src/auth/krb/KrbProtocol.cpp


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86

// -*- mode:C++; tab-width:8; c-basic-offset:2; indent-tabs-mode:t -*-
// vim: ts=8 sw=2 smarttab
/*
 * Ceph - scalable distributed file system
 *
 * Copyright (c) 2018 SUSE LLC.
 * Author: Daniel Oliveira <doliveira@suse.com>
 * 
 * This is free software; you can redistribute it and/or
 * modify it under the terms of the GNU Lesser General Public
 * License version 2.1, as published by the Free Software
 * Foundation.  See file COPYING.
 *
 */

#include "KrbProtocol.hpp"

#include "common/Clock.h"
#include "common/config.h"
#include "common/debug.h"
#include "include/buffer.h"

#define dout_subsys ceph_subsys_auth
#undef dout_prefix
#define dout_prefix *_dout << "krb5/gssapi protocol: "


std::string gss_auth_show_status(const OM_uint32 gss_major_status, 
                                 const OM_uint32 gss_minor_status)
{
  const std::string STR_DOT(".");
  const std::string STR_BLANK(" ");

  gss_buffer_desc gss_str_status = {0, nullptr};
  OM_uint32 gss_maj_status(0); 
  OM_uint32 gss_min_status(0);
  OM_uint32 gss_ctx_message(-1);

  std::string str_status("");

  const auto gss_complete_status_str_format = [&](const uint32_t gss_status) {
    if (gss_status == GSS_S_COMPLETE) {
      std::string str_tmp("");
      str_tmp.append(reinterpret_cast<char*>(gss_str_status.value), 
                     gss_str_status.length);
      str_tmp += STR_DOT;
      if (gss_ctx_message != 0) {
        str_tmp += STR_BLANK;
      }
      return str_tmp;
    }
    return STR_BLANK;
  };

  while (gss_ctx_message != 0) {
    gss_maj_status = gss_display_status(&gss_min_status, 
                                        gss_major_status, 
                                        GSS_C_GSS_CODE, 
                                        GSS_C_NO_OID, 
                                        &gss_ctx_message, 
                                        &gss_str_status); 
    
    if (gss_maj_status == GSS_S_COMPLETE) {
      str_status += gss_complete_status_str_format(gss_maj_status);
      gss_release_buffer(&gss_min_status, &gss_str_status);
    }
  }

  if (gss_major_status == GSS_S_FAILURE) {
    gss_ctx_message = -1;
    while (gss_ctx_message != 0) {
      gss_maj_status = gss_display_status(&gss_min_status, 
                                          gss_minor_status, 
                                          GSS_C_MECH_CODE,
                                          const_cast<gss_OID>(&GSS_API_KRB5_OID_PTR),
                                          &gss_ctx_message, 
                                          &gss_str_status); 
      if (gss_maj_status == GSS_S_COMPLETE) {
        str_status += gss_complete_status_str_format(gss_maj_status);
        gss_release_buffer(&gss_min_status, &gss_str_status);
      }
    }
  }
  return str_status;
}