2 * Copyright (c) 2014, JANET(UK)
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
16 * 3. Neither the name of JANET(UK) nor the names of its contributors
17 * may be used to endorse or promote products derived from this software
18 * without specific prior written permission.
20 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
21 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
22 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
23 * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
24 * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
25 * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
26 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
27 * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
29 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
30 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
31 * OF THE POSSIBILITY OF SUCH DAMAGE.
35 #include "GSSAcquireCred.h"
36 #include "GSSException.h"
37 #include <cache/GSSCredentialCache.h>
38 #include <cache/GSSNameCache.h>
39 #include <datamodel/GSSDisplayStatus.h>
43 GSSAcquireCred::GSSAcquireCred(gss_acq_cred_type fn) : function(fn)
45 desired_name = GSS_C_NO_NAME;
48 GSSAcquireCred::GSSAcquireCred ( const GSSAcquireCred& other )
53 GSSAcquireCred::~GSSAcquireCred()
58 GSSAcquireCred::GSSAcquireCred (
67 loadParameters(params);
69 values = new JSONObject();
76 bool GSSAcquireCred::loadParameters(JSONObject *params)
79 std::string sCredUsage;
87 // Easy stuff(*params)
88 this->time_req = (OM_uint32 )(*params)["time_req"].integer();
93 if ( ! params->get("cred_usage").isNull() )
95 if (params->get("cred_usage").isString())
97 sCredUsage = params->get("cred_usage").string();
98 if (sCredUsage == "GSS_C_BOTH")
99 this->cred_usage = GSS_C_BOTH;
100 else if (sCredUsage == "GSS_C_INITIATE")
101 this->cred_usage = GSS_C_INITIATE;
102 else if (sCredUsage == "GSS_C_ACCEPT")
103 this->cred_usage = GSS_C_ACCEPT;
105 throw std::invalid_argument( std::string("Invalid cred_usage type given: ") + sCredUsage );
106 } else if (params->get("cred_usage").isInteger())
107 this->cred_usage = (gss_cred_usage_t)( params->get("cred_usage").integer() );
109 throw std::invalid_argument( "Unrecognized argument type for cred_usage." );
115 if ( ! params->get("desired_mechs").isNull() )
117 if ( params->get("desired_mechs").isArray() )
119 for (nDesiredMechs = 0;
120 nDesiredMechs < params->get("desired_mechs").size();
123 std::string mechStr = params->get("desired_mechs")[nDesiredMechs].string();
124 desiredMechs.addOID( GSSOID(mechStr).toGss() );
127 throw std::invalid_argument("Unrecognized desired_mechs array.");
129 // Use OID for eap-aes128 by default
130 desiredMechs.addOID( GSSOID((char *)"{ 1 3 6 1 5 5 15 1 1 17 }") );
136 if ( ! params->get("desired_name").isNull() )
138 std::string key = params->get("desired_name").string();
139 this->desired_name = GSSNameCache::instance()->retrieve(key);
150 void GSSAcquireCred::execute()
153 gss_cred_id_t output_cred_handle;
154 gss_OID_set actual_mechs;
161 this->retVal = function(
163 this->desired_name.toGss(),
165 this->desiredMechs.toGss(),
172 GSSDisplayStatus ds(retVal, minor_status, NULL);
173 errors.set("major_status_message", ds.getMajorMessage().c_str());
174 errors.set("minor_status_message", ds.getMinorMessage().c_str());
175 values->set("errors", errors);
177 this->cred.setValue(output_cred_handle);
178 key = GSSCredentialCache::instance()->store(this->cred);
179 this->cred.setKey(key);
180 this->actualMechs = actual_mechs;
186 /* Desired JSON output:
191 * "cred_handle": "###########",
199 JSONObject *GSSAcquireCred::toJSON()
211 values->set("major_status", this->retVal);
212 values->set("minor_status", this->minor_status);
213 values->set("time_rec", (int)this->time_rec );
215 values->set("output_cred_handle", this->cred.getKey().c_str() );
217 // Objects that generate their own JSONObject
218 temp = this->actualMechs.toJSONValue();
219 values->set("actual_mechs", *temp);