};
gss_eap_attr_ctx *
-gss_eap_attr_ctx::createAttrContext(gss_cred_id_t gssCred,
- gss_ctx_id_t gssCtx)
+gss_eap_attr_ctx::createAttrContext(void)
{
gss_eap_attr_ctx *ctx;
- ctx = new gss_eap_attr_ctx(NULL, gssCred, gssCtx);
+ ctx = new gss_eap_attr_ctx;
for (unsigned int i = 0; i < ATTR_TYPE_MAX; i++) {
gss_eap_attr_provider *provider;
- provider = (gss_eap_attr_factories[i])(ctx, gssCred, gssCtx);
+ provider = (gss_eap_attr_factories[i])();
if (provider != NULL)
ctx->m_providers[i] = provider;
}
return ctx;
}
+bool
+gss_eap_attr_ctx::initFromExistingContext(const gss_eap_attr_ctx *source,
+ const gss_eap_attr_provider *ctx)
+{
+ if (!gss_eap_attr_provider::initFromExistingContext(this, ctx))
+ return false;
+
+ for (unsigned int i = 0; i < ATTR_TYPE_MAX; i++) {
+ gss_eap_attr_provider *provider;
+
+ provider = m_providers[i];
+ if (provider != NULL) {
+ if (!provider->initFromExistingContext(this, provider))
+ return false;
+ }
+ }
+
+ return true;
+}
+
+bool
+gss_eap_attr_ctx::initFromGssContext(const gss_eap_attr_ctx *source,
+ const gss_cred_id_t cred,
+ const gss_ctx_id_t ctx)
+{
+ if (!gss_eap_attr_provider::initFromGssContext(this, cred, ctx))
+ return false;
+
+ for (unsigned int i = 0; i < ATTR_TYPE_MAX; i++) {
+ gss_eap_attr_provider *provider;
+
+ provider = m_providers[i];
+ if (provider != NULL) {
+ if (!provider->initFromGssContext(this, cred, ctx))
+ return false;
+ }
+ }
+
+ return true;
+}
+
gss_eap_attr_ctx::~gss_eap_attr_ctx(void)
{
for (unsigned int i = 0; i < ATTR_TYPE_MAX; i++)
return m_providers[type];
}
-gss_eap_attr_ctx::gss_eap_attr_ctx(const gss_eap_attr_ctx &ctx)
- : gss_eap_attr_provider(ctx)
-{
- for (unsigned int i = 0; i < ATTR_TYPE_MAX; i++) {
- if (ctx.m_providers[i] != NULL) {
- m_providers[i] = (gss_eap_attr_factories[i])(&ctx,
- GSS_C_NO_CREDENTIAL,
- GSS_C_NO_CONTEXT);
- }
- }
-}
-
void
gss_eap_attr_ctx::setAttribute(int complete,
const gss_buffer_t attr,
gss_eap_attr_ctx::unmarshall(const gss_eap_attr_ctx *ctx,
const gss_buffer_t buffer)
{
- int i;
+ unsigned int i;
for (i = 0; i < ATTR_TYPE_MAX; i++) {
gss_eap_attr_provider *provider = m_providers[i];
-
}
}
gss_name_t out)
{
try {
- if (in->attrCtx != NULL)
- out->attrCtx = new gss_eap_attr_ctx(*(in->attrCtx));
- else
+ if (in->attrCtx != NULL) {
+ gss_eap_attr_ctx *ctx = new gss_eap_attr_ctx;
+
+ out->attrCtx = new gss_eap_attr_ctx;
+ if (!ctx->initFromExistingContext(NULL, in->attrCtx)) {
+ delete ctx;
+ return GSS_S_FAILURE;
+ }
+ out->attrCtx = ctx;
+ } else
out->attrCtx = NULL;
} catch (std::exception &e) {
return mapException(minor, e);
}
struct gss_eap_attr_ctx *
-gssEapCreateAttrContext(gss_cred_id_t cred,
- gss_ctx_id_t ctx)
+gssEapCreateAttrContext(gss_cred_id_t gssCred,
+ gss_ctx_id_t gssCtx)
{
- assert(ctx != GSS_C_NO_CONTEXT);
- return gss_eap_attr_ctx::createAttrContext(cred, ctx);
+ gss_eap_attr_ctx *ctx;
+
+ ctx = gss_eap_attr_ctx::createAttrContext();
+ if (!ctx->initFromGssContext(NULL, gssCred, gssCtx)) {
+ delete ctx;
+ return NULL;
+ }
+
+ return ctx;
}
struct gss_eap_attr_provider
{
public:
- gss_eap_attr_provider(const gss_eap_attr_ctx *ctx,
- gss_cred_id_t acceptorCred = GSS_C_NO_CREDENTIAL,
- gss_ctx_id_t acceptorCtx = GSS_C_NO_CONTEXT)
+ gss_eap_attr_provider(void) {}
+ virtual ~gss_eap_attr_provider(void) {}
+
+ virtual bool initFromExistingContext(const gss_eap_attr_ctx *source,
+ const gss_eap_attr_provider *ctx)
{
- m_source = ctx;
+ m_source = source;
+ return true;
}
- gss_eap_attr_provider(const gss_eap_attr_provider &ctx) {}
- virtual ~gss_eap_attr_provider(void) {}
+ virtual bool initFromGssContext(const gss_eap_attr_ctx *source,
+ const gss_cred_id_t cred,
+ const gss_ctx_id_t ctx)
+ {
+ m_source = source;
+ return true;
+ }
typedef bool
gss_eap_attr_enumeration_cb(const gss_eap_attr_provider *provider,
static bool init() { return true; }
static void finalize() {}
- static gss_eap_attr_provider *
- createAttrContext(const gss_eap_attr_ctx *ctx,
- gss_cred_id_t acceptorCred,
- gss_ctx_id_t acceptorCtx) { return NULL; }
+ static gss_eap_attr_provider *createAttrContext(void) { return NULL; }
protected:
const gss_eap_attr_ctx *m_source;
};
-typedef gss_eap_attr_provider * (*gss_eap_attr_create_cb)(
- const gss_eap_attr_ctx *ctx,
- gss_cred_id_t acceptorCred,
- gss_ctx_id_t acceptorCtx);
+typedef gss_eap_attr_provider *(*gss_eap_attr_create_cb)(void);
struct gss_eap_attr_ctx : gss_eap_attr_provider
{
public:
- gss_eap_attr_ctx(const gss_eap_attr_ctx *ctx,
- gss_cred_id_t acceptorCred,
- gss_ctx_id_t acceptorCtx) :
- gss_eap_attr_provider(ctx, acceptorCred, acceptorCtx) {}
-
- gss_eap_attr_ctx(const gss_eap_attr_ctx &ctx);
-
+ gss_eap_attr_ctx(void) {}
~gss_eap_attr_ctx(void);
- static gss_eap_attr_ctx *createAttrContext(gss_cred_id_t acceptorCred,
- gss_ctx_id_t acceptorCtx);
+ bool initFromExistingContext(const gss_eap_attr_ctx *source,
+ const gss_eap_attr_provider *ctx);
+ bool initFromGssContext(const gss_eap_attr_ctx *source,
+ const gss_cred_id_t cred,
+ const gss_ctx_id_t ctx);
+
+ static gss_eap_attr_ctx *createAttrContext(void);
bool getAttributeTypes(gss_eap_attr_enumeration_cb, void *data) const;
bool getAttributeTypes(gss_buffer_set_t *attrs);
#include "gssapiP_eap.h"
-gss_eap_radius_attr_provider::gss_eap_radius_attr_provider(const gss_eap_attr_ctx *ctx,
- gss_cred_id_t gssCred,
- gss_ctx_id_t gssCtx)
- : gss_eap_attr_provider(ctx, gssCred, gssCtx)
+bool
+gss_eap_radius_attr_provider::initFromExistingContext(const gss_eap_attr_ctx *source,
+ const gss_eap_attr_provider *ctx)
{
+ if (!gss_eap_attr_provider::initFromExistingContext(source, ctx))
+ return false;
+
+ return true;
}
-gss_eap_radius_attr_provider::gss_eap_radius_attr_provider(
- const gss_eap_radius_attr_provider &src)
- : gss_eap_attr_provider(src)
+bool
+gss_eap_radius_attr_provider::initFromGssContext(const gss_eap_attr_ctx *source,
+ const gss_cred_id_t gssCred,
+ const gss_ctx_id_t gssCtx)
{
+ if (!gss_eap_attr_provider::initFromGssContext(source, gssCred, gssCtx))
+ return false;
+
+ return true;
}
gss_eap_radius_attr_provider::~gss_eap_radius_attr_provider(void)
}
gss_eap_attr_provider *
-gss_eap_radius_attr_provider::createAttrContext(const gss_eap_attr_ctx *ctx,
- gss_cred_id_t gssCred,
- gss_ctx_id_t gssCtx)
+gss_eap_radius_attr_provider::createAttrContext(void)
{
- return new gss_eap_radius_attr_provider(ctx, gssCred, gssCtx);
+ return new gss_eap_radius_attr_provider;
}
struct gss_eap_radius_attr_provider : gss_eap_attr_provider {
public:
- gss_eap_radius_attr_provider(const gss_eap_attr_ctx *ctx,
- gss_cred_id_t acceptorCred,
- gss_ctx_id_t acceptorCtx);
- gss_eap_radius_attr_provider(const gss_eap_radius_attr_provider &ctx);
+ gss_eap_radius_attr_provider(void) {}
~gss_eap_radius_attr_provider(void);
+ bool initFromExistingContext(const gss_eap_attr_ctx *source,
+ const gss_eap_attr_provider *ctx);
+ bool initFromGssContext(const gss_eap_attr_ctx *source,
+ const gss_cred_id_t cred,
+ const gss_ctx_id_t ctx);
+
bool getAttributeTypes(gss_eap_attr_enumeration_cb, void *data) const;
void setAttribute(int complete,
const gss_buffer_t attr,
static bool init();
static void finalize();
- static gss_eap_attr_provider *
- createAttrContext(const gss_eap_attr_ctx *ctx,
- gss_cred_id_t acceptorCred,
- gss_ctx_id_t acceptorCtx);
+ static gss_eap_attr_provider *createAttrContext(void);
+
private:
};
* gss_eap_saml_assertion_provider is for retrieving the underlying
* assertion.
*/
-gss_eap_saml_assertion_provider::gss_eap_saml_assertion_provider(const gss_eap_attr_ctx *
-ctx)
- : gss_eap_attr_provider(ctx)
+bool
+gss_eap_saml_assertion_provider::initFromExistingContext(const gss_eap_attr_ctx *source,
+ const gss_eap_attr_provider *ctx)
{
/* Then we may be creating from an existing attribute context */
- gss_eap_saml_assertion_provider *saml;
+ const gss_eap_saml_assertion_provider *saml;
- saml = dynamic_cast<gss_eap_saml_assertion_provider *>
- (ctx->getProvider(ATTR_TYPE_SAML_ASSERTION));
- if (saml != NULL)
- setAssertion(saml->getAssertion());
+ if (!gss_eap_attr_provider::initFromExistingContext(source, ctx))
+ return false;
+
+ saml = dynamic_cast<const gss_eap_saml_assertion_provider *>(ctx);
+ setAssertion(saml->getAssertion());
}
-gss_eap_saml_assertion_provider::gss_eap_saml_assertion_provider(const gss_eap_attr_ctx *ctx,
- gss_cred_id_t gssCred,
- gss_ctx_id_t gssCtx)
- : gss_eap_attr_provider(ctx)
+bool
+gss_eap_saml_assertion_provider::initFromGssContext(const gss_eap_attr_ctx *source,
+ const gss_cred_id_t gssCred,
+ const gss_ctx_id_t gssCtx)
{
- gss_eap_radius_attr_provider *radius;
+ const gss_eap_radius_attr_provider *radius;
gss_buffer_desc value = GSS_C_EMPTY_BUFFER;
int authenticated, complete, more = -1;
OM_uint32 minor;
- radius = dynamic_cast<gss_eap_radius_attr_provider *>
- (ctx->getProvider(ATTR_TYPE_RADIUS));
+ if (!gss_eap_attr_provider::initFromGssContext(source, gssCred, gssCtx))
+ return false;
+
+ radius = dynamic_cast<const gss_eap_radius_attr_provider *>
+ (source->getProvider(ATTR_TYPE_RADIUS));
if (radius != NULL &&
radius->getAttribute(512, &authenticated, &complete,
&value, NULL, &more)) {
}
gss_eap_attr_provider *
-gss_eap_saml_assertion_provider::createAttrContext(const gss_eap_attr_ctx *ctx,
- gss_cred_id_t gssCred,
- gss_ctx_id_t gssCtx)
+gss_eap_saml_assertion_provider::createAttrContext(void)
{
- return new gss_eap_saml_assertion_provider(ctx, gssCred, gssCtx);
+ return new gss_eap_saml_assertion_provider;
}
/*
const saml2::Assertion *
gss_eap_saml_attr_provider::getAssertion(void) const
{
- gss_eap_saml_assertion_provider *saml;
+ const gss_eap_saml_assertion_provider *saml;
- saml = dynamic_cast<gss_eap_saml_assertion_provider *>(m_source->getProvider(ATTR_TYPE_SAML_ASSERTION));
- assert(saml != NULL);
-
- return saml->getAssertion();
-}
+ saml = dynamic_cast<const gss_eap_saml_assertion_provider *>
+ (m_source->getProvider(ATTR_TYPE_SAML_ASSERTION));
+ if (saml != NULL)
+ return saml->getAssertion();
-gss_eap_saml_attr_provider::gss_eap_saml_attr_provider(const gss_eap_attr_ctx *ctx,
- gss_cred_id_t gssCred,
- gss_ctx_id_t gssCtx)
- : gss_eap_attr_provider(ctx, gssCred, gssCtx)
-{
- /* Nothing to do, we're just a wrapper around the assertion provider. */
+ return NULL;
}
gss_eap_saml_attr_provider::~gss_eap_saml_attr_provider(void)
}
gss_eap_attr_provider *
-gss_eap_saml_attr_provider::createAttrContext(const gss_eap_attr_ctx *ctx,
- gss_cred_id_t gssCred,
- gss_ctx_id_t gssCtx)
+gss_eap_saml_attr_provider::createAttrContext(void)
{
- if (gssCtx != GSS_C_NO_CONTEXT)
- return new gss_eap_saml_attr_provider(ctx, gssCred, gssCtx);
- else
- return new gss_eap_saml_attr_provider(ctx);
+ return new gss_eap_saml_attr_provider;
}
struct gss_eap_saml_assertion_provider : gss_eap_attr_provider {
public:
- gss_eap_saml_assertion_provider(const gss_eap_attr_ctx *ctx);
- gss_eap_saml_assertion_provider(const gss_eap_attr_ctx *ctx,
- gss_cred_id_t acceptorCred,
- gss_ctx_id_t acceptorCtx);
-
+ gss_eap_saml_assertion_provider(void) {}
~gss_eap_saml_assertion_provider(void);
+ bool initFromExistingContext(const gss_eap_attr_ctx *source,
+ const gss_eap_attr_provider *ctx);
+ bool initFromGssContext(const gss_eap_attr_ctx *source,
+ const gss_cred_id_t cred,
+ const gss_ctx_id_t ctx);
+
bool getAttributeTypes(gss_eap_attr_enumeration_cb, void *data) const;
void setAttribute(int complete,
const gss_buffer_t attr,
static bool init();
static void finalize();
- static gss_eap_attr_provider *
- createAttrContext(const gss_eap_attr_ctx *ctx,
- gss_cred_id_t acceptorCred,
- gss_ctx_id_t acceptorCtx);
+ static gss_eap_attr_provider *createAttrContext(void);
+
private:
static opensaml::saml2::Assertion *
parseAssertion(const gss_buffer_t buffer);
struct gss_eap_saml_attr_provider : gss_eap_attr_provider {
public:
- gss_eap_saml_attr_provider(const gss_eap_attr_ctx *ctx)
- : gss_eap_attr_provider(ctx) {}
-
- gss_eap_saml_attr_provider(const gss_eap_attr_ctx *ctx,
- gss_cred_id_t acceptorCred,
- gss_ctx_id_t acceptorCtx);
-
+ gss_eap_saml_attr_provider(void) {}
~gss_eap_saml_attr_provider(void);
+#if 0
+ bool initFromExistingContext(const gss_eap_attr_ctx *source,
+ const gss_eap_attr_provider *ctx);
+ bool initFromGssContext(const gss_eap_attr_ctx *source,
+ const gss_cred_id_t cred,
+ const gss_ctx_id_t ctx);
+#endif
+
bool getAttributeTypes(gss_eap_attr_enumeration_cb, void *data) const;
void setAttribute(int complete,
const gss_buffer_t attr,
static bool init();
static void finalize();
- static gss_eap_attr_provider *
- createAttrContext(const gss_eap_attr_ctx *ctx,
- gss_cred_id_t acceptorCred,
- gss_ctx_id_t acceptorCtx);
+ static gss_eap_attr_provider *createAttrContext(void);
+
+private:
};
#endif /* _UTIL_SAML_H_ */
static vector <Attribute *>
duplicateAttributes(const vector <Attribute *>src);
-gss_eap_shib_attr_provider::gss_eap_shib_attr_provider(const gss_eap_attr_ctx *ctx,
- gss_cred_id_t gssCred,
- gss_ctx_id_t gssCtx)
- : gss_eap_attr_provider(ctx, gssCred, gssCtx)
+bool
+gss_eap_shib_attr_provider::initFromExistingContext(const gss_eap_attr_ctx *source,
+ const gss_eap_attr_provider *ctx)
{
- if (gssCtx == GSS_C_NO_CONTEXT) {
- gss_eap_shib_attr_provider *shib;
+ const gss_eap_shib_attr_provider *shib;
- shib = dynamic_cast<gss_eap_shib_attr_provider *>
- (ctx->getProvider(ATTR_TYPE_LOCAL));
- if (shib != NULL)
- m_attributes = duplicateAttributes(shib->m_attributes);
- } else {
- gss_eap_saml_assertion_provider *saml;
- gss_eap_radius_attr_provider *radius;
- gss_buffer_desc nameBuf = GSS_C_EMPTY_BUFFER;
- ShibbolethResolver *resolver = NULL;
- OM_uint32 minor;
+ if (!gss_eap_attr_provider::initFromExistingContext(source, ctx))
+ return false;
- saml = dynamic_cast<gss_eap_saml_assertion_provider *>
- (ctx->getProvider(ATTR_TYPE_SAML_ASSERTION));
- radius = dynamic_cast<gss_eap_radius_attr_provider *>
- (ctx->getProvider(ATTR_TYPE_RADIUS));
+ shib = dynamic_cast<const gss_eap_shib_attr_provider *>(ctx);
+ if (shib != NULL)
+ m_attributes = duplicateAttributes(shib->m_attributes);
- if (radius == NULL)
- return;
+ return true;
+}
- if (gssCred != GSS_C_NO_CREDENTIAL &&
- gss_display_name(&minor, gssCred->name, &nameBuf, NULL) == GSS_S_COMPLETE)
- resolver->setApplicationID((const char *)nameBuf.value);
+bool
+gss_eap_shib_attr_provider::initFromGssContext(const gss_eap_attr_ctx *source,
+ const gss_cred_id_t gssCred,
+ const gss_ctx_id_t gssCtx)
+{
+ const gss_eap_saml_assertion_provider *saml;
+ const gss_eap_radius_attr_provider *radius;
+ gss_buffer_desc nameBuf = GSS_C_EMPTY_BUFFER;
+ ShibbolethResolver *resolver = NULL;
+ OM_uint32 minor;
- if (saml != NULL && saml->getAssertion() != NULL)
- resolver->addToken(saml->getAssertion());
+ if (!gss_eap_attr_provider::initFromGssContext(source, gssCred, gssCtx))
+ return false;
- /* TODO inject RADIUS attribute types */
+ saml = dynamic_cast<const gss_eap_saml_assertion_provider *>
+ (source->getProvider(ATTR_TYPE_SAML_ASSERTION));
+ radius = dynamic_cast<const gss_eap_radius_attr_provider *>
+ (source->getProvider(ATTR_TYPE_RADIUS));
- resolver->resolveAttributes(m_attributes);
+ if (radius == NULL)
+ return true;
- gss_release_buffer(&minor, &nameBuf);
+ if (gssCred != GSS_C_NO_CREDENTIAL &&
+ gss_display_name(&minor, gssCred->name, &nameBuf, NULL) == GSS_S_COMPLETE)
+ resolver->setApplicationID((const char *)nameBuf.value);
- delete resolver;
- }
+ if (saml != NULL && saml->getAssertion() != NULL)
+ resolver->addToken(saml->getAssertion());
+
+ /* TODO inject RADIUS attribute types */
+
+ resolver->resolveAttributes(m_attributes);
+
+ gss_release_buffer(&minor, &nameBuf);
+
+ delete resolver;
+
+ return true;
}
gss_eap_shib_attr_provider::~gss_eap_shib_attr_provider(void)
}
gss_eap_attr_provider *
-gss_eap_shib_attr_provider::createAttrContext(const gss_eap_attr_ctx *ctx,
- gss_cred_id_t gssCred,
- gss_ctx_id_t gssCtx)
+gss_eap_shib_attr_provider::createAttrContext(void)
{
- return new gss_eap_shib_attr_provider(ctx, gssCred, gssCtx);
+ return new gss_eap_shib_attr_provider;
}
static Attribute *
struct gss_eap_shib_attr_provider : gss_eap_attr_provider {
public:
- gss_eap_shib_attr_provider(const gss_eap_attr_ctx *ctx);
- gss_eap_shib_attr_provider(const gss_eap_attr_ctx *ctx,
- gss_cred_id_t acceptorCred,
- gss_ctx_id_t acceptorCtx);
+ gss_eap_shib_attr_provider(void) {}
~gss_eap_shib_attr_provider(void);
+ bool initFromExistingContext(const gss_eap_attr_ctx *source,
+ const gss_eap_attr_provider *ctx);
+ bool initFromGssContext(const gss_eap_attr_ctx *source,
+ const gss_cred_id_t cred,
+ const gss_ctx_id_t ctx);
+
void setAttribute(int complete,
const gss_buffer_t attr,
const gss_buffer_t value);
static bool init();
static void finalize();
- static gss_eap_attr_provider *
- createAttrContext(const gss_eap_attr_ctx *ctx,
- gss_cred_id_t acceptorCred,
- gss_ctx_id_t acceptorCtx);
+ static gss_eap_attr_provider *createAttrContext(void);
+
private:
int getAttributeIndex(const gss_buffer_t attr) const;
const shibsp::Attribute *getAttribute(const gss_buffer_t attr) const;