#define MAG_BEARER_KEY "MagBearerToken"
-void mag_check_session(request_rec *req,
- struct mag_config *cfg, struct mag_conn **conn)
+void mag_check_session(struct mag_req_cfg *cfg, struct mag_conn **conn)
{
+ request_rec *req = cfg->req;
struct mag_conn *mc;
apr_status_t rc;
session_rec *sess = NULL;
mc = *conn;
if (!mc) {
- mc = apr_pcalloc(req->pool, sizeof(struct mag_conn));
- if (!mc) return;
-
- mc->parent = req->pool;
- *conn = mc;
+ *conn = mc = mag_new_conn_ctx(req->pool);
+ mc->is_preserved = true;
}
rc = mag_session_get(req, sess, MAG_BEARER_KEY, &sessval);
expiration = gsessdata->expiration;
if (expiration < time(NULL)) {
/* credentials fully expired, return nothing */
+ mc->established = false;
goto done;
}
/* user name */
- mc->user_name = apr_pstrndup(mc->parent,
+ mc->user_name = apr_pstrndup(mc->pool,
(char *)gsessdata->username.buf,
gsessdata->username.size);
if (!mc->user_name) goto done;
/* gssapi name */
- mc->gss_name = apr_pstrndup(mc->parent,
+ mc->gss_name = apr_pstrndup(mc->pool,
(char *)gsessdata->gssname.buf,
gsessdata->gssname.size);
if (!mc->gss_name) goto done;
mc->basic_hash.length = gsessdata->basichash.size;
- mc->basic_hash.value = apr_palloc(mc->parent, mc->basic_hash.length);
+ mc->basic_hash.value = apr_palloc(mc->pool, mc->basic_hash.length);
memcpy(mc->basic_hash.value,
gsessdata->basichash.buf, gsessdata->basichash.size);
ASN_STRUCT_FREE(asn_DEF_GSSSessionData, gsessdata);
}
-void mag_attempt_session(request_rec *req,
- struct mag_config *cfg, struct mag_conn *mc)
+void mag_attempt_session(struct mag_req_cfg *cfg, struct mag_conn *mc)
{
+ request_rec *req = cfg->req;
session_rec *sess = NULL;
struct databuf plainbuf = { 0 };
struct databuf cipherbuf = { 0 };
if (!cfg->mag_skey) {
ap_log_rerror(APLOG_MARK, APLOG_INFO, 0, req,
- "Session key not available, generating new one.");
- rc = SEAL_KEY_CREATE(cfg->pool, &cfg->mag_skey, NULL);
- if (rc != OK) {
- ap_log_rerror(APLOG_MARK, APLOG_ERR|APLOG_NOERRNO, 0, req,
- "Failed to create sealing key!");
- return;
- }
+ "Session key not available, aborting.");
+ return;
}
gsessdata.established = mc->established?1:0;
return HMAC_BUFFER(key, &databuf, &hmacbuf);
}
-static int mag_get_mac_size(struct mag_config *cfg)
+static int mag_get_mac_size(struct mag_req_cfg *cfg)
{
- apr_status_t rc;
-
if (!cfg->mag_skey) {
- ap_log_perror(APLOG_MARK, APLOG_INFO, 0, cfg->pool,
- "Session key not available, generating new one.");
- rc = SEAL_KEY_CREATE(cfg->pool, &cfg->mag_skey, NULL);
- if (rc != OK) {
- ap_log_perror(APLOG_MARK, APLOG_ERR|APLOG_NOERRNO, 0, cfg->pool,
- "Failed to create sealing key!");
- return 0;
- }
+ ap_log_perror(APLOG_MARK, APLOG_INFO, 0, cfg->cfg->pool,
+ "Session key not available, aborting!");
+ return 0;
}
return get_mac_size(cfg->mag_skey);
}
-bool mag_basic_check(struct mag_config *cfg, struct mag_conn *mc,
+bool mag_basic_check(struct mag_req_cfg *cfg, struct mag_conn *mc,
gss_buffer_desc user, gss_buffer_desc pwd)
{
int mac_size = mag_get_mac_size(cfg);
return res;
}
-void mag_basic_cache(struct mag_config *cfg, struct mag_conn *mc,
+void mag_basic_cache(struct mag_req_cfg *cfg, struct mag_conn *mc,
gss_buffer_desc user, gss_buffer_desc pwd)
{
int mac_size = mag_get_mac_size(cfg);
if (ret != 0) return;
mc->basic_hash.length = mac_size;
- mc->basic_hash.value = apr_palloc(mc->parent, mac_size);
+ mc->basic_hash.value = apr_palloc(mc->pool, mac_size);
memcpy(mc->basic_hash.value, mac, mac_size);
}
projects / mod_auth_gssapi.git / blobdiff