExpiryTime(void) const { return 0; }
static bool init() { return true; }
static void finalize() {}
static gss_eap_attr_provider *createAttrContext(void) { return NULL; }
protected:
- const gss_eap_attr_ctx *m_source;
+ const gss_eap_attr_ctx *m_manager;
+
+private:
+ /* make non-copyable */
+ gss_eap_attr_provider(const gss_eap_attr_provider&);
+ gss_eap_attr_provider& operator=(const gss_eap_attr_provider&);
};
-typedef gss_eap_attr_provider *(*gss_eap_attr_create_factory)(void);
+typedef gss_eap_attr_provider *(*gss_eap_attr_create_provider)(void);
-struct gss_eap_attr_ctx : gss_eap_attr_provider
+/*
+ * Attribute context: this manages a set of providers for a given
+ * security context.
+ */
+struct gss_eap_attr_ctx
{
public:
- gss_eap_attr_ctx(void) {}
+ gss_eap_attr_ctx(void);
~gss_eap_attr_ctx(void);
- bool initFromExistingContext(const gss_eap_attr_ctx *source,
- const gss_eap_attr_provider *ctx);
- bool initFromGssContext(const gss_eap_attr_ctx *source,
- const gss_cred_id_t cred,
+ bool initFromExistingContext(const gss_eap_attr_ctx *manager);
+ bool initFromGssContext(const gss_cred_id_t cred,
const gss_ctx_id_t ctx);
- static gss_eap_attr_ctx *createAttrContext(void);
-
bool getAttributeTypes(gss_eap_attr_enumeration_cb, void *data) const;
bool getAttributeTypes(gss_buffer_set_t *attrs);
void releaseAnyNameMapping(gss_buffer_t type_id,
gss_any_t input) const;
- void marshall(gss_buffer_t buffer) const;
- bool unmarshall(const gss_eap_attr_ctx *ctx,
- const gss_buffer_t buffer);
- static bool init();
- static void finalize();
+ void exportToBuffer(gss_buffer_t buffer) const;
+ bool initFromBuffer(const gss_buffer_t buffer);
static unsigned int
attributePrefixToType(const gss_buffer_t prefix);
gss_eap_attr_provider *getProvider(unsigned int type) const;
gss_eap_attr_provider *getProvider(const gss_buffer_t prefix) const;
+ static void
+ registerProvider(unsigned int type,
+ const char *prefix,
+ gss_eap_attr_create_provider factory);
+ static void
+ unregisterProvider(unsigned int type);
+
+ time_t getExpiryTime(void) const;
+
private:
- gss_eap_attr_provider *m_providers[ATTR_TYPE_MAX];
+ gss_eap_attr_provider *getPrimaryProvider(void) const;
+
+ /* make non-copyable */
+ gss_eap_attr_ctx(const gss_eap_attr_ctx&);
+ gss_eap_attr_ctx& operator=(const gss_eap_attr_ctx&);
+
+ gss_eap_attr_provider *m_providers[ATTR_TYPE_MAX + 1];
};
+#endif /* __cplusplus */
+
#include "util_radius.h"
#include "util_saml.h"
#include "util_shib.h"
+#ifdef __cplusplus
+
#include <string>
#include <new>
extern "C" {
#endif
+/*
+ * C wrappers for attribute context functions. These match their
+ * GSS naming extension equivalents. The caller is required to
+ * obtain the name mutex.
+ */
+
struct gss_eap_attr_ctx *
gssEapCreateAttrContext(gss_cred_id_t acceptorCred,
gss_ctx_id_t acceptorCtx);
projects / mech_eap.orig / blobdiff