summaryrefslogtreecommitdiffstats
path: root/lib/libtdekrb
diff options
context:
space:
mode:
authorTimothy Pearson <kb9vqf@pearsoncomputing.net>2012-07-04 23:56:48 -0500
committerTimothy Pearson <kb9vqf@pearsoncomputing.net>2012-07-04 23:56:48 -0500
commit6d13afadb8cf8ef0788afaa0d7b4229bc48d0c19 (patch)
treeac97e133f64f6f48c0806b1e63b6b41ba82d3885 /lib/libtdekrb
parentd5316f5795e3557d032af9a95ba4e5fa88191834 (diff)
downloadulab-6d13afadb8cf8ef0788afaa0d7b4229bc48d0c19.tar.gz
ulab-6d13afadb8cf8ef0788afaa0d7b4229bc48d0c19.zip
Enable character transmission via Kerberos
Diffstat (limited to 'lib/libtdekrb')
-rw-r--r--lib/libtdekrb/src/tdekrbclientsocket.cpp125
-rw-r--r--lib/libtdekrb/src/tdekrbclientsocket.h10
-rw-r--r--lib/libtdekrb/src/tdekrbserversocket.cpp125
-rw-r--r--lib/libtdekrb/src/tdekrbserversocket.h10
4 files changed, 192 insertions, 78 deletions
diff --git a/lib/libtdekrb/src/tdekrbclientsocket.cpp b/lib/libtdekrb/src/tdekrbclientsocket.cpp
index bf4c410..ac1a1bc 100644
--- a/lib/libtdekrb/src/tdekrbclientsocket.cpp
+++ b/lib/libtdekrb/src/tdekrbclientsocket.cpp
@@ -164,9 +164,10 @@ TQIODevice::Offset TDEKerberosClientSocket::at() const {
return TQSocket::at();
}
-bool TDEKerberosClientSocket::at(TQIODevice::Offset off) {
+bool TDEKerberosClientSocket::at(TQIODevice::Offset off, int hidebasehack) {
long i;
bool ret;
+ Q_UNUSED(hidebasehack);
if (kerberosStatus() == KerberosInUse) {
if (off > 0) {
@@ -209,6 +210,61 @@ bool TDEKerberosClientSocket::atEnd() const {
return ret;
}
+int TDEKerberosClientSocket::getch() {
+ int ret;
+
+ if (kerberosStatus() == KerberosInUse) {
+ char data[1];
+ if (readBlock(data, 1) < 0) {
+ ret = -1;
+ }
+ else {
+ ret = data[0];
+ }
+ }
+ else {
+ ret = TQSocket::getch();
+ }
+
+ return ret;
+}
+
+int TDEKerberosClientSocket::putch(int ch) {
+ int ret;
+
+ if (kerberosStatus() == KerberosInUse) {
+ char data[1];
+ data[0] = ch;
+ if (writeBlock(data, 1) < 1) {
+ ret = -1;
+ }
+ else {
+ ret = ch;
+ }
+ }
+ else {
+ ret = TQSocket::putch(ch);
+ }
+
+ return ret;
+}
+
+int TDEKerberosClientSocket::ungetch(int ch) {
+ int ret;
+
+ if (kerberosStatus() == KerberosInUse) {
+ ret = m_buffer->ungetch(ch);
+ if (ret >= 0) {
+ m_bufferLength++;
+ }
+ }
+ else {
+ ret = TQSocket::ungetch(ch);
+ }
+
+ return ret;
+}
+
TQ_ULONG TDEKerberosClientSocket::bytesAvailable() const {
bool ret;
@@ -335,7 +391,7 @@ TQ_LONG TDEKerberosClientSocket::writeBlock(const char *data, TQ_ULONG len) {
TQ_LONG ret;
if (kerberosStatus() == KerberosInUse) {
- ret = transmitEncryptedData(socket(), data, len);
+ ret = transmitEncryptedData(data, len);
}
else {
ret = TQSocket::writeBlock(data, len);
@@ -458,7 +514,7 @@ TQString TDEKerberosClientSocket::readLine() {
void TDEKerberosClientSocket::writeLine(TQString str) {
if (kerberosStatus() == KerberosInUse) {
- transmitEncryptedData(socket(), str.ascii(), str.length());
+ transmitEncryptedData(str.ascii(), str.length());
}
else {
TQSocket::writeBlock(str.ascii(), str.length());
@@ -472,7 +528,7 @@ void TDEKerberosClientSocket::freeKerberosConnection(void) {
saslData->m_krbConnection = 0;
}
-void TDEKerberosClientSocket::sendSASLDataToNetwork(const char *buffer, unsigned length, int netfd) {
+void TDEKerberosClientSocket::sendSASLDataToNetwork(const char *buffer, unsigned length) {
char *buf;
unsigned len, alloclen;
int result;
@@ -493,8 +549,8 @@ void TDEKerberosClientSocket::sendSASLDataToNetwork(const char *buffer, unsigned
len = strlen(buf);
buf[len] = '\n';
buf[len+1] = 0;
- if (write(netfd, buf, len+1) < 0) {
- // ERROR
+ if (TQSocket::writeBlock(buf, len+1) < 0) {
+ printf("[WARNING] Transmitting data in base64 failed due to short write\n\r");
}
free(buf);
@@ -506,7 +562,7 @@ int TDEKerberosClientSocket::getSASLDataFromNetwork(char *buf, int trunclen, boo
unsigned int len;
int result;
- TQByteArray ba(2048);
+ TQCString ba;
if (!shouldblock) {
if ((!TQSocket::canReadLine()) || (state() != TQSocket::Connected)) {
@@ -520,25 +576,20 @@ int TDEKerberosClientSocket::getSASLDataFromNetwork(char *buf, int trunclen, boo
dataTimeoutTimer.start(m_dataTimeout, TRUE);
}
while (dataTimeoutTimer.isActive() || (m_dataTimeout < 0)) {
- if ((shouldblock) && (dataTimeoutTimer.isActive() || (m_dataTimeout < 0))) {
- SAFELY_PROCESS_EVENTS
+ if (!TQSocket::canReadLine()) {
+ if ((shouldblock) && (dataTimeoutTimer.isActive() || (m_dataTimeout < 0))) {
+ SAFELY_PROCESS_EVENTS
+ }
}
if (state() != TQSocket::Connected) {
m_criticalSection--;
return -1;
}
- if (TQSocket::readBlock(ba.data()+len, 1) > 0) {
- if (ba.data()[len] == '\n') {
- ba.data()[len] = 0;
- break;
- }
- if (ba.data()[len] != '\r') {
- len++;
- }
- if (m_dataTimeout > 0) {
- dataTimeoutTimer.stop();
- dataTimeoutTimer.start(m_dataTimeout, TRUE);
- }
+ if (TQSocket::canReadLine()) {
+ TQString base64string = TQSocket::readLine();
+ base64string.truncate(base64string.length()-1);
+ ba = base64string;
+ break;
}
else {
if (shouldblock) {
@@ -548,19 +599,21 @@ int TDEKerberosClientSocket::getSASLDataFromNetwork(char *buf, int trunclen, boo
break;
}
}
- if (len >= (ba.size()-1)) {
- ba.resize(ba.size()+2048);
+ }
+
+ if (!ba.isNull()) {
+ len = strlen(ba.data());
+ result = sasl_decode64(ba.data(), len, buf, trunclen, &len);
+ if (result != SASL_OK) {
+ printf("[ERROR] Decoding data from base64 returned %s (%d)\n\r", sasl_errstring(result, NULL, NULL), result);
+ m_criticalSection--;
+ return -1;
}
+ buf[len] = '\0';
}
-
- len = strlen(ba.data());
- result = sasl_decode64(ba.data(), strlen(ba.data()), buf, trunclen, &len);
- if (result != SASL_OK) {
- printf("[ERROR] Decoding data from base64 returned %s (%d)\n\r", sasl_errstring(result, NULL, NULL), result);
- m_criticalSection--;
- return -1;
+ else {
+ buf[0] = '\0';
}
- buf[len] = '\0';
m_criticalSection--;
return len;
@@ -571,7 +624,7 @@ int TDEKerberosClientSocket::getSASLDataFromNetwork(char *buf, int trunclen, boo
}
}
-int TDEKerberosClientSocket::transmitEncryptedData(int fd, const char* readbuf, int cc) {
+int TDEKerberosClientSocket::transmitEncryptedData(const char* readbuf, int cc) {
int result = 0;
unsigned int len;
const char *data;
@@ -598,7 +651,7 @@ int TDEKerberosClientSocket::transmitEncryptedData(int fd, const char* readbuf,
printf("[ERROR] Encrypting data returned %s (%d)\n\r", safe_sasl_errdetail(saslData->m_krbConnection), result);
return -1;
}
- sendSASLDataToNetwork(data, len, fd);
+ sendSASLDataToNetwork(data, len);
data_remaining = data_remaining - data_to_write_len;
remnant_position = remnant_position + data_to_write_len;
if ((data_remaining > 0) && (dataTimeoutTimer.isActive() || (m_dataTimeout < 0))) {
@@ -718,7 +771,7 @@ void TDEKerberosClientSocket::continueKerberosInitialization() {
}
printf("[DEBUG] Sending initial response...\n\r");
- sendSASLDataToNetwork(buf, len, socket());
+ sendSASLDataToNetwork(buf, len);
m_krbInitState = 1;
}
@@ -753,10 +806,10 @@ void TDEKerberosClientSocket::continueKerberosInitialization() {
}
if (data && len) {
printf("[DEBUG] Sending response...\n\r");
- sendSASLDataToNetwork(data, len, socket());
+ sendSASLDataToNetwork(data, len);
}
else if (m_krbInitResult != SASL_OK || !m_krbInitServerLast) {
- sendSASLDataToNetwork("", 0, socket());
+ sendSASLDataToNetwork("", 0);
}
}
}
diff --git a/lib/libtdekrb/src/tdekrbclientsocket.h b/lib/libtdekrb/src/tdekrbclientsocket.h
index 303da6b..8fa2b25 100644
--- a/lib/libtdekrb/src/tdekrbclientsocket.h
+++ b/lib/libtdekrb/src/tdekrbclientsocket.h
@@ -49,9 +49,13 @@ class TDEKerberosClientSocket : public TQSocket
void flush();
Offset size() const;
Offset at() const;
- bool at(Offset off);
+ bool at(Offset off, int hidebasehack=0);
bool atEnd() const;
+ int getch();
+ int putch(int);
+ int ungetch(int);
+
TQ_LONG readBlock(char *data, TQ_ULONG maxlen);
TQ_LONG writeBlock(const char *data, TQ_ULONG len);
TQ_LONG readLine(char *data, TQ_ULONG maxlen);
@@ -74,9 +78,9 @@ class TDEKerberosClientSocket : public TQSocket
private:
int initializeKerberosInterface();
void freeKerberosConnection();
- void sendSASLDataToNetwork(const char *buffer, unsigned length, int netfd);
+ void sendSASLDataToNetwork(const char *buffer, unsigned length);
int getSASLDataFromNetwork(char *buf, int trunclen, bool shouldblock=true);
- int transmitEncryptedData(int fd, const char* readbuf, int cc);
+ int transmitEncryptedData(const char* readbuf, int cc);
int receiveEncryptedData(char *buf, unsigned int trunclen, bool shouldblock=true);
void setStatusMessage(TQString message);
diff --git a/lib/libtdekrb/src/tdekrbserversocket.cpp b/lib/libtdekrb/src/tdekrbserversocket.cpp
index 954ddf0..77f4750 100644
--- a/lib/libtdekrb/src/tdekrbserversocket.cpp
+++ b/lib/libtdekrb/src/tdekrbserversocket.cpp
@@ -164,9 +164,10 @@ TQIODevice::Offset TDEKerberosServerSocket::at() const {
return TQSocket::at();
}
-bool TDEKerberosServerSocket::at(TQIODevice::Offset off) {
+bool TDEKerberosServerSocket::at(TQIODevice::Offset off, int hidebasehack) {
long i;
bool ret;
+ Q_UNUSED(hidebasehack);
if (m_kerberosRequested) {
if (off > 0) {
@@ -209,6 +210,61 @@ bool TDEKerberosServerSocket::atEnd() const {
return ret;
}
+int TDEKerberosServerSocket::getch() {
+ int ret;
+
+ if (kerberosStatus() == KerberosInUse) {
+ char data[1];
+ if (readBlock(data, 1) < 0) {
+ ret = -1;
+ }
+ else {
+ ret = data[0];
+ }
+ }
+ else {
+ ret = TQSocket::getch();
+ }
+
+ return ret;
+}
+
+int TDEKerberosServerSocket::putch(int ch) {
+ int ret;
+
+ if (kerberosStatus() == KerberosInUse) {
+ char data[1];
+ data[0] = ch;
+ if (writeBlock(data, 1) < 1) {
+ ret = -1;
+ }
+ else {
+ ret = ch;
+ }
+ }
+ else {
+ ret = TQSocket::putch(ch);
+ }
+
+ return ret;
+}
+
+int TDEKerberosServerSocket::ungetch(int ch) {
+ int ret;
+
+ if (kerberosStatus() == KerberosInUse) {
+ ret = m_buffer->ungetch(ch);
+ if (ret >= 0) {
+ m_bufferLength++;
+ }
+ }
+ else {
+ ret = TQSocket::ungetch(ch);
+ }
+
+ return ret;
+}
+
TQ_ULONG TDEKerberosServerSocket::bytesAvailable() const {
bool ret;
@@ -335,7 +391,7 @@ TQ_LONG TDEKerberosServerSocket::writeBlock(const char *data, TQ_ULONG len) {
TQ_LONG ret;
if (m_kerberosRequested) {
- ret = transmitEncryptedData(socket(), data, len);
+ ret = transmitEncryptedData(data, len);
}
else {
ret = TQSocket::writeBlock(data, len);
@@ -458,7 +514,7 @@ TQString TDEKerberosServerSocket::readLine() {
void TDEKerberosServerSocket::writeLine(TQString str) {
if (m_kerberosRequested) {
- transmitEncryptedData(socket(), str.ascii(), str.length());
+ transmitEncryptedData(str.ascii(), str.length());
}
else {
TQSocket::writeBlock(str.ascii(), str.length());
@@ -472,7 +528,7 @@ void TDEKerberosServerSocket::freeKerberosConnection(void) {
saslData->m_krbConnection = 0;
}
-void TDEKerberosServerSocket::sendSASLDataToNetwork(const char *buffer, unsigned length, int netfd) {
+void TDEKerberosServerSocket::sendSASLDataToNetwork(const char *buffer, unsigned length) {
char *buf;
unsigned len, alloclen;
int result;
@@ -493,8 +549,8 @@ void TDEKerberosServerSocket::sendSASLDataToNetwork(const char *buffer, unsigned
len = strlen(buf);
buf[len] = '\n';
buf[len+1] = 0;
- if (write(netfd, buf, len+1) < 0) {
- // ERROR
+ if (TQSocket::writeBlock(buf, len+1) < (len+1)) {
+ printf("[WARNING] Transmitting data in base64 failed due to short write\n\r");
}
free(buf);
@@ -506,7 +562,7 @@ int TDEKerberosServerSocket::getSASLDataFromNetwork(char *buf, int trunclen, boo
unsigned int len;
int result;
- TQByteArray ba(2048);
+ TQCString ba;
if (!shouldblock) {
if ((!TQSocket::canReadLine()) || (state() != TQSocket::Connected)) {
@@ -520,25 +576,20 @@ int TDEKerberosServerSocket::getSASLDataFromNetwork(char *buf, int trunclen, boo
dataTimeoutTimer.start(m_dataTimeout, TRUE);
}
while (dataTimeoutTimer.isActive() || (m_dataTimeout < 0)) {
- if ((shouldblock) && (dataTimeoutTimer.isActive() || (m_dataTimeout < 0))) {
- SAFELY_PROCESS_EVENTS
+ if (!TQSocket::canReadLine()) {
+ if ((shouldblock) && (dataTimeoutTimer.isActive() || (m_dataTimeout < 0))) {
+ SAFELY_PROCESS_EVENTS
+ }
}
if (state() != TQSocket::Connected) {
m_criticalSection--;
return -1;
}
- if (TQSocket::readBlock(ba.data()+len, 1) > 0) {
- if (ba.data()[len] == '\n') {
- ba.data()[len] = 0;
- break;
- }
- if (ba.data()[len] != '\r') {
- len++;
- }
- if (m_dataTimeout > 0) {
- dataTimeoutTimer.stop();
- dataTimeoutTimer.start(m_dataTimeout, TRUE);
- }
+ if (TQSocket::canReadLine()) {
+ TQString base64string = TQSocket::readLine();
+ base64string.truncate(base64string.length()-1);
+ ba = base64string;
+ break;
}
else {
if (shouldblock) {
@@ -548,19 +599,21 @@ int TDEKerberosServerSocket::getSASLDataFromNetwork(char *buf, int trunclen, boo
break;
}
}
- if (len >= (ba.size()-1)) {
- ba.resize(ba.size()+2048);
+ }
+
+ if (!ba.isNull()) {
+ len = strlen(ba.data());
+ result = sasl_decode64(ba.data(), len, buf, trunclen, &len);
+ if (result != SASL_OK) {
+ printf("[ERROR] Decoding data from base64 returned %s (%d)\n\r", sasl_errstring(result, NULL, NULL), result);
+ m_criticalSection--;
+ return -1;
}
+ buf[len] = '\0';
}
-
- len = strlen(ba.data());
- result = sasl_decode64(ba.data(), strlen(ba.data()), buf, trunclen, &len);
- if (result != SASL_OK) {
- printf("[ERROR] Decoding data from base64 returned %s (%d)\n\r", sasl_errstring(result, NULL, NULL), result);
- m_criticalSection--;
- return -1;
+ else {
+ buf[0] = '\0';
}
- buf[len] = '\0';
m_criticalSection--;
return len;
@@ -571,7 +624,7 @@ int TDEKerberosServerSocket::getSASLDataFromNetwork(char *buf, int trunclen, boo
}
}
-int TDEKerberosServerSocket::transmitEncryptedData(int fd, const char* readbuf, int cc) {
+int TDEKerberosServerSocket::transmitEncryptedData(const char* readbuf, int cc) {
int result = 0;
unsigned int len;
const char *data;
@@ -598,7 +651,7 @@ int TDEKerberosServerSocket::transmitEncryptedData(int fd, const char* readbuf,
printf("[ERROR] Encrypting data returned %s (%d)\n\r", safe_sasl_errdetail(saslData->m_krbConnection), result);
return -1;
}
- sendSASLDataToNetwork(data, len, fd);
+ sendSASLDataToNetwork(data, len);
data_remaining = data_remaining - data_to_write_len;
remnant_position = remnant_position + data_to_write_len;
if ((data_remaining > 0) && (dataTimeoutTimer.isActive() || (m_dataTimeout < 0))) {
@@ -714,7 +767,7 @@ void TDEKerberosServerSocket::continueKerberosInitialization() {
if (m_krbInitResult == SASL_CONTINUE) {
if (m_krbInitData) {
printf("[DEBUG] Sending response...\n\r");
- sendSASLDataToNetwork(m_krbInitData, len, socket());
+ sendSASLDataToNetwork(m_krbInitData, len);
}
else {
printf("[ERROR] No data to send!\n\r");
@@ -775,7 +828,7 @@ void TDEKerberosServerSocket::continueKerberosInitialization() {
if (state() == TQSocket::Connected) {
if(m_krbInitServerLast && m_krbInitData) {
printf("[DEBUG] Additional information needed to be sent\n\r");
- sendSASLDataToNetwork(m_krbInitData, len, socket());
+ sendSASLDataToNetwork(m_krbInitData, len);
}
m_krbInitResult = sasl_getprop(saslData->m_krbConnection, SASL_USERNAME, (const void **)&m_krbInitData);
@@ -903,7 +956,7 @@ int TDEKerberosServerSocket::initializeKerberosInterface() {
}
printf("[DEBUG] Sending list of %d mechanism(s)\n\r", count);
- sendSASLDataToNetwork(m_krbInitData, len, socket());
+ sendSASLDataToNetwork(m_krbInitData, len);
m_krbInitRunning = true;
m_krbInitState = 0;
diff --git a/lib/libtdekrb/src/tdekrbserversocket.h b/lib/libtdekrb/src/tdekrbserversocket.h
index 73bb6fa..61e6255 100644
--- a/lib/libtdekrb/src/tdekrbserversocket.h
+++ b/lib/libtdekrb/src/tdekrbserversocket.h
@@ -49,9 +49,13 @@ class TDEKerberosServerSocket : public TQSocket
void flush();
Offset size() const;
Offset at() const;
- bool at(Offset off);
+ bool at(Offset off, int hidebasehack=0);
bool atEnd() const;
+ int getch();
+ int putch(int);
+ int ungetch(int);
+
TQ_LONG readBlock(char *data, TQ_ULONG maxlen);
TQ_LONG writeBlock(const char *data, TQ_ULONG len);
TQ_LONG readLine(char *data, TQ_ULONG maxlen);
@@ -74,9 +78,9 @@ class TDEKerberosServerSocket : public TQSocket
private:
int initializeKerberosInterface();
void freeKerberosConnection();
- void sendSASLDataToNetwork(const char *buffer, unsigned length, int netfd);
+ void sendSASLDataToNetwork(const char *buffer, unsigned length);
int getSASLDataFromNetwork(char *buf, int trunclen, bool shouldblock=true);
- int transmitEncryptedData(int fd, const char* readbuf, int cc);
+ int transmitEncryptedData(const char* readbuf, int cc);
int receiveEncryptedData(char *buf, unsigned int trunclen, bool shouldblock=true);
void setStatusMessage(TQString message);