3
3
* Copyright (c) 1995, 1996, 1997, 1998, 1999 Kungliga Tekniska H�gskolan
4
4
* (Royal Institute of Technology, Stockholm, Sweden).
5
* Copyright (c) 2004 - 2008 Daniel Stenberg
5
6
* All rights reserved.
7
8
* Redistribution and use in source and binary forms, with or without
131
132
/* shut gcc up */
134
/* NOTE that the cast is safe, neither of the krb5, gnu gss and heimdal
135
/* NOTE that the cast is safe, neither of the krb5, gnu gss and heimdal
135
136
* libraries modify the input buffer in gss_seal()
137
138
dec.value = (void*)from;
138
139
dec.length = length;
139
140
maj = gss_seal(&min, *context,
140
level == prot_private,
141
level == prot_private,
144
145
if(maj != GSS_S_COMPLETE)
178
179
chan.initiator_addrtype = GSS_C_AF_INET;
179
180
chan.initiator_address.length = l - 4;
180
chan.initiator_address.value = &((struct sockaddr_in *)LOCAL_ADDR)->sin_addr.s_addr;
181
chan.initiator_address.value =
182
&((struct sockaddr_in *)LOCAL_ADDR)->sin_addr.s_addr;
181
183
chan.acceptor_addrtype = GSS_C_AF_INET;
182
184
chan.acceptor_address.length = l - 4;
183
chan.acceptor_address.value = &((struct sockaddr_in *)REMOTE_ADDR)->sin_addr.s_addr;
185
chan.acceptor_address.value =
186
&((struct sockaddr_in *)REMOTE_ADDR)->sin_addr.s_addr;
184
187
chan.application_data.length = 0;
185
188
chan.application_data.value = NULL;
191
194
result = Curl_ftpsendf(conn, "AUTH GSSAPI");
195
198
if(Curl_GetFTPResponse(&nread, conn, NULL))
198
201
if(data->state.buffer[0] != '3')
202
205
gssbuf.value = data->state.buffer;
205
208
if(maj != GSS_S_COMPLETE) {
206
209
gss_release_name(&min, &gssname);
207
210
if(service == srv_host) {
208
Curl_failf(data, "Error importing service name %s", gssbuf.value);
211
Curl_failf(data, "Error importing service name %s", gssbuf.value);
211
214
service = srv_host;
225
228
maj = gss_init_sec_context(&min,
230
GSS_C_MUTUAL_FLAG | GSS_C_REPLAY_FLAG,
233
GSS_C_MUTUAL_FLAG | GSS_C_REPLAY_FLAG,
240
free(_gssresp.value);
243
free(_gssresp.value);
244
247
if(maj != GSS_S_COMPLETE && maj != GSS_S_CONTINUE_NEEDED) {
245
Curl_infof(data, "Error creating security context");
248
Curl_infof(data, "Error creating security context");
250
253
if(gssbuf.length != 0) {
251
if(Curl_base64_encode(data, (char *)gssbuf.value, gssbuf.length, &p) < 1) {
252
Curl_infof(data, "Out of memory base64-encoding");
257
result = Curl_ftpsendf(conn, "ADAT %s", p);
266
if(Curl_GetFTPResponse(&nread, conn, NULL)) {
271
if(data->state.buffer[0] != '2' && data->state.buffer[0] != '3'){
272
Curl_infof(data, "Server didn't accept auth data\n");
277
p = data->state.buffer + 4;
278
p = strstr(p, "ADAT=");
280
_gssresp.length = Curl_base64_decode(p + 5, (unsigned char **)&_gssresp.value);
281
if(_gssresp.length < 1) {
282
Curl_failf(data, "Out of memory base64-encoding");
254
if(Curl_base64_encode(data, (char *)gssbuf.value, gssbuf.length, &p)
256
Curl_infof(data, "Out of memory base64-encoding");
261
result = Curl_ftpsendf(conn, "ADAT %s", p);
270
if(Curl_GetFTPResponse(&nread, conn, NULL)) {
275
if(data->state.buffer[0] != '2' && data->state.buffer[0] != '3'){
276
Curl_infof(data, "Server didn't accept auth data\n");
281
p = data->state.buffer + 4;
282
p = strstr(p, "ADAT=");
284
_gssresp.length = Curl_base64_decode(p + 5, (unsigned char **)
286
if(_gssresp.length < 1) {
287
Curl_failf(data, "Out of memory base64-encoding");
290
295
} while(maj == GSS_S_CONTINUE_NEEDED);