Lines Matching refs:text
187 #define sasl_gss_log(x,y,z) sasl_gss_seterror_(text,y,z,1)
188 #define sasl_gss_seterror(x,y,z) sasl_gss_seterror_(text,y,z,0)
190 sasl_gss_seterror_(const context_t *text, OM_uint32 maj, OM_uint32 min, in sasl_gss_seterror_() argument
204 const sasl_utils_t *utils = text->utils; in sasl_gss_seterror_()
223 GSS_C_GSS_CODE, text->mech_oid, in sasl_gss_seterror_()
231 utils->log(text->utils->conn, SASL_LOG_FAIL, in sasl_gss_seterror_()
285 GSS_C_MECH_CODE, text->mech_oid,
293 utils->log(text->utils->conn, SASL_LOG_FAIL,
343 utils->log(text->utils->conn, SASL_LOG_FAIL, out);
357 context_t *text = (context_t *)context; in sasl_gss_encode() local
367 ret = _plug_iovec_to_buf(text->utils, invec, numiov, &text->enc_in_buf); in sasl_gss_encode()
369 inblob = text->enc_in_buf; in sasl_gss_encode()
376 if (text->state != SASL_GSSAPI_STATE_AUTHENTICATED) return SASL_NOTDONE; in sasl_gss_encode()
392 text->gss_ctx, in sasl_gss_encode()
401 sasl_gss_seterror(text->utils, maj_stat, min_stat); in sasl_gss_encode()
413 ret = _plug_buf_alloc(text->utils, &(text->encode_buf), in sasl_gss_encode()
414 &(text->encode_buf_len), output_token->length + 4); in sasl_gss_encode()
425 memcpy(text->encode_buf, &len, 4); in sasl_gss_encode()
426 memcpy(text->encode_buf + 4, output_token->value, output_token->length); in sasl_gss_encode()
433 *output = text->encode_buf; in sasl_gss_encode()
465 context_t *text = (context_t *) context; local
472 if (text->state != SASL_GSSAPI_STATE_AUTHENTICATED) {
474 SETERROR(text->utils, gettext("GSSAPI Failure"));
476 SETERROR(text->utils, "GSSAPI Failure");
482 if (text->needsize > 0) {
484 int tocopy = myMIN(text->needsize, *inputlen);
486 memcpy(text->sizebuf + 4 - text->needsize, *input, tocopy);
487 text->needsize -= tocopy;
491 if (text->needsize == 0) {
493 memcpy(&text->size, text->sizebuf, 4);
494 text->size = ntohl(text->size);
495 text->cursize = 0;
498 if (text->size > 0xFFFFFF) {
499 text->utils->log(text->utils->conn, SASL_LOG_ERR,
502 if (text->size > 0xFFFFFF || text->size <= 0) {
503 SETERROR(text->utils, "Illegal size in sasl_gss_decode_once");
508 if (text->bufsize < text->size + 5) {
509 result = _plug_buf_alloc(text->utils, &text->buffer,
510 &(text->bufsize), text->size+5);
523 diff = text->size - text->cursize;
527 memcpy(text->buffer + text->cursize, *input, *inputlen);
528 text->cursize += *inputlen;
534 memcpy(text->buffer + text->cursize, *input, diff);
540 real_input_token.value = text->buffer;
541 real_input_token.length = text->size;
553 text->gss_ctx,
561 sasl_gss_seterror(text->utils, maj_stat, min_stat);
575 result = _plug_buf_alloc(text->utils, &text->decode_once_buf,
576 &text->decode_once_buf_len,
585 *output = text->decode_once_buf;
596 text->size = -1;
598 text->needsize = 4;
607 context_t *text = (context_t *) context; local
610 ret = _plug_decode(text->utils, context, input, inputlen,
611 &text->decode_buf, &text->decode_buf_len, outputlen,
614 *output = text->decode_buf;
645 static void sasl_gss_free_context_contents(context_t *text) argument
649 if (!text) return;
651 if (text->gss_ctx != GSS_C_NO_CONTEXT) {
652 (void) gss_delete_sec_context(&min_stat,&text->gss_ctx,GSS_C_NO_BUFFER);
653 text->gss_ctx = GSS_C_NO_CONTEXT;
656 if (text->client_name != GSS_C_NO_NAME) {
657 (void) gss_release_name(&min_stat,&text->client_name);
658 text->client_name = GSS_C_NO_NAME;
661 if (text->server_name != GSS_C_NO_NAME) {
662 (void) gss_release_name(&min_stat,&text->server_name);
663 text->server_name = GSS_C_NO_NAME;
666 if ( text->server_creds != GSS_C_NO_CREDENTIAL) {
667 (void) gss_release_cred(&min_stat, &text->server_creds);
668 text->server_creds = GSS_C_NO_CREDENTIAL;
672 if ( text->client_creds != GSS_C_NO_CREDENTIAL) {
673 (void) gss_release_cred(&min_stat, &text->client_creds);
674 text->client_creds = GSS_C_NO_CREDENTIAL;
683 if (text->out_buf) {
684 text->utils->free(text->out_buf);
685 text->out_buf = NULL;
688 if (text->encode_buf) {
689 text->utils->free(text->encode_buf);
690 text->encode_buf = NULL;
693 if (text->decode_buf) {
694 text->utils->free(text->decode_buf);
695 text->decode_buf = NULL;
698 if (text->decode_once_buf) {
699 text->utils->free(text->decode_once_buf);
700 text->decode_once_buf = NULL;
703 if (text->enc_in_buf) {
704 if(text->enc_in_buf->data) text->utils->free(text->enc_in_buf->data);
705 text->utils->free(text->enc_in_buf);
706 text->enc_in_buf = NULL;
709 if (text->buffer) {
710 text->utils->free(text->buffer);
711 text->buffer = NULL;
714 if (text->authid) { /* works for both client and server */
715 text->utils->free(text->authid);
716 text->authid = NULL;
739 add_mech_to_set(context_t *text, gss_OID_set *desired_mechs) argument
746 sasl_gss_seterror(text->utils, maj_stat, min_stat);
747 sasl_gss_free_context_contents(text);
751 maj_stat = gss_add_oid_set_member(&min_stat, text->mech_oid, desired_mechs);
753 sasl_gss_seterror(text->utils, maj_stat, min_stat);
754 sasl_gss_free_context_contents(text);
791 context_t *text; local
797 text = gss_new_context(params->utils);
801 if (text == NULL) {
808 text->gss_ctx = GSS_C_NO_CONTEXT;
809 text->client_name = GSS_C_NO_NAME;
810 text->server_name = GSS_C_NO_NAME;
811 text->server_creds = GSS_C_NO_CREDENTIAL;
812 text->state = SASL_GSSAPI_STATE_AUTHNEG;
814 *conn_context = text;
828 context_t *text = (context_t *)conn_context; local
845 PARAMERROR(text->utils);
852 switch (text->state) {
855 if (text->server_name == GSS_C_NO_NAME) { /* only once */
859 MEMERROR(text->utils);
860 sasl_gss_free_context_contents(text);
873 &text->server_name);
879 sasl_gss_seterror(text->utils, maj_stat, min_stat);
880 sasl_gss_free_context_contents(text);
884 if ( text->server_creds != GSS_C_NO_CREDENTIAL) {
885 maj_stat = gss_release_cred(&min_stat, &text->server_creds);
886 text->server_creds = GSS_C_NO_CREDENTIAL;
890 if (text->mech_oid != GSS_C_NULL_OID) {
891 ret = add_mech_to_set(text, &desired_mechs);
898 text->server_name,
906 &text->server_creds,
918 sasl_gss_seterror(text->utils, maj_stat, min_stat);
919 sasl_gss_free_context_contents(text);
931 &(text->gss_ctx),
932 text->server_creds,
935 &text->client_name,
945 sasl_gss_log(text->utils, maj_stat, min_stat);
946 text->utils->seterror(text->utils->conn, SASL_NOLOG,
955 text->utils->seterror(text->utils->conn, SASL_NOLOG, "GSSAPI Failure: gss_accept_sec_context");
956 text->utils->log(NULL, SASL_LOG_DEBUG, "GSSAPI Failure: gss_accept_sec_context");
958 sasl_gss_free_context_contents(text);
966 ret = _plug_buf_alloc(text->utils, &(text->out_buf),
967 &(text->out_buf_len), *serveroutlen);
972 memcpy(text->out_buf, output_token->value, *serveroutlen);
973 *serverout = text->out_buf;
988 text->state = SASL_GSSAPI_STATE_SSFCAP;
1010 text->client_name,
1027 SETERROR(text->utils, gettext("GSSAPI Failure"));
1029 SETERROR(text->utils, "GSSAPI Failure");
1031 sasl_gss_free_context_contents(text);
1045 MEMERROR(text->utils);
1073 SETERROR(text->utils, "GSSAPI Failure");
1074 sasl_gss_free_context_contents(text);
1079 text->client_name,
1089 SETERROR(text->utils, "GSSAPI Failure");
1090 sasl_gss_free_context_contents(text);
1100 text->authid = strdup(name_without_realm.value);
1102 if (text->authid == NULL) {
1107 text->authid = strdup(name_token.value);
1109 if (text->authid == NULL) {
1117 &text->authid, NULL);
1136 text->limitssf = 0;
1138 text->limitssf = params->props.max_ssf - params->external_ssf;
1141 text->requiressf = 0;
1143 text->requiressf = params->props.min_ssf - params->external_ssf;
1157 if(text->requiressf != 0 && !params->props.maxbufsize) {
1168 if (text->requiressf == 0) {
1171 if (text->requiressf <= 1 && text->limitssf >= 1
1175 if (text->requiressf <= 56 && text->limitssf >= 56
1184 text->gss_ctx,
1192 sasl_gss_seterror(text->utils, maj_stat, min_stat);
1195 sasl_gss_free_context_contents(text);
1204 ret = _plug_buf_alloc(text->utils, &(text->out_buf),
1205 &(text->out_buf_len), *serveroutlen);
1210 memcpy(text->out_buf, output_token->value, *serveroutlen);
1211 *serverout = text->out_buf;
1218 text->state = SASL_GSSAPI_STATE_SSFREQ;
1230 text->gss_ctx,
1237 sasl_gss_seterror(text->utils, maj_stat, min_stat);
1238 sasl_gss_free_context_contents(text);
1243 if (layerchoice == 1 && text->requiressf == 0) { /* no encryption */
1247 } else if (layerchoice == 2 && text->requiressf <= 1 &&
1248 text->limitssf >= 1) { /* integrity */
1252 } else if (layerchoice == 4 && text->requiressf <= 56 &&
1253 text->limitssf >= 56) { /* privacy */
1260 text->utils->log(text->utils->conn, SASL_LOG_ERR,
1263 SETERROR(text->utils,
1270 sasl_gss_free_context_contents(text);
1283 sasl_gss_free_context_contents(text);
1288 text->authid,
1292 sasl_gss_free_context_contents(text);
1300 text->authid,
1306 sasl_gss_free_context_contents(text);
1311 text->utils->log(text->utils->conn, SASL_LOG_ERR,
1314 SETERROR(text->utils,
1318 sasl_gss_free_context_contents(text);
1332 text->gss_ctx,
1338 sasl_gss_seterror(text->utils, maj_stat, min_stat);
1340 sasl_gss_free_context_contents(text);
1363 text->state = SASL_GSSAPI_STATE_AUTHENTICATED;
1372 params->utils->log(text->utils->conn, SASL_LOG_ERR,
1373 "Invalid GSSAPI server step %d", text->state);
1376 "Invalid GSSAPI server step %d\n", text->state);
1508 context_t *text; local
1518 text = gss_new_context(params->utils);
1522 if (text == NULL) {
1529 text->state = SASL_GSSAPI_STATE_AUTHNEG;
1530 text->gss_ctx = GSS_C_NO_CONTEXT;
1531 text->client_name = GSS_C_NO_NAME;
1532 text->server_creds = GSS_C_NO_CREDENTIAL;
1537 text->use_authid = (use_authid != NULL) &&
1541 *conn_context = text;
1555 context_t *text = (context_t *)conn_context; local
1574 switch (text->state) {
1579 if (text->user == NULL ||
1580 (text->use_authid && text->client_authid == NULL)) {
1584 if (text->use_authid && text->client_authid == NULL) {
1586 &text->client_authid,
1591 sasl_gss_free_context_contents(text);
1595 if (text->user == NULL) {
1596 user_result = _plug_get_userid(params->utils, &text->user,
1601 sasl_gss_free_context_contents(text);
1606 if (text->user == NULL) {
1609 user_result = _plug_get_userid(params->utils, &text->user,
1613 sasl_gss_free_context_contents(text);
1630 int result = _plug_make_prompts(params->utils, &text->h,
1633 convert_prompt(params->utils, &text->h,
1637 convert_prompt(params->utils, &text->h,
1678 if (text->server_name == GSS_C_NO_NAME) { /* only once */
1682 sasl_gss_free_context_contents(text);
1688 text->utils->log(text->utils->conn, SASL_LOG_ERR,
1691 SETERROR(text->utils, "GSSAPI Failure: no serverFQDN");
1706 &text->server_name);
1712 sasl_gss_seterror(text->utils, maj_stat, min_stat);
1713 sasl_gss_free_context_contents(text);
1725 else if (text->gss_ctx != GSS_C_NO_CONTEXT ) {
1730 maj_stat = gss_delete_sec_context (&min_stat,&text->gss_ctx,GSS_C_NO_BUFFER);
1731 text->gss_ctx = GSS_C_NO_CONTEXT;
1746 if (text->use_authid && text->client_creds == GSS_C_NO_CREDENTIAL) {
1750 name_token.length = strlen(text->client_authid);
1751 name_token.value = (char *)text->client_authid;
1760 &text->client_name);
1762 sasl_gss_seterror(text->utils, maj_stat, min_stat);
1763 sasl_gss_free_context_contents(text);
1767 if (text->mech_oid != GSS_C_NULL_OID) {
1768 ret = add_mech_to_set(text, &desired_mechs);
1774 text->client_name,
1778 &text->client_creds,
1788 sasl_gss_seterror(text->utils, maj_stat, min_stat);
1789 sasl_gss_free_context_contents(text);
1797 text->client_creds,
1801 &text->gss_ctx,
1802 text->server_name,
1804 text->mech_oid,
1818 sasl_gss_seterror(text->utils, maj_stat, min_stat);
1821 sasl_gss_free_context_contents(text);
1829 ret = _plug_buf_alloc(text->utils, &(text->out_buf),
1830 &(text->out_buf_len), *clientoutlen);
1835 memcpy(text->out_buf, output_token->value, *clientoutlen);
1836 *clientout = text->out_buf;
1844 text->gss_ctx,
1845 &text->client_name,
1854 sasl_gss_seterror(text->utils, maj_stat, min_stat);
1855 sasl_gss_free_context_contents(text);
1861 text->client_name,
1869 SETERROR(text->utils, gettext("GSSAPI Failure"));
1871 SETERROR(text->utils, "GSSAPI Failure");
1873 sasl_gss_free_context_contents(text);
1877 if (text->user && text->user[0]) {
1879 text->user, 0,
1896 text->state = SASL_GSSAPI_STATE_SSFCAP;
1911 text->gss_ctx,
1918 sasl_gss_seterror(text->utils, maj_stat, min_stat);
1919 sasl_gss_free_context_contents(text);
1973 sasl_gss_free_context_contents(text);
1986 text->gss_ctx,
1992 sasl_gss_seterror(text->utils, maj_stat, min_stat);
1994 sasl_gss_free_context_contents(text);
2022 if (text->user && text->user[0])
2031 sasl_gss_free_context_contents(text);
2056 text->gss_ctx,
2067 sasl_gss_seterror(text->utils, maj_stat, min_stat);
2070 sasl_gss_free_context_contents(text);
2078 ret = _plug_buf_alloc(text->utils, &(text->out_buf),
2079 &(text->out_buf_len), *clientoutlen);
2084 memcpy(text->out_buf, output_token->value, *clientoutlen);
2085 *clientout = text->out_buf;
2091 text->state = SASL_GSSAPI_STATE_AUTHENTICATED;
2101 "Invalid GSSAPI client step %d", text->state);
2104 "Invalid GSSAPI client step %d\n", text->state);