}
if (ctx && *ctx != GSS_C_NO_CONTEXT) {
- OM_uint32 major, minor;
+ OM_uint32 minor;
gss_buffer_desc contextbuf = GSS_C_EMPTY_BUFFER;
-
- major = gss_export_sec_context(&minor, ctx, &contextbuf);
+ OM_uint32 major = gss_export_sec_context(&minor, ctx, &contextbuf);
if (major == GSS_S_COMPLETE) {
- addToken(&contextbuf);
+ xsecsize_t len=0;
+ XMLByte* out=Base64::encode(reinterpret_cast<const XMLByte*>(contextbuf.value), contextbuf.length, &len);
+ if (out) {
+ string s;
+ s.append(reinterpret_cast<char*>(out), len);
+ auto_ptr_XMLCh temp(s.c_str());
+#ifdef SHIBSP_XERCESC_HAS_XMLBYTE_RELEASE
+ XMLString::release(&out);
+#else
+ XMLString::release((char**)&out);
+#endif
+ static const XMLCh _GSSAPI[] = UNICODE_LITERAL_13(G,S,S,A,P,I,C,o,n,t,e,x,t);
+ m_gsswrapper = new AnyElementImpl(shibspconstants::SHIB2ATTRIBUTEMAP_NS, _GSSAPI);
+ m_gsswrapper->setTextContent(temp.get());
+ }
+ else {
+ Category::getInstance(SHIBRESOLVER_LOGCAT).error("error while base64-encoding GSS context");
+ }
gss_release_buffer(&minor, &contextbuf);
}
else {
}
}
+#ifdef SHIBRESOLVER_HAVE_GSSAPI_NAMINGEXTS
+void ShibbolethResolver::addToken(gss_name_t name)
+{
+ if (m_gsswrapper) {
+ delete m_gsswrapper;
+ m_gsswrapper = NULL;
+ }
+
+ OM_uint32 minor;
+ gss_buffer_desc namebuf = GSS_C_EMPTY_BUFFER;
+ OM_uint32 major = gss_export_name_composite(&minor, name, &namebuf);
+ if (major == GSS_S_COMPLETE) {
+ addToken(&namebuf);
+ gss_release_buffer(&minor, &namebuf);
+ }
+ else {
+ Category::getInstance(SHIBRESOLVER_LOGCAT).error("error exporting GSS name");
+ }
+}
+#endif
+
void ShibbolethResolver::addToken(const gss_buffer_t contextbuf)
{
if (m_gsswrapper) {
#else
XMLString::release((char**)&out);
#endif
- static const XMLCh _GSSAPI[] = UNICODE_LITERAL_13(G,S,S,A,P,I,C,o,n,t,e,x,t);
+ static const XMLCh _GSSAPI[] = UNICODE_LITERAL_10(G,S,S,A,P,I,N,a,m,e);
m_gsswrapper = new AnyElementImpl(shibspconstants::SHIB2ATTRIBUTEMAP_NS, _GSSAPI);
m_gsswrapper->setTextContent(temp.get());
}
else {
- Category::getInstance(SHIBRESOLVER_LOGCAT).error("error while base64-encoding GSS context");
+ Category::getInstance(SHIBRESOLVER_LOGCAT).error("error while base64-encoding GSS name");
}
}
-#ifdef SHIBRESOLVER_HAVE_GSSAPI_NAMINGEXTS
-void ShibbolethResolver::addToken(gss_name_t name)
-{
- if (m_gsswrapper) {
- delete m_gsswrapper;
- m_gsswrapper = NULL;
- }
-
- OM_uint32 major, minor;
- gss_buffer_desc namebuf = GSS_C_EMPTY_BUFFER;
-
- major = gss_export_name_composite(&minor, name, &namebuf);
- if (major == GSS_S_COMPLETE) {
- xsecsize_t len=0;
- XMLByte* out=Base64::encode(reinterpret_cast<const XMLByte*>(namebuf.value), namebuf.length, &len);
- if (out) {
- string s;
- s.append(reinterpret_cast<char*>(out), len);
- auto_ptr_XMLCh temp(s.c_str());
- #ifdef SHIBSP_XERCESC_HAS_XMLBYTE_RELEASE
- XMLString::release(&out);
- #else
- XMLString::release((char**)&out);
- #endif
- static const XMLCh _GSSAPI[] = UNICODE_LITERAL_10(G,S,S,A,P,I,N,a,m,e);
- m_gsswrapper = new AnyElementImpl(shibspconstants::SHIB2ATTRIBUTEMAP_NS, _GSSAPI);
- m_gsswrapper->setTextContent(temp.get());
- }
- else {
- Category::getInstance(SHIBRESOLVER_LOGCAT).error("error while base64-encoding GSS name");
- }
- gss_release_buffer(&minor, &namebuf);
- }
- else {
- Category::getInstance(SHIBRESOLVER_LOGCAT).error("error exporting GSS name");
- }
-}
-#endif
#endif
void ShibbolethResolver::addAttribute(Attribute* attr)
#ifdef SHIBRESOLVER_HAVE_GSSAPI
/**
- * Adds a GSS-API security context as input to the resolver.
- * <p>The caller loses ownership of the context.
- *
- * @param ctx an input context to evaluate
- */
- void addToken(gss_ctx_id_t* ctx);
-
- /**
- * Adds a GSS-API exported security context as input to
+ * Adds a GSS-API exported mechanism name as input to
* the resolver.
* <p>The caller retains ownership of the buffer.
*
- * @param ctx an input exported security context to evaluate
+ * @param ctx an input exported mechanism name to evaluate
*/
- void addToken(const gss_buffer_t token);
+ void addToken(const gss_buffer_t name);
# ifdef SHIBRESOLVER_HAVE_GSSAPI_NAMINGEXTS
/**
*/
void addToken(gss_name_t name);
# endif
+
+ /**
+ * Adds a GSS-API security context as input to the resolver.
+ * <p>The caller loses ownership of the context.
+ *
+ * @param ctx an input context to evaluate
+ */
+ void addToken(gss_ctx_id_t* ctx);
#endif
/**