From 018b9d421a59cd9d45c33613440ff3e8f578bf0a Mon Sep 17 00:00:00 2001 From: Steve Holme Date: Tue, 2 Dec 2014 21:52:38 +0000 Subject: [PATCH] sasl_gssapi: Introduced GSS-API based SASL module Added the initial version of curl_sasl_gssapi.c and updated the project files in preparation for adding GSS-API based Kerberos V5 support. --- docs/INTERNALS | 6 +- lib/Makefile.inc | 2 +- lib/Makefile.vc6 | 1 + lib/curl_sasl_gssapi.c | 119 +++++++++++++++++++++++++++++ packages/Symbian/group/libcurl.mmp | 3 +- 5 files changed, 126 insertions(+), 5 deletions(-) create mode 100644 lib/curl_sasl_gssapi.c diff --git a/docs/INTERNALS b/docs/INTERNALS index b3559ba68..f8b1b47b4 100644 --- a/docs/INTERNALS +++ b/docs/INTERNALS @@ -252,9 +252,9 @@ Library Kerberos - The kerberos support is mainly in lib/krb5.c and lib/security.c but also - curl_sasl_sspi.c for the email protocols and socks_gssapi.c & socks_sspi.c for - SOCKS5 proxy specifics. + Kerberos support is mainly in lib/krb5.c and lib/security.c but also + curl_sasl_sspi.c and curl_sasl_gssapi.c for the email protocols and + socks_gssapi.c & socks_sspi.c for SOCKS5 proxy specifics. TELNET diff --git a/lib/Makefile.inc b/lib/Makefile.inc index 8e55038d0..cb4272bfa 100644 --- a/lib/Makefile.inc +++ b/lib/Makefile.inc @@ -45,7 +45,7 @@ LIB_CFILES = file.c timeval.c base64.c hostip.c progress.c formdata.c \ asyn-thread.c curl_gssapi.c curl_ntlm.c curl_ntlm_wb.c \ curl_ntlm_core.c curl_ntlm_msgs.c curl_sasl.c curl_multibyte.c \ hostcheck.c bundles.c conncache.c pipeline.c dotdot.c x509asn1.c \ - http2.c curl_sasl_sspi.c smb.c + http2.c curl_sasl_sspi.c smb.c curl_sasl_gssapi.c LIB_HFILES = arpa_telnet.h netrc.h file.h timeval.h hostip.h progress.h \ formdata.h cookie.h http.h sendf.h ftp.h url.h dict.h if2ip.h \ diff --git a/lib/Makefile.vc6 b/lib/Makefile.vc6 index d2e434534..15275e994 100644 --- a/lib/Makefile.vc6 +++ b/lib/Makefile.vc6 @@ -546,6 +546,7 @@ X_OBJS= \ $(DIROBJ)\curl_ntlm_wb.obj \ $(DIROBJ)\curl_rtmp.obj \ $(DIROBJ)\curl_sasl.obj \ + $(DIROBJ)\curl_sasl_gssapi.obj \ $(DIROBJ)\curl_sasl_sspi.obj \ $(DIROBJ)\curl_schannel.obj \ $(DIROBJ)\curl_sspi.obj \ diff --git a/lib/curl_sasl_gssapi.c b/lib/curl_sasl_gssapi.c new file mode 100644 index 000000000..0011b4f72 --- /dev/null +++ b/lib/curl_sasl_gssapi.c @@ -0,0 +1,119 @@ +/*************************************************************************** + * _ _ ____ _ + * Project ___| | | | _ \| | + * / __| | | | |_) | | + * | (__| |_| | _ <| |___ + * \___|\___/|_| \_\_____| + * + * Copyright (C) 2014, Steve Holme, . + * + * This software is licensed as described in the file COPYING, which + * you should have received as part of this distribution. The terms + * are also available at http://curl.haxx.se/docs/copyright.html. + * + * You may opt to use, copy, modify, merge, publish, distribute and/or sell + * copies of the Software, and permit persons to whom the Software is + * furnished to do so, under the terms of the COPYING file. + * + * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY + * KIND, either express or implied. + * + * RFC4752 The Kerberos V5 ("GSSAPI") SASL Mechanism + * + ***************************************************************************/ + +#include "curl_setup.h" + +#if defined(HAVE_GSSAPI) && defined(USE_KRB5) + +#include + +#include "curl_sasl.h" +#include "urldata.h" + +/* The last #include file should be: */ +#include "memdebug.h" + +/* + * Curl_sasl_create_gssapi_user_message() + * + * This is used to generate an already encoded GSSAPI (Kerberos V5) user token + * message ready for sending to the recipient. + * + * Parameters: + * + * data [in] - The session handle. + * userp [in] - The user name. + * passdwp [in] - The user's password. + * service [in] - The service type such as www, smtp, pop or imap. + * mutual_auth [in] - Flag specifing whether or not mutual authentication + * is enabled. + * chlg64 [in] - Pointer to the optional base64 encoded challenge + * message. + * krb5 [in/out] - The gssapi data struct being used and modified. + * outptr [in/out] - The address where a pointer to newly allocated memory + * holding the result will be stored upon completion. + * outlen [out] - The length of the output message. + * + * Returns CURLE_OK on success. + */ +CURLcode Curl_sasl_create_gssapi_user_message(struct SessionHandle *data, + const char *userp, + const char *passwdp, + const char *service, + const bool mutual_auth, + const char *chlg64, + struct kerberos5data *krb5, + char **outptr, size_t *outlen) +{ + (void) data; + (void) userp; + (void) passwdp; + (void) service; + (void) mutual_auth; + (void) chlg64; + (void) krb5; + (void) outptr; + (void) outlen; + + return CURLE_NOT_BUILT_IN; +} + +/* + * Curl_sasl_create_gssapi_security_message() + * + * This is used to generate an already encoded GSSAPI (Kerberos V5) security + * token message ready for sending to the recipient. + * + * Parameters: + * + * data [in] - The session handle. + * chlg64 [in] - Pointer to the optional base64 encoded challenge message. + * krb5 [in/out] - The gssapi data struct being used and modified. + * outptr [in/out] - The address where a pointer to newly allocated memory + * holding the result will be stored upon completion. + * outlen [out] - The length of the output message. + * + * Returns CURLE_OK on success. + */ +CURLcode Curl_sasl_create_gssapi_security_message(struct SessionHandle *data, + const char *chlg64, + struct kerberos5data *krb5, + char **outptr, + size_t *outlen) +{ + (void) data; + (void) chlg64; + (void) krb5; + (void) outptr; + (void) outlen; + + return CURLE_NOT_BUILT_IN; +} + +void Curl_sasl_gssapi_cleanup(struct kerberos5data *krb5) +{ + (void) krb5; +} + +#endif /* HAVE_GSSAPI && USE_KRB5 */ diff --git a/packages/Symbian/group/libcurl.mmp b/packages/Symbian/group/libcurl.mmp index 086f64818..0370ef154 100644 --- a/packages/Symbian/group/libcurl.mmp +++ b/packages/Symbian/group/libcurl.mmp @@ -39,7 +39,8 @@ SOURCE \ http_proxy.c non-ascii.c asyn-ares.c asyn-thread.c curl_gssapi.c \ curl_ntlm.c curl_ntlm_wb.c curl_ntlm_core.c curl_ntlm_msgs.c \ curl_sasl.c vtls/curl_schannel.c curl_multibyte.c \ - vtls/curl_darwinssl.c bundles.c conncache.c curl_sasl_sspi.c smb.c + vtls/curl_darwinssl.c bundles.c conncache.c curl_sasl_sspi.c smb.c \ + curl_sasl_gssapi.c USERINCLUDE ../../../lib ../../../include/curl #ifdef ENABLE_SSL