From c00b8c347be5754a4ceb6f6669dcc34886912dda Mon Sep 17 00:00:00 2001 From: Mike Gatny Date: Mon, 30 Sep 2013 15:51:20 -0500 Subject: [PATCH] Refactored common impl into gssapi_mechanism_base. E.g., both client and server need to produce and process GSSAPI tokens. --- src/Makefile.am | 2 + src/gssapi_client.cpp | 51 +---------------------- src/gssapi_client.hpp | 10 ++--- src/gssapi_mechanism_base.cpp | 77 +++++++++++++++++++++++++++++++++++ src/gssapi_mechanism_base.hpp | 48 ++++++++++++++++++++++ src/gssapi_server.cpp | 55 ++----------------------- src/gssapi_server.hpp | 9 ++-- 7 files changed, 139 insertions(+), 113 deletions(-) create mode 100644 src/gssapi_mechanism_base.cpp create mode 100644 src/gssapi_mechanism_base.hpp diff --git a/src/Makefile.am b/src/Makefile.am index 60702d37..c2288146 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -25,6 +25,7 @@ libzmq_la_SOURCES = \ err.hpp \ fd.hpp \ fq.hpp \ + gssapi_mechanism_base.hpp \ gssapi_client.hpp \ gssapi_server.hpp \ i_encoder.hpp \ @@ -103,6 +104,7 @@ libzmq_la_SOURCES = \ epoll.cpp \ err.cpp \ fq.cpp \ + gssapi_mechanism_base.cpp \ gssapi_client.cpp \ gssapi_server.cpp \ io_object.cpp \ diff --git a/src/gssapi_client.cpp b/src/gssapi_client.cpp index c8f99202..6c00e232 100644 --- a/src/gssapi_client.cpp +++ b/src/gssapi_client.cpp @@ -32,8 +32,8 @@ #include "wire.hpp" zmq::gssapi_client_t::gssapi_client_t (const options_t &options_) : + gssapi_mechanism_base_t (), mechanism_t (options_), - expecting_another_token (true), state (sending_hello) { } @@ -180,55 +180,6 @@ int zmq::gssapi_client_t::produce_initiate (msg_t *msg_) const return 0; } -int zmq::gssapi_client_t::produce_token (msg_t *msg_) const -{ - unsigned char * const command_buffer = (unsigned char *) malloc (512); - alloc_assert (command_buffer); - - unsigned char *ptr = command_buffer; - - // Add command name - memcpy (ptr, "\x05TOKEN", 6); - ptr += 6; - - // Add socket type property - const char *socket_type = socket_type_string (options.type); - ptr += add_property (ptr, "Socket-Type", socket_type, strlen (socket_type)); - - // Add identity property - if (options.type == ZMQ_REQ - || options.type == ZMQ_DEALER - || options.type == ZMQ_ROUTER) { - ptr += add_property (ptr, "Identity", - options.identity, options.identity_size); - } - - const size_t command_size = ptr - command_buffer; - const int rc = msg_->init_size (command_size); - errno_assert (rc == 0); - memcpy (msg_->data (), command_buffer, command_size); - free (command_buffer); - - return 0; -} - -int zmq::gssapi_client_t::process_token (msg_t *msg_) -{ - const unsigned char *ptr = static_cast (msg_->data ()); - size_t bytes_left = msg_->size (); - - if (bytes_left < 6 || memcmp (ptr, "\x05TOKEN", 6)) { - errno = EPROTO; - return -1; - } - ptr += 6; - bytes_left -= 6; - - expecting_another_token = false; - - return parse_metadata (ptr, bytes_left); -} - int zmq::gssapi_client_t::process_ready (msg_t *msg_) { const unsigned char *ptr = static_cast (msg_->data ()); diff --git a/src/gssapi_client.hpp b/src/gssapi_client.hpp index 3868697d..838373f6 100644 --- a/src/gssapi_client.hpp +++ b/src/gssapi_client.hpp @@ -20,6 +20,7 @@ #ifndef __ZMQ_GSSAPI_CLIENT_HPP_INCLUDED__ #define __ZMQ_GSSAPI_CLIENT_HPP_INCLUDED__ +#include "gssapi_mechanism_base.hpp" #include "mechanism.hpp" #include "options.hpp" @@ -29,7 +30,9 @@ namespace zmq class msg_t; class session_base_t; - class gssapi_client_t : public mechanism_t + class gssapi_client_t : + public gssapi_mechanism_base_t, + public mechanism_t { public: @@ -53,17 +56,12 @@ namespace zmq ready }; - // True iff we are awaiting another GSS token. - bool expecting_another_token; - state_t state; int produce_hello (msg_t *msg_) const; int produce_initiate (msg_t *msg_) const; - int produce_token (msg_t *msg_) const; int process_welcome (msg_t *msg); - int process_token (msg_t *msg_); int process_ready (msg_t *msg_); }; diff --git a/src/gssapi_mechanism_base.cpp b/src/gssapi_mechanism_base.cpp new file mode 100644 index 00000000..c6531879 --- /dev/null +++ b/src/gssapi_mechanism_base.cpp @@ -0,0 +1,77 @@ +/* + Copyright (c) 2007-2013 Contributors as noted in the AUTHORS file + + This file is part of 0MQ. + + 0MQ is free software; you can redistribute it and/or modify it under + the terms of the GNU Lesser General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + 0MQ is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public License + along with this program. If not, see . +*/ + +#include "platform.hpp" +#ifdef ZMQ_HAVE_WINDOWS +#include "windows.hpp" +#endif + +#include +#include + +#include "msg.hpp" +#include "session_base.hpp" +#include "err.hpp" +#include "gssapi_mechanism_base.hpp" +#include "wire.hpp" + +zmq::gssapi_mechanism_base_t::gssapi_mechanism_base_t () : + gss_continue_needed (false) +{ +} + +zmq::gssapi_mechanism_base_t::~gssapi_mechanism_base_t () +{ +} + +int zmq::gssapi_mechanism_base_t::produce_token (msg_t *msg_) const +{ + unsigned char * const command_buffer = (unsigned char *) malloc (512); + alloc_assert (command_buffer); + + unsigned char *ptr = command_buffer; + + // Add command name + memcpy (ptr, "\x05TOKEN", 6); + ptr += 6; + + const size_t command_size = ptr - command_buffer; + const int rc = msg_->init_size (command_size); + errno_assert (rc == 0); + memcpy (msg_->data (), command_buffer, command_size); + free (command_buffer); + + return 0; +} + +int zmq::gssapi_mechanism_base_t::process_token (msg_t *msg_) +{ + const unsigned char *ptr = static_cast (msg_->data ()); + size_t bytes_left = msg_->size (); + + if (bytes_left < 6 || memcmp (ptr, "\x05TOKEN", 6)) { + errno = EPROTO; + return -1; + } + ptr += 6; + bytes_left -= 6; + + return 0; +} + diff --git a/src/gssapi_mechanism_base.hpp b/src/gssapi_mechanism_base.hpp new file mode 100644 index 00000000..5a708f13 --- /dev/null +++ b/src/gssapi_mechanism_base.hpp @@ -0,0 +1,48 @@ +/* + Copyright (c) 2007-2013 Contributors as noted in the AUTHORS file + + This file is part of 0MQ. + + 0MQ is free software; you can redistribute it and/or modify it under + the terms of the GNU Lesser General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + 0MQ is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public License + along with this program. If not, see . +*/ + +#ifndef __ZMQ_GSSAPI_MECHANISM_BASE_HPP_INCLUDED__ +#define __ZMQ_GSSAPI_MECHANISM_BASE_HPP_INCLUDED__ + +namespace zmq +{ + + class msg_t; + + // Both gssapi_server and gssapi_client need to produce and process + // GSSAPI tokens. Common implementation is captured here. + + class gssapi_mechanism_base_t + { + public: + gssapi_mechanism_base_t (); + virtual ~gssapi_mechanism_base_t () = 0; + + protected: + + // True iff we are awaiting another GSSAPI token. + bool gss_continue_needed; + + int produce_token (msg_t *msg_) const; + int process_token (msg_t *msg_); + }; + +} + +#endif diff --git a/src/gssapi_server.cpp b/src/gssapi_server.cpp index 1c02fe4b..65503a4a 100644 --- a/src/gssapi_server.cpp +++ b/src/gssapi_server.cpp @@ -32,13 +32,13 @@ #include "wire.hpp" zmq::gssapi_server_t::gssapi_server_t (session_base_t *session_, - const std::string &peer_address_, - const options_t &options_) : + const std::string &peer_address_, + const options_t &options_) : + gssapi_mechanism_base_t (), mechanism_t (options_), session (session_), peer_address (peer_address_), expecting_zap_reply (false), - expecting_another_token (true), state (waiting_for_hello) { } @@ -209,55 +209,6 @@ int zmq::gssapi_server_t::process_initiate (msg_t *msg_) return parse_metadata (ptr, bytes_left); } -int zmq::gssapi_server_t::produce_token (msg_t *msg_) const -{ - unsigned char * const command_buffer = (unsigned char *) malloc (512); - alloc_assert (command_buffer); - - unsigned char *ptr = command_buffer; - - // Add command name - memcpy (ptr, "\x05TOKEN", 6); - ptr += 6; - - // Add socket type property - const char *socket_type = socket_type_string (options.type); - ptr += add_property (ptr, "Socket-Type", socket_type, strlen (socket_type)); - - // Add identity property - if (options.type == ZMQ_REQ - || options.type == ZMQ_DEALER - || options.type == ZMQ_ROUTER) { - ptr += add_property (ptr, "Identity", - options.identity, options.identity_size); - } - - const size_t command_size = ptr - command_buffer; - const int rc = msg_->init_size (command_size); - errno_assert (rc == 0); - memcpy (msg_->data (), command_buffer, command_size); - free (command_buffer); - - return 0; -} - -int zmq::gssapi_server_t::process_token (msg_t *msg_) -{ - const unsigned char *ptr = static_cast (msg_->data ()); - size_t bytes_left = msg_->size (); - - if (bytes_left < 6 || memcmp (ptr, "\x05TOKEN", 6)) { - errno = EPROTO; - return -1; - } - ptr += 6; - bytes_left -= 6; - - expecting_another_token = false; - - return parse_metadata (ptr, bytes_left); -} - int zmq::gssapi_server_t::produce_ready (msg_t *msg_) const { unsigned char * const command_buffer = (unsigned char *) malloc (512); diff --git a/src/gssapi_server.hpp b/src/gssapi_server.hpp index eb2b704e..ebe1c40d 100644 --- a/src/gssapi_server.hpp +++ b/src/gssapi_server.hpp @@ -20,6 +20,7 @@ #ifndef __ZMQ_GSSAPI_SERVER_HPP_INCLUDED__ #define __ZMQ_GSSAPI_SERVER_HPP_INCLUDED__ +#include "gssapi_mechanism_base.hpp" #include "mechanism.hpp" #include "options.hpp" @@ -29,7 +30,9 @@ namespace zmq class msg_t; class session_base_t; - class gssapi_server_t : public mechanism_t + class gssapi_server_t : + public gssapi_mechanism_base_t, + public mechanism_t { public: @@ -63,18 +66,14 @@ namespace zmq // True iff we are awaiting reply from ZAP reply. bool expecting_zap_reply; - // True iff we are awaiting another GSS token. - bool expecting_another_token; state_t state; int produce_welcome (msg_t *msg_) const; - int produce_token (msg_t *msg_) const; int produce_ready (msg_t *msg_) const; int process_hello (msg_t *msg_); int process_initiate (msg_t *msg_); - int process_token (msg_t *msg_); void send_zap_request (const std::string &username, const std::string &password);