← Back to branch summary

~ubuntu-branches/ubuntu/raring/curl/raring-updates

« back to all changes in this revision

Viewing changes to lib/krb5.c

  • Committer: Package Import Robot
  • Author(s): Alessandro Ghedini
  • Date: 2011-11-13 21:07:32 UTC
  • mto: (3.6.1 experimental) (1.3.1)
  • mto: This revision was merged to the branch mainline in revision 55.
  • Revision ID: package-import@ubuntu.com-20111113210732-bk5n25x2tu7aplur
Tags: upstream-7.22.0
ImportĀ upstreamĀ versionĀ 7.22.0

Show diffs side-by-side

added added

removed removed

Lines of Context:
lib/krb5.c
39
39
 
40
40
#ifdef HAVE_OLD_GSSMIT
41
41
#define GSS_C_NT_HOSTBASED_SERVICE gss_nt_service_name
 
42
#define NCOMPAT 1
42
43
#endif
43
44
 
44
 
#include <stdlib.h>
45
45
#ifdef HAVE_NETDB_H
46
46
#include <netdb.h>
47
47
#endif
48
 
#include <string.h>
49
 
 
50
 
#ifdef HAVE_GSSGNU
51
 
#  include <gss.h>
52
 
#elif defined HAVE_GSSMIT
53
 
   /* MIT style */
54
 
#  include <gssapi/gssapi.h>
55
 
#  include <gssapi/gssapi_generic.h>
56
 
#  include <gssapi/gssapi_krb5.h>
57
 
#else
58
 
   /* Heimdal-style */
59
 
#  include <gssapi.h>
60
 
#endif
61
48
 
62
49
#include "urldata.h"
63
50
#include "curl_base64.h"
64
51
#include "ftp.h"
 
52
#include "curl_gssapi.h"
65
53
#include "sendf.h"
66
54
#include "krb4.h"
67
55
#include "curl_memory.h"
94
82
}
95
83
 
96
84
static int
97
 
krb5_decode(void *app_data, void *buf, int len, int level,
98
 
            struct connectdata *conn)
 
85
krb5_decode(void *app_data, void *buf, int len,
 
86
            int level UNUSED_PARAM,
 
87
            struct connectdata *conn UNUSED_PARAM)
99
88
{
100
89
  gss_ctx_id_t *context = app_data;
101
90
  OM_uint32 maj, min;
102
91
  gss_buffer_desc enc, dec;
103
92
 
104
 
  /* shut gcc up */
105
 
  level = 0;
106
 
  conn = NULL;
 
93
  (void)level;
 
94
  (void)conn;
107
95
 
108
96
  enc.value = buf;
109
97
  enc.length = len;
133
121
 
134
122
static int
135
123
krb5_encode(void *app_data, const void *from, int length, int level, void **to,
136
 
            struct connectdata *conn)
 
124
            struct connectdata *conn UNUSED_PARAM)
137
125
{
138
126
  gss_ctx_id_t *context = app_data;
139
127
  gss_buffer_desc dec, enc;
184
172
  gss_name_t gssname;
185
173
  gss_ctx_id_t *context = app_data;
186
174
  struct gss_channel_bindings_struct chan;
 
175
  size_t base64_sz = 0;
187
176
 
188
177
  if(getsockname(conn->sock[FIRSTSOCKET],
189
178
                 (struct sockaddr *)LOCAL_ADDR, &l) < 0)
201
190
  chan.application_data.value = NULL;
202
191
 
203
192
  /* this loop will execute twice (once for service, once for host) */
204
 
  while(1) {
 
193
  for(;;) {
205
194
    /* this really shouldn't be repeated here, but can't help it */
206
195
    if(service == srv_host) {
207
196
      result = Curl_ftpsendf(conn, "AUTH GSSAPI");
242
231
         taken care by a final gss_release_buffer. */
243
232
      gss_release_buffer(&min, &output_buffer);
244
233
      ret = AUTH_OK;
245
 
      maj = gss_init_sec_context(&min,
246
 
                                 GSS_C_NO_CREDENTIAL,
247
 
                                 context,
248
 
                                 gssname,
249
 
                                 GSS_C_NO_OID,
250
 
                                 GSS_C_MUTUAL_FLAG | GSS_C_REPLAY_FLAG,
251
 
                                 0,
252
 
                                 &chan,
253
 
                                 gssresp,
254
 
                                 NULL,
255
 
                                 &output_buffer,
256
 
                                 NULL,
257
 
                                 NULL);
 
234
      maj = Curl_gss_init_sec_context(data,
 
235
                                      &min,
 
236
                                      context,
 
237
                                      gssname,
 
238
                                      &chan,
 
239
                                      gssresp,
 
240
                                      &output_buffer,
 
241
                                      NULL);
258
242
 
259
243
      if(gssresp) {
260
244
        free(_gssresp.value);
268
252
      }
269
253
 
270
254
      if(output_buffer.length != 0) {
271
 
        if(Curl_base64_encode(data, (char *)output_buffer.value,
272
 
                              output_buffer.length, &p) < 1) {
273
 
          Curl_infof(data, "Out of memory base64-encoding\n");
 
255
        result = Curl_base64_encode(data, (char *)output_buffer.value,
 
256
                                    output_buffer.length, &p, &base64_sz);
 
257
        if(result) {
 
258
          Curl_infof(data,"base64-encoding: %s\n", curl_easy_strerror(result));
274
259
          ret = AUTH_CONTINUE;
275
260
          break;
276
261
        }
289
274
          break;
290
275
        }
291
276
 
292
 
        if(data->state.buffer[0] != '2' && data->state.buffer[0] != '3'){
 
277
        if(data->state.buffer[0] != '2' && data->state.buffer[0] != '3') {
293
278
          Curl_infof(data, "Server didn't accept auth data\n");
294
279
          ret = AUTH_ERROR;
295
280
          break;
298
283
        p = data->state.buffer + 4;
299
284
        p = strstr(p, "ADAT=");
300
285
        if(p) {
301
 
          _gssresp.length = Curl_base64_decode(p + 5, (unsigned char **)
302
 
                                               &_gssresp.value);
303
 
          if(_gssresp.length < 1) {
304
 
            Curl_failf(data, "Out of memory base64-encoding\n");
 
286
          result = Curl_base64_decode(p + 5,
 
287
                                      (unsigned char **)&_gssresp.value,
 
288
                                      &_gssresp.length);
 
289
          if(result) {
 
290
            Curl_failf(data,"base64-decoding: %s", curl_easy_strerror(result));
305
291
            ret = AUTH_CONTINUE;
306
292
            break;
307
293
          }