2 * Copyright (c) 2010, JANET(UK)
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
16 * 3. Neither the name of JANET(UK) nor the names of its contributors
17 * may be used to endorse or promote products derived from this software
18 * without specific prior written permission.
20 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
21 * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
23 * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
34 * Attribute provider interface.
38 #define _UTIL_ATTR_H_ 1
40 #ifdef HAVE_HEIMDAL_VERSION
41 /* Removed in draft-ietf-kitten-gssapi-naming-exts-08 */
42 typedef struct gss_any *gss_any_t;
49 struct gss_eap_attr_provider;
50 struct gss_eap_attr_ctx;
53 (*gss_eap_attr_enumeration_cb)(const gss_eap_attr_provider *source,
54 const gss_buffer_t attribute,
57 #define ATTR_TYPE_RADIUS 0U /* RADIUS AVPs */
58 #define ATTR_TYPE_SAML_ASSERTION 1U /* SAML assertion */
59 #define ATTR_TYPE_SAML 2U /* SAML attributes */
60 #define ATTR_TYPE_LOCAL 3U /* Local attributes */
61 #define ATTR_TYPE_MIN ATTR_TYPE_RADIUS
62 #define ATTR_TYPE_MAX ATTR_TYPE_LOCAL
64 #define ATTR_FLAG_DISABLE_LOCAL 0x00000001
67 * Attribute provider: this represents a source of attributes derived
68 * from the security context.
70 struct gss_eap_attr_provider
73 gss_eap_attr_provider(void) {}
74 virtual ~gss_eap_attr_provider(void) {}
76 bool initWithManager(const gss_eap_attr_ctx *manager)
82 virtual bool initFromExistingContext(const gss_eap_attr_ctx *manager,
83 const gss_eap_attr_provider *ctx)
85 return initWithManager(manager);
88 virtual bool initFromGssContext(const gss_eap_attr_ctx *manager,
89 const gss_cred_id_t cred,
90 const gss_ctx_id_t ctx)
92 return initWithManager(manager);
95 virtual bool getAttributeTypes(gss_eap_attr_enumeration_cb, void *data) const
100 virtual bool setAttribute(int complete,
101 const gss_buffer_t attr,
102 const gss_buffer_t value) { return false; }
103 virtual bool deleteAttribute(const gss_buffer_t value) { return false; }
104 virtual bool getAttribute(const gss_buffer_t attr,
108 gss_buffer_t display_value,
109 int *more) const { return false; }
111 virtual gss_any_t mapToAny(int authenticated,
112 gss_buffer_t type_id) const { return NULL; }
113 virtual void releaseAnyNameMapping(gss_buffer_t type_id,
114 gss_any_t input) const {}
116 virtual void exportToBuffer(gss_buffer_t buffer) const {}
117 virtual bool initFromBuffer(const gss_eap_attr_ctx *manager,
118 const gss_buffer_t buffer)
120 return initWithManager(manager);
123 virtual time_t getExpiryTime(void) const { return 0; }
125 virtual OM_uint32 mapException(OM_uint32 *minor, std::exception &e) const
126 { return GSS_S_CONTINUE_NEEDED; }
128 static bool init(void) { return true; }
129 static void finalize(void) {}
131 static gss_eap_attr_provider *createAttrContext(void) { return NULL; }
134 const gss_eap_attr_ctx *m_manager;
137 /* make non-copyable */
138 gss_eap_attr_provider(const gss_eap_attr_provider&);
139 gss_eap_attr_provider& operator=(const gss_eap_attr_provider&);
142 typedef gss_eap_attr_provider *(*gss_eap_attr_create_provider)(void);
145 * Attribute context: this manages a set of providers for a given
148 struct gss_eap_attr_ctx
151 gss_eap_attr_ctx(void);
152 ~gss_eap_attr_ctx(void);
154 bool initFromExistingContext(const gss_eap_attr_ctx *manager);
155 bool initFromGssContext(const gss_cred_id_t cred,
156 const gss_ctx_id_t ctx);
158 bool getAttributeTypes(gss_eap_attr_enumeration_cb, void *data) const;
159 bool getAttributeTypes(gss_buffer_set_t *attrs);
161 bool setAttribute(int complete,
162 const gss_buffer_t attr,
163 const gss_buffer_t value);
164 bool deleteAttribute(const gss_buffer_t value);
165 bool getAttribute(const gss_buffer_t attr,
169 gss_buffer_t display_value,
171 gss_any_t mapToAny(int authenticated,
172 gss_buffer_t type_id) const;
173 void releaseAnyNameMapping(gss_buffer_t type_id,
174 gss_any_t input) const;
176 void exportToBuffer(gss_buffer_t buffer) const;
177 bool initFromBuffer(const gss_buffer_t buffer);
180 attributePrefixToType(const gss_buffer_t prefix);
182 static const gss_buffer_t
183 attributeTypeToPrefix(unsigned int type);
186 decomposeAttributeName(const gss_buffer_t attribute,
188 gss_buffer_t suffix);
190 composeAttributeName(const gss_buffer_t prefix,
191 const gss_buffer_t suffix,
192 gss_buffer_t attribute);
194 decomposeAttributeName(const gss_buffer_t attribute,
196 gss_buffer_t suffix);
198 composeAttributeName(unsigned int type,
199 const gss_buffer_t suffix,
200 gss_buffer_t attribute);
203 composeAttributeName(const gss_buffer_t prefix,
204 const gss_buffer_t suffix);
206 composeAttributeName(unsigned int type,
207 const gss_buffer_t suffix);
209 gss_eap_attr_provider *getProvider(unsigned int type) const;
210 gss_eap_attr_provider *getProvider(const gss_buffer_t prefix) const;
213 registerProvider(unsigned int type,
215 gss_eap_attr_create_provider factory);
217 unregisterProvider(unsigned int type);
219 time_t getExpiryTime(void) const;
220 OM_uint32 mapException(OM_uint32 *minor, std::exception &e) const;
223 bool providerEnabled(unsigned int type) const;
224 void releaseProvider(unsigned int type);
226 gss_eap_attr_provider *getPrimaryProvider(void) const;
228 /* make non-copyable */
229 gss_eap_attr_ctx(const gss_eap_attr_ctx&);
230 gss_eap_attr_ctx& operator=(const gss_eap_attr_ctx&);
233 gss_eap_attr_provider *m_providers[ATTR_TYPE_MAX + 1];
236 #endif /* __cplusplus */
238 #include "util_radius.h"
239 #include "util_saml.h"
240 #include "util_shib.h"
245 duplicateBuffer(gss_buffer_desc &src, gss_buffer_t dst)
249 if (GSS_ERROR(duplicateBuffer(&minor, &src, dst)))
250 throw new std::bad_alloc();
254 duplicateBuffer(std::string &str, gss_buffer_t buffer)
258 tmp.length = str.length();
259 tmp.value = (char *)str.c_str();
261 duplicateBuffer(tmp, buffer);
265 struct gss_eap_attr_ctx;
273 * C wrappers for attribute context functions. These match their
274 * GSS naming extension equivalents. The caller is required to
275 * obtain the name mutex.
279 gssEapCreateAttrContext(OM_uint32 *minor,
280 gss_cred_id_t acceptorCred,
281 gss_ctx_id_t acceptorCtx,
282 struct gss_eap_attr_ctx **pAttrCtx,
283 time_t *pExpiryTime);
286 gssEapInquireName(OM_uint32 *minor,
290 gss_buffer_set_t *attrs);
293 gssEapGetNameAttribute(OM_uint32 *minor,
299 gss_buffer_t display_value,
303 gssEapDeleteNameAttribute(OM_uint32 *minor,
308 gssEapSetNameAttribute(OM_uint32 *minor,
315 gssEapExportAttrContext(OM_uint32 *minor,
317 gss_buffer_t buffer);
320 gssEapImportAttrContext(OM_uint32 *minor,
325 gssEapDuplicateAttrContext(OM_uint32 *minor,
330 gssEapMapNameToAny(OM_uint32 *minor,
333 gss_buffer_t type_id,
337 gssEapReleaseAnyNameMapping(OM_uint32 *minor,
339 gss_buffer_t type_id,
343 gssEapReleaseAttrContext(OM_uint32 *minor,
347 gssEapAttrProvidersFinalize(OM_uint32 *minor);
353 #endif /* _UTIL_ATTR_H_ */
projects / mech_eap.orig / blob