*
*/
+#include <string.h>
+
#include "GSSOID.h"
#include "../GSSException.h"
this->gssInternal = true;
return true;
}
+
+bool GSSOID::matchesBaseOID ( const gss_OID_desc &base_oid )
+{
+ /* Variables */
+ unsigned char *elements = reinterpret_cast <unsigned char*>(oid->elements);
+
+ /* Error checking */
+ /* Setup */
+ /* Main processing */
+ // We can't match the prefex if we're not longer than the prefix.
+ if (oid->length <= base_oid.length)
+ return(false);
+
+ // Match the prefix itself.
+ if (memcmp(oid->elements, base_oid.elements, base_oid.length) != 0)
+ return(false);
+
+ // Constrain the suffix to a single OID segment.
+ // The break between segments is signified whenever an octet has 0 in
+ // its high-order bit. Check that no octet between the prefix and the
+ // last octet has 0 in its high-order bit
+ for (size_t i = base_oid.length;
+ oid->length - 1 > i;
+ i++)
+ {
+ if( !(elements[i] & 0x80) )
+ return(false);
+ }
+
+ // Add a sanity check that the last octet has 0 in its high-order bit.
+ if( elements[oid->length - 1] & 0x80 )
+ return(false);
+
+ /* Cleanup */
+ // No memory allocated, just typecast - nothing to clean up
+
+ /* Return */
+ return(true);
+}
+
#ifndef GSSOID_H
#define GSSOID_H
+static const gss_OID_desc eap_mech_oid = {
+ /* 1.3.6.1.5.5.15.1.1 */
+ 8, (void *) "\x2B\x06\x01\x05\x05\x0f\x01\x01" };
+
+
class GSSOID {
public:
GSSOID() { oid = GSS_C_NO_OID; gssInternal = true; };
bool setValue(gss_OID gssOID);
JSONObject *toJSONValue() const;
+
+ bool matchesBaseOID ( const gss_OID_desc &base_oid );
+ bool isGssEapMech() { return( matchesBaseOID( eap_mech_oid ) ); }
+
private:
gss_OID oid;
bool gssInternal;
projects / gssweb.git / commitdiff