summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--lib/libtdekrb/src/tdekrbsocket.cpp47
-rw-r--r--lib/libtdekrb/src/tdekrbsocket.h1
-rw-r--r--servers/auth_server_lin/src/auth_conn.cpp7
3 files changed, 36 insertions, 19 deletions
diff --git a/lib/libtdekrb/src/tdekrbsocket.cpp b/lib/libtdekrb/src/tdekrbsocket.cpp
index 30f28d2..19b666a 100644
--- a/lib/libtdekrb/src/tdekrbsocket.cpp
+++ b/lib/libtdekrb/src/tdekrbsocket.cpp
@@ -40,11 +40,11 @@ class SASLDataPrivate
static int logSASLMessages(void *context __attribute__((unused)), int priority, const char *message) {
const char *label;
-
+
if (!message) {
return SASL_BADPARAM;
}
-
+
switch (priority) {
case SASL_LOG_ERR:
label = "Error";
@@ -56,13 +56,13 @@ static int logSASLMessages(void *context __attribute__((unused)), int priority,
label = "Other";
break;
}
-
+
printf("[SASL %s] %s\n\r", label, message);
return SASL_OK;
}
-TDEKerberosClientSocket::TDEKerberosClientSocket(TQObject *parent, const char *name) : TQSocket(parent, name), m_kerberosRequested(false) {
+TDEKerberosClientSocket::TDEKerberosClientSocket(TQObject *parent, const char *name) : TQSocket(parent, name), m_kerberosRequested(false), m_negotiatedMaxBufferSize(NET_SEC_BUF_SIZE) {
saslData = new SASLDataPrivate;
saslData->m_krbConnection = NULL;
}
@@ -140,11 +140,13 @@ Q_LONG TDEKerberosClientSocket::readLine(char *data, Q_ULONG maxlen) {
TQString TDEKerberosClientSocket::readLine() {
TQString ret;
- char buf[NET_SEC_BUF_SIZE];
+ char *buf;
if (m_kerberosRequested) {
- receiveEncryptedData(buf, NET_SEC_BUF_SIZE);
+ buf = (char*)malloc(m_negotiatedMaxBufferSize);
+ receiveEncryptedData(buf, m_negotiatedMaxBufferSize);
ret = TQString(buf);
+ free(buf);
}
else {
ret = TQSocket::readLine();
@@ -173,7 +175,6 @@ void TDEKerberosClientSocket::sendSASLDataToNetwork(const char *buffer, unsigned
char *buf;
unsigned len, alloclen;
int result;
- char txbuf[NET_SEC_BUF_SIZE];
alloclen = ((length / 3) + 1) * 4 + 1;
buf = (char*)malloc(alloclen);
@@ -188,8 +189,10 @@ void TDEKerberosClientSocket::sendSASLDataToNetwork(const char *buffer, unsigned
return;
}
- sprintf(txbuf, "%s\n", buf);
- write(netfd, txbuf, strlen(txbuf));
+ len = strlen(buf);
+ buf[len] = '\n';
+ buf[len+1] = 0;
+ write(netfd, buf, len+1);
free(buf);
}
@@ -198,28 +201,31 @@ unsigned int TDEKerberosClientSocket::getSASLDataFromNetwork(char *buf, int trun
unsigned int len;
int result;
+ TQByteArray ba(2048);
+
len = 0;
while (1) {
tqApp->processEvents();
if (state() != TQSocket::Connected) {
return -1;
}
- if (TQSocket::readBlock(buf+len, 1) > 0) {
- if (buf[len] == '\n') {
- buf[len] = 0;
+ if (TQSocket::readBlock(ba.data()+len, 1) > 0) {
+ if (ba.data()[len] == '\n') {
+ ba.data()[len] = 0;
break;
}
- if (buf[len] != '\r') {
+ if (ba.data()[len] != '\r') {
len++;
}
}
- if (len >= trunclen) {
+ if (len >= (ba.size()-1)) {
+ ba.resize(ba.size()+2048);
break;
}
}
- len = strlen(buf);
- result = sasl_decode64(buf, (unsigned) strlen(buf), buf, trunclen, &len);
+ len = strlen(ba.data());
+ result = sasl_decode64(ba.data(), strlen(ba.data()), buf, trunclen, &len);
if (result != SASL_OK) {
printf("[ERROR] Decoding data from base64 returned %s (%d)\n\r", sasl_errstring(result, NULL, NULL), result);
return -1;
@@ -400,5 +406,14 @@ int TDEKerberosClientSocket::initializeKerberosInterface() {
printf("[DEBUG] Authenticated SSF: %d\n", *ssf);
}
+ result = sasl_getprop(saslData->m_krbConnection, SASL_MAXOUTBUF, (const void **)&m_negotiatedMaxBufferSize);
+ if (result != SASL_OK) {
+ printf("[WARNING] Unable to determine maximum buffer size!\n\r");
+ m_negotiatedMaxBufferSize = NET_SEC_BUF_SIZE;
+ }
+ else {
+ printf("[DEBUG] Maximum buffer size: %d\n", m_negotiatedMaxBufferSize);
+ }
+
return 0;
} \ No newline at end of file
diff --git a/lib/libtdekrb/src/tdekrbsocket.h b/lib/libtdekrb/src/tdekrbsocket.h
index 591b579..5f5f036 100644
--- a/lib/libtdekrb/src/tdekrbsocket.h
+++ b/lib/libtdekrb/src/tdekrbsocket.h
@@ -62,6 +62,7 @@ class TDEKerberosClientSocket : public TQSocket
private:
SASLDataPrivate *saslData;
+ unsigned int m_negotiatedMaxBufferSize;
};
#endif // TDEKRBSOCKET_H \ No newline at end of file
diff --git a/servers/auth_server_lin/src/auth_conn.cpp b/servers/auth_server_lin/src/auth_conn.cpp
index 517f570..acf8e83 100644
--- a/servers/auth_server_lin/src/auth_conn.cpp
+++ b/servers/auth_server_lin/src/auth_conn.cpp
@@ -105,7 +105,6 @@ void AuthSocket::send_sasl_data_to_network(const char *buffer, unsigned length,
char *buf;
unsigned len, alloclen;
int result;
- char txbuf[NET_SEC_BUF_SIZE];
alloclen = ((length / 3) + 1) * 4 + 1;
buf = (char*)malloc(alloclen);
@@ -120,8 +119,10 @@ void AuthSocket::send_sasl_data_to_network(const char *buffer, unsigned length,
return;
}
- sprintf(txbuf, "%s\n", buf);
- write(netfd, txbuf, strlen(txbuf));
+ len = strlen(buf);
+ buf[len] = '\n';
+ buf[len+1] = 0;
+ write(netfd, buf, len+1);
free(buf);
}
generated by cgit v1.2.1 (git 2.18.0) at 2024-12-21 16:49:32 +0000