void pn_server_init(pn_sasl_t *sasl)
{
// XXX
char *mechs[16];
int count = 0;
if (sasl->mechanisms) {
char *start = sasl->mechanisms;
char *end = start;
while (*end) {
if (*end == ' ') {
if (start != end) {
*end = '\0';
mechs[count++] = start;
}
end++;
start = end;
} else {
end++;
}
}
if (start != end) {
mechs[count++] = start;
}
}
pn_post_frame(sasl->disp, 0, "DL[@T[*s]]", SASL_MECHANISMS, PN_SYMBOL, count, mechs);
}
void pn_client_init(pn_sasl_t *sasl)
{
pn_post_frame(sasl->disp, 0, "DL[sz]", SASL_INIT, sasl->mechanisms,
sasl->send_data.size, sasl->send_data.start);
if (sasl->send_data.start) {
free(sasl->send_data.start);
sasl->send_data = pn_bytes(0, NULL);
}
}
// Post SASL frame
static void pni_post_sasl_frame(pn_transport_t *transport)
{
pni_sasl_t *sasl = transport->sasl;
pn_bytes_t out = sasl->bytes_out;
enum pni_sasl_state desired_state = sasl->desired_state;
while (sasl->desired_state > sasl->last_state) {
switch (desired_state) {
case SASL_POSTED_INIT:
pn_post_frame(transport, SASL_FRAME_TYPE, 0, "DL[sz]", SASL_INIT, sasl->selected_mechanism,
out.size, out.start);
pni_emit(transport);
break;
case SASL_PRETEND_OUTCOME:
if (sasl->last_state < SASL_POSTED_INIT) {
desired_state = SASL_POSTED_INIT;
continue;
}
break;
case SASL_POSTED_MECHANISMS: {
// TODO: Hardcoded limit of 16 mechanisms
char *mechs[16];
char *mechlist = NULL;
int count = 0;
if (pni_sasl_impl_list_mechs(transport, &mechlist) > 0) {
pni_split_mechs(mechlist, sasl->included_mechanisms, mechs, &count);
}
pn_post_frame(transport, SASL_FRAME_TYPE, 0, "DL[@T[*s]]", SASL_MECHANISMS, PN_SYMBOL, count, mechs);
free(mechlist);
pni_emit(transport);
break;
}
case SASL_POSTED_RESPONSE:
pn_post_frame(transport, SASL_FRAME_TYPE, 0, "DL[z]", SASL_RESPONSE, out.size, out.start);
pni_emit(transport);
break;
case SASL_POSTED_CHALLENGE:
if (sasl->last_state < SASL_POSTED_MECHANISMS) {
desired_state = SASL_POSTED_MECHANISMS;
continue;
}
pn_post_frame(transport, SASL_FRAME_TYPE, 0, "DL[z]", SASL_CHALLENGE, out.size, out.start);
pni_emit(transport);
break;
case SASL_POSTED_OUTCOME:
if (sasl->last_state < SASL_POSTED_MECHANISMS) {
desired_state = SASL_POSTED_MECHANISMS;
continue;
}
pn_post_frame(transport, SASL_FRAME_TYPE, 0, "DL[B]", SASL_OUTCOME, sasl->outcome);
pni_emit(transport);
if (sasl->outcome!=PN_SASL_OK) {
pn_do_error(transport, "amqp:unauthorized-access", "Failed to authenticate client [mech=%s]", transport->sasl->selected_mechanism);
desired_state = SASL_ERROR;
}
break;
case SASL_RECVED_OUTCOME_SUCCEED:
if (sasl->last_state < SASL_POSTED_INIT) {
desired_state = SASL_POSTED_INIT;
continue;
}
break;
case SASL_RECVED_OUTCOME_FAIL:
pn_do_error(transport, "amqp:unauthorized-access", "Authentication failed [mech=%s]", transport->sasl->selected_mechanism);
desired_state = SASL_ERROR;
break;
case SASL_ERROR:
break;
case SASL_NONE:
return;
}
sasl->last_state = desired_state;
desired_state = sasl->desired_state;
}
}
void pn_server_done(pn_sasl_t *sasl)
{
pn_post_frame(sasl->disp, 0, "DL[B]", SASL_OUTCOME, sasl->outcome);
}
