Fix problems with Kerberos sockets

11 files changed, 90 insertions, 43 deletions

diff --git a/clients/tde/src/app/Makefile.am b/clients/tde/src/app/Makefile.am
index 80d5986..530c4c3 100644
--- a/clients/tde/src/app/Makefile.am
+++ b/clients/tde/src/app/Makefile.am
@@ -6,4 +6,4 @@ METASOURCES = AUTO
 bin_PROGRAMS = remote_laboratory_client
 remote_laboratory_client_SOURCES = main.cpp remotemdi.cpp
 remote_laboratory_client_LDADD = ./views/libinstrumentview.la $(LIB_KPARTS) $(LIB_TDEUI)
-remote_laboratory_client_LDFLAGS = $(all_libraries) $(KDE_RPATH) $(LIB_QT) -lDCOP $(LIB_TDECORE) $(LIB_TDEUI) -ltdefx $(LIB_KIO) -lktexteditor -lkmdi -ltdekrbsocket
+remote_laboratory_client_LDFLAGS = $(all_libraries) $(KDE_RPATH) $(LIB_QT) -lDCOP $(LIB_TDECORE) $(LIB_TDEUI) -ltdefx $(LIB_KIO) -lktexteditor -lkmdi -ltdekrbsocket -ltqtrla
diff --git a/clients/tde/src/app/remotemdi.cpp b/clients/tde/src/app/remotemdi.cpp
index 6b89fa5..ae06857 100644
--- a/clients/tde/src/app/remotemdi.cpp
+++ b/clients/tde/src/app/remotemdi.cpp
@@ -12,6 +12,7 @@ using namespace std;
 #include <klocale.h>
 #include <kdebug.h>
 #include <kconfig.h>
+#include <kmessagebox.h>
 
 #include <tqlabel.h>
 #include <tqtimer.h>
@@ -110,21 +111,39 @@ void RemoteMDI::connectToServer() {
 			printf("[DEBUG] Initial connection established...\n\r"); fflush(stdout);
 			if (m_rsvSvrSocket->setUsingKerberos(true) != 0) {
 				disconnectFromServer();
+				KMessageBox::error(this, i18n("<qt>Unable to establish Kerberos protocol with remote server<p>Please verify that you currently hold a valid Kerberos ticket</qt>"), i18n("Connection Failed"));
 			}
 			else {
 				// Connection established!
-				disconnect_action->setEnabled(true);
-
-				// Read the next line from the server
-				TQString str = m_rsvSvrSocket->readLine();
-				printf("[RAJA DEBUG 200.0] Got %s\n\r", str.ascii()); fflush(stdout);
+				// Read magic number and proto version from server
+				TQDataStream ds(m_rsvSvrSocket);
+				TQ_UINT32 magicnum;
+				TQ_UINT32 protover;
+				ds >> magicnum;
+				ds >> protover;
+				printf("[RAJA DEBUG 200.0] Got magic %d and proto %d\n\r", magicnum, protover); fflush(stdout);
+				if ((magicnum == MAGIC_NUMBER) && (protover == PROTOCOL_VERSION)) {
+					disconnect_action->setEnabled(true);
+	
+					// Read the next line from the server
+					TQString str = m_rsvSvrSocket->readLine();
+					printf("[RAJA DEBUG 200.1] Got %s\n\r", str.ascii()); fflush(stdout);
+				}
+				else {
+					disconnectFromServer();
+					KMessageBox::error(this, i18n("<qt>The remote server is not compatible with this client</qt>"), i18n("Connection Failed"));
+				}
 			}
 		}
 		else {
-			printf("[ERROR] Initial connection failed (state %d)\n\r", m_rsvSvrSocket->state()); fflush(stdout);
 			disconnectFromServer();
+			KMessageBox::error(this, i18n("<qt>Unable to establish connection to remote server</qt>"), i18n("Connection Failed"));
 		}
 	}
+	else {
+		disconnectFromServer();
+		KMessageBox::error(this, i18n("<qt>The address of the remote server has not been specified</qt>"), i18n("Connection Failed"));
+	}
 
 	processLockouts();
 }
@@ -148,6 +167,7 @@ void RemoteMDI::disconnectFromServer() {
 
 void RemoteMDI::connectionClosedHandler() {
 	disconnectFromServer();
+	KMessageBox::error(this, i18n("<qt>The remote server has closed the connection</qt>"), i18n("Connection Terminated"));
 }
 
 void RemoteMDI::processLockouts() {
diff --git a/clients/tde/src/app/remotemdi.h b/clients/tde/src/app/remotemdi.h
index 5ccc80d..8bd5f2f 100644
--- a/clients/tde/src/app/remotemdi.h
+++ b/clients/tde/src/app/remotemdi.h
@@ -11,7 +11,12 @@
 #include <tqvaluelist.h>
 #include <kmdimainfrm.h>
 
-#include "tdekrbclientsocket.h"
+#include <tdekrbclientsocket.h>
+
+#include <tqtrla.h>
+
+#define MAGIC_NUMBER 1
+#define PROTOCOL_VERSION 1
 
 class KMdiChildView;
 class KListBox;
diff --git a/lib/libtdekrb/src/tdekrbclientsocket.cpp b/lib/libtdekrb/src/tdekrbclientsocket.cpp
index c9db10a..053dd23 100644
--- a/lib/libtdekrb/src/tdekrbclientsocket.cpp
+++ b/lib/libtdekrb/src/tdekrbclientsocket.cpp
@@ -115,8 +115,8 @@ void TDEKerberosClientSocket::setServerFQDN(TQString name) {
 	m_serverFQDN = name;
 }
 
-Q_LONG TDEKerberosClientSocket::readBlock(char *data, Q_ULONG maxlen) {
-	Q_LONG ret;
+TQ_LONG TDEKerberosClientSocket::readBlock(char *data, TQ_ULONG maxlen) {
+	TQ_LONG ret;
 
 	if (m_kerberosRequested) {
 		ret = receiveEncryptedData(data, maxlen);
@@ -128,8 +128,8 @@ Q_LONG TDEKerberosClientSocket::readBlock(char *data, Q_ULONG maxlen) {
 	return ret;
 }
 
-Q_LONG TDEKerberosClientSocket::writeBlock(const char *data, Q_ULONG len) {
-	Q_LONG ret;
+TQ_LONG TDEKerberosClientSocket::writeBlock(const char *data, TQ_ULONG len) {
+	TQ_LONG ret;
 
 	if (m_kerberosRequested) {
 		ret = transmitEncryptedData(socket(), data, len);
@@ -141,11 +141,11 @@ Q_LONG TDEKerberosClientSocket::writeBlock(const char *data, Q_ULONG len) {
 	return ret;
 }
 
-Q_LONG TDEKerberosClientSocket::readLine(char *data, Q_ULONG maxlen) {
-	Q_LONG ret;
+TQ_LONG TDEKerberosClientSocket::readLine(char *data, TQ_ULONG maxlen) {
+	TQ_LONG ret;
 
 	if (m_kerberosRequested) {
-		ret = getSASLDataFromNetwork(data, maxlen);
+		ret = receiveEncryptedData(data, maxlen);
 	}
 	else {
 		ret = TQSocket::readLine(data, maxlen);
@@ -236,7 +236,6 @@ unsigned int TDEKerberosClientSocket::getSASLDataFromNetwork(char *buf, int trun
 		}
 		if (len >= (ba.size()-1)) {
 			ba.resize(ba.size()+2048);
-			break;
 		}
 	}
 
@@ -272,16 +271,22 @@ int TDEKerberosClientSocket::receiveEncryptedData(char *buf, int trunclen) {
 	int result;
 	int len;
 
-	len = getSASLDataFromNetwork(buf, trunclen);
+	char *encbuf = (char*)malloc(m_negotiatedMaxBufferSize);
+	len = getSASLDataFromNetwork(encbuf, m_negotiatedMaxBufferSize);
 	if (len >= 0) {
-		result=sasl_decode(saslData->m_krbConnection, buf, len, &recv_data, &recv_len);
+		result=sasl_decode(saslData->m_krbConnection, encbuf, len, &recv_data, &recv_len);
 		if (result != SASL_OK) {
+			free(encbuf);
 			printf("[ERROR] Decrypting data returned %s (%d)\n\r", sasl_errdetail(saslData->m_krbConnection), result);
 			return -1;
 		}
-		strncpy(buf, recv_data, trunclen);
+		if (recv_len > trunclen) {
+			recv_len = trunclen;
+		}
+		memcpy(buf, recv_data, recv_len);
 	}
 
+	free(encbuf);
 	return 0;
 }
 
diff --git a/lib/libtdekrb/src/tdekrbclientsocket.h b/lib/libtdekrb/src/tdekrbclientsocket.h
index b010bc5..1cea942 100644
--- a/lib/libtdekrb/src/tdekrbclientsocket.h
+++ b/lib/libtdekrb/src/tdekrbclientsocket.h
@@ -37,9 +37,9 @@ class TDEKerberosClientSocket : public TQSocket
 
 		bool open(int mode);
 		void close();
-		Q_LONG readBlock(char *data, Q_ULONG maxlen);
-		Q_LONG writeBlock(const char *data, Q_ULONG len);
-		Q_LONG readLine(char *data, Q_ULONG maxlen);
+		TQ_LONG readBlock(char *data, TQ_ULONG maxlen);
+		TQ_LONG writeBlock(const char *data, TQ_ULONG len);
+		TQ_LONG readLine(char *data, TQ_ULONG maxlen);
 		TQString readLine();
 		void writeLine(TQString);
 
diff --git a/lib/libtdekrb/src/tdekrbserversocket.cpp b/lib/libtdekrb/src/tdekrbserversocket.cpp
index 0704aeb..1d7cfbf 100644
--- a/lib/libtdekrb/src/tdekrbserversocket.cpp
+++ b/lib/libtdekrb/src/tdekrbserversocket.cpp
@@ -115,8 +115,8 @@ void TDEKerberosServerSocket::setServerFQDN(TQString name) {
 	m_serverFQDN = name;
 }
 
-Q_LONG TDEKerberosServerSocket::readBlock(char *data, Q_ULONG maxlen) {
-	Q_LONG ret;
+TQ_LONG TDEKerberosServerSocket::readBlock(char *data, TQ_ULONG maxlen) {
+	TQ_LONG ret;
 
 	if (m_kerberosRequested) {
 		ret = receiveEncryptedData(data, maxlen);
@@ -128,8 +128,8 @@ Q_LONG TDEKerberosServerSocket::readBlock(char *data, Q_ULONG maxlen) {
 	return ret;
 }
 
-Q_LONG TDEKerberosServerSocket::writeBlock(const char *data, Q_ULONG len) {
-	Q_LONG ret;
+TQ_LONG TDEKerberosServerSocket::writeBlock(const char *data, TQ_ULONG len) {
+	TQ_LONG ret;
 
 	if (m_kerberosRequested) {
 		ret = transmitEncryptedData(socket(), data, len);
@@ -141,11 +141,11 @@ Q_LONG TDEKerberosServerSocket::writeBlock(const char *data, Q_ULONG len) {
 	return ret;
 }
 
-Q_LONG TDEKerberosServerSocket::readLine(char *data, Q_ULONG maxlen) {
-	Q_LONG ret;
+TQ_LONG TDEKerberosServerSocket::readLine(char *data, TQ_ULONG maxlen) {
+	TQ_LONG ret;
 
 	if (m_kerberosRequested) {
-		ret = getSASLDataFromNetwork(data, maxlen);
+		ret = receiveEncryptedData(data, maxlen);
 	}
 	else {
 		ret = TQSocket::readLine(data, maxlen);
@@ -236,7 +236,6 @@ unsigned int TDEKerberosServerSocket::getSASLDataFromNetwork(char *buf, int trun
 		}
 		if (len >= (ba.size()-1)) {
 			ba.resize(ba.size()+2048);
-			break;
 		}
 	}
 
@@ -272,16 +271,22 @@ int TDEKerberosServerSocket::receiveEncryptedData(char *buf, int trunclen) {
 	int result;
 	int len;
 
-	len = getSASLDataFromNetwork(buf, trunclen);
+	char *encbuf = (char*)malloc(m_negotiatedMaxBufferSize);
+	len = getSASLDataFromNetwork(encbuf, m_negotiatedMaxBufferSize);
 	if (len >= 0) {
-		result=sasl_decode(saslData->m_krbConnection, buf, len, &recv_data, &recv_len);
+		result=sasl_decode(saslData->m_krbConnection, encbuf, len, &recv_data, &recv_len);
 		if (result != SASL_OK) {
+			free(encbuf);
 			printf("[ERROR] Decrypting data returned %s (%d)\n\r", sasl_errdetail(saslData->m_krbConnection), result);
 			return -1;
 		}
-		strncpy(buf, recv_data, trunclen);
+		if (recv_len > trunclen) {
+			recv_len = trunclen;
+		}
+		memcpy(buf, recv_data, recv_len);
 	}
 
+	free(encbuf);
 	return 0;
 }
 
diff --git a/lib/libtdekrb/src/tdekrbserversocket.h b/lib/libtdekrb/src/tdekrbserversocket.h
index 16d6483..04f70b9 100644
--- a/lib/libtdekrb/src/tdekrbserversocket.h
+++ b/lib/libtdekrb/src/tdekrbserversocket.h
@@ -37,9 +37,9 @@ class TDEKerberosServerSocket : public TQSocket
 
 		bool open(int mode);
 		void close();
-		Q_LONG readBlock(char *data, Q_ULONG maxlen);
-		Q_LONG writeBlock(const char *data, Q_ULONG len);
-		Q_LONG readLine(char *data, Q_ULONG maxlen);
+		TQ_LONG readBlock(char *data, TQ_ULONG maxlen);
+		TQ_LONG writeBlock(const char *data, TQ_ULONG len);
+		TQ_LONG readLine(char *data, TQ_ULONG maxlen);
 		TQString readLine();
 		void writeLine(TQString);
 
diff --git a/lib/libtqtrla/src/Makefile.am b/lib/libtqtrla/src/Makefile.am
index b0b10cf..5c8888c 100644
--- a/lib/libtqtrla/src/Makefile.am
+++ b/lib/libtqtrla/src/Makefile.am
@@ -1,11 +1,11 @@
-INCLUDES    = $(all_includes) -I/usr/include/sasl
+INCLUDES    = $(all_includes)
 METASOURCES = AUTO
 
 # Create a shared library file
-lib_LTLIBRARIES = libtdekrbsocket.la
+lib_LTLIBRARIES = libtqtrla.la
 
-include_HEADERS = tdekrbclientsocket.h tdekrbserversocket.h
+include_HEADERS = tqtrla.h
 
-libtdekrbsocket_la_SOURCES = tdekrbclientsocket.cpp tdekrbserversocket.cpp
-libtdekrbsocket_la_LIBADD = -lkio $(LIB_TDEUI) -lsasl2
-libtdekrbsocket_la_LDFLAGS = -avoid-version -module -no-undefined $(all_libraries)
\ No newline at end of file
+libtqtrla_la_SOURCES = tqtrla.cpp
+libtqtrla_la_LIBADD = -lkio $(LIB_TDEUI)
+libtqtrla_la_LDFLAGS = -avoid-version -module -no-undefined $(all_libraries)
\ No newline at end of file
diff --git a/servers/auth_server_lin/src/Makefile.am b/servers/auth_server_lin/src/Makefile.am
index e7250a4..c9c9fde 100644
--- a/servers/auth_server_lin/src/Makefile.am
+++ b/servers/auth_server_lin/src/Makefile.am
@@ -5,6 +5,6 @@ bin_PROGRAMS = remotefpga_authserver
 remotefpga_authserver_SOURCES = main.cpp auth_conn.cpp
 
 remotefpga_authserver_METASOURCES = AUTO
-remotefpga_authserver_LDFLAGS = $(all_libraries) $(KDE_RPATH) $(LIB_QT) -lDCOP $(LIB_TDECORE) $(LIB_TDEUI) -ltdefx $(LIB_KIO) -lktexteditor -ltdekrbsocket
+remotefpga_authserver_LDFLAGS = $(all_libraries) $(KDE_RPATH) $(LIB_QT) -lDCOP $(LIB_TDECORE) $(LIB_TDEUI) -ltdefx $(LIB_KIO) -lktexteditor -ltdekrbsocket -ltqtrla
 
 KDE_OPTIONS = nofinal
diff --git a/servers/auth_server_lin/src/auth_conn.cpp b/servers/auth_server_lin/src/auth_conn.cpp
index 41a09f9..013b9bd 100644
--- a/servers/auth_server_lin/src/auth_conn.cpp
+++ b/servers/auth_server_lin/src/auth_conn.cpp
@@ -57,6 +57,13 @@ int AuthSocket::initiateKerberosHandshake() {
 	bool user_authorized = false;
 
 	if (setUsingKerberos(true) == 0) {
+		TQ_UINT32 magicnum = MAGIC_NUMBER;
+		TQ_UINT32 protover = PROTOCOL_VERSION;
+
+		TQDataStream ds(this);
+		ds << magicnum;
+		ds << protover;
+
 		// RAJA FIXME
 		if (user_authorized == 1) {
 			// Send list of available servers...
diff --git a/servers/auth_server_lin/src/auth_conn.h b/servers/auth_server_lin/src/auth_conn.h
index 7c9d000..e9432f5 100644
--- a/servers/auth_server_lin/src/auth_conn.h
+++ b/servers/auth_server_lin/src/auth_conn.h
@@ -31,6 +31,11 @@
 
 #include <tdekrbserversocket.h>
 
+#include <tqtrla.h>
+
+#define MAGIC_NUMBER 1
+#define PROTOCOL_VERSION 1
+
 class AuthSocket : public TDEKerberosServerSocket
 {
 	Q_OBJECT