src/utils/util_json.cpp
src/utils/util_random.cpp
src/cache/GSSContextCache.cpp
+ src/cache/GSSCredentialCache.cpp
src/cache/GSSNameCache.cpp
src/datamodel/GSSContext.cpp
)
--- /dev/null
+/*
+ * Copyright (c) 2014, 2015 JANET(UK)
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * 3. Neither the name of JANET(UK) nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+#include <stdexcept>
+#include "GSSCredentialCache.h"
+#include "utils/util_base64.h"
+#include "utils/util_random.h"
+
+#define KEYLEN 128
+
+GSSCredentialCache* GSSCredentialCache::_instance = 0;
+
+GSSCredentialCache::GSSCredentialCache()
+{
+
+}
+
+GSSCredentialCache::GSSCredentialCache ( const GSSCredentialCache& other )
+{
+ credentials = other.credentials;
+}
+
+GSSCredentialCache::~GSSCredentialCache()
+{
+
+}
+
+GSSCredentialCache& GSSCredentialCache::operator= ( const GSSCredentialCache& other )
+{
+ credentials = other.credentials;
+
+ return *this;
+}
+
+
+std::string GSSCredentialCache::store ( GSSCredential& data, std::string inKey )
+{
+ /* Variables */
+ std::string key;
+
+ /* Error checking */
+ /* Setup */
+ /* Main */
+ // Generate a key
+ if ( inKey.length() > 0 )
+ {
+ key = inKey;
+ }
+ else if ( !generateKey(key) )
+ {
+ // Key generation failed. Eeek!
+ throw std::runtime_error("Could not generate random data for an ID");
+ }
+
+ // Store the key/value pair in the map
+ credentials[key] = &data;
+
+ /* Cleanup */
+ /* Return */
+ // Return the key for future reference
+ return(key);
+}
+
+/*************************************
+ * Generate random bytes, and base64 *
+ * encode them to be JSONable keys *
+ *************************************/
+bool GSSCredentialCache::generateKey(std::string &key)
+{
+ /* Variables */
+ unsigned char theKey[KEYLEN];
+
+ /* Setup */
+ /* Main */
+ // Generate random byte string
+ if (!randGenPseudoRandom(theKey, KEYLEN))
+ return(false);
+
+ // Encode the binary string
+ base64EncodeStr(theKey, KEYLEN, key);
+ /* Cleanup */
+ /* Return */
+ return(true);
+}
+
+GSSCredential& GSSCredentialCache::retrieve ( std::string key )
+{
+ /* Variables */
+ //GSSCredential data;
+
+ /* Error checking */
+ /* Setup */
+ /* Main */
+
+ /* Cleanup */
+ /* Return */
+ return *(credentials[key]);
+}
+
+GSSCredentialCache* GSSCredentialCache::instance()
+{
+ if (_instance == 0)
+ _instance = new GSSCredentialCache;
+
+ return _instance;
+}
+
--- /dev/null
+/*
+ * Copyright (c) 2014, 2015 JANET(UK)
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * 3. Neither the name of JANET(UK) nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+#ifndef GSSCREDENTIALCACHE_H
+#define GSSCREDENTIALCACHE_H
+
+#include <map>
+#include <string>
+
+#include "datamodel/GSSCredential.h"
+
+typedef std::map<std::string, GSSCredential*> CredentialMap;
+
+class GSSCredentialCache
+{
+public:
+ static GSSCredentialCache* instance();
+ ~GSSCredentialCache();
+ GSSCredentialCache& operator= ( const GSSCredentialCache& other );
+
+ std::string store(GSSCredential &data, const std::string key = "");
+ GSSCredential &retrieve(std::string key);
+ CredentialMap getCredentials() { return(credentials); };
+
+protected:
+ GSSCredentialCache();
+ GSSCredentialCache ( const GSSCredentialCache& other );
+
+private:
+ CredentialMap credentials;
+
+ bool generateKey(std::string &key);
+ static GSSCredentialCache* _instance;
+};
+
+#endif // GSSCREDENTIALCACHE_H
#include "GSSAcquireCred.h"
#include "GSSException.h"
+#include <cache/GSSCredentialCache.h>
#include <cache/GSSNameCache.h>
+#include <datamodel/GSSDisplayStatus.h>
#include <stdexcept>
GSSAcquireCred::GSSAcquireCred(gss_acq_cred_type fn) : function(fn)
{
desired_name = GSS_C_NO_NAME;
- // Use OID for eap-aes128 by default
- desiredMechs.addOID( GSSOID((char *)"{ 1 3 6 1 5 5 15 1 1 17 }") );
}
GSSAcquireCred::GSSAcquireCred ( const GSSAcquireCred& other )
/* Main */
loadParameters(params);
function = fn;
+ values = new JSONObject();
+
/* Cleanup */
/* Return */
}
}
} else
throw std::invalid_argument("Unrecognized desired_mechs array.");
+ } else {
+ // Use OID for eap-aes128 by default
+ desiredMechs.addOID( GSSOID((char *)"{ 1 3 6 1 5 5 15 1 1 17 }") );
}
/****************
/* Variables */
gss_cred_id_t output_cred_handle;
gss_OID_set actual_mechs;
+ JSONObject errors;
+ std::string key;
/* Error checking */
/* Setup */
&actual_mechs,
&this->time_rec
);
-
- if (GSS_ERROR(this->retVal) )
- {
- std::string err("Error acquiring credential for user '");
- err += desired_name.toString();
- err += "'.";
- throw GSSException(err, this->retVal, this->minor_status);
- }
+
+ GSSDisplayStatus ds(retVal, minor_status, NULL);
+ errors.set("major_status_message", ds.getMajorMessage().c_str());
+ errors.set("minor_status_message", ds.getMinorMessage().c_str());
+ values->set("errors", errors);
this->cred.setValue(output_cred_handle);
+ key = GSSCredentialCache::instance()->store(this->cred);
+ this->cred.setKey(key);
this->actualMechs = actual_mechs;
/* Cleanup */
JSONObject *GSSAcquireCred::toJSON()
{
/* Variables */
- JSONObject *values = new JSONObject();
JSONObject *temp;
/* Error checking */
values->set("minor_status", this->minor_status);
values->set("time_rec", (int)this->time_rec );
- // Objects that generate their own JSONObject
- temp = this->cred.toJSONValue();
- values->set("output_cred_handle", *temp );
+ values->set("output_cred_handle", this->cred.getKey().c_str() );
+ // Objects that generate their own JSONObject
temp = this->actualMechs.toJSONValue();
values->set("actual_mechs", *temp);
OM_uint32 retVal, minor_status;
gss_acq_cred_type function;
+
+ JSONObject *values;
};
GSSCredential::GSSCredential ( const GSSCredential& other )
{
this->credential = other.credential;
+ this->hashKey = other.hashKey;
}
GSSCredential& GSSCredential::operator= ( const GSSCredential& gsscred )
{
this->credential = gsscred.credential;
+ this->hashKey = "";
return(*this);
}
void setValue(gss_cred_id_t cred) { this->credential = cred; }
JSONObject *toJSONValue() { return( new JSONObject("not now") ); }
+ void setKey(std::string key) { this->hashKey = key; }
+ std::string getKey() const { return this->hashKey; }
private:
gss_cred_id_t credential;
+ std::string hashKey;
};
/* Main */
this->releaseOIDSet();
this->init();
- for(i = 0; i < other->count; i++)
+ if (NULL != other)
{
- element = other->elements + i;
- this->addOID(element);
+ for(i = 0; i < other->count; i++)
+ {
+ element = other->elements + i;
+ this->addOID(element);
+ }
}
/* Cleanup */
../src/datamodel/GSSOIDSet.cpp
../src/datamodel/GSSContext.cpp
../src/cache/GSSContextCache.cpp
+ ../src/cache/GSSCredentialCache.cpp
../src/cache/GSSNameCache.cpp
datamodel/GSSBufferTest.cpp
datamodel/GSSOIDSetTest.cpp
projects / gssweb.git / commitdiff