summary |
shortlog | log |
commit |
commitdiff |
tree
first ⋅ prev ⋅ next
Mark Donnelly [Tue, 25 Nov 2014 16:24:03 +0000 (11:24 -0500)]
Include dependency on pthreads
Mark Donnelly [Tue, 25 Nov 2014 16:11:37 +0000 (11:11 -0500)]
Inherit from GSSCommand publicly, rather than privately.
The code to process commands from the user interface relies on the inheritance from the GSSCommand interface, which doesn't work if that inheritance is private.
Mark Donnelly [Tue, 25 Nov 2014 15:56:27 +0000 (10:56 -0500)]
Remove calls to GSSCommand constructor from derived classes
The GSSCommand class has evolved into little more than an interface, and calls to its constructor from its derived classes were all implemented incorrectly anyway. This change removes the calls to the constructor from the remaining inheriting classes: GSSAcquireCred, GSSImportName, GSSInitSecContext, and GSSPseudoRandom.
Mark Donnelly [Mon, 24 Nov 2014 21:07:15 +0000 (16:07 -0500)]
Use location.hostname as part of the name of the other end; reorder calls for debuggability.
The location.host includes the port number in the URL, if specified; the hostname does not.
The reordering of calls makes it easier to tell whether the crash is happening during a 200/Success or 401/Unauthorized response.
Kevin Wasserman [Mon, 24 Nov 2014 18:04:15 +0000 (13:04 -0500)]
Add win-build.bat for buildbot
Kevin Wasserman [Thu, 20 Nov 2014 14:33:49 +0000 (09:33 -0500)]
Add importname.txt which is a simple single-command
useful for testing on windows
Kevin Wasserman [Thu, 20 Nov 2014 14:30:35 +0000 (09:30 -0500)]
On windows, change json_gssapi.exe to take filepath as arg
Reads entire file as a single command
Kevin Wasserman [Fri, 7 Nov 2014 11:29:33 +0000 (06:29 -0500)]
No unistd.h in windows
Kevin Wasserman [Fri, 7 Nov 2014 02:47:00 +0000 (21:47 -0500)]
Support for windows builds
Kevin Wasserman [Fri, 7 Nov 2014 02:45:36 +0000 (21:45 -0500)]
disable unit tests on windows
Kevin Wasserman [Fri, 7 Nov 2014 16:25:06 +0000 (11:25 -0500)]
add util_base64 and util_random
Kevin Wasserman [Thu, 6 Nov 2014 18:17:44 +0000 (13:17 -0500)]
Add cast to eliminate msvc warning
Kevin Wasserman [Thu, 6 Nov 2014 18:15:31 +0000 (13:15 -0500)]
Remove redundant definition of gss_imp_name_type
Kevin Wasserman [Thu, 6 Nov 2014 18:01:31 +0000 (13:01 -0500)]
take mit-krb5 out of include path
Kevin Wasserman [Thu, 6 Nov 2014 18:00:01 +0000 (13:00 -0500)]
Add KRB5_CALLCONV decoration where required
Kevin Wasserman [Thu, 20 Nov 2014 22:35:28 +0000 (17:35 -0500)]
Don't try to free() gss_OID's
Kevin Wasserman [Thu, 20 Nov 2014 22:32:37 +0000 (17:32 -0500)]
Don't return pointers to memory held by local std::string buffers
Kevin Wasserman [Thu, 20 Nov 2014 22:12:18 +0000 (17:12 -0500)]
Fix type to eliminate compile error
Mark Donnelly [Thu, 20 Nov 2014 19:52:38 +0000 (14:52 -0500)]
Update tests to deal with GSSCommand objects now taking only the 'argument' part of the input JSON
Mark Donnelly [Thu, 20 Nov 2014 19:44:59 +0000 (14:44 -0500)]
Merge branch 'master' of ssh://moonshot.suchdamage.org/srv/git/gssweb
Mark Donnelly [Thu, 20 Nov 2014 19:44:53 +0000 (14:44 -0500)]
Update tests to deal with GSSCommand objects now taking only the 'argument' part of the input JSON
Kevin Wasserman [Thu, 20 Nov 2014 15:48:29 +0000 (10:48 -0500)]
Nul-terminate gss_buffer contents to work around krb5 bug
Mark Donnelly [Thu, 20 Nov 2014 16:55:05 +0000 (11:55 -0500)]
Fix segmentation fault.
Mark Donnelly [Mon, 10 Nov 2014 21:43:26 +0000 (16:43 -0500)]
Running to authentication success on the Apache module!
Changes:
* The test.html script now respects the server path form field,
rather than insisting on "/gss"
* The server path field now defaults to "/gss/" so that we don't
get a HTTP 301 (Redirect) return code
* The gssweb object now opens the XHR connection with each message,
instead of assuming incorrectly that the connection will remain
open after each XHR response completes.
Mark Donnelly [Mon, 10 Nov 2014 05:14:45 +0000 (00:14 -0500)]
Remove superfluous variable juggling in the base64 decoding of the input token.
Mark Donnelly [Wed, 5 Nov 2014 20:05:01 +0000 (15:05 -0500)]
Add command to display an existing GSS name; avoid truncating the output_token from gss_init_sec_context.
Mark Donnelly [Wed, 5 Nov 2014 17:43:34 +0000 (12:43 -0500)]
Correct the storage data types for the name cache
Margaret Wasserman [Wed, 5 Nov 2014 16:03:26 +0000 (11:03 -0500)]
Merge branch 'master' of ssh://moonshot.suchdamage.org/srv/git/gssweb
Margaret Wasserman [Wed, 5 Nov 2014 16:02:57 +0000 (11:02 -0500)]
Updates to match evolving lower-level code.
Mark Donnelly [Tue, 4 Nov 2014 22:19:44 +0000 (17:19 -0500)]
Parameter parsing correctly ignoring empty parameters
Margaret Wasserman [Tue, 4 Nov 2014 21:22:58 +0000 (16:22 -0500)]
Handle empty input strings for parameters, update test.html to send all params for gss_init_sec_context.
Margaret Wasserman [Tue, 4 Nov 2014 20:39:24 +0000 (15:39 -0500)]
Add .h file to define base64 macros.
Margaret Wasserman [Thu, 30 Oct 2014 10:57:26 +0000 (06:57 -0400)]
Updated code for gss_init_sec_context. First round trip now works, but input token is
not passed in the JSON for second round trip.
Margaret Wasserman [Fri, 24 Oct 2014 20:29:02 +0000 (16:29 -0400)]
Add Janet copyright to GSS command files.
Mark Donnelly [Wed, 22 Oct 2014 20:55:36 +0000 (16:55 -0400)]
Tester page now ready for acquire_cred, first pass of init_sec_context
Mark Donnelly [Wed, 22 Oct 2014 20:54:44 +0000 (16:54 -0400)]
First pass at making a GSSWeb object
Mark Donnelly [Wed, 22 Oct 2014 17:11:13 +0000 (13:11 -0400)]
Update the tester page for GSSWeb
* Add a row for the GSSWeb testing area
* Change the report() function to accept a target reporting area
* Add a doAuthenticate() function for GSSWeb testing
Mark Donnelly [Tue, 21 Oct 2014 02:44:51 +0000 (22:44 -0400)]
Add comments, rearrange variable declaration order
Mark Donnelly [Tue, 21 Oct 2014 02:39:48 +0000 (22:39 -0400)]
Typo in a comment
Mark Donnelly [Tue, 21 Oct 2014 02:38:51 +0000 (22:38 -0400)]
Use a lookup table of implemented GSS method names for easier checking logic
Mark Donnelly [Tue, 21 Oct 2014 02:34:58 +0000 (22:34 -0400)]
Switch to use a single success callback signature
Mark Donnelly [Tue, 21 Oct 2014 02:32:06 +0000 (22:32 -0400)]
Wrapping overly-long lines
Mark Donnelly [Tue, 21 Oct 2014 02:25:14 +0000 (22:25 -0400)]
Add ability to specify per-call error handling
Mark Donnelly [Tue, 21 Oct 2014 02:14:02 +0000 (22:14 -0400)]
Fix the GSS_ERROR calculation
The C macro specified 0377, which is 377-octal, which is 255-decimal.
Mark Donnelly [Tue, 21 Oct 2014 02:09:01 +0000 (22:09 -0400)]
Update the tester page to add init_sec_context and acquire_cred spaces.
* Change the callback signature from the response dispatcher
* Change the tester page to add space for acquire cred
* Change the tester page to add space for init sec context
* Fill in the GSS names underneath acquire_cred and
init_sec_context upon successful gss name importing
Mark Donnelly [Tue, 21 Oct 2014 01:49:56 +0000 (21:49 -0400)]
Correct minor problems with previous commit.
Mark Donnelly [Thu, 16 Oct 2014 19:53:26 +0000 (15:53 -0400)]
Rework the injected script:
* Make it object-based
* Functions now take hashes (like jQuery) instead of parameter lists
* There is now a single response dispatcher instead of writing one
per GSS method call
* Implement the gss_error C-macro as a JavaScript function
* Split the callback into two callbacks: success and error.
* Add checking for whether the message returned from the C code has a
matching nonce/method tuple.
Mark Donnelly [Fri, 3 Oct 2014 20:17:48 +0000 (16:17 -0400)]
Remove unused variable from a test
Mark Donnelly [Fri, 3 Oct 2014 20:16:31 +0000 (16:16 -0400)]
Remove infinite loop of sending a message to the page, then receiving that message and sending it on to the GSS command line
Mark Donnelly [Fri, 3 Oct 2014 20:14:43 +0000 (16:14 -0400)]
Return the GSS error status messages back with every invocation of the GSSImportName function.
Mark Donnelly [Fri, 3 Oct 2014 18:59:04 +0000 (14:59 -0400)]
Message passing with cookies (app_tag, gssweb_bg_tag, etc.)
The messages passed in to the C++ code will now have the following elements copied in to the response:
cookies
method
The c++ code was refactored to have a common point for top-level JSON parsing, and the GSSCommand subclasses now only pull out their specific arguments.
GSSCreateSecContextCommand was renamed to GSSInitSecContext.
There was an error in util_json in how a JSONObject implemented operator= that made it at best a no-op. (At worst it caused crashes.)
Margaret Wasserman [Wed, 1 Oct 2014 16:01:54 +0000 (12:01 -0400)]
Explicitly use 4 character length field for Debian.
Mark Donnelly [Tue, 30 Sep 2014 19:50:46 +0000 (15:50 -0400)]
correctly throw error message upon invalid JSON input.
Mark Donnelly [Tue, 30 Sep 2014 19:32:36 +0000 (15:32 -0400)]
Change from fread() to read()
Mark Donnelly [Tue, 30 Sep 2014 13:35:11 +0000 (09:35 -0400)]
End-to-end working gss_import_name call
Mark Donnelly [Fri, 26 Sep 2014 16:33:54 +0000 (12:33 -0400)]
Adding chrome extension and host messaging files
Mark Donnelly [Fri, 26 Sep 2014 02:13:20 +0000 (22:13 -0400)]
Change the input/output protocol to expect and emit binary lengths before messages.
Mark Donnelly [Thu, 25 Sep 2014 18:10:28 +0000 (14:10 -0400)]
Remove the unused references to util/base64.cpp
Mark Donnelly [Wed, 24 Sep 2014 18:25:42 +0000 (14:25 -0400)]
Removed reference to unused, unversioned util directory
Mark Donnelly [Mon, 15 Sep 2014 14:44:38 +0000 (10:44 -0400)]
Add GSSAcquireCred to the JSON protocol description
Also, add a default mechanism for the GSSAcquireCred call.
Mark Donnelly [Fri, 12 Sep 2014 15:42:14 +0000 (11:42 -0400)]
A bunch of changes as the command line now works.
* Move the main processing into a shared library
* Add processing in main() to read input, call the library commands,
and output
* Correct copy-and-paste error in GSSNameCache that precluded it from
being used along with GSSContextCache
* GSSAcquireCred now honors the desired_name parameter
* GSSCommand now an abstract class, with pure virtual methods
* GSSCreateSecContextCommand::execute() now uses datamodel objects
instead of raw GSS types
* GSSCreateSecContextCommand now accepts cached names and contexts
instead of raw GSS types
* GSSName operator= now duplicates GSS name instead of copying the
data out of the other GSSName object, thus rendering their
destruction independent
* GSSCreateSecContext now defaults to using the Moonshot mechanism
* Add a description of the JSON protocol for json_gssapi
* Clean up some of the compiler warnings about casting the result
of rand() into a pointer
Mark Donnelly [Thu, 4 Sep 2014 14:10:20 +0000 (10:10 -0400)]
Commit an overly-large chunk of work.
This commit contains at least the following changes:
* The addition of pseudo_random
* The addition of memory caches for contexts and names
* The return of handles (base64-encoded) to the memory caches for context and name objects
* Moving the gss_import_name functionality out of the GSSName object properly into the GSSImportName object
* Give GSSImportName defaults of interpreting the name as OID { 1 2 840 113554 1 2 1 4 } - GSSAPI Service Name (ISO / Member / US / MIT / Infosys / GSSAPI / generic / service-name)
* Implement the copy-creator of GSSName to call gss_duplicate_name. Each object has its own memory handle. Neat!
* Addition of GSSContext objects to hold GSS contexts
Mark Donnelly [Tue, 19 Aug 2014 19:31:13 +0000 (15:31 -0400)]
rearranging the commands into their own directory
Mark Donnelly [Tue, 19 Aug 2014 16:00:18 +0000 (12:00 -0400)]
Update loadParameters to check for JSON value type, NULL
Mark Donnelly [Tue, 19 Aug 2014 15:35:24 +0000 (11:35 -0400)]
Remove unused variable
Mark Donnelly [Mon, 18 Aug 2014 21:12:21 +0000 (17:12 -0400)]
Adding GSS Pseudo Random
Mark Donnelly [Tue, 20 May 2014 18:07:18 +0000 (14:07 -0400)]
Notes about where this project is being left off while I go work on the Org. Self Service project
Mark Donnelly [Wed, 14 May 2014 19:42:48 +0000 (15:42 -0400)]
GSSGetMic
* Load parameters from JSON
* Sends the arguments to the GSS function correctly
* Reads arguments back out of the GSS function correctly
* Formats the return arguments as JSON correctly
Mark Donnelly [Tue, 13 May 2014 19:03:08 +0000 (15:03 -0400)]
GSSWrap command completed.
Mark Donnelly [Mon, 12 May 2014 19:50:04 +0000 (15:50 -0400)]
GSS Wrap implementation.
Successfully:
* Calls gss_wrap
* Passes arguments back and forth
* Marshals to JSON
* Unmarshals from JSON
Has yet to:
* Load the security context from a yet-to-be-written in-memory cache
Mark Donnelly [Fri, 9 May 2014 16:43:40 +0000 (12:43 -0400)]
Refactor some of the JSON generation into some of the data objects.
Mark Donnelly [Thu, 8 May 2014 19:35:47 +0000 (15:35 -0400)]
GSSAcquireCred tests now pass.
Mark Donnelly [Wed, 7 May 2014 19:05:48 +0000 (15:05 -0400)]
GSS Acquire Cred calling out correctly; slight reorginzation
* Added GSSAcquireCred command object
* Added GSSCredential data object
* Added GSSOIDSet data object object.
* Added tests for these
* Moved the test mock objects into their own subdirectory
Mark Donnelly [Wed, 30 Apr 2014 20:40:25 +0000 (16:40 -0400)]
GSS import name working
Mark Donnelly [Tue, 29 Apr 2014 15:23:40 +0000 (11:23 -0400)]
Basic name importing working
Mark Donnelly [Mon, 28 Apr 2014 18:15:07 +0000 (14:15 -0400)]
checkin for GSS import name
Mark Donnelly [Tue, 22 Apr 2014 19:30:11 +0000 (15:30 -0400)]
JSON Marshalling, updates from code review
* Implement JSON Marshalling in GSSCreateSecContext.
* Implement GSSException class
* Remove malloc()'d memory management in GSSCreateSecContext
* Change the expected JSON data structure as input to
GSSCreateSecContext.
Mark Donnelly [Fri, 18 Apr 2014 12:49:33 +0000 (08:49 -0400)]
Parse gss_init_sec_context parameters out of a JSON string
Mark Donnelly [Wed, 9 Apr 2014 13:43:51 +0000 (09:43 -0400)]
Start the JSON command-line API
Mark Donnelly [Fri, 14 Mar 2014 20:28:43 +0000 (16:28 -0400)]
Add design document for the Javascript API to be provided for web apps.
Mark Donnelly [Mon, 23 Dec 2013 21:11:58 +0000 (16:11 -0500)]
This test is no longer relevant.
Mark Donnelly [Mon, 23 Dec 2013 20:55:23 +0000 (15:55 -0500)]
Remove an abandoned approach
Mark Donnelly [Mon, 23 Dec 2013 20:49:05 +0000 (15:49 -0500)]
Display minor status in hex as well; correct the call to gss_display_status for the minor status error formatting
Mark Donnelly [Mon, 23 Dec 2013 15:00:14 +0000 (10:00 -0500)]
Periodic commit.
* Found where the JS wasn't handling pointers well in str_to_oid, fixed.
* Now back to using the SPNEGO mechanism as default in the convenience
function, rather than GSS_C_NO_OID.
* Added some more logging output around the results of
gss_init_sec_context.
Mark Donnelly [Sun, 22 Dec 2013 19:13:31 +0000 (14:13 -0500)]
Set mech_type explicity; messages around import_name
Mark Donnelly [Sun, 22 Dec 2013 18:12:33 +0000 (13:12 -0500)]
Move to a firefox XPI plugin using JS-Ctypes instead of NPAPI.
JS-Ctypes is intended to make simple calls out to dynamic libraries much simpler to develop than either NPAPI or XPCOMM. Using this, generate calls to the code contained in ../gssapi_utils and the GSS-API calls themselves to call out to the requisite functionality.
This first commit contains working code that calls out to both libgssapi_krb5 and libgssapi_utils, leading up to a call to create the context token from a call to gss_init_sec_context. Well, it is "working" in the sense that the calls all succeed in crossing the boundary between JavaScript and dynamic shared object libraries; it fails to invoke the function well enough for the function to succeed.
Mark Donnelly [Sun, 22 Dec 2013 18:05:45 +0000 (13:05 -0500)]
more code to check in before moving in a different direction; ignoring more editor files.
Mark Donnelly [Sun, 22 Dec 2013 17:56:51 +0000 (12:56 -0500)]
Check in some work on the NPAPI; probably abandoned, but why lose the work if we don't have to?
Mark Donnelly [Sun, 22 Dec 2013 17:52:57 +0000 (12:52 -0500)]
GSS-API helper library for simplified GSS calls
Mark Donnelly [Tue, 26 Nov 2013 21:09:08 +0000 (16:09 -0500)]
Get the plugin registered with the browser
Mark Donnelly [Tue, 19 Nov 2013 15:12:33 +0000 (10:12 -0500)]
Move to toplevel to affect the entire source tree
Mark Donnelly [Tue, 19 Nov 2013 15:09:35 +0000 (10:09 -0500)]
Ignore cmake files, c object files
Mark Donnelly [Mon, 18 Nov 2013 21:26:06 +0000 (16:26 -0500)]
First additions