int rsAuthRequest (rsComm_t *rsComm, authRequestOut_t **authRequestOut) { authRequestOut_t *result; char *bufp; *authRequestOut = (authRequestOut_t*)malloc(sizeof(authRequestOut_t)); memset((char *)*authRequestOut, 0, sizeof(authRequestOut_t)); memset(buf, 0, sizeof(buf)); get64RandomBytes(buf); if (obfGetDefaultHashType()==HASH_TYPE_SHA1) { /* indicate that this server prefers sha1 */ buf[0]='s'; buf[1]='h'; buf[2]='a'; buf[3]='1'; } else { /* make sure there's no accidential match with 'sha1'; the odds are almost 0 but this makes it completely 0. */ if (buf[0]=='s') buf[0]++; } bufp = (char*)malloc(CHALLENGE_LEN+2); if (bufp == NULL) return(SYS_MALLOC_ERR); strncpy(bufp, buf, CHALLENGE_LEN+2); result = *authRequestOut; result->challenge = bufp; return(0); }
int rsAuthRequest (rsComm_t *rsComm, authRequestOut_t **authRequestOut) { authRequestOut_t *result; char *bufp; *authRequestOut = (authRequestOut_t*)malloc(sizeof(authRequestOut_t)); memset((char *)*authRequestOut, 0, sizeof(authRequestOut_t)); memset(buf, 0, sizeof(buf)); get64RandomBytes(buf); bufp = (char*)malloc(CHALLENGE_LEN+2); if (bufp == NULL) return(SYS_MALLOC_ERR); strncpy(bufp, buf, CHALLENGE_LEN+2); result = *authRequestOut; result->challenge = bufp; return(0); }
void makeTicket( char *newTicket ) { int characterSet_len; int characterSet[26 + 26 + 10]; char buf1[100], buf2[20]; get64RandomBytes( buf1 ); int i, ix, j; /* Set up an array of characters that are allowed in the result. */ characterSet_len = 26 + 26 + 10; j = 0; for ( i = 0; i < 26; i++ ) { characterSet[j++] = ( int )'A' + i; } for ( i = 0; i < 26; i++ ) { characterSet[j++] = ( int )'a' + i; } for ( i = 0; i < 10; i++ ) { characterSet[j++] = ( int )'0' + i; } for ( i = 0, j = 0; j < 15; i++ ) { ix = ( int )buf1[i]; ix = ix & 0x3f; if ( ix < characterSet_len - 1 ) { buf2[j++] = ( char )characterSet[ix]; } else { } } buf2[j++] = '\0'; strncpy( newTicket, buf2, 20 ); printf( "ticket:%s\n", buf2 ); }
// =-=-=-=-=-=-=- // handle an agent-side auth request call irods::error osauth_auth_agent_request( irods::auth_plugin_context& _ctx ) { // =-=-=-=-=-=-=- // validate incoming parameters if ( !_ctx.valid< irods::osauth_auth_object >().ok() ) { return ERROR( SYS_INVALID_INPUT_PARAM, "invalid plugin context" ); } // =-=-=-=-=-=-=- // generate a random buffer and copy it to the challenge char buf[ CHALLENGE_LEN + 2 ]; get64RandomBytes( buf ); // =-=-=-=-=-=-=- // get the auth object irods::osauth_auth_object_ptr ptr = boost::dynamic_pointer_cast < irods::osauth_auth_object > ( _ctx.fco() ); // =-=-=-=-=-=-=- // cache the challenge ptr->request_result( buf ); // =-=-=-=-=-=-=- // cache the challenge in the server for later usage _rsSetAuthRequestGetChallenge( buf ); if ( _ctx.comm()->auth_scheme != NULL ) { free( _ctx.comm()->auth_scheme ); } _ctx.comm()->auth_scheme = strdup( irods::AUTH_OSAUTH_SCHEME.c_str() ); // =-=-=-=-=-=-=- // win! return SUCCESS(); } // osauth_auth_agent_request