From: Luke Howard Date: Fri, 17 Sep 2010 23:24:27 +0000 (+0200) Subject: cleanup X-Git-Url: http://www.project-moonshot.org/gitweb/?p=cyrus-sasl.git;a=commitdiff_plain;h=d502cd40e04295365b0fdeba0f879e40b8d6a960 cleanup --- diff --git a/mech_eap/util_attr.cpp b/mech_eap/util_attr.cpp index 5228645..ebf0096 100644 --- a/mech_eap/util_attr.cpp +++ b/mech_eap/util_attr.cpp @@ -45,17 +45,16 @@ gss_eap_attr_factories[ATTR_TYPE_MAX] = { }; gss_eap_attr_ctx * -gss_eap_attr_ctx::createAttrContext(gss_cred_id_t gssCred, - gss_ctx_id_t gssCtx) +gss_eap_attr_ctx::createAttrContext(void) { gss_eap_attr_ctx *ctx; - ctx = new gss_eap_attr_ctx(NULL, gssCred, gssCtx); + ctx = new gss_eap_attr_ctx; for (unsigned int i = 0; i < ATTR_TYPE_MAX; i++) { gss_eap_attr_provider *provider; - provider = (gss_eap_attr_factories[i])(ctx, gssCred, gssCtx); + provider = (gss_eap_attr_factories[i])(); if (provider != NULL) ctx->m_providers[i] = provider; } @@ -63,6 +62,47 @@ gss_eap_attr_ctx::createAttrContext(gss_cred_id_t gssCred, return ctx; } +bool +gss_eap_attr_ctx::initFromExistingContext(const gss_eap_attr_ctx *source, + const gss_eap_attr_provider *ctx) +{ + if (!gss_eap_attr_provider::initFromExistingContext(this, ctx)) + return false; + + for (unsigned int i = 0; i < ATTR_TYPE_MAX; i++) { + gss_eap_attr_provider *provider; + + provider = m_providers[i]; + if (provider != NULL) { + if (!provider->initFromExistingContext(this, provider)) + return false; + } + } + + return true; +} + +bool +gss_eap_attr_ctx::initFromGssContext(const gss_eap_attr_ctx *source, + const gss_cred_id_t cred, + const gss_ctx_id_t ctx) +{ + if (!gss_eap_attr_provider::initFromGssContext(this, cred, ctx)) + return false; + + for (unsigned int i = 0; i < ATTR_TYPE_MAX; i++) { + gss_eap_attr_provider *provider; + + provider = m_providers[i]; + if (provider != NULL) { + if (!provider->initFromGssContext(this, cred, ctx)) + return false; + } + } + + return true; +} + gss_eap_attr_ctx::~gss_eap_attr_ctx(void) { for (unsigned int i = 0; i < ATTR_TYPE_MAX; i++) @@ -103,18 +143,6 @@ gss_eap_attr_ctx::getProvider(const gss_buffer_t prefix) const return m_providers[type]; } -gss_eap_attr_ctx::gss_eap_attr_ctx(const gss_eap_attr_ctx &ctx) - : gss_eap_attr_provider(ctx) -{ - for (unsigned int i = 0; i < ATTR_TYPE_MAX; i++) { - if (ctx.m_providers[i] != NULL) { - m_providers[i] = (gss_eap_attr_factories[i])(&ctx, - GSS_C_NO_CREDENTIAL, - GSS_C_NO_CONTEXT); - } - } -} - void gss_eap_attr_ctx::setAttribute(int complete, const gss_buffer_t attr, @@ -285,11 +313,10 @@ bool gss_eap_attr_ctx::unmarshall(const gss_eap_attr_ctx *ctx, const gss_buffer_t buffer) { - int i; + unsigned int i; for (i = 0; i < ATTR_TYPE_MAX; i++) { gss_eap_attr_provider *provider = m_providers[i]; - } } @@ -555,9 +582,16 @@ gssEapDuplicateAttrContext(OM_uint32 *minor, gss_name_t out) { try { - if (in->attrCtx != NULL) - out->attrCtx = new gss_eap_attr_ctx(*(in->attrCtx)); - else + if (in->attrCtx != NULL) { + gss_eap_attr_ctx *ctx = new gss_eap_attr_ctx; + + out->attrCtx = new gss_eap_attr_ctx; + if (!ctx->initFromExistingContext(NULL, in->attrCtx)) { + delete ctx; + return GSS_S_FAILURE; + } + out->attrCtx = ctx; + } else out->attrCtx = NULL; } catch (std::exception &e) { return mapException(minor, e); @@ -637,9 +671,16 @@ gssEapAttrProvidersFinalize(OM_uint32 *minor) } struct gss_eap_attr_ctx * -gssEapCreateAttrContext(gss_cred_id_t cred, - gss_ctx_id_t ctx) +gssEapCreateAttrContext(gss_cred_id_t gssCred, + gss_ctx_id_t gssCtx) { - assert(ctx != GSS_C_NO_CONTEXT); - return gss_eap_attr_ctx::createAttrContext(cred, ctx); + gss_eap_attr_ctx *ctx; + + ctx = gss_eap_attr_ctx::createAttrContext(); + if (!ctx->initFromGssContext(NULL, gssCred, gssCtx)) { + delete ctx; + return NULL; + } + + return ctx; } diff --git a/mech_eap/util_attr.h b/mech_eap/util_attr.h index 5407c10..eb0a041 100644 --- a/mech_eap/util_attr.h +++ b/mech_eap/util_attr.h @@ -46,15 +46,23 @@ struct gss_eap_attr_ctx; struct gss_eap_attr_provider { public: - gss_eap_attr_provider(const gss_eap_attr_ctx *ctx, - gss_cred_id_t acceptorCred = GSS_C_NO_CREDENTIAL, - gss_ctx_id_t acceptorCtx = GSS_C_NO_CONTEXT) + gss_eap_attr_provider(void) {} + virtual ~gss_eap_attr_provider(void) {} + + virtual bool initFromExistingContext(const gss_eap_attr_ctx *source, + const gss_eap_attr_provider *ctx) { - m_source = ctx; + m_source = source; + return true; } - gss_eap_attr_provider(const gss_eap_attr_provider &ctx) {} - virtual ~gss_eap_attr_provider(void) {} + virtual bool initFromGssContext(const gss_eap_attr_ctx *source, + const gss_cred_id_t cred, + const gss_ctx_id_t ctx) + { + m_source = source; + return true; + } typedef bool gss_eap_attr_enumeration_cb(const gss_eap_attr_provider *provider, @@ -89,34 +97,27 @@ public: static bool init() { return true; } static void finalize() {} - static gss_eap_attr_provider * - createAttrContext(const gss_eap_attr_ctx *ctx, - gss_cred_id_t acceptorCred, - gss_ctx_id_t acceptorCtx) { return NULL; } + static gss_eap_attr_provider *createAttrContext(void) { return NULL; } protected: const gss_eap_attr_ctx *m_source; }; -typedef gss_eap_attr_provider * (*gss_eap_attr_create_cb)( - const gss_eap_attr_ctx *ctx, - gss_cred_id_t acceptorCred, - gss_ctx_id_t acceptorCtx); +typedef gss_eap_attr_provider *(*gss_eap_attr_create_cb)(void); struct gss_eap_attr_ctx : gss_eap_attr_provider { public: - gss_eap_attr_ctx(const gss_eap_attr_ctx *ctx, - gss_cred_id_t acceptorCred, - gss_ctx_id_t acceptorCtx) : - gss_eap_attr_provider(ctx, acceptorCred, acceptorCtx) {} - - gss_eap_attr_ctx(const gss_eap_attr_ctx &ctx); - + gss_eap_attr_ctx(void) {} ~gss_eap_attr_ctx(void); - static gss_eap_attr_ctx *createAttrContext(gss_cred_id_t acceptorCred, - gss_ctx_id_t acceptorCtx); + bool initFromExistingContext(const gss_eap_attr_ctx *source, + const gss_eap_attr_provider *ctx); + bool initFromGssContext(const gss_eap_attr_ctx *source, + const gss_cred_id_t cred, + const gss_ctx_id_t ctx); + + static gss_eap_attr_ctx *createAttrContext(void); bool getAttributeTypes(gss_eap_attr_enumeration_cb, void *data) const; bool getAttributeTypes(gss_buffer_set_t *attrs); diff --git a/mech_eap/util_radius.cpp b/mech_eap/util_radius.cpp index a2a54c7..e851312 100644 --- a/mech_eap/util_radius.cpp +++ b/mech_eap/util_radius.cpp @@ -32,17 +32,25 @@ #include "gssapiP_eap.h" -gss_eap_radius_attr_provider::gss_eap_radius_attr_provider(const gss_eap_attr_ctx *ctx, - gss_cred_id_t gssCred, - gss_ctx_id_t gssCtx) - : gss_eap_attr_provider(ctx, gssCred, gssCtx) +bool +gss_eap_radius_attr_provider::initFromExistingContext(const gss_eap_attr_ctx *source, + const gss_eap_attr_provider *ctx) { + if (!gss_eap_attr_provider::initFromExistingContext(source, ctx)) + return false; + + return true; } -gss_eap_radius_attr_provider::gss_eap_radius_attr_provider( - const gss_eap_radius_attr_provider &src) - : gss_eap_attr_provider(src) +bool +gss_eap_radius_attr_provider::initFromGssContext(const gss_eap_attr_ctx *source, + const gss_cred_id_t gssCred, + const gss_ctx_id_t gssCtx) { + if (!gss_eap_attr_provider::initFromGssContext(source, gssCred, gssCtx)) + return false; + + return true; } gss_eap_radius_attr_provider::~gss_eap_radius_attr_provider(void) @@ -124,9 +132,7 @@ gss_eap_radius_attr_provider::finalize(void) } gss_eap_attr_provider * -gss_eap_radius_attr_provider::createAttrContext(const gss_eap_attr_ctx *ctx, - gss_cred_id_t gssCred, - gss_ctx_id_t gssCtx) +gss_eap_radius_attr_provider::createAttrContext(void) { - return new gss_eap_radius_attr_provider(ctx, gssCred, gssCtx); + return new gss_eap_radius_attr_provider; } diff --git a/mech_eap/util_radius.h b/mech_eap/util_radius.h index 7a264e3..8d91a9c 100644 --- a/mech_eap/util_radius.h +++ b/mech_eap/util_radius.h @@ -35,12 +35,15 @@ struct gss_eap_radius_attr_provider : gss_eap_attr_provider { public: - gss_eap_radius_attr_provider(const gss_eap_attr_ctx *ctx, - gss_cred_id_t acceptorCred, - gss_ctx_id_t acceptorCtx); - gss_eap_radius_attr_provider(const gss_eap_radius_attr_provider &ctx); + gss_eap_radius_attr_provider(void) {} ~gss_eap_radius_attr_provider(void); + bool initFromExistingContext(const gss_eap_attr_ctx *source, + const gss_eap_attr_provider *ctx); + bool initFromGssContext(const gss_eap_attr_ctx *source, + const gss_cred_id_t cred, + const gss_ctx_id_t ctx); + bool getAttributeTypes(gss_eap_attr_enumeration_cb, void *data) const; void setAttribute(int complete, const gss_buffer_t attr, @@ -71,10 +74,8 @@ public: static bool init(); static void finalize(); - static gss_eap_attr_provider * - createAttrContext(const gss_eap_attr_ctx *ctx, - gss_cred_id_t acceptorCred, - gss_ctx_id_t acceptorCtx); + static gss_eap_attr_provider *createAttrContext(void); + private: }; diff --git a/mech_eap/util_saml.cpp b/mech_eap/util_saml.cpp index 669458b..2257b03 100644 --- a/mech_eap/util_saml.cpp +++ b/mech_eap/util_saml.cpp @@ -74,31 +74,35 @@ class auto_ptr_gss_buffer { * gss_eap_saml_assertion_provider is for retrieving the underlying * assertion. */ -gss_eap_saml_assertion_provider::gss_eap_saml_assertion_provider(const gss_eap_attr_ctx * -ctx) - : gss_eap_attr_provider(ctx) +bool +gss_eap_saml_assertion_provider::initFromExistingContext(const gss_eap_attr_ctx *source, + const gss_eap_attr_provider *ctx) { /* Then we may be creating from an existing attribute context */ - gss_eap_saml_assertion_provider *saml; + const gss_eap_saml_assertion_provider *saml; - saml = dynamic_cast - (ctx->getProvider(ATTR_TYPE_SAML_ASSERTION)); - if (saml != NULL) - setAssertion(saml->getAssertion()); + if (!gss_eap_attr_provider::initFromExistingContext(source, ctx)) + return false; + + saml = dynamic_cast(ctx); + setAssertion(saml->getAssertion()); } -gss_eap_saml_assertion_provider::gss_eap_saml_assertion_provider(const gss_eap_attr_ctx *ctx, - gss_cred_id_t gssCred, - gss_ctx_id_t gssCtx) - : gss_eap_attr_provider(ctx) +bool +gss_eap_saml_assertion_provider::initFromGssContext(const gss_eap_attr_ctx *source, + const gss_cred_id_t gssCred, + const gss_ctx_id_t gssCtx) { - gss_eap_radius_attr_provider *radius; + const gss_eap_radius_attr_provider *radius; gss_buffer_desc value = GSS_C_EMPTY_BUFFER; int authenticated, complete, more = -1; OM_uint32 minor; - radius = dynamic_cast - (ctx->getProvider(ATTR_TYPE_RADIUS)); + if (!gss_eap_attr_provider::initFromGssContext(source, gssCred, gssCtx)) + return false; + + radius = dynamic_cast + (source->getProvider(ATTR_TYPE_RADIUS)); if (radius != NULL && radius->getAttribute(512, &authenticated, &complete, &value, NULL, &more)) { @@ -240,11 +244,9 @@ gss_eap_saml_assertion_provider::finalize(void) } gss_eap_attr_provider * -gss_eap_saml_assertion_provider::createAttrContext(const gss_eap_attr_ctx *ctx, - gss_cred_id_t gssCred, - gss_ctx_id_t gssCtx) +gss_eap_saml_assertion_provider::createAttrContext(void) { - return new gss_eap_saml_assertion_provider(ctx, gssCred, gssCtx); + return new gss_eap_saml_assertion_provider; } /* @@ -253,20 +255,14 @@ gss_eap_saml_assertion_provider::createAttrContext(const gss_eap_attr_ctx *ctx, const saml2::Assertion * gss_eap_saml_attr_provider::getAssertion(void) const { - gss_eap_saml_assertion_provider *saml; + const gss_eap_saml_assertion_provider *saml; - saml = dynamic_cast(m_source->getProvider(ATTR_TYPE_SAML_ASSERTION)); - assert(saml != NULL); - - return saml->getAssertion(); -} + saml = dynamic_cast + (m_source->getProvider(ATTR_TYPE_SAML_ASSERTION)); + if (saml != NULL) + return saml->getAssertion(); -gss_eap_saml_attr_provider::gss_eap_saml_attr_provider(const gss_eap_attr_ctx *ctx, - gss_cred_id_t gssCred, - gss_ctx_id_t gssCtx) - : gss_eap_attr_provider(ctx, gssCred, gssCtx) -{ - /* Nothing to do, we're just a wrapper around the assertion provider. */ + return NULL; } gss_eap_saml_attr_provider::~gss_eap_saml_attr_provider(void) @@ -422,12 +418,7 @@ gss_eap_saml_attr_provider::finalize(void) } gss_eap_attr_provider * -gss_eap_saml_attr_provider::createAttrContext(const gss_eap_attr_ctx *ctx, - gss_cred_id_t gssCred, - gss_ctx_id_t gssCtx) +gss_eap_saml_attr_provider::createAttrContext(void) { - if (gssCtx != GSS_C_NO_CONTEXT) - return new gss_eap_saml_attr_provider(ctx, gssCred, gssCtx); - else - return new gss_eap_saml_attr_provider(ctx); + return new gss_eap_saml_attr_provider; } diff --git a/mech_eap/util_saml.h b/mech_eap/util_saml.h index 8c5a548..bbad54f 100644 --- a/mech_eap/util_saml.h +++ b/mech_eap/util_saml.h @@ -43,13 +43,15 @@ namespace opensaml { struct gss_eap_saml_assertion_provider : gss_eap_attr_provider { public: - gss_eap_saml_assertion_provider(const gss_eap_attr_ctx *ctx); - gss_eap_saml_assertion_provider(const gss_eap_attr_ctx *ctx, - gss_cred_id_t acceptorCred, - gss_ctx_id_t acceptorCtx); - + gss_eap_saml_assertion_provider(void) {} ~gss_eap_saml_assertion_provider(void); + bool initFromExistingContext(const gss_eap_attr_ctx *source, + const gss_eap_attr_provider *ctx); + bool initFromGssContext(const gss_eap_attr_ctx *source, + const gss_cred_id_t cred, + const gss_ctx_id_t ctx); + bool getAttributeTypes(gss_eap_attr_enumeration_cb, void *data) const; void setAttribute(int complete, const gss_buffer_t attr, @@ -79,10 +81,8 @@ public: static bool init(); static void finalize(); - static gss_eap_attr_provider * - createAttrContext(const gss_eap_attr_ctx *ctx, - gss_cred_id_t acceptorCred, - gss_ctx_id_t acceptorCtx); + static gss_eap_attr_provider *createAttrContext(void); + private: static opensaml::saml2::Assertion * parseAssertion(const gss_buffer_t buffer); @@ -92,15 +92,17 @@ private: struct gss_eap_saml_attr_provider : gss_eap_attr_provider { public: - gss_eap_saml_attr_provider(const gss_eap_attr_ctx *ctx) - : gss_eap_attr_provider(ctx) {} - - gss_eap_saml_attr_provider(const gss_eap_attr_ctx *ctx, - gss_cred_id_t acceptorCred, - gss_ctx_id_t acceptorCtx); - + gss_eap_saml_attr_provider(void) {} ~gss_eap_saml_attr_provider(void); +#if 0 + bool initFromExistingContext(const gss_eap_attr_ctx *source, + const gss_eap_attr_provider *ctx); + bool initFromGssContext(const gss_eap_attr_ctx *source, + const gss_cred_id_t cred, + const gss_ctx_id_t ctx); +#endif + bool getAttributeTypes(gss_eap_attr_enumeration_cb, void *data) const; void setAttribute(int complete, const gss_buffer_t attr, @@ -129,10 +131,9 @@ public: static bool init(); static void finalize(); - static gss_eap_attr_provider * - createAttrContext(const gss_eap_attr_ctx *ctx, - gss_cred_id_t acceptorCred, - gss_ctx_id_t acceptorCtx); + static gss_eap_attr_provider *createAttrContext(void); + +private: }; #endif /* _UTIL_SAML_H_ */ diff --git a/mech_eap/util_shib.cpp b/mech_eap/util_shib.cpp index 64fd07d..35a5381 100644 --- a/mech_eap/util_shib.cpp +++ b/mech_eap/util_shib.cpp @@ -79,48 +79,60 @@ using namespace std; static vector duplicateAttributes(const vector src); -gss_eap_shib_attr_provider::gss_eap_shib_attr_provider(const gss_eap_attr_ctx *ctx, - gss_cred_id_t gssCred, - gss_ctx_id_t gssCtx) - : gss_eap_attr_provider(ctx, gssCred, gssCtx) +bool +gss_eap_shib_attr_provider::initFromExistingContext(const gss_eap_attr_ctx *source, + const gss_eap_attr_provider *ctx) { - if (gssCtx == GSS_C_NO_CONTEXT) { - gss_eap_shib_attr_provider *shib; + const gss_eap_shib_attr_provider *shib; - shib = dynamic_cast - (ctx->getProvider(ATTR_TYPE_LOCAL)); - if (shib != NULL) - m_attributes = duplicateAttributes(shib->m_attributes); - } else { - gss_eap_saml_assertion_provider *saml; - gss_eap_radius_attr_provider *radius; - gss_buffer_desc nameBuf = GSS_C_EMPTY_BUFFER; - ShibbolethResolver *resolver = NULL; - OM_uint32 minor; + if (!gss_eap_attr_provider::initFromExistingContext(source, ctx)) + return false; - saml = dynamic_cast - (ctx->getProvider(ATTR_TYPE_SAML_ASSERTION)); - radius = dynamic_cast - (ctx->getProvider(ATTR_TYPE_RADIUS)); + shib = dynamic_cast(ctx); + if (shib != NULL) + m_attributes = duplicateAttributes(shib->m_attributes); - if (radius == NULL) - return; + return true; +} - if (gssCred != GSS_C_NO_CREDENTIAL && - gss_display_name(&minor, gssCred->name, &nameBuf, NULL) == GSS_S_COMPLETE) - resolver->setApplicationID((const char *)nameBuf.value); +bool +gss_eap_shib_attr_provider::initFromGssContext(const gss_eap_attr_ctx *source, + const gss_cred_id_t gssCred, + const gss_ctx_id_t gssCtx) +{ + const gss_eap_saml_assertion_provider *saml; + const gss_eap_radius_attr_provider *radius; + gss_buffer_desc nameBuf = GSS_C_EMPTY_BUFFER; + ShibbolethResolver *resolver = NULL; + OM_uint32 minor; - if (saml != NULL && saml->getAssertion() != NULL) - resolver->addToken(saml->getAssertion()); + if (!gss_eap_attr_provider::initFromGssContext(source, gssCred, gssCtx)) + return false; - /* TODO inject RADIUS attribute types */ + saml = dynamic_cast + (source->getProvider(ATTR_TYPE_SAML_ASSERTION)); + radius = dynamic_cast + (source->getProvider(ATTR_TYPE_RADIUS)); - resolver->resolveAttributes(m_attributes); + if (radius == NULL) + return true; - gss_release_buffer(&minor, &nameBuf); + if (gssCred != GSS_C_NO_CREDENTIAL && + gss_display_name(&minor, gssCred->name, &nameBuf, NULL) == GSS_S_COMPLETE) + resolver->setApplicationID((const char *)nameBuf.value); - delete resolver; - } + if (saml != NULL && saml->getAssertion() != NULL) + resolver->addToken(saml->getAssertion()); + + /* TODO inject RADIUS attribute types */ + + resolver->resolveAttributes(m_attributes); + + gss_release_buffer(&minor, &nameBuf); + + delete resolver; + + return true; } gss_eap_shib_attr_provider::~gss_eap_shib_attr_provider(void) @@ -305,11 +317,9 @@ gss_eap_shib_attr_provider::finalize(void) } gss_eap_attr_provider * -gss_eap_shib_attr_provider::createAttrContext(const gss_eap_attr_ctx *ctx, - gss_cred_id_t gssCred, - gss_ctx_id_t gssCtx) +gss_eap_shib_attr_provider::createAttrContext(void) { - return new gss_eap_shib_attr_provider(ctx, gssCred, gssCtx); + return new gss_eap_shib_attr_provider; } static Attribute * diff --git a/mech_eap/util_shib.h b/mech_eap/util_shib.h index aa5cd14..8064aa7 100644 --- a/mech_eap/util_shib.h +++ b/mech_eap/util_shib.h @@ -41,12 +41,15 @@ namespace shibsp { struct gss_eap_shib_attr_provider : gss_eap_attr_provider { public: - gss_eap_shib_attr_provider(const gss_eap_attr_ctx *ctx); - gss_eap_shib_attr_provider(const gss_eap_attr_ctx *ctx, - gss_cred_id_t acceptorCred, - gss_ctx_id_t acceptorCtx); + gss_eap_shib_attr_provider(void) {} ~gss_eap_shib_attr_provider(void); + bool initFromExistingContext(const gss_eap_attr_ctx *source, + const gss_eap_attr_provider *ctx); + bool initFromGssContext(const gss_eap_attr_ctx *source, + const gss_cred_id_t cred, + const gss_ctx_id_t ctx); + void setAttribute(int complete, const gss_buffer_t attr, const gss_buffer_t value); @@ -71,10 +74,8 @@ public: static bool init(); static void finalize(); - static gss_eap_attr_provider * - createAttrContext(const gss_eap_attr_ctx *ctx, - gss_cred_id_t acceptorCred, - gss_ctx_id_t acceptorCtx); + static gss_eap_attr_provider *createAttrContext(void); + private: int getAttributeIndex(const gss_buffer_t attr) const; const shibsp::Attribute *getAttribute(const gss_buffer_t attr) const;