int Authentication::handshake_continue(MyString my_methods, bool non_blocking) { //server if( non_blocking && !mySock->readReady() ) { return -2; } int shouldUseMethod = 0; int client_methods = 0; dprintf (D_SECURITY, "HANDSHAKE: handshake() - i am the server\n"); mySock->decode(); if ( !mySock->code( client_methods ) || !mySock->end_of_message() ) { return -1; } dprintf ( D_SECURITY, "HANDSHAKE: client sent (methods == %i)\n", client_methods); shouldUseMethod = selectAuthenticationType( my_methods, client_methods ); if ( (shouldUseMethod & CAUTH_KERBEROS) && Condor_Auth_Kerberos::Initialize() == false ) { dprintf (D_SECURITY, "HANDSHAKE: excluding KERBEROS: %s\n", "Initialization failed"); shouldUseMethod &= ~CAUTH_KERBEROS; } if ( (shouldUseMethod & CAUTH_SSL) && Condor_Auth_SSL::Initialize() == false ) { dprintf (D_SECURITY, "HANDSHAKE: excluding SSL: %s\n", "Initialization failed"); shouldUseMethod &= ~CAUTH_SSL; } if ( shouldUseMethod == CAUTH_GSI && activate_globus_gsi() != 0 ) { dprintf (D_SECURITY, "HANDSHAKE: excluding GSI: %s\n", x509_error_string()); client_methods &= ~CAUTH_GSI; shouldUseMethod = selectAuthenticationType( my_methods, client_methods ); } dprintf ( D_SECURITY, "HANDSHAKE: i picked (method == %i)\n", shouldUseMethod); mySock->encode(); if ( !mySock->code( shouldUseMethod ) || !mySock->end_of_message() ) { return -1; } dprintf ( D_SECURITY, "HANDSHAKE: client received (method == %i)\n", shouldUseMethod); return shouldUseMethod; }
int Authentication::handshake(MyString my_methods) { int shouldUseMethod = 0; dprintf ( D_SECURITY, "HANDSHAKE: in handshake(my_methods = '%s')\n", my_methods.Value()); if ( mySock->isClient() ) { // client dprintf (D_SECURITY, "HANDSHAKE: handshake() - i am the client\n"); mySock->encode(); int method_bitmask = SecMan::getAuthBitmask(my_methods.Value()); dprintf ( D_SECURITY, "HANDSHAKE: sending (methods == %i) to server\n", method_bitmask); if ( !mySock->code( method_bitmask ) || !mySock->end_of_message() ) { return -1; } mySock->decode(); if ( !mySock->code( shouldUseMethod ) || !mySock->end_of_message() ) { return -1; } dprintf ( D_SECURITY, "HANDSHAKE: server replied (method = %i)\n", shouldUseMethod); } else { //server int client_methods = 0; dprintf (D_SECURITY, "HANDSHAKE: handshake() - i am the server\n"); mySock->decode(); if ( !mySock->code( client_methods ) || !mySock->end_of_message() ) { return -1; } dprintf ( D_SECURITY, "HANDSHAKE: client sent (methods == %i)\n", client_methods); shouldUseMethod = selectAuthenticationType( my_methods, client_methods ); dprintf ( D_SECURITY, "HANDSHAKE: i picked (method == %i)\n", shouldUseMethod); mySock->encode(); if ( !mySock->code( shouldUseMethod ) || !mySock->end_of_message() ) { return -1; } dprintf ( D_SECURITY, "HANDSHAKE: client received (method == %i)\n", shouldUseMethod); } return( shouldUseMethod ); }