* OF THE POSSIBILITY OF SUCH DAMAGE.
*
*/
-// MRW -- Add proper copyright boilerplate to all files
#include "GSSInitSecContext.h"
#include "GSSException.h"
#include <cache/GSSContextCache.h>
+#include <cache/GSSCredentialCache.h>
#include <cache/GSSNameCache.h>
+#include <datamodel/GSSDisplayStatus.h>
#include <datamodel/GSSName.h>
#include <gssapi.h>
#include <stdexcept>
#include <stdlib.h>
#include <string.h>
-typedef OM_uint32 (*init_sec_context)(
- OM_uint32 *, /* minor_status */
- gss_cred_id_t, /* claimant_cred_handle */
- gss_ctx_id_t *, /* context_handle */
- gss_name_t, /* target_name */
- gss_OID, /* mech_type (used to be const) */
- OM_uint32, /* req_flags */
- OM_uint32, /* time_req */
- gss_channel_bindings_t, /* input_chan_bindings */
- gss_buffer_t, /* input_token */
- gss_OID *, /* actual_mech_type */
- gss_buffer_t, /* output_token */
- OM_uint32 *, /* ret_flags */
- OM_uint32 * /* time_req */
-);
+#include "utils/util_base64.h"
void
GSSInitSecContext::execute()
{
/* Variables */
- init_sec_context fn = (init_sec_context)function;
gss_OID actual_mech_type;
+ JSONObject errors;
/* Error checking */
retVal = gss_release_buffer(&minor_status, &output_token);
/* Main */
- // MRW -- fix so that this uses all of the vars from the object
- retVal = fn(
+ retVal = function(
&minor_status,
- GSS_C_NO_CREDENTIAL,
+ claimantCred.toGss(),
&context_handle,
targetName.toGss(),
mechType.toGss(),
&output_token,
&ret_flags,
&time_rec);
-
- if ( GSS_ERROR(this->retVal) )
- {
- // MRW -- steal code from import name
- std::string errMsg;
- errMsg += "Cannot init_sec_context: ";
- throw GSSException(errMsg.c_str(), this->retVal, this->minor_status, mechType.toGss());
- }
-
+
actualMechType.setValue(actual_mech_type);
-
context.setContext(context_handle, true);
contextKey = GSSContextCache::instance()->store(context);
/* Cleanup */
+ // Handle errors
+ GSSDisplayStatus ds(retVal, minor_status, mechType.toGss());
+ errors.set("major_status_message", ds.getMajorMessage().c_str());
+ errors.set("minor_status_message", ds.getMinorMessage().c_str());
+ values->set("errors", errors);
+
+
/* Return */
}
-#if 0
const char* GSSInitSecContext::getTargetDisplayName()
{
/* Variables */
/* return */
return( ret );
}
-#endif
bool GSSInitSecContext::loadParameters(JSONObject *params)
{
/* Variables */
std::string key;
+ std::string token;
/* Error checking */
if ( params->isNull() )
/* Setup */
/* Main processing */
- // MRW -- finish parsing all of the variables
// claimant_cred_handle
+ if (!(params->get("claimant_cred_handle").isNull() ||
+ (params->get("claimant_cred_handle").isString() &&
+ std::string("") == params->get("claimant_cred_handle").string())))
+ {
+ std::string key = params->get("claimant_cred_handle").string();
+ this->claimantCred = GSSCredentialCache::instance()->retrieve(key);
+ }
// context_handle
- if ( ! params->get("context_handle").isNull() )
+ if (!(params->get("context_handle").isNull() ||
+ (params->get("context_handle").isString() &&
+ std::string("") == params->get("context_handle").string())))
{
this->context_handle = GSS_C_NO_CONTEXT;
if (params->get("context_handle").isString())
}
// target_name
- if ( ! params->get("target_name").isNull() )
+ if (! ( params->get("target_name").isNull() ||
+ (params->get("target_name").isString() &&
+ std::string("") == params->get("target_name").string())
+ )
+ )
{
this->target_name = GSS_C_NO_NAME;
if (params->get("target_name").isString())
}
// mech_type
- if ( ! params->get("mech_type").isNull() )
+ if (! ( params->get("mech_type").isNull() ||
+ (
+ params->get("mech_type").isString() &&
+ std::string("") == params->get("mech_type").string()
+ )
+ )
+ )
{
key.clear();
if (params->get("mech_type").isString())
}
// req_flags
- if ( !params->get("req_flags").isNull() )
- this->req_flags = params->get("req_flags").integer();
+ if (!params->get("req_flags").isNull() )
+ this->req_flags = (OM_uint32 )params->get("req_flags").integer();
// time_req
- if ( !params->get("time_req").isNull() )
- this->time_req = params->get("time_req").integer();
-
- // input_chennel_bindings
+ if (!params->get("time_req").isNull() )
+ this->time_req = (OM_uint32 )params->get("time_req").integer();
// input_token
- if ( ! params->get("input_token").isNull() )
+ if (! (params->get("input_token").isNull() ||
+ (params->get("input_token").isString() &&
+ std::string("") == params->get("input_token").string())))
{
- key = params->get("input_token").string();
- this->input_token.value = (void *)key.c_str();
- this->input_token.length = key.length();
+ token = params->get("input_token").string();
+ input_token.value = base64Decode(token.c_str(), &input_token.length);
}
/* Cleanup */
if (this->output_token.length > 0)
gss_release_buffer(&minor, &output_token);
- if (this->input_token.length > 0)
- gss_release_buffer(&minor, &input_token);
+ if (this->input_token.value) {
+ base64Free(input_token.value);
+ input_token.value = NULL;
+ input_token.length = 0;
+ }
}
// Now set things to reasonable defaults
this->ret_flags = 0;
this->time_rec = 0;
+ this->claimantCred = GSS_C_NO_CREDENTIAL;
this->context_handle = GSS_C_NO_CONTEXT;
this->target_name = GSS_C_NO_NAME;
this->mechType.setValue( (char *)"{ 1 3 6 1 5 5 15 1 1 18 }" );
JSONObject *GSSInitSecContext::toJSON()
{
/* Variables */
- // MRW -- values should be scoped to the class, so execute can set error values?
- JSONObject *values = new JSONObject();
+ std::string output_str;
/* Error checking */
/* Setup */
+ base64EncodeStr(output_token.value, output_token.length, output_str);
/* Main */
values->set("major_status", this->retVal);
values->set("minor_status", this->minor_status);
- values->set("context_handle", this->contextKey.c_str());
- values->set("actual_mech_type", this->getActualMechType().toString().c_str());
- values->set("output_token", (const char *)this->output_token.value);
- values->set("ret_flags", this->ret_flags);
- values->set("time_rec", this->time_rec);
- // MRW -- modify for new error handling
+
+ if ( !GSS_ERROR(this->retVal) )
+ {
+ values->set("context_handle", this->contextKey.c_str());
+ values->set("actual_mech_type", this->getActualMechType().toString().c_str());
+ values->set("output_token", output_str.c_str());
+ values->set("ret_flags", this->ret_flags);
+ values->set("time_rec", this->time_rec);
+ }
/* Cleanup */
GSSInitSecContext::GSSInitSecContext(
JSONObject *params,
- void *fn) : GSSCommand(params)
+ init_sec_context_type fn)
{
zeroOut(false);
loadParameters(params);
function = fn;
+
+ values = new JSONObject();
}
-GSSInitSecContext::GSSInitSecContext(void *fn)
+GSSInitSecContext::GSSInitSecContext(init_sec_context_type fn)
{
zeroOut(false);
function = fn;