geos_one/CASA
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

This branch was created to contain the "native" auth_token components.

Browse Source 
This was required because autobuild restrictions are forcing us to build
the native components separate from the java components.
This commit is contained in:
Juan Carlos Luciani
2006-07-27 15:28:07 +00:00
parent d2a89a5f7a
commit b49318e38a
109 changed files with 24472 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
CASA-auth-token/native/client/mechanisms/krb5/Krb5Authenticate.conf Normal file
View File

@@ -0,0 +1,12 @@
#######################################################
# #
# CASA Authentication Token System configuration file #
# for module: #
# #
# Krb5Authenticate #
# #
#######################################################
LibraryName \Program Files\novell\casa\lib\krb5mech.dll

30
CASA-auth-token/native/client/mechanisms/krb5/README Normal file
View File

@@ -0,0 +1,30 @@
/***********************************************************************
*
* README for krb5mech
*
***********************************************************************/
INTRODUCTION
krb5mech is a client authentication mechanism for the support of Kerberos 5
authentication. The mechanism leverages the services of the native Kerberos 5
client to obtain Kerberos Tokens that can be used for authenticating an entity
to a Kerberos service.
SECURITY CONSIDERATIONS
The tokens that krb5mech generates are only utilized to authenticate the client
entity to the Kerberos service, because of this, auth_token relies on SSL for
server authentication. auth_token does not leverage the capabilities of GSSAPI
for data privacy and data integrity purposes.

14
CASA-auth-token/native/client/mechanisms/krb5/TODO Normal file
View File

@@ -0,0 +1,14 @@
/***********************************************************************
*
* TODO for krb5mech
*
***********************************************************************/
INTRODUCTION
This file contains a list of the items still outstanding for krb5mech.
OUTSTANDING ITEMS
- Implementation of Linux specific code.

207
CASA-auth-token/native/client/mechanisms/krb5/interface.c Normal file
View File

@@ -0,0 +1,207 @@
/***********************************************************************
*
* Copyright (C) 2006 Novell, Inc. All Rights Reserved.
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; version 2.1
* of the License.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Library Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this library; if not, Novell, Inc.
*
* To contact Novell about this file by physical or electronic mail,
* you may find current contact information at www.novell.com.
*
* Author: Juan Carlos Luciani <jluciani@novell.com>
*
***********************************************************************/
//===[ Include files ]=====================================================
#include "internal.h"
//===[ Type definitions ]==================================================
//
// Authentication Token Interface instance data
//
typedef struct _AuthTokenIfInstance
{
int refCount;
AuthTokenIf authTokenIf;
} AuthTokenIfInstance, *PAuthTokenIfInstance;
//===[ Function prototypes ]===============================================
//===[ Global variables ]==================================================
// AuthTokenIf variables
static
int g_numAuthTokenIfObjs = 0;
//++=======================================================================
static
int SSCS_CALL
AuthTokenIf_AddReference(
IN const void *pIfInstance)
//
// Arguments:
// pIfInstance -
// Pointer to interface object.
//
// Returns:
// Interface reference count.
//
// Description:
// Increases interface reference count.
//
// L2
//=======================================================================--
{
int refCount;
AuthTokenIfInstance *pAuthTokenIfInstance = CONTAINING_RECORD(pIfInstance, AuthTokenIfInstance, authTokenIf);
DbgTrace(2, "-AuthTokenIf_AddReference- Start\n", 0);
// Increment the reference count on the object
pAuthTokenIfInstance->refCount ++;
refCount = pAuthTokenIfInstance->refCount;
DbgTrace(2, "-AuthTokenIf_AddReference- End, refCount = %08X\n", refCount);
return refCount;
}
//++=======================================================================
static
void SSCS_CALL
AuthTokenIf_ReleaseReference(
IN const void *pIfInstance)
//
// Arguments:
// pIfInstance -
// Pointer to interface object.
//
// Returns:
// Nothing.
//
// Description:
// Decreases interface reference count. The interface is deallocated if
// the reference count becomes zero.
//
// L2
//=======================================================================--
{
bool freeObj = false;
AuthTokenIfInstance *pAuthTokenIfInstance = CONTAINING_RECORD(pIfInstance, AuthTokenIfInstance, authTokenIf);
DbgTrace(2, "-AuthTokenIf_ReleaseReference- Start\n", 0);
// Decrement the reference count on the object and determine if it needs to
// be released.
pAuthTokenIfInstance->refCount --;
if (pAuthTokenIfInstance->refCount == 0)
{
// The object needs to be released, forget about it.
freeObj = true;
g_numAuthTokenIfObjs --;
}
// Free object if necessary
if (freeObj)
free(pAuthTokenIfInstance);
DbgTrace(2, "-AuthTokenIf_ReleaseReference- End\n", 0);
}
//++=======================================================================
CasaStatus SSCS_CALL
GET_AUTH_TOKEN_INTERFACE_RTN(
IN const ConfigIf *pModuleConfigIf,
INOUT AuthTokenIf **ppAuthTokenIf)
//
// Arguments:
// pModuleConfigIf -
// Pointer to configuration interface instance for the module.
//
// ppAuthTokenIf -
// Pointer to variable that will receive pointer to AuthTokenIf
// instance.
//
// Returns:
// Casa Status
//
// Description:
// Gets authentication token interface instance.
//
// L2
//=======================================================================--
{
CasaStatus retStatus;
AuthTokenIfInstance *pAuthTokenIfInstance;
DbgTrace(1, "-GetAuthTokenInterface- Start\n", 0);
// Validate input parameters
if (pModuleConfigIf == NULL
|| ppAuthTokenIf == NULL)
{
DbgTrace(0, "-GetAuthTokenInterface- Invalid input parameter\n", 0);
retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_PWTOKEN,
CASA_STATUS_INVALID_PARAMETER);
goto exit;
}
// Allocate space for the interface instance
pAuthTokenIfInstance = malloc(sizeof(*pAuthTokenIfInstance));
if (pAuthTokenIfInstance)
{
// Initialize the interface instance data
pAuthTokenIfInstance->refCount = 1;
pAuthTokenIfInstance->authTokenIf.addReference = AuthTokenIf_AddReference;
pAuthTokenIfInstance->authTokenIf.releaseReference = AuthTokenIf_ReleaseReference;
pAuthTokenIfInstance->authTokenIf.getAuthToken = AuthTokenIf_GetAuthToken;
// Keep track of this object
g_numAuthTokenIfObjs ++;
// Return the interface to the caller
*ppAuthTokenIf = &pAuthTokenIfInstance->authTokenIf;
// Success
retStatus = CASA_STATUS_SUCCESS;
}
else
{
DbgTrace(0, "-GetAuthTokenInterface- Buffer allocation failure\n", 0);
retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_PWTOKEN,
CASA_STATUS_INSUFFICIENT_RESOURCES);
}
exit:
DbgTrace(1, "-GetAuthTokenInterface- End, retStatus = %08X\n", retStatus);
return retStatus;
}
//++=======================================================================
//++=======================================================================
//++=======================================================================

90
CASA-auth-token/native/client/mechanisms/krb5/internal.h Normal file
View File

@@ -0,0 +1,90 @@
/***********************************************************************
*
* Copyright (C) 2006 Novell, Inc. All Rights Reserved.
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; version 2.1
* of the License.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Library Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this library; if not, Novell, Inc.
*
* To contact Novell about this file by physical or electronic mail,
* you may find current contact information at www.novell.com.
*
* Author: Juan Carlos Luciani <jluciani@novell.com>
*
***********************************************************************/
#ifndef _INTERNAL_H_
#define _INTERNAL_H_
//===[ Include files ]=====================================================
#include "platform.h"
#include <micasa_types.h>
#include <casa_status.h>
#include "config_if.h"
#include "mech_if.h"
//===[ Type definitions ]==================================================
//===[ Inlines functions ]===============================================
//===[ Function prototypes ]===============================================
//===[ Global variables ]==================================================
//===[ Global externals ]==================================================
extern int DebugLevel;
//===[ External prototypes ]===============================================
//
// Defined in get.c
//
extern
CasaStatus SSCS_CALL
AuthTokenIf_GetAuthToken(
IN const void *pIfInstance,
IN const char *pContext,
IN const char *pMechInfo,
INOUT char *pTokenBuf,
INOUT int *pTokenBufLen);
extern
int
InitializeLibrary(void);
//
// Defined in utils.c
//
extern
CasaStatus
EncodeData(
IN const void *pData,
IN const int32_t dataLen,
INOUT char **ppEncodedData,
INOUT int32_t *pEncodedDataLen);
extern
CasaStatus
DecodeData(
IN const char *pEncodedData,
IN const int32_t encodedDataLen, // Does not include NULL terminator
INOUT void **ppData,
INOUT int32_t *pDataLen);
//=========================================================================
#endif // _INTERNAL_H_

182
CASA-auth-token/native/client/mechanisms/krb5/krb5.vcproj Normal file
View File

@@ -0,0 +1,182 @@
<?xml version="1.0" encoding="Windows-1252"?>
<VisualStudioProject
ProjectType="Visual C++"
Version="7.10"
Name="krb5"
ProjectGUID="{5499F624-F371-4559-B4C2-A484BCE892FD}"
Keyword="Win32Proj">
<Platforms>
<Platform
Name="Win32"/>
</Platforms>
<Configurations>
<Configuration
Name="Debug|Win32"
OutputDirectory="$(SolutionDir)client\mechanisms\krb5\windows\$(ConfigurationName)"
IntermediateDirectory="$(SolutionDir)client\mechanisms\krb5\windows\$(ConfigurationName)"
ConfigurationType="2"
CharacterSet="2">
<Tool
Name="VCCLCompilerTool"
AdditionalOptions="-DSECURITY_WIN32"
Optimization="0"
AdditionalIncludeDirectories="windows;.;..\..;..\..\..\..\include"
PreprocessorDefinitions="WIN32;_DEBUG;_WINDOWS"
MinimalRebuild="TRUE"
BasicRuntimeChecks="3"
RuntimeLibrary="5"
UsePrecompiledHeader="0"
WarningLevel="3"
Detect64BitPortabilityProblems="TRUE"
DebugInformationFormat="4"/>
<Tool
Name="VCCustomBuildTool"/>
<Tool
Name="VCLinkerTool"
AdditionalOptions="/EXPORT:GetAuthTokenInterface"
AdditionalDependencies="secur32.lib"
OutputFile="$(OutDir)/krb5mech.dll"
LinkIncremental="1"
GenerateDebugInformation="TRUE"
ProgramDatabaseFile="$(OutDir)/pw.pdb"
SubSystem="0"
TargetMachine="1"/>
<Tool
Name="VCMIDLTool"/>
<Tool
Name="VCPostBuildEventTool"
CommandLine="mkdir \&quot;Program Files&quot;\novell\
mkdir \&quot;Program Files&quot;\novell\casa
mkdir \&quot;Program Files&quot;\novell\casa\lib\
mkdir \&quot;Program Files&quot;\novell\casa\etc\
mkdir \&quot;Program Files&quot;\novell\casa\etc\auth\
mkdir \&quot;Program Files&quot;\novell\casa\etc\auth\mechanisms\
copy Krb5Authenticate.conf \&quot;Program Files&quot;\novell\casa\etc\auth\mechanisms\Krb5Authenticate.conf
copy $(OutDir)\krb5mech.dll \&quot;Program Files&quot;\novell\casa\lib\krb5mech.dll
"/>
<Tool
Name="VCPreBuildEventTool"/>
<Tool
Name="VCPreLinkEventTool"/>
<Tool
Name="VCResourceCompilerTool"/>
<Tool
Name="VCWebServiceProxyGeneratorTool"/>
<Tool
Name="VCXMLDataGeneratorTool"/>
<Tool
Name="VCWebDeploymentTool"/>
<Tool
Name="VCManagedWrapperGeneratorTool"/>
<Tool
Name="VCAuxiliaryManagedWrapperGeneratorTool"/>
</Configuration>
<Configuration
Name="Release|Win32"
OutputDirectory="$(SolutionDir)client\mechanisms\krb5\windows\$(ConfigurationName)"
IntermediateDirectory="$(SolutionDir)client\mechanisms\krb5\windows\$(ConfigurationName)"
ConfigurationType="2"
CharacterSet="2">
<Tool
Name="VCCLCompilerTool"
AdditionalOptions="-DSECURITY_WIN32"
AdditionalIncludeDirectories="windows;.;..\..;..\..\..\..\include"
PreprocessorDefinitions="WIN32;NDEBUG;_WINDOWS"
RuntimeLibrary="4"
UsePrecompiledHeader="0"
WarningLevel="3"
Detect64BitPortabilityProblems="TRUE"
DebugInformationFormat="3"/>
<Tool
Name="VCCustomBuildTool"/>
<Tool
Name="VCLinkerTool"
AdditionalOptions="/EXPORT:GetAuthTokenInterface"
AdditionalDependencies="secur32.lib"
OutputFile="$(OutDir)/krb5mech.dll"
LinkIncremental="1"
GenerateDebugInformation="TRUE"
SubSystem="0"
OptimizeReferences="2"
EnableCOMDATFolding="2"
TargetMachine="1"/>
<Tool
Name="VCMIDLTool"/>
<Tool
Name="VCPostBuildEventTool"
CommandLine="mkdir \&quot;Program Files&quot;\novell\
mkdir \&quot;Program Files&quot;\novell\casa
mkdir \&quot;Program Files&quot;\novell\casa\lib\
mkdir \&quot;Program Files&quot;\novell\casa\etc\
mkdir \&quot;Program Files&quot;\novell\casa\etc\auth\
mkdir \&quot;Program Files&quot;\novell\casa\etc\auth\mechanisms\
copy Krb5Authenticate.conf \&quot;Program Files&quot;\novell\casa\etc\auth\mechanisms\Krb5Authenticate.conf
copy $(OutDir)\krb5mech.dll \&quot;Program Files&quot;\novell\casa\lib\krb5mech.dll
"/>
<Tool
Name="VCPreBuildEventTool"/>
<Tool
Name="VCPreLinkEventTool"/>
<Tool
Name="VCResourceCompilerTool"/>
<Tool
Name="VCWebServiceProxyGeneratorTool"/>
<Tool
Name="VCXMLDataGeneratorTool"/>
<Tool
Name="VCWebDeploymentTool"/>
<Tool
Name="VCManagedWrapperGeneratorTool"/>
<Tool
Name="VCAuxiliaryManagedWrapperGeneratorTool"/>
</Configuration>
</Configurations>
<References>
</References>
<Files>
<Filter
Name="Source Files"
Filter="cpp;c;cxx;def;odl;idl;hpj;bat;asm;asmx"
UniqueIdentifier="{4FC737F1-C7A5-4376-A066-2A32D752A2FF}">
<File
RelativePath=".\windows\dllsup.c">
</File>
<File
RelativePath=".\windows\get.c">
</File>
<File
RelativePath=".\interface.c">
</File>
<File
RelativePath=".\Krb5Authenticate.conf">
</File>
<File
RelativePath=".\win32\krb5mech.def">
</File>
<File
RelativePath=".\windows\platform.c">
</File>
<File
RelativePath=".\util.c">
</File>
</Filter>
<Filter
Name="Header Files"
Filter="h;hpp;hxx;hm;inl;inc;xsd"
UniqueIdentifier="{93995380-89BD-4b04-88EB-625FBE52EBFB}">
<File
RelativePath=".\internal.h">
</File>
<File
RelativePath=".\windows\platform.h">
</File>
</Filter>
<Filter
Name="Resource Files"
Filter="rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx"
UniqueIdentifier="{67DA6AB6-F800-4c08-8B7A-83BB121AAD01}">
</Filter>
</Files>
<Globals>
</Globals>
</VisualStudioProject>

282
CASA-auth-token/native/client/mechanisms/krb5/util.c Normal file
View File

@@ -0,0 +1,282 @@
/***********************************************************************
*
* Copyright (C) 2006 Novell, Inc. All Rights Reserved.
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; version 2.1
* of the License.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Library Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this library; if not, Novell, Inc.
*
* To contact Novell about this file by physical or electronic mail,
* you may find current contact information at www.novell.com.
*
* Author: Juan Carlos Luciani <jluciani@novell.com>
*
***********************************************************************/
//===[ Include files ]=====================================================
#include "internal.h"
//===[ Type definitions ]==================================================
//===[ Function prototypes ]===============================================
//===[ Global variables ]==================================================
// Debug Level
int DebugLevel = 0;
// Tables for Base64 encoding and decoding
static const int8_t g_Base64[] =
"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
static const uint8_t g_Expand64[256] =
{
/* ASCII table */
64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64,
64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64,
64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 62, 64, 64, 64, 63,
52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 64, 64, 64, 64, 64, 64,
64, 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14,
15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 64, 64, 64, 64, 64,
64, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40,
41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 64, 64, 64, 64, 64,
64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64,
64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64,
64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64,
64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64,
64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64,
64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64,
64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64,
64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64
};
//++=======================================================================
CasaStatus
EncodeData(
IN const void *pData,
IN const int32_t dataLen,
INOUT char **ppEncodedData,
INOUT int32_t *pEncodedDataLen)
//
// Arguments:
//
// Returns:
//
// Description:
//
// L2
//=======================================================================--
{
CasaStatus retStatus;
int encodedSize;
char *pTmp;
DbgTrace(3, "-EncodeData- Start\n", 0);
// Determine the encoded size and allocate a buffer to hold the encoded data
encodedSize = ((dataLen * 4 + 2) / 3) - (dataLen % 3 ) + 4;
pTmp = (char*) malloc(encodedSize);
*ppEncodedData = pTmp;
if (*ppEncodedData)
{
uint8_t *pOut, *pIn;
int i;
// Setup pointers to move through the buffers
pIn = (uint8_t*) pData;
pOut = (uint8_t*) *ppEncodedData;
// Perform the encoding
for (i = 0; i < dataLen - 2; i += 3)
{
*pOut++ = g_Base64[(pIn[i] >> 2) & 0x3F];
*pOut++ = g_Base64[((pIn[i] & 0x3) << 4) |
((int32_t)(pIn[i + 1] & 0xF0) >> 4)];
*pOut++ = g_Base64[((pIn[i + 1] & 0xF) << 2) |
((int32_t)(pIn[i + 2] & 0xC0) >> 6)];
*pOut++ = g_Base64[pIn[i + 2] & 0x3F];
}
if (i < dataLen)
{
*pOut++ = g_Base64[(pIn[i] >> 2) & 0x3F];
if (i == (dataLen - 1))
{
*pOut++ = g_Base64[((pIn[i] & 0x3) << 4)];
*pOut++ = '=';
}
else
{
*pOut++ = g_Base64[((pIn[i] & 0x3) << 4) |
((int32_t)(pIn[i + 1] & 0xF0) >> 4)];
*pOut++ = g_Base64[((pIn[i + 1] & 0xF) << 2)];
}
*pOut++ = '=';
}
*pOut++ = '\0';
// Return the encoded data length
*pEncodedDataLen = (int32_t)(pOut - (uint8_t*)*ppEncodedData);
// Success
retStatus = CASA_STATUS_SUCCESS;
}
else
{
DbgTrace(0, "-EncodeData- Buffer allocation failure\n", 0);
retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_PWTOKEN,
CASA_STATUS_INSUFFICIENT_RESOURCES);
}
DbgTrace(3, "-EncodeData- End, retStatus = %08X\n", retStatus);
return retStatus;
}
//++=======================================================================
CasaStatus
DecodeData(
IN const char *pEncodedData,
IN const int32_t encodedDataLen, // Does not include NULL terminator
INOUT void **ppData,
INOUT int32_t *pDataLen)
//
// Arguments:
//
// Returns:
//
// Description:
//
// L2
//=======================================================================--
{
CasaStatus retStatus;
int i, j;
int decodedSize;
DbgTrace(3, "-DecodeData- Start\n", 0);
// Determine the decoded size
for (i = 0, j = 0; i < encodedDataLen; i++)
if (g_Expand64[((uint8_t*) pEncodedData)[i]] < 64)
j++;
decodedSize = (j * 3 + 3) / 4;
// Allocate buffer to hold the decoded data
*ppData = malloc(decodedSize);
if (*ppData)
{
bool endReached = false;
uint8_t c0, c1, c2, c3;
uint8_t *p, *q;
// Initialize parameters that will be used during the decode operation
c0 = c1 = c2 = c3 = 0;
p = (uint8_t*) pEncodedData;
q = (uint8_t*) *ppData;
// Decode the data
//
// Loop through the data, piecing back information. Any newlines, and/or
// carriage returns need to be skipped.
while (j > 4)
{
while ((64 == g_Expand64[*p]) && (('\n' == *p) || ('\r' == *p)))
p++;
if (64 == g_Expand64[*p])
{
endReached = true;
break;
}
c0 = *(p++);
while ((64 == g_Expand64[*p]) && (('\n' == *p) || ('\r' == *p)))
p++;
if (64 == g_Expand64[*p])
{
*(q++) = (uint8_t)(g_Expand64[c0] << 2);
j--;
endReached = true;
break;
}
c1 = *(p++);
while ((64 == g_Expand64[*p]) && (('\n' == *p) || ('\r' == *p)))
p++;
if (64 == g_Expand64[*p])
{
*(q++) = (uint8_t)(g_Expand64[c0] << 2 | g_Expand64[c1] >> 4);
*(q++) = (uint8_t)(g_Expand64[c1] << 4);
j -= 2;
endReached = true;
break;
}
c2 = *(p++);
while ((64 == g_Expand64[*p]) && (('\n' == *p) || ('\r' == *p)))
p++;
if (64 == g_Expand64[*p])
{
*(q++) = (uint8_t)(g_Expand64[c0] << 2 | g_Expand64[c1] >> 4);
*(q++) = (uint8_t)(g_Expand64[c1] << 4 | g_Expand64[c2] >> 2);
*(q++) = (uint8_t)(g_Expand64[c2] << 6);
j -= 3;
endReached = true;
break;
}
c3 = *(p++);
*(q++) = (uint8_t)(g_Expand64[c0] << 2 | g_Expand64[c1] >> 4);
*(q++) = (uint8_t)(g_Expand64[c1] << 4 | g_Expand64[c2] >> 2);
*(q++) = (uint8_t)(g_Expand64[c2] << 6 | g_Expand64[c3]);
j -= 4;
}
if (!endReached)
{
if (j > 1)
*(q++) = (uint8_t)(g_Expand64[*p] << 2 | g_Expand64[p[1]] >> 4);
if (j > 2)
*(q++) = (uint8_t)(g_Expand64[p[1]] << 4 | g_Expand64[p[2]] >> 2);
if (j > 3)
*(q++) = (uint8_t)(g_Expand64[p[2]] << 6 | g_Expand64[p[3]]);
}
// Return the length of the decoded data
*pDataLen = (int32_t)(q - (uint8_t*)*ppData);
// Success
retStatus = CASA_STATUS_SUCCESS;
}
else
{
DbgTrace(0, "-DecodeData- Buffer allocation failure\n", 0);
retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_PWTOKEN,
CASA_STATUS_INSUFFICIENT_RESOURCES);
}
DbgTrace(3, "-DecodeData- End, retStatus = %08X\n", retStatus);
return retStatus;
}
//++=======================================================================
//++=======================================================================
//++=======================================================================

132
CASA-auth-token/native/client/mechanisms/krb5/windows/dllsup.c Normal file
View File

@@ -0,0 +1,132 @@
/***********************************************************************
*
* Copyright (C) 2006 Novell, Inc. All Rights Reserved.
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; version 2.1
* of the License.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Library Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this library; if not, Novell, Inc.
*
* To contact Novell about this file by physical or electronic mail,
* you may find current contact information at www.novell.com.
*
* Author: Juan Carlos Luciani <jluciani@novell.com>
*
***********************************************************************/
//===[ Include files ]=====================================================
#include "internal.h"
//===[ External data ]=====================================================
//===[ Manifest constants ]================================================
//===[ Type definitions ]==================================================
//===[ Function prototypes ]===============================================
//===[ Global variables ]==================================================
UINT32 g_ulCount = 0;
UINT32 g_ulLock = 0;
HANDLE g_hModule;
//++=======================================================================
BOOL APIENTRY DllMain(
HANDLE hModule,
DWORD ul_reason_for_call,
LPVOID lpReserved
)
//=======================================================================--
{
BOOL retStatus = TRUE;
switch (ul_reason_for_call)
{
case DLL_PROCESS_ATTACH:
{
g_hModule = hModule;
// Initialize the library
if (InitializeLibrary() != 0)
{
// Failed to initialize the library
OutputDebugString("CASA_KRB5_MECH -DllMain- Library initialization failed\n");
retStatus = FALSE;
}
break;
}
case DLL_THREAD_ATTACH:
{
g_hModule = hModule;
break;
}
case DLL_THREAD_DETACH:
break;
case DLL_PROCESS_DETACH:
{
/* Don't uninitialize on windows
tbd
*/
break;
}
}
return retStatus;
}
//++=======================================================================
//
// DllCanUnloadNow
//
// Synopsis
//
//
STDAPI
DllCanUnloadNow()
//
// Input Arguments
//
// Ouput Arguments
//
// Return Value
// S_OK The DLL can be unloaded.
// S_FALSE The DLL cannot be unloaded now.
//
// Description
// An Exported Function.
// DLLs that support the OLE Component Object Model (COM) should implement
// and export DllCanUnloadNow.
// A call to DllCanUnloadNow determines whether the DLL from which it is
// exported is still in use. A DLL is no longer in use when it is not
// managing any existing objects (the reference count on all of its objects
// is 0).
// DllCanUnloadNow returns S_FALSE if there are any existing references to
// objects that the DLL manages.
//
// Environment
//
// See Also
//
//=======================================================================--
{
// tbd
return ((g_ulCount == 0 && g_ulLock == 0) ? S_OK : S_FALSE);
}
//=========================================================================
//=========================================================================

272
CASA-auth-token/native/client/mechanisms/krb5/windows/get.c Normal file
View File

@@ -0,0 +1,272 @@
/***********************************************************************
*
* Copyright (C) 2006 Novell, Inc. All Rights Reserved.
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; version 2.1
* of the License.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Library Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this library; if not, Novell, Inc.
*
* To contact Novell about this file by physical or electronic mail,
* you may find current contact information at www.novell.com.
*
* Author: Juan Carlos Luciani <jluciani@novell.com>
*
***********************************************************************/
//===[ Include files ]=====================================================
#include "internal.h"
//===[ Type definitions ]==================================================
//===[ Function prototypes ]===============================================
//===[ Global variables ]==================================================
//++=======================================================================
CasaStatus SSCS_CALL
AuthTokenIf_GetAuthToken(
IN const void *pIfInstance,
IN const char *pContext,
IN const char *pMechInfo,
INOUT char *pTokenBuf,
INOUT int *pTokenBufLen)
//
// Arguments:
// pIfInstance -
// Pointer to interface object.
//
// pServiceConfigIf -
// Pointer to service config object to which the client is trying to
// authenticate.
//
// pContext -
// Pointer to null terminated string containing mechanism specific
// context information. Another name for context is Authentication
// Realm.
//
// pMechInfo -
// Pointer to null terminated string containing mechanism specific
// information. This is information is provided by the server to
// aid the mechanism to generate an authentication token. For
// example, the mechanism information for a Kerberos mechanism
// may be the service principal name to which the user will be
// authenticating.
//
// pTokenBuf -
// Pointer to buffer that will receive the authentication
// token. The length of this buffer is specified by the
// pTokenBufLen parameter. Note that the the authentication
// token will be in the form of a NULL terminated string.
//
// pTokenBufLen -
// Pointer to integer that contains the length of the
// buffer pointed at by pTokenBuf. Upon return of the
// function, the integer will contain the actual length
// of the authentication token if the function successfully
// completes or the buffer length required if the function
// fails because the buffer pointed at by pUserNameBuf is
// not large enough.
//
// Returns:
// Casa Status
//
// Description:
// Get authentication token to authenticate user to specified service.
//
// L2
//=======================================================================--
{
CasaStatus retStatus;
char *pKrbServiceName = pMechInfo;
SECURITY_STATUS secStatus;
TimeStamp expiry;
CredHandle hCredentials = {0};
DbgTrace(1, "-AuthTokenIf_GetAuthToken- Start\n", 0);
// Validate input parameters
if (pIfInstance == NULL
|| pContext == NULL
|| pMechInfo == NULL
|| pTokenBufLen == NULL
|| (pTokenBuf == NULL && *pTokenBufLen != 0))
{
DbgTrace(0, "-AuthTokenIf_GetAuthToken- Invalid input parameter\n", 0);
retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_KRB5TOKEN,
CASA_STATUS_INVALID_PARAMETER);
goto exit;
}
// Acquire a credential handle for the current user
secStatus = AcquireCredentialsHandle(NULL, // no principal name
"Kerberos", // package name
SECPKG_CRED_OUTBOUND,
NULL, // no logon id
NULL, // no auth data
NULL, // no get key fn
NULL, // noget key arg
&hCredentials,
&expiry);
if (secStatus == SEC_E_OK)
{
CtxtHandle hContext = {0};
SecBuffer sendTok;
SecBufferDesc outputDesc;
ULONG retFlags;
// We acquired the credential, now initialize a security context
// so that we can authenticate the user to the specified service.
//
// First ready an output descriptor so that we can receive the
// token buffer.
outputDesc.cBuffers = 1;
outputDesc.pBuffers = &sendTok;
outputDesc.ulVersion = SECBUFFER_VERSION;
sendTok.BufferType = SECBUFFER_TOKEN;
sendTok.cbBuffer = 0;
sendTok.pvBuffer = NULL;
// Initialize the security context for the specified service
secStatus = InitializeSecurityContext(&hCredentials,
NULL,
pKrbServiceName,
ISC_REQ_ALLOCATE_MEMORY,
0, // reserved
SECURITY_NATIVE_DREP,
NULL,
0, // reserved
&hContext,
&outputDesc,
&retFlags,
&expiry);
if (secStatus == SEC_E_OK)
{
char *pEncodedToken;
int encodedTokenLen;
// The security context was initialized, now return it to the caller after base64 encoding it.
retStatus = EncodeData(sendTok.pvBuffer,
(const int) sendTok.cbBuffer,
&pEncodedToken,
&encodedTokenLen);
if (CASA_SUCCESS(retStatus))
{
// Verify that the caller provided a buffer that is big enough
if (encodedTokenLen > *pTokenBufLen)
{
// The buffer is not big enough
retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_KRB5TOKEN,
CASA_STATUS_BUFFER_OVERFLOW);
}
else
{
// The buffer provided is large enough, copy the data.
memcpy((void*) pTokenBuf, pEncodedToken, encodedTokenLen);
// Success
retStatus = CASA_STATUS_SUCCESS;
}
// Return the actual size or the size required
*pTokenBufLen = encodedTokenLen;
// Free the buffer containing the encoded token
free(pEncodedToken);
}
// Delete the security context
DeleteSecurityContext(&hContext);
}
else
{
DbgTrace(0, "-AuthTokenIf_GetAuthToken- Failed to initialize the security context, error = %08X\n", secStatus);
retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_KRB5TOKEN,
CASA_STATUS_UNSUCCESSFUL);
}
// Free any buffer associated with the sendToken
if (sendTok.pvBuffer)
FreeContextBuffer(sendTok.pvBuffer);
// Free the credential handle obtained
FreeCredentialsHandle(&hCredentials);
}
else
{
DbgTrace(1, "-AuthTokenIf_GetAuthToken- Failed to obtain the credentials handle, error = %08X\n", secStatus);
// Set retStatus based on secStatus
if (secStatus == SEC_E_NOT_OWNER
|| secStatus == SEC_E_NO_CREDENTIALS)
{
retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_KRB5TOKEN,
CASA_STATUS_NO_CREDENTIALS);
}
else
{
retStatus = CasaStatusBuild(CASA_SEVERITY_ERROR,
CASA_FACILITY_KRB5TOKEN,
CASA_STATUS_UNSUCCESSFUL);
}
}
exit:
DbgTrace(1, "-AuthTokenIf_GetAuthToken- End, retStatus = %08X\n", retStatus);
return retStatus;
}
//++=======================================================================
int
InitializeLibrary(void)
//
// Arguments:
//
// Returns:
//
// Abstract:
//
// Notes:
//
// L2
//=======================================================================--
{
int retStatus = 0;
DbgTrace(1, "-InitializeLibrary- Start\n", 0);
// Nothing to do at this time.
DbgTrace(1, "-InitializeLibrary- End, retStatus = %08X\n", retStatus);
return retStatus;
}
//++=======================================================================
//++=======================================================================
//++=======================================================================

10
CASA-auth-token/native/client/mechanisms/krb5/windows/krb5mech.def Normal file
View File

@@ -0,0 +1,10 @@
LIBRARY KRB5MECH
DESCRIPTION 'CASA Kerberos V Authentication Mechanism Library.'
EXPORTS
; DllRegisterServer PRIVATE
; DllUnregisterServer PRIVATE
; DllGetClassObject PRIVATE
GetAuthTokenInterface PRIVATE
; DllCanUnloadNow PRIVATE

35
CASA-auth-token/native/client/mechanisms/krb5/windows/platform.c Normal file
View File

@@ -0,0 +1,35 @@
/***********************************************************************
*
* Copyright (C) 2006 Novell, Inc. All Rights Reserved.
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; version 2.1
* of the License.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Library Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this library; if not, Novell, Inc.
*
* To contact Novell about this file by physical or electronic mail,
* you may find current contact information at www.novell.com.
*
* Author: Juan Carlos Luciani <jluciani@novell.com>
*
***********************************************************************/
//===[ Include files ]=====================================================
#include "internal.h"
//===[ Type definitions ]==================================================
//===[ Function prototypes ]===============================================
//===[ Global variables ]==================================================

83
CASA-auth-token/native/client/mechanisms/krb5/windows/platform.h Normal file
View File

@@ -0,0 +1,83 @@
/***********************************************************************
*
* Copyright (C) 2006 Novell, Inc. All Rights Reserved.
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; version 2.1
* of the License.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Library Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this library; if not, Novell, Inc.
*
* To contact Novell about this file by physical or electronic mail,
* you may find current contact information at www.novell.com.
*
* Author: Juan Carlos Luciani <jluciani@novell.com>
*
***********************************************************************/
#ifndef _PLATFORM_H_
#define _PLATFORM_H_
//===[ Include files ]=====================================================
#include <windows.h>
#include <stdio.h>
#include <winerror.h>
#include <security.h>
#include <sspi.h>
//===[ Type definitions ]==================================================
#ifndef CONTAINING_RECORD
#define CONTAINING_RECORD(address, type, field) ((type *)( \
(char*)(address) - \
(char*)(&((type *)0)->field)))
#endif
//
// DbgTrace macro define
//
//#define DbgTrace(LEVEL, X, Y) { \
//char printBuff[256]; \
// if (LEVEL == 0 || DebugLevel >= LEVEL) \
// { \
// _snprintf(printBuff, sizeof(printBuff), X, Y); \
// printf("Krb5Mech %s", printBuff); \
// } \
//}
#define DbgTrace(LEVEL, X, Y) { \
char formatBuff[128]; \
char printBuff[256]; \
if (LEVEL == 0 || DebugLevel >= LEVEL) \
{ \
strcpy(formatBuff, "Krb5Mech "); \
strncat(formatBuff, X, sizeof(formatBuff) - 9); \
_snprintf(printBuff, sizeof(printBuff), formatBuff, Y); \
OutputDebugString(printBuff); \
} \
}
#define bool BOOLEAN
#define true TRUE
#define false FALSE
//===[ Inlines functions ]===============================================
//===[ Function prototypes ]===============================================
//===[ Global externals ]==================================================
//===[ External prototypes ]===============================================
//=========================================================================
#endif // _PLATFORM_H_