bool sasl_endecode(const QByteArray &in, QByteArray *out, bool enc) { // no security if(ssf == 0) { *out = in; return true; } int at = 0; out->resize(0); while(1) { int size = in.size() - at; if(size == 0) break; if(size > maxoutbuf) size = maxoutbuf; const char *outbuf; unsigned len; int r; if(enc) r = sasl_encode(con, in.data() + at, size, &outbuf, &len); else r = sasl_decode(con, in.data() + at, size, &outbuf, &len); if(r != SASL_OK) return false; int oldsize = out->size(); out->resize(oldsize + len); memcpy(out->data() + oldsize, outbuf, len); at += size; } return true; }
static int cyrussasl_encode(lua_State *l) { struct _sasl_ctx *ctx = NULL; const char *msg; size_t msg_len = 0; unsigned out_len = 0; const char *out_data = NULL; int err; int numargs = lua_gettop(l); if (numargs != 2) { lua_pushstring(l, "usage: cyrussasl.encode(conn, msg)"); lua_error(l); return 0; } ctx = get_context(l, 1); msg = tolstring(l, 2, &msg_len); err = sasl_encode(ctx->conn, msg, msg_len, &out_data, &out_len); lua_pushinteger(l, err); if (err == SASL_OK) { lua_pushlstring(l, out_data, out_len); } else { lua_pushliteral(l, ""); } return 2; }
uint8_t* TSasl::wrap(const uint8_t* outgoing, const int offset, const uint32_t len, uint32_t* outLen) { uint32_t outputlen; uint8_t* output; int result; result = sasl_encode(conn, (const char*)outgoing+offset, len, (const char**)&output, &outputlen); if (result != SASL_OK) { throw SaslException(sasl_errdetail(conn)); } *outLen = outputlen; return output; }
long vnc_client_write_sasl(VncState *vs) { long ret; VNC_DEBUG("Write SASL: Pending output %p size %zd offset %zd " "Encoded: %p size %d offset %d\n", vs->output.buffer, vs->output.capacity, vs->output.offset, vs->sasl.encoded, vs->sasl.encodedLength, vs->sasl.encodedOffset); if (!vs->sasl.encoded) { int err; err = sasl_encode(vs->sasl.conn, (char *)vs->output.buffer, vs->output.offset, (const char **)&vs->sasl.encoded, &vs->sasl.encodedLength); if (err != SASL_OK) return vnc_client_io_error(vs, -1, NULL); vs->sasl.encodedOffset = 0; } ret = vnc_client_write_buf(vs, vs->sasl.encoded + vs->sasl.encodedOffset, vs->sasl.encodedLength - vs->sasl.encodedOffset); if (!ret) return 0; vs->sasl.encodedOffset += ret; if (vs->sasl.encodedOffset == vs->sasl.encodedLength) { vs->output.offset = 0; vs->sasl.encoded = NULL; vs->sasl.encodedOffset = vs->sasl.encodedLength = 0; } /* Can't merge this block with one above, because * someone might have written more unencrypted * data in vs->output while we were processing * SASL encoded output */ if (vs->output.offset == 0) { if (vs->ioc_tag) { g_source_remove(vs->ioc_tag); } vs->ioc_tag = qio_channel_add_watch( vs->ioc, G_IO_IN, vnc_client_io, vs, NULL); } return ret; }
static int mutt_sasl_conn_write (CONNECTION* conn, const char* buf, size_t len) { SASL_DATA* sasldata; int rc; const char *pbuf; unsigned int olen, plen; sasldata = (SASL_DATA*) conn->sockdata; conn->sockdata = sasldata->sockdata; /* encode data, if necessary */ if (*sasldata->ssf) { /* handle data larger than MAXOUTBUF */ do { olen = (len > *sasldata->pbufsize) ? *sasldata->pbufsize : len; rc = sasl_encode (sasldata->saslconn, buf, olen, &pbuf, &plen); if (rc != SASL_OK) { dprint (1, (debugfile, "SASL encoding failed: %s\n", sasl_errstring (rc, NULL, NULL))); goto fail; } rc = (sasldata->msasl_write) (conn, pbuf, plen); if (rc != plen) goto fail; len -= olen; buf += olen; } while (len > *sasldata->pbufsize); } else /* just write using the underlying socket function */ rc = (sasldata->msasl_write) (conn, buf, len); conn->sockdata = sasldata; return rc; fail: conn->sockdata = sasldata; return -1; }
static int _sx_sasl_wio(sx_t s, sx_plugin_t p, sx_buf_t buf) { sasl_conn_t *sasl; int *x, len, pos, reslen, maxbuf; char *out, *result; int sasl_ret; sx_error_t sxe; sasl = ((_sx_sasl_data_t) s->plugin_data[p->index])->sasl; /* if there's no security layer, don't bother */ sasl_getprop(sasl, SASL_SSF, (const void **) &x); if(*x == 0) return 1; _sx_debug(ZONE, "doing sasl encode"); /* can only encode x bytes at a time */ sasl_getprop(sasl, SASL_MAXOUTBUF, (const void **) &x); maxbuf = *x; /* encode the output */ pos = 0; result = NULL; reslen = 0; while(pos < buf->len) { if((buf->len - pos) < maxbuf) maxbuf = buf->len - pos; sasl_ret = sasl_encode(sasl, &buf->data[pos], maxbuf, (const char **) &out, &len); if (sasl_ret != SASL_OK) { _sx_gen_error(sxe, SX_ERR_STREAM, "Stream error", "sasl_encode failed, closing stream"); _sx_event(s, event_ERROR, (void *) &sxe); _sx_state(s, state_CLOSING); return 1; } result = (char *) realloc(result, sizeof(char) * (reslen + len)); memcpy(&result[reslen], out, len); reslen += len; pos += maxbuf; } /* replace the buffer */ _sx_buffer_set(buf, result, reslen, result); _sx_debug(ZONE, "%d bytes encoded for sasl channel", buf->len); return 1; }
ssize_t pni_sasl_impl_encode(pn_transport_t *transport, pn_bytes_t in, pn_bytes_t *out) { if ( in.size==0 ) return 0; sasl_conn_t *cyrus_conn = (sasl_conn_t*)transport->sasl->impl_context; const char *output; unsigned int outlen; int r = sasl_encode(cyrus_conn, in.start, in.size, &output, &outlen); if (outlen==0) return 0; if ( r==SASL_OK ) { *out = pn_bytes(outlen, output); return outlen; } if (transport->trace & PN_TRACE_DRV) pn_transport_logf(transport, "SASL encode error: %s", sasl_errdetail(cyrus_conn)); return PN_ERR; }
long vnc_client_write_sasl(VncState *vs) { long ret; VNC_DEBUG("Write SASL: Pending output %p size %d offset %d Encoded: %p size %d offset %d\n", vs->output.buffer, vs->output.capacity, vs->output.offset, vs->sasl.encoded, vs->sasl.encodedLength, vs->sasl.encodedOffset); if (!vs->sasl.encoded) { int err; err = sasl_encode(vs->sasl.conn, (char *)vs->output.buffer, vs->output.offset, (const char **)&vs->sasl.encoded, &vs->sasl.encodedLength); if (err != SASL_OK) return vnc_client_io_error(vs, -1, EIO); vs->sasl.encodedOffset = 0; } ret = vnc_client_write_buf(vs, vs->sasl.encoded + vs->sasl.encodedOffset, vs->sasl.encodedLength - vs->sasl.encodedOffset); if (!ret) return 0; vs->sasl.encodedOffset += ret; if (vs->sasl.encodedOffset == vs->sasl.encodedLength) { vs->output.offset = 0; vs->sasl.encoded = NULL; vs->sasl.encodedOffset = vs->sasl.encodedLength = 0; } /* Can't merge this block with one above, because * someone might have written more unencrypted * data in vs->output while we were processing * SASL encoded output */ if (vs->output.offset == 0) { qemu_set_fd_handler2(vs->csock, NULL, vnc_client_read, NULL, vs); } return ret; }
static ssize_t reds_stream_sasl_write(RedsStream *s, const void *buf, size_t nbyte) { ssize_t ret; if (!s->priv->sasl.encoded) { int err; err = sasl_encode(s->priv->sasl.conn, (char *)buf, nbyte, (const char **)&s->priv->sasl.encoded, &s->priv->sasl.encodedLength); if (err != SASL_OK) { spice_warning("sasl_encode error: %d", err); return -1; } if (s->priv->sasl.encodedLength == 0) { return 0; } if (!s->priv->sasl.encoded) { spice_warning("sasl_encode didn't return a buffer!"); return 0; } s->priv->sasl.encodedOffset = 0; } ret = s->priv->write(s, s->priv->sasl.encoded + s->priv->sasl.encodedOffset, s->priv->sasl.encodedLength - s->priv->sasl.encodedOffset); if (ret <= 0) { return ret; } s->priv->sasl.encodedOffset += ret; if (s->priv->sasl.encodedOffset == s->priv->sasl.encodedLength) { s->priv->sasl.encoded = NULL; s->priv->sasl.encodedOffset = s->priv->sasl.encodedLength = 0; return nbyte; } /* we didn't flush the encoded buffer */ errno = EAGAIN; return -1; }
ssize_t sasl_write(Sfio_t *f, const Void_t *buf, size_t size, Sfdisc_t *disc) { int result; const char *outbuf; int outlen; Sasldisc_t *sd = (Sasldisc_t *) disc; result = sasl_encode(sd->conn, buf, size, &outbuf, &outlen); if (result != SASL_OK) { return -1; } if (outbuf != NULL) { sfwr(f, outbuf, outlen, disc); } return size; }
ssize_t virNetSASLSessionEncode(virNetSASLSessionPtr sasl, const char *input, size_t inputLen, const char **output, size_t *outputlen) { unsigned inlen = inputLen; unsigned outlen = 0; int err; ssize_t ret = -1; virObjectLock(sasl); if (inputLen > sasl->maxbufsize) { virReportSystemError(EINVAL, _("SASL data length %zu too long, max %zu"), inputLen, sasl->maxbufsize); goto cleanup; } err = sasl_encode(sasl->conn, input, inlen, output, &outlen); *outputlen = outlen; if (err != SASL_OK) { virReportError(VIR_ERR_INTERNAL_ERROR, _("failed to encode SASL data: %d (%s)"), err, sasl_errstring(err, NULL, NULL)); goto cleanup; } ret = 0; cleanup: virObjectUnlock(sasl); return ret; }
void _sasl_encode_inplace(sasl_conn_t *ctx, struct hdfs_heap_buf *b) { const char *out; unsigned outlen; int r; r = sasl_encode(ctx, b->buf, b->used, &out, &outlen); if (r != SASL_OK) { fprintf(stderr, "sasl_encode: %s\n", sasl_errstring(r, NULL, NULL)); abort(); } free(b->buf); b->buf = malloc(4 + outlen); ASSERT(b->buf); // copy in length-prefixed encoded bits _be32enc(b->buf, outlen); memcpy(b->buf + 4, out, outlen); b->used = b->size = 4 + outlen; }
size_t CyrusSecurityLayer::encode(const char* buffer, size_t size) { size_t processed = 0;//records how many bytes have been written to buffer do { if (!encrypted) { if (!encoded) { encodeBuffer.position = 0; encoded = codec->encode(encodeBuffer.data, encodeBuffer.size); if (!encoded) break;//nothing more to do } size_t encryptable = std::min(encoded, maxInputSize); int result = sasl_encode(conn, encodeBuffer.data + encodeBuffer.position, encryptable, &encrypted, &encryptedSize); if (result != SASL_OK) { throw framing::InternalErrorException(QPID_MSG("SASL encode error: " << sasl_errdetail(conn))); } encodeBuffer.position += encryptable; encoded -= encryptable; } size_t remaining = size - processed; if (remaining < encryptedSize) { //can't fit all encrypted data in the buffer we've //been given, copy in what we can and hold on to the //rest until the next call ::memcpy(const_cast<char*>(buffer + processed), encrypted, remaining); processed += remaining; encrypted += remaining; encryptedSize -= remaining; } else { ::memcpy(const_cast<char*>(buffer + processed), encrypted, encryptedSize); processed += encryptedSize; encrypted = 0; encryptedSize = 0; } } while (processed < size); return processed; }
rfbBool WriteToRFBServer(rfbClient* client, char *buf, int n) { fd_set fds; int i = 0; int j; const char *obuf = buf; #ifdef LIBVNCSERVER_HAVE_SASL const char *output; unsigned int outputlen; int err; #endif /* LIBVNCSERVER_HAVE_SASL */ if (client->serverPort==-1) return TRUE; /* vncrec playing */ if (client->tlsSession) { /* WriteToTLS() will guarantee either everything is written, or error/eof returns */ i = WriteToTLS(client, buf, n); if (i <= 0) return FALSE; return TRUE; } #ifdef LIBVNCSERVER_HAVE_SASL if (client->saslconn) { err = sasl_encode(client->saslconn, buf, n, &output, &outputlen); if (err != SASL_OK) { rfbClientLog("Failed to encode SASL data %s", sasl_errstring(err, NULL, NULL)); return FALSE; } obuf = output; n = outputlen; } #endif /* LIBVNCSERVER_HAVE_SASL */ while (i < n) { j = write(client->sock, obuf + i, (n - i)); if (j <= 0) { if (j < 0) { #ifdef WIN32 errno=WSAGetLastError(); #endif if (errno == EWOULDBLOCK || #ifdef LIBVNCSERVER_ENOENT_WORKAROUND errno == ENOENT || #endif errno == EAGAIN) { FD_ZERO(&fds); FD_SET(client->sock,&fds); if (select(client->sock+1, NULL, &fds, NULL, NULL) <= 0) { rfbClientErr("select\n"); return FALSE; } j = 0; } else { rfbClientErr("write\n"); return FALSE; } } else { rfbClientLog("write failed\n"); return FALSE; } } i += j; } return TRUE; }