Esempi in C++ (Cpp) per gss_release_iov_buffer

Esempio n. 1

0

Mostra file

File: gss_aeap.c Progetto: DavidMulder/heimdal

/*
 * AEAD unwrap for a single piece of associated data, for compatibility
 * with MIT and as specified by draft-howard-gssapi-aead-00.txt.
 *
 * @ingroup gssapi
 */
GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL
gss_unwrap_aead(OM_uint32 *minor_status,
		gss_ctx_id_t context_handle,
		gss_buffer_t input_message_buffer,
		gss_buffer_t input_assoc_buffer,
		gss_buffer_t output_payload_buffer,
		int *conf_state,
		gss_qop_t *qop_state)
{
    OM_uint32 major_status, tmp;
    gss_iov_buffer_desc iov[3];

    memset(iov, 0, sizeof(iov));

    iov[0].type = GSS_IOV_BUFFER_TYPE_STREAM;
    iov[0].buffer = *input_message_buffer;

    iov[1].type = GSS_IOV_BUFFER_TYPE_SIGN_ONLY;
    if (input_assoc_buffer)
	iov[1].buffer = *input_assoc_buffer;

    iov[2].type = GSS_IOV_BUFFER_TYPE_DATA | GSS_IOV_BUFFER_FLAG_ALLOCATE;

    major_status = gss_unwrap_iov(minor_status, context_handle, conf_state,
				  qop_state, iov, 3);
    if (GSS_ERROR(major_status))
	gss_release_iov_buffer(&tmp, &iov[2], 1);
    else
	*output_payload_buffer = iov[2].buffer;

    return major_status;
}

Esempio n. 2

0

Mostra file

File: gssmask.c Progetto: lha/heimdal

static int
HandleOP(WrapExt)
{
    OM_uint32 maj_stat, min_stat;
    int32_t hContext, flags, bflags;
    krb5_data token, header, trailer;
    gss_ctx_id_t ctx;
    unsigned char *p;
    int conf_state, iov_len;
    gss_iov_buffer_desc iov[6];

    ret32(c, hContext);
    ret32(c, flags);
    ret32(c, bflags);
    retdata(c, header);
    retdata(c, token);
    retdata(c, trailer);

    ctx = find_handle(c->handles, hContext, handle_context);
    if (ctx == NULL)
	errx(1, "wrap: reference to unknown context");

    memset(&iov, 0, sizeof(iov));

    iov_len = sizeof(iov)/sizeof(iov[0]);

    if (bflags & WRAP_EXP_ONLY_HEADER)
	iov_len -= 2; /* skip trailer and padding, aka dce-style */

    iov[0].type = GSS_IOV_BUFFER_TYPE_HEADER | GSS_IOV_BUFFER_TYPE_FLAG_ALLOCATE;
    if (header.length != 0) {
	iov[1].type = GSS_IOV_BUFFER_TYPE_SIGN_ONLY;
	iov[1].buffer.length = header.length;
	iov[1].buffer.value = header.data;
    } else {
	iov[1].type = GSS_IOV_BUFFER_TYPE_EMPTY;
    }
    iov[2].type = GSS_IOV_BUFFER_TYPE_DATA;
    iov[2].buffer.length = token.length;
    iov[2].buffer.value = token.data;
    if (trailer.length != 0) {
	iov[3].type = GSS_IOV_BUFFER_TYPE_SIGN_ONLY;
	iov[3].buffer.length = trailer.length;
	iov[3].buffer.value = trailer.data;
    } else {
	iov[3].type = GSS_IOV_BUFFER_TYPE_EMPTY;
    }
    iov[4].type = GSS_IOV_BUFFER_TYPE_PADDING | GSS_IOV_BUFFER_TYPE_FLAG_ALLOCATE;
    iov[5].type = GSS_IOV_BUFFER_TYPE_TRAILER | GSS_IOV_BUFFER_TYPE_FLAG_ALLOCATE;

    maj_stat = gss_wrap_iov_length(&min_stat, ctx, flags, 0, &conf_state,
				   iov, iov_len);
    if (maj_stat != GSS_S_COMPLETE)
	errx(1, "gss_wrap_iov_length failed");

    maj_stat = gss_wrap_iov(&min_stat, ctx, flags, 0, &conf_state,
			    iov, iov_len);
    if (maj_stat != GSS_S_COMPLETE)
	errx(1, "gss_wrap_iov failed");

    krb5_data_free(&token);

    token.length = iov[0].buffer.length + iov[2].buffer.length + iov[4].buffer.length + iov[5].buffer.length;
    token.data = malloc(token.length);

    p = token.data;
    memcpy(p, iov[0].buffer.value, iov[0].buffer.length);
    p += iov[0].buffer.length;
    memcpy(p, iov[2].buffer.value, iov[2].buffer.length);
    p += iov[2].buffer.length;
    memcpy(p, iov[4].buffer.value, iov[4].buffer.length);
    p += iov[4].buffer.length;
    memcpy(p, iov[5].buffer.value, iov[5].buffer.length);
    p += iov[5].buffer.length;

    gss_release_iov_buffer(NULL, iov, iov_len);

    put32(c, 0); /* XXX fix gsm_error */
    putdata(c, token);

    free(token.data);

    return 0;
}

Esempio n. 3

0

Mostra file

File: kerberosgss.c Progetto: Stolb27/pykerberos

int authenticate_gss_client_wrap_iov(gss_client_state* state, const char* challenge, int protect, int *pad_len)
{
    OM_uint32 maj_stat, min_stat;
    int iov_count = 3;
    gss_iov_buffer_desc iov[iov_count];
    size_t len = 0;
    int ret = AUTH_GSS_CONTINUE;
    int conf_state;
    unsigned char * data = (unsigned char*)"";

    // Always clear out the old response
    if (state->response != NULL)
    {
        free(state->response);
        state->response = NULL;
    }

    if (challenge && *challenge)
    {
        data = base64_decode(challenge, &len);
    }

    iov[0].type = GSS_IOV_BUFFER_TYPE_HEADER | GSS_IOV_BUFFER_FLAG_ALLOCATE;
    iov[1].type = GSS_IOV_BUFFER_TYPE_DATA;
    iov[1].buffer.value = data;
    iov[1].buffer.length = len;
    iov[2].type = GSS_IOV_BUFFER_TYPE_PADDING | GSS_IOV_BUFFER_FLAG_ALLOCATE;

    maj_stat = gss_wrap_iov(&min_stat,        /* minor_status */
                         state->context,         /* context_handle */
                         protect,       /* conf_req_flag */
                         GSS_C_QOP_DEFAULT, /* qop_req */
                         &conf_state,          /* conf_state */
                         iov,           /* iov */
                         iov_count);    /* iov_count */
    if (maj_stat != GSS_S_COMPLETE)
    {
        set_gss_error(maj_stat, min_stat);
        ret = AUTH_GSS_ERROR;
    }
    else
    {
        ret = AUTH_GSS_COMPLETE;

        int index = 4;
        OM_uint32 stoken_len= 0;
        int bufsize = iov[0].buffer.length+
                      iov[1].buffer.length+
                      iov[2].buffer.length+
                      sizeof(unsigned int);
        char * response = (char*)malloc(bufsize);
        memset(response,0,bufsize);
        /******************************************************
        Per Microsoft 2.2.9.1.2.2.2 for kerberos encrypted data
        First section of data is a 32-bit unsigned int containing
        the length of the Security Token followed by the encrypted message.
        Encrypted data = |32-bit unsigned int|Message|
        The message must start with the security token, followed by
        the actual encrypted message.
        Message = |Security Token|encrypted data|padding
        iov[0] = security token
        iov[1] = encrypted message
        iov[2] = padding
        ******************************************************/
        /* Security Token length */
        stoken_len = iov[0].buffer.length;
        memcpy(response, &stoken_len, sizeof(unsigned int));
        /* Security Token */
        memcpy(response+index, iov[0].buffer.value, iov[0].buffer.length);
        index += iov[0].buffer.length;
        /* Message */
        memcpy(response+index, iov[1].buffer.value, iov[1].buffer.length);
        index += iov[1].buffer.length;
        /* Padding */
        *pad_len = iov[2].buffer.length;
        if (*pad_len > 0)
        {
            memcpy(response+index, iov[2].buffer.value, iov[2].buffer.length);
            index += iov[2].buffer.length;
        }
        /* encode to python returnable string */
        state->responseConf = conf_state;
        state->response = base64_encode((const unsigned char *)response,index);
        free(response);
    }
    (void)gss_release_iov_buffer(&min_stat, iov, iov_count);
    free(data);
    return ret;
}