From 881e0cbc76a63b2a54a4b75e2e1c6d96bff56f4b Mon Sep 17 00:00:00 2001 From: Luke Howard Date: Wed, 8 Sep 2010 21:10:35 +0200 Subject: [PATCH] more attribute plumbing --- mech_eap/inquire_name.c | 59 +++++++++++++++++++++++++++++++++++++++++++++++++ mech_eap/util.h | 6 ++--- mech_eap/util_radius.c | 11 ++++++++- mech_eap/util_radius.h | 8 ++++++- mech_eap/util_saml.c | 11 ++++++++- mech_eap/util_saml.h | 8 ++++++- 6 files changed, 96 insertions(+), 7 deletions(-) diff --git a/mech_eap/inquire_name.c b/mech_eap/inquire_name.c index e147d00..4347984 100644 --- a/mech_eap/inquire_name.c +++ b/mech_eap/inquire_name.c @@ -32,6 +32,35 @@ #include "gssapiP_eap.h" +struct eap_gss_attribute_args { + gss_buffer_t prefix; + gss_buffer_set_t attrs; +}; + +static OM_uint32 +addAttribute(OM_uint32 *minor, + void *data, + gss_buffer_t attribute) +{ + struct eap_gss_attribute_args *args = (struct eap_gss_attribute_args *)data; + OM_uint32 major, tmpMinor; + gss_buffer_desc qualifiedAttr; + + if (attribute != GSS_C_NO_BUFFER) { + major = composeAttributeName(minor, args->prefix, attribute, &qualifiedAttr); + if (GSS_ERROR(major)) + return major; + + major = gss_add_buffer_set_member(minor, &qualifiedAttr, args->attrs); + + gss_release_buffer(&tmpMinor, &qualifiedAttr); + } else { + major = gss_add_buffer_set_member(minor, args->prefix, args->attrs); + } + + return major; +} + OM_uint32 gss_inquire_name(OM_uint32 *minor, gss_name_t name, int *name_is_MN, @@ -40,6 +69,7 @@ OM_uint32 gss_inquire_name(OM_uint32 *minor, { OM_uint32 major, tmpMinor; krb5_context krbContext; + struct eap_gss_attribute_args args; *name_is_MN = 1; *MN_mech = GSS_EAP_MECHANISM; @@ -53,8 +83,37 @@ OM_uint32 gss_inquire_name(OM_uint32 *minor, GSSEAP_KRB_INIT(&krbContext); GSSEAP_MUTEX_LOCK(&name->mutex); + major = gss_create_empty_buffer_set(minor, attrs); + if (GSS_ERROR(major)) + goto cleanup; + + args.attrs = *attrs; + + if (name->assertion != NULL) { + args.prefix = gssEapAttributeTypeToPrefix(ATTR_TYPE_SAML_AAA_ASSERTION); + + major = addAttribute(minor, &args, GSS_C_NO_BUFFER); + if (GSS_ERROR(major)) + goto cleanup; + + args.prefix = gssEapAttributeTypeToPrefix(ATTR_TYPE_SAML_ATTR); + major = samlGetAttributeTypes(minor, name->assertion, &args, addAttribute); + if (GSS_ERROR(major)) + goto cleanup; + } + + if (name->avps != NULL) { + args.prefix = gssEapAttributeTypeToPrefix(ATTR_TYPE_RADIUS_AVP); + major = radiusGetAttributeTypes(minor, name->avps, &args, addAttribute); + if (GSS_ERROR(major)) + goto cleanup; + } + cleanup: GSSEAP_MUTEX_UNLOCK(&name->mutex); + if (GSS_ERROR(major)) + gss_release_buffer_set(&tmpMinor, attrs); + return major; } diff --git a/mech_eap/util.h b/mech_eap/util.h index 9b7d51e..1746c3f 100644 --- a/mech_eap/util.h +++ b/mech_eap/util.h @@ -214,9 +214,9 @@ decomposeAttributeName(OM_uint32 *minor, gss_buffer_t suffix); OM_uint32 composeAttributeName(OM_uint32 *minor, - const gss_buffer_t prefix, - const gss_buffer_t suffix, - gss_buffer_t attribute); + const gss_buffer_t prefix, + const gss_buffer_t suffix, + gss_buffer_t attribute); /* util_oid.c */ OM_uint32 diff --git a/mech_eap/util_radius.c b/mech_eap/util_radius.c index 87b5087..b463168 100644 --- a/mech_eap/util_radius.c +++ b/mech_eap/util_radius.c @@ -51,8 +51,17 @@ radiusFreeAVPs(OM_uint32 *minor, } OM_uint32 +radiusGetAttributeTypes(OM_uint32 *minor, + const struct eap_gss_avp_list *avps, + void *data, + OM_uint32 (*addAttribute)(OM_uint32 *, void *, gss_buffer_t)) +{ + GSSEAP_NOT_IMPLEMENTED; +} + +OM_uint32 radiusGetAVP(OM_uint32 *minor, - struct eap_gss_avp_list *avps, + const struct eap_gss_avp_list *avps, gss_buffer_t attr, int *authenticated, int *complete, diff --git a/mech_eap/util_radius.h b/mech_eap/util_radius.h index 931e779..154529e 100644 --- a/mech_eap/util_radius.h +++ b/mech_eap/util_radius.h @@ -47,8 +47,14 @@ radiusFreeAVPs(OM_uint32 *minor, struct eap_gss_avp_list *in); OM_uint32 +radiusGetAttributeTypes(OM_uint32 *minor, + const struct eap_gss_avp_list *assertion, + void *data, + OM_uint32 (*addAttribute)(OM_uint32 *, void *, gss_buffer_t)); + +OM_uint32 radiusGetAVP(OM_uint32 *minor, - struct eap_gss_avp_list *avps, + const struct eap_gss_avp_list *avps, gss_buffer_t attr, int *authenticated, int *complete, diff --git a/mech_eap/util_saml.c b/mech_eap/util_saml.c index cafb4ff..8113677 100644 --- a/mech_eap/util_saml.c +++ b/mech_eap/util_saml.c @@ -56,8 +56,17 @@ samlExportAssertion(OM_uint32 *minor, } OM_uint32 +samlGetAttributeTypes(OM_uint32 *minor, + const struct eap_gss_saml_assertion *assertion, + void *data, + OM_uint32 (*addAttribute)(OM_uint32 *, void *, gss_buffer_t)) +{ + GSSEAP_NOT_IMPLEMENTED; +} + +OM_uint32 samlGetAttribute(OM_uint32 *minor, - struct eap_gss_saml_assertion *assertion, + const struct eap_gss_saml_assertion *assertion, gss_buffer_t attr, int *authenticated, int *complete, diff --git a/mech_eap/util_saml.h b/mech_eap/util_saml.h index 374be78..1859f02 100644 --- a/mech_eap/util_saml.h +++ b/mech_eap/util_saml.h @@ -52,8 +52,14 @@ samlFreeAssertion(OM_uint32 *minor, struct eap_gss_saml_assertion *assertion); OM_uint32 +samlGetAttributeTypes(OM_uint32 *minor, + const struct eap_gss_saml_assertion *assertion, + void *data, + OM_uint32 (*addAttribute)(OM_uint32 *, void *, gss_buffer_t)); + +OM_uint32 samlGetAttribute(OM_uint32 *minor, - struct eap_gss_saml_assertion *assertion, + const struct eap_gss_saml_assertion *assertion, gss_buffer_t attr, int *authenticated, int *complete, -- 2.1.4