int
proto1_request_multiplexed(struct gfarm_eventqueue *q, int peer_socket,
void (*continuation)(void *), void *closure,
struct proto1_state **statepp)
{
struct proto1_state *state = malloc(sizeof(*state));
int rv = ENOMEM;
if (state == NULL)
return (ENOMEM);
state->writable = gfarm_fd_event_alloc(GFARM_EVENT_WRITE, peer_socket,
proto1_sending, state);
if (state->writable != NULL) {
state->readable = gfarm_fd_event_alloc(
GFARM_EVENT_READ, peer_socket, proto1_receiving, state);
if (state->readable != NULL) {
state->q = q;
state->sock = peer_socket;
state->continuation = continuation;
state->closure = closure;
state->error = 0;
rv = gfarm_eventqueue_add_event(q, state->writable,
NULL);
if (rv == 0) {
*statepp = state;
return (0); /* go to proto1_sending() */
}
gfarm_event_free(state->readable);
}
gfarm_event_free(state->writable);
}
free(state);
return (rv);
}
int
proto1_result_multiplexed(struct proto1_state *state, unsigned char *resultp)
{
int error = state->error;
if (error == 0)
*resultp = state->result;
gfarm_event_free(state->readable);
gfarm_event_free(state->writable);
free(state);
return (error);
}
int
gfarmGssInitiateSecurityContextResult(
struct gfarmGssInitiateSecurityContextState *state, gss_ctx_id_t *scPtr,
OM_uint32 *majStatPtr, OM_uint32 *minStatPtr, gss_name_t *remoteNamePtr)
{
int ret;
OM_uint32 minStat2;
assert(GSS_ERROR(state->majStat) || state->completed);
if (state->itPtr->length > 0) {
(void)gss_release_buffer(&minStat2, state->itPtr);
}
if (state->otPtr->length > 0) {
(void)gss_release_buffer(&minStat2, state->otPtr);
}
if (state->majStat == GSS_S_COMPLETE && remoteNamePtr != NULL) {
state->majStat = gss_inquire_context(&state->minStat,
state->sc,
NULL,
remoteNamePtr,
NULL,
NULL,
NULL,
NULL,
NULL);
}
gfarm_event_free(state->readable);
gfarm_event_free(state->writable);
if (majStatPtr != NULL)
*majStatPtr = state->majStat;
if (minStatPtr != NULL)
*minStatPtr = state->minStat;
if (state->majStat == GSS_S_COMPLETE) {
*scPtr = state->sc;
} else if (state->sc != GSS_C_NO_CONTEXT) {
gss_delete_sec_context(&minStat2, &state->sc, GSS_C_NO_BUFFER);
}
ret = state->majStat == GSS_S_COMPLETE ? 1 : -1;
free(state);
if (ret == -1) {
gflog_debug(GFARM_MSG_1000802,
"failed to get result of initiate security context");
}
return ret;
}
struct gfarmGssInitiateSecurityContextState *
gfarmGssInitiateSecurityContextRequest(struct gfarm_eventqueue *q, int fd,
const gss_name_t acceptorName, gss_cred_id_t cred, OM_uint32 reqFlag,
void (*continuation) (void *), void *closure, OM_uint32 *majStatPtr,
OM_uint32 *minStatPtr)
{
OM_uint32 majStat;
OM_uint32 minStat;
struct gfarmGssInitiateSecurityContextState *state;
/*
* Implementation specification:
* In gfarm, an initiator must reveal own identity to an acceptor.
*/
if ((reqFlag & GSS_C_ANON_FLAG) == GSS_C_ANON_FLAG) {
/* It is a bit safer to deny the request than to silently ignore it */
gflog_auth_error(GFARM_MSG_1000625,
"gfarmGssInitiateSecurityContextRequest(): "
"GSS_C_ANON_FLAG is not allowed");
majStat = GSS_S_UNAVAILABLE;
minStat = GFSL_DEFAULT_MINOR_ERROR;
goto ReturnStat;
}
GFARM_MALLOC(state);
if (state == NULL) {
gflog_auth_error(GFARM_MSG_1000626,
"gfarmGssInitiateSecurityContextRequest(): "
"no memory");
majStat = GSS_S_FAILURE;
minStat = GFSL_DEFAULT_MINOR_ERROR;
goto ReturnStat;
}
state->completed = 0;
state->majStat = GSS_S_COMPLETE;
state->minStat = GFSL_DEFAULT_MINOR_ERROR;
state->writable =
gfarm_fd_event_alloc(GFARM_EVENT_WRITE, fd,
gfarmGssInitiateSecurityContextSendToken,
state);
if (state->writable == NULL) {
gflog_auth_error(GFARM_MSG_1000627,
"gfarmGssInitiateSecurityContextRequest(): "
"no memory");
state->majStat = GSS_S_FAILURE;
goto FreeState;
}
/*
* We cannot use two independent events (i.e. a fd_event with
* GFARM_EVENT_READ flag and a timer_event) here, because
* it's possible that both event handlers are called at once.
*/
state->readable =
gfarm_fd_event_alloc(GFARM_EVENT_READ|GFARM_EVENT_TIMEOUT, fd,
gfarmGssInitiateSecurityContextReceiveToken,
state);
if (state->readable == NULL) {
gflog_auth_error(GFARM_MSG_1000628,
"gfarmGssInitiateSecurityContextRequest(): "
"no memory");
state->majStat = GSS_S_FAILURE;
goto FreeWritable;
}
state->q = q;
state->fd = fd;
state->acceptorName = acceptorName;
state->cred = cred;
state->reqFlag = reqFlag;
state->continuation = continuation;
state->closure = closure;
state->retFlag = 0;
/* GSS_C_EMPTY_BUFFER */
state->inputToken.length = 0; state->inputToken.value = NULL;
state->itPtr = &state->inputToken;
/* GSS_C_EMPTY_BUFFER */
state->outputToken.length = 0; state->outputToken.value = NULL;
state->otPtr = &state->outputToken;
state->actualMechType = NULL;
state->sc = GSS_C_NO_CONTEXT;
gssInitiateSecurityContextNext(state);
assert(!state->completed);
if (!GSS_ERROR(state->majStat)) {
if (majStatPtr != NULL) {
*majStatPtr = GSS_S_COMPLETE;
}
if (minStatPtr != NULL) {
*minStatPtr = GFSL_DEFAULT_MINOR_ERROR;
}
return (state);
}
gfarm_event_free(state->readable);
FreeWritable:
gfarm_event_free(state->writable);
FreeState:
majStat = state->majStat;
minStat = state->minStat;
free(state);
ReturnStat:
if (majStatPtr != NULL)
*majStatPtr = majStat;
if (minStatPtr != NULL)
*minStatPtr = minStat;
if (GSS_ERROR(majStat)) {
gflog_debug(GFARM_MSG_1000801,
"failed to request initiate security context (%u)(%u)",
majStat, minStat);
}
return (NULL);
}
