From fa1eb5f1d62faeb4639eeb4bd57dbf7615e549d6 Mon Sep 17 00:00:00 2001 From: Luke Howard Date: Tue, 21 Sep 2010 08:55:38 +0200 Subject: [PATCH] import radius state --- import_sec_context.c | 16 ++++++++++++---- util_radius.cpp | 15 ++++++++++++++- util_radius.h | 3 +++ util_saml.cpp | 3 +++ util_shib.cpp | 3 +++ 5 files changed, 35 insertions(+), 5 deletions(-) diff --git a/import_sec_context.c b/import_sec_context.c index 751ed54..3960b92 100644 --- a/import_sec_context.c +++ b/import_sec_context.c @@ -38,6 +38,7 @@ gssEapImportPartialContext(OM_uint32 *minor, size_t *pRemain, gss_ctx_id_t ctx) { + OM_uint32 major; unsigned char *p = *pBuf; size_t remain = *pRemain; gss_buffer_desc buf; @@ -46,15 +47,22 @@ gssEapImportPartialContext(OM_uint32 *minor, *minor = ERANGE; return GSS_S_DEFECTIVE_TOKEN; } - buf.length = load_uint32_be(p); - if (buf.length != 0) { - *minor = EINVAL; + if (remain < buf.length) { + *minor = ERANGE; return GSS_S_DEFECTIVE_TOKEN; + } + buf.value = &p[4]; + + major = duplicateBuffer(minor, &buf, &ctx->acceptorCtx.state); + if (GSS_ERROR(major)) + return major; + + *pBuf += 4 + buf.length; + *pRemain -= 4 + buf.length; - *minor = 0; return GSS_S_COMPLETE; } diff --git a/util_radius.cpp b/util_radius.cpp index 86fa8cd..dca4a17 100644 --- a/util_radius.cpp +++ b/util_radius.cpp @@ -32,13 +32,22 @@ #include "gssapiP_eap.h" +VALUE_PAIR * +gss_eap_radius_attr_provider::copyAvps(const VALUE_PAIR *in) +{ + return NULL; +} + gss_eap_radius_attr_provider::gss_eap_radius_attr_provider(void) { + m_avps = NULL; m_authenticated = false; } gss_eap_radius_attr_provider::~gss_eap_radius_attr_provider(void) { + if (m_avps != NULL) + rc_avpair_free(m_avps); } bool @@ -106,13 +115,17 @@ gss_any_t gss_eap_radius_attr_provider::mapToAny(int authenticated, gss_buffer_t type_id) const { - return (gss_any_t)NULL; + if (authenticated && !m_authenticated) + return (gss_any_t)NULL; + + return (gss_any_t)copyAvps(m_avps); } void gss_eap_radius_attr_provider::releaseAnyNameMapping(gss_buffer_t type_id, gss_any_t input) const { + rc_avpair_free((VALUE_PAIR *)input); } void diff --git a/util_radius.h b/util_radius.h index bb9875d..4022268 100644 --- a/util_radius.h +++ b/util_radius.h @@ -81,6 +81,9 @@ public: static gss_eap_attr_provider *createAttrContext(void); private: + static VALUE_PAIR *copyAvps(const VALUE_PAIR *in); + + VALUE_PAIR *m_avps; bool m_authenticated; }; diff --git a/util_saml.cpp b/util_saml.cpp index 115824f..0d4d893 100644 --- a/util_saml.cpp +++ b/util_saml.cpp @@ -236,6 +236,9 @@ gss_any_t gss_eap_saml_assertion_provider::mapToAny(int authenticated, gss_buffer_t type_id) const { + if (authenticated && !m_authenticated) + return (gss_any_t)NULL; + return (gss_any_t)m_assertion; } diff --git a/util_shib.cpp b/util_shib.cpp index 33280d5..d0c1a79 100644 --- a/util_shib.cpp +++ b/util_shib.cpp @@ -352,6 +352,9 @@ gss_eap_shib_attr_provider::mapToAny(int authenticated, { gss_any_t output; + if (authenticated && !m_authenticated) + return (gss_any_t)NULL; + vector v = duplicateAttributes(m_attributes); output = (gss_any_t)new vector (v); -- 2.1.4