From 0e11c4ce6d21acd0139345c19b6341971e679b23 Mon Sep 17 00:00:00 2001 From: Timothy Pearson Date: Sun, 17 Jun 2012 15:54:24 -0500 Subject: Write initial SASL/GSSAPI Kerberos classes and server code --- clients/tde/src/Makefile.am | 2 +- clients/tde/src/app/Makefile.am | 2 +- clients/tde/src/app/main.cpp | 18 +- clients/tde/src/app/remotemdi.cpp | 137 ++++++++- clients/tde/src/app/remotemdi.h | 15 + clients/tde/src/lib/Makefile.am | 5 + clients/tde/src/lib/tdekrbsocket.cpp | 404 ++++++++++++++++++++++++++ clients/tde/src/lib/tdekrbsocket.h | 67 +++++ clients/tde/src/part/commanalyzer/Makefile.am | 2 +- 9 files changed, 627 insertions(+), 25 deletions(-) create mode 100644 clients/tde/src/lib/Makefile.am create mode 100644 clients/tde/src/lib/tdekrbsocket.cpp create mode 100644 clients/tde/src/lib/tdekrbsocket.h (limited to 'clients/tde/src') diff --git a/clients/tde/src/Makefile.am b/clients/tde/src/Makefile.am index 23fbb4d..40077c5 100644 --- a/clients/tde/src/Makefile.am +++ b/clients/tde/src/Makefile.am @@ -1,3 +1,3 @@ -SUBDIRS = widgets app part +SUBDIRS = lib widgets app part INCLUDES = $(all_includes) METASOURCES = AUTO diff --git a/clients/tde/src/app/Makefile.am b/clients/tde/src/app/Makefile.am index 7b53912..eeb1b1f 100644 --- a/clients/tde/src/app/Makefile.am +++ b/clients/tde/src/app/Makefile.am @@ -5,5 +5,5 @@ METASOURCES = AUTO # Application bin_PROGRAMS = remote_laboratory_client remote_laboratory_client_SOURCES = main.cpp remotemdi.cpp -remote_laboratory_client_LDADD = ./views/libinstrumentview.la $(LIB_KPARTS) $(LIB_TDEUI) +remote_laboratory_client_LDADD = ../lib/libtdekrbsocket.la ./views/libinstrumentview.la $(LIB_KPARTS) $(LIB_TDEUI) remote_laboratory_client_LDFLAGS = $(all_libraries) $(KDE_RPATH) $(LIB_QT) -lDCOP $(LIB_TDECORE) $(LIB_TDEUI) -ltdefx $(LIB_KIO) -lktexteditor -lkmdi diff --git a/clients/tde/src/app/main.cpp b/clients/tde/src/app/main.cpp index 491056e..09b81e0 100644 --- a/clients/tde/src/app/main.cpp +++ b/clients/tde/src/app/main.cpp @@ -23,15 +23,15 @@ static KAboutData about( "http://remotefpga.pearsoncomputing.net/", "kb9vqf@pearsoncomputing.net" ); -int main( int argc, char *argv[] ) +int main(int argc, char *argv[]) { - about.addAuthor( "Timothy Pearson", I18N_NOOP("Author, maintainer"), "kb9vqf@pearsoncomputing.net", "http://remotefpga.pearsoncomputing.net/" ); - - KCmdLineArgs::init( argc, argv, &about ); - KCmdLineArgs::addCmdLineOptions( options ); - + about.addAuthor("Timothy Pearson", I18N_NOOP("Author, maintainer"), "kb9vqf@pearsoncomputing.net", "http://remotefpga.pearsoncomputing.net/"); + + KCmdLineArgs::init(argc, argv, &about); + KCmdLineArgs::addCmdLineOptions(options); + KApplication app; - + // Read MDI settings (window positions, etc) KConfig *c = app.config(); // RAJA FIXME @@ -41,7 +41,9 @@ int main( int argc, char *argv[] ) app.setMainWidget(mainWin); KCmdLineArgs* const args = KCmdLineArgs::parsedArgs(); - if (args->count() > 0) mainWin->setServerHost(args->arg(0)); + if (args->count() > 0) { + mainWin->setServerHost(args->arg(0)); + } args->clear(); mainWin->show(); diff --git a/clients/tde/src/app/remotemdi.cpp b/clients/tde/src/app/remotemdi.cpp index 3e7e26b..cb1d397 100644 --- a/clients/tde/src/app/remotemdi.cpp +++ b/clients/tde/src/app/remotemdi.cpp @@ -28,7 +28,7 @@ using namespace std; #include "views/instrumentview.h" RemoteMDI::RemoteMDI() - : KMdiMainFrm(0, "RemoteMDI", KMdi::ChildframeMode), m_children(0) + : KMdiMainFrm(0, "RemoteMDI", KMdi::ChildframeMode), m_children(NULL), m_rsvSvrSocket(NULL) { setXMLFile("remotelabui.rc"); @@ -36,32 +36,41 @@ RemoteMDI::RemoteMDI() KStdAction::close(this, SLOT(closeCurrent()), actionCollection()); KStdAction::quit(this, SLOT(close()), actionCollection()); - // Use a traditional MDI - switchToChildframeMode(); - - KToggleAction *inst_sa_menu = new KToggleAction(i18n("Spectrum Analyzer"), KShortcut(), this, SLOT(startSpectrumAnalyzer()), actionCollection(), "spectrum_analyzer"); - KActionCollection *const ac = actionCollection(); - setStandardToolBarMenuEnabled( true ); - KStdAction::quit( TQT_TQOBJECT(this), TQT_SLOT(close()), ac ); + setStandardToolBarMenuEnabled(true); + KStdAction::quit(TQT_TQOBJECT(this), TQT_SLOT(close()), ac); KStdAction::configureToolbars(TQT_TQOBJECT(this), TQT_SLOT(configToolbars()), ac); KStdAction::keyBindings(TQT_TQOBJECT(this), TQT_SLOT(configKeys()), ac); - new KAction(i18n("Launch Spectrum Analyzer"), "remote", CTRL+Key_Home, TQT_TQOBJECT(this), TQT_SLOT(startSpectrumAnalyzer()), ac, "spectrum_analyzer" ); + connect_action = new KAction(i18n("Connect to Server"), "remote", NULL, TQT_TQOBJECT(this), TQT_SLOT(connectToServer()), ac, "connect_server"); + disconnect_action = new KAction(i18n("Disconnect from Server"), "remote", NULL, TQT_TQOBJECT(this), TQT_SLOT(disconnectFromServer()), ac, "disconnect_server"); + inst_sa_menu = new KAction(i18n("Launch Spectrum Analyzer"), "remote", NULL, TQT_TQOBJECT(this), TQT_SLOT(startSpectrumAnalyzer()), ac, "spectrum_analyzer"); + + // Add Window menu + if ( !isFakingSDIApplication() ) { + menuBar()->insertItem(i18n("&Window"), windowMenu()); + } createGUI( 0 ); // When we change view, change the status bar text connect(this, SIGNAL(viewActivated(KMdiChildView*)), this, SLOT(currentChanged(KMdiChildView*))); + ac->setHighlightingEnabled(true); + connect(ac, TQT_SIGNAL(actionStatusText(const TQString&)), statusBar(), TQT_SLOT(message(const TQString&) )); + connect(ac, TQT_SIGNAL(clearStatusText()), statusBar(), TQT_SLOT(clear())); + // Create the status bar - statusBar()->message( i18n( "No view!" ) ); + statusBar()->message(i18n("No view!")); // Create the list of the opened windows - m_listBox = new KListBox( this ); - m_listBox->setCaption( i18n( "Opened windows" ) ); - addToolWindow( m_listBox, KDockWidget::DockLeft, getMainDockWidget() ); + m_listBox = new KListBox(this); + m_listBox->setCaption(i18n("Opened windows")); + addToolWindow(m_listBox, KDockWidget::DockLeft, getMainDockWidget()); + + connect(m_listBox, SIGNAL(executed(TQListBoxItem *)), this, SLOT(listBoxExecuted(TQListBoxItem*))); + connect(m_listBox, SIGNAL(rightButtonClicked(TQListBoxItem*, const TQPoint&)), this, SLOT(listBoxRightClicked(TQListBoxItem*))); - connect(m_listBox, SIGNAL(executed(TQListBoxItem *)), this, SLOT(listBoxExecuted(TQListBoxItem* ))); + processLockouts(); } RemoteMDI::~RemoteMDI() @@ -69,6 +78,86 @@ RemoteMDI::~RemoteMDI() while (m_pCurrentWindow) { closeCurrent(); } + + if (m_rsvSvrSocket) { + m_rsvSvrSocket->close(); + while (m_rsvSvrSocket->state() == TQSocket::Closing) { + tqApp->processEvents(); + } + delete m_rsvSvrSocket; + } +} + +void RemoteMDI::connectToServer() { + if (m_rsvSvrSocket) { + return; + } + + connect_action->setEnabled(false); + disconnect_action->setEnabled(false); + + // Connect to the central reservation/control server + m_rsvSvrSocket = new TDEKerberosClientSocket(this); + connect(m_rsvSvrSocket, SIGNAL(connectionClosed()), this, SLOT(connectionClosedHandler())); + m_rsvSvrSocket->setServiceName("remotefpga"); + if (m_serverHost != "") { + m_rsvSvrSocket->setServerFQDN(m_serverHost); + m_rsvSvrSocket->connectToHost(m_serverHost, 4004); + while ((m_rsvSvrSocket->state() == TQSocket::Connecting) || (m_rsvSvrSocket->state() == TQSocket::HostLookup)) { + tqApp->processEvents(); + } + if (m_rsvSvrSocket->state() == TQSocket::Connected) { + printf("[DEBUG] Initial connection established...\n\r"); fflush(stdout); + if (m_rsvSvrSocket->setUsingKerberos(true) != 0) { + disconnectFromServer(); + } + else { + // Connection established! + disconnect_action->setEnabled(true); + + // Read the next line from the server + TQString str = m_rsvSvrSocket->readLine(); + printf("[RAJA DEBUG 200.0] Got %s\n\r", str.ascii()); fflush(stdout); + } + } + else { + printf("[ERROR] Initial connection failed (state %d)\n\r", m_rsvSvrSocket->state()); fflush(stdout); + disconnectFromServer(); + } + } + + processLockouts(); +} + +void RemoteMDI::disconnectFromServer() { + connect_action->setEnabled(false); + disconnect_action->setEnabled(false); + + if (m_rsvSvrSocket) { + m_rsvSvrSocket->close(); + while (m_rsvSvrSocket->state() == TQSocket::Closing) { + tqApp->processEvents(); + } + delete m_rsvSvrSocket; + m_rsvSvrSocket = 0; + } + + connect_action->setEnabled(true); + processLockouts(); +} + +void RemoteMDI::connectionClosedHandler() { + disconnectFromServer(); +} + +void RemoteMDI::processLockouts() { + bool connected = false; + if (m_rsvSvrSocket) { + connected = (m_rsvSvrSocket->state() == TQSocket::Connected); + } + +printf("[RAJA DEBUG 600.0] connected: %d\n\r", connected); fflush(stdout); + inst_sa_menu->setEnabled(connected); } void RemoteMDI::configToolbars() { @@ -199,6 +288,26 @@ void RemoteMDI::listBoxExecuted(TQListBoxItem *item) } } +void RemoteMDI::listBoxRightClicked(TQListBoxItem *item) +{ + // Get the current item's text + TQString text = item->text(); + + // Bring up a menu for the corresponding window + // RAJA FIXME + for (TQValueList< KMdiChildView *>::iterator it = m_window.begin(); it != m_window.end(); ++it ) { + // Get the view + KMdiChildView *view = *it; + assert(view); + + // Is the view we need to show? + if (view->caption() == text) { + view->activate(); + break; + } + } +} + void RemoteMDI::childClosed(KMdiChildView * w) { assert(w); diff --git a/clients/tde/src/app/remotemdi.h b/clients/tde/src/app/remotemdi.h index 144bd6d..0a7ddd2 100644 --- a/clients/tde/src/app/remotemdi.h +++ b/clients/tde/src/app/remotemdi.h @@ -11,9 +11,12 @@ #include #include +#include "lib/tdekrbsocket.h" + class KMdiChildView; class KListBox; class TQListBoxItem; +class KToggleAction; /** * @short Remote Laboratory Main Window @@ -46,11 +49,16 @@ class RemoteMDI : public KMdiMainFrm void currentChanged(KMdiChildView *current); void closeCurrent(); void listBoxExecuted(TQListBoxItem *); + void listBoxRightClicked(TQListBoxItem *); void childClosed(KMdiChildView *w); private slots: void configToolbars(); void configKeys(); + void connectToServer(); + void disconnectFromServer(); + void connectionClosedHandler(); + void processLockouts(); void startSpectrumAnalyzer(); protected: @@ -62,6 +70,13 @@ class RemoteMDI : public KMdiMainFrm TQValueList m_window; TQValueList m_closelist; KListBox *m_listBox; + + TDEKerberosClientSocket* m_rsvSvrSocket; + + private: + KAction *connect_action; + KAction *disconnect_action; + KAction *inst_sa_menu; }; #endif // _REMOTEMDI_H_ diff --git a/clients/tde/src/lib/Makefile.am b/clients/tde/src/lib/Makefile.am new file mode 100644 index 0000000..9e5f086 --- /dev/null +++ b/clients/tde/src/lib/Makefile.am @@ -0,0 +1,5 @@ +INCLUDES = $(all_includes) -I/usr/include/sasl +METASOURCES = AUTO +noinst_LTLIBRARIES = libtdekrbsocket.la +libtdekrbsocket_la_SOURCES = tdekrbsocket.cpp +libtdekrbsocket_la_LDFLAGS = -lsasl2 diff --git a/clients/tde/src/lib/tdekrbsocket.cpp b/clients/tde/src/lib/tdekrbsocket.cpp new file mode 100644 index 0000000..30f28d2 --- /dev/null +++ b/clients/tde/src/lib/tdekrbsocket.cpp @@ -0,0 +1,404 @@ +/*************************************************************************** + * Copyright (C) 2012 by Timothy Pearson * + * kb9vqf@pearsoncomputing.net * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 2 of the License, or * + * (at your option) any later version. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program; if not, write to the * + * Free Software Foundation, Inc., * + * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. * + ***************************************************************************/ + +#include +#include + +#include + +#include +#include +#include + +#include "tdekrbsocket.h" + +#define NET_SEC_BUF_SIZE (2048) + +class SASLDataPrivate +{ + public: + sasl_callback_t m_callbacks[N_CALLBACKS]; + sasl_conn_t *m_krbConnection; +}; + +static int logSASLMessages(void *context __attribute__((unused)), int priority, const char *message) { + const char *label; + + if (!message) { + return SASL_BADPARAM; + } + + switch (priority) { + case SASL_LOG_ERR: + label = "Error"; + break; + case SASL_LOG_NOTE: + label = "Info"; + break; + default: + label = "Other"; + break; + } + + printf("[SASL %s] %s\n\r", label, message); + + return SASL_OK; +} + +TDEKerberosClientSocket::TDEKerberosClientSocket(TQObject *parent, const char *name) : TQSocket(parent, name), m_kerberosRequested(false) { + saslData = new SASLDataPrivate; + saslData->m_krbConnection = NULL; +} + +TDEKerberosClientSocket::~TDEKerberosClientSocket() { + delete saslData; +} + +bool TDEKerberosClientSocket::open(int mode) { + bool ret = TQSocket::open(mode); + if (m_kerberosRequested) { + initializeKerberosInterface(); + } + return ret; +} + +void TDEKerberosClientSocket::close() { + TQSocket::close(); +} + +int TDEKerberosClientSocket::setUsingKerberos(bool krbactive) { + int ret = 0; + + if (m_serviceName == "") { + printf("[ERROR] No service name set!\n\r"); fflush(stdout); + return -1; + } + + if (krbactive) { + m_kerberosRequested = true; + if ((!saslData->m_krbConnection) && (state() == TQSocket::Connected)) { + ret = initializeKerberosInterface(); + } + } + else { + m_kerberosRequested = false; + if (saslData->m_krbConnection) { + freeKerberosConnection(); + } + } + + return ret; +} + +void TDEKerberosClientSocket::setServiceName(TQString name) { + m_serviceName = name; +} + +void TDEKerberosClientSocket::setServerFQDN(TQString name) { + m_serverFQDN = name; +} + +Q_LONG TDEKerberosClientSocket::readBlock(char *data, Q_ULONG maxlen) { + Q_LONG ret = TQSocket::readBlock(data, maxlen); + return ret; +} + +Q_LONG TDEKerberosClientSocket::writeBlock(const char *data, Q_ULONG len) { + Q_LONG ret = TQSocket::writeBlock(data, len); + return ret; +} + +Q_LONG TDEKerberosClientSocket::readLine(char *data, Q_ULONG maxlen) { + Q_LONG ret; + + if (m_kerberosRequested) { + ret = getSASLDataFromNetwork(data, maxlen); + } + else { + ret = TQSocket::readLine(data, maxlen); + } + + return ret; +} + +TQString TDEKerberosClientSocket::readLine() { + TQString ret; + char buf[NET_SEC_BUF_SIZE]; + + if (m_kerberosRequested) { + receiveEncryptedData(buf, NET_SEC_BUF_SIZE); + ret = TQString(buf); + } + else { + ret = TQSocket::readLine(); + } + + return ret; +} + +void TDEKerberosClientSocket::writeLine(TQString str) { + if (m_kerberosRequested) { + transmitEncryptedData(socket(), str.ascii(), str.length()); + } + else { + TQSocket::writeBlock(str.ascii(), str.length()); + } +} + +void TDEKerberosClientSocket::freeKerberosConnection(void) { + if (saslData->m_krbConnection) { + sasl_dispose(&saslData->m_krbConnection); + } + saslData->m_krbConnection = 0; +} + +void TDEKerberosClientSocket::sendSASLDataToNetwork(const char *buffer, unsigned length, int netfd) { + char *buf; + unsigned len, alloclen; + int result; + char txbuf[NET_SEC_BUF_SIZE]; + + alloclen = ((length / 3) + 1) * 4 + 1; + buf = (char*)malloc(alloclen); + if (!buf) { + printf("[ERROR] Unable to malloc()!\n\r"); + return; + } + + result = sasl_encode64(buffer, length, buf, alloclen, &len); + if (result != SASL_OK) { + printf("[ERROR] Encoding data in base64 returned %s (%d)\n\r", sasl_errstring(result, NULL, NULL), result); + return; + } + + sprintf(txbuf, "%s\n", buf); + write(netfd, txbuf, strlen(txbuf)); + + free(buf); +} + +unsigned int TDEKerberosClientSocket::getSASLDataFromNetwork(char *buf, int trunclen) { + unsigned int len; + int result; + + len = 0; + while (1) { + tqApp->processEvents(); + if (state() != TQSocket::Connected) { + return -1; + } + if (TQSocket::readBlock(buf+len, 1) > 0) { + if (buf[len] == '\n') { + buf[len] = 0; + break; + } + if (buf[len] != '\r') { + len++; + } + } + if (len >= trunclen) { + break; + } + } + + len = strlen(buf); + result = sasl_decode64(buf, (unsigned) strlen(buf), buf, trunclen, &len); + if (result != SASL_OK) { + printf("[ERROR] Decoding data from base64 returned %s (%d)\n\r", sasl_errstring(result, NULL, NULL), result); + return -1; + } + buf[len] = '\0'; + + return len; +} + +int TDEKerberosClientSocket::transmitEncryptedData(int fd, const char* readbuf, int cc) { + int result = 0; + unsigned int len; + const char *data; + + result=sasl_encode(saslData->m_krbConnection, readbuf, cc, &data, &len); + if (result != SASL_OK) { + printf("[ERROR] Encrypting data returned %s (%d)\n\r", sasl_errdetail(saslData->m_krbConnection), result); + return -1; + } + sendSASLDataToNetwork(data, len, fd); + + return 0; +} + +int TDEKerberosClientSocket::receiveEncryptedData(char *buf, int trunclen) { + unsigned int recv_len; + const char *recv_data; + int result; + int len; + + len = getSASLDataFromNetwork(buf, trunclen); + if (len >= 0) { + result=sasl_decode(saslData->m_krbConnection, buf, len, &recv_data, &recv_len); + if (result != SASL_OK) { + printf("[ERROR] Decrypting data returned %s (%d)\n\r", sasl_errdetail(saslData->m_krbConnection), result); + return -1; + } + strncpy(buf, recv_data, trunclen); + } + + return 0; +} + +int TDEKerberosClientSocket::initializeKerberosInterface() { + if (state() != TQSocket::Connected) { + saslData->m_krbConnection = false; + return -1; + } + + sasl_callback_t *callback; + char buf[NET_SEC_BUF_SIZE]; + int result = 0; + int serverlast = 0; + sasl_security_properties_t secprops; + const char *chosenmech; + unsigned int len; + const char *data; + char user_authorized = 0; + sasl_ssf_t *ssf; + char *iplocal = NULL; + char *ipremote = NULL; + const char *service = m_serviceName.ascii(); + const char *fqdn = m_serverFQDN.ascii(); + + callback = saslData->m_callbacks; + + // log + callback->id = SASL_CB_LOG; + callback->proc = (sasl_callback_ft)&logSASLMessages; + callback->context = NULL; + ++callback; + + // end of callback list + callback->id = SASL_CB_LIST_END; + callback->proc = NULL; + callback->context = NULL; + ++callback; + + // Initialize default data structures + memset(&secprops, 0L, sizeof(secprops)); + secprops.maxbufsize = NET_SEC_BUF_SIZE; + secprops.max_ssf = UINT_MAX; + + result = sasl_client_init(saslData->m_callbacks); + if (result != SASL_OK) { + printf("[ERROR] Initializing libsasl returned %s (%d)\n\r", sasl_errstring(result, NULL, NULL), result); + return -1; + } + + result = sasl_client_new(service, fqdn, iplocal, ipremote, NULL, serverlast, &saslData->m_krbConnection); + if (result != SASL_OK) { + printf("[ERROR] Allocating sasl connection state returned %s (%d)\n\r", sasl_errstring(result, NULL, NULL), result); + return -1; + } + + result = sasl_setprop(saslData->m_krbConnection, SASL_SEC_PROPS, &secprops); + if (result != SASL_OK) { + printf("[ERROR] Setting security properties returned %s (%d)\n\r", sasl_errstring(result, NULL, NULL), result); + freeKerberosConnection(); + return -1; + } + + printf("[DEBUG] Waiting for mechanism list from server...\n\r"); + len = getSASLDataFromNetwork(buf, NET_SEC_BUF_SIZE); + + printf("Choosing best mechanism from: %s\n", buf); + + result = sasl_client_start(saslData->m_krbConnection, buf, NULL, &data, &len, &chosenmech); + if (result != SASL_OK && result != SASL_CONTINUE) { + printf("[ERROR] Starting SASL negotiation returned %s (%d)\n\r", sasl_errstring(result, NULL, NULL), result); + freeKerberosConnection(); + return -1; + } + + printf("[DEBUG] Using mechanism %s\n\r", chosenmech); + strcpy(buf, chosenmech); + if (data) { + if (NET_SEC_BUF_SIZE - strlen(buf) - 1 < len) { + printf("[ERROR] Insufficient buffer space to construct initial response!\n\r"); + freeKerberosConnection(); + return -1; + } + printf("[DEBUG] Preparing initial response...\n\r"); + memcpy(buf + strlen(buf) + 1, data, len); + len += (unsigned) strlen(buf) + 1; + data = NULL; + } + else { + len = (unsigned) strlen(buf); + } + + printf("[DEBUG] Sending initial response...\n\r"); + sendSASLDataToNetwork(buf, len, socket()); + + while (result == SASL_CONTINUE) { + printf("[DEBUG] Waiting for server reply...\n\r"); + len = getSASLDataFromNetwork(buf, NET_SEC_BUF_SIZE); + if (state() != TQSocket::Connected) { + return -1; + } + result = sasl_client_step(saslData->m_krbConnection, buf, len, NULL, &data, &len); + if (result != SASL_OK && result != SASL_CONTINUE) { + printf("[ERROR] Performing SASL negotiation returned %s (%d)\n\r", sasl_errstring(result, NULL, NULL), result); + freeKerberosConnection(); + return -1; + } + if (data && len) { + printf("[DEBUG] Sending response...\n\r"); + sendSASLDataToNetwork(data, len, socket()); + } + else if (result != SASL_OK || !serverlast) { + sendSASLDataToNetwork("", 0, socket()); + } + } + printf("[DEBUG] Negotiation complete!\n\r"); + + result = sasl_getprop(saslData->m_krbConnection, SASL_USERNAME, (const void **)&data); + if (result != SASL_OK) { + printf("[WARNING] Unable to determine authenticated username!\n\r"); + } + else { + printf("[DEBUG] Authenticated username: %s\n\r", data ? data : "(NULL)"); + } + + result = sasl_getprop(saslData->m_krbConnection, SASL_DEFUSERREALM, (const void **)&data); + if (result != SASL_OK) { + printf("[WARNING] Unable to determine authenticated realm!\n\r"); + } + else { + printf("[DEBUG] Authenticated realm: %s\n\r", data ? data : "(NULL)"); + } + + result = sasl_getprop(saslData->m_krbConnection, SASL_SSF, (const void **)&ssf); + if (result != SASL_OK) { + printf("[WARNING] Unable to determine SSF!\n\r"); + } + else { + printf("[DEBUG] Authenticated SSF: %d\n", *ssf); + } + + return 0; +} \ No newline at end of file diff --git a/clients/tde/src/lib/tdekrbsocket.h b/clients/tde/src/lib/tdekrbsocket.h new file mode 100644 index 0000000..591b579 --- /dev/null +++ b/clients/tde/src/lib/tdekrbsocket.h @@ -0,0 +1,67 @@ +/*************************************************************************** + * Copyright (C) 2012 by Timothy Pearson * + * kb9vqf@pearsoncomputing.net * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 2 of the License, or * + * (at your option) any later version. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program; if not, write to the * + * Free Software Foundation, Inc., * + * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. * + ***************************************************************************/ + +#ifndef TDEKRBSOCKET_H +#define TDEKRBSOCKET_H + +#include + +#define N_CALLBACKS 3 + +class SASLDataPrivate; + +class TDEKerberosClientSocket : public TQSocket +{ + Q_OBJECT + + public: + TDEKerberosClientSocket(TQObject *parent=0, const char *name=0); + virtual ~TDEKerberosClientSocket(); + + bool open(int mode); + void close(); + Q_LONG readBlock(char *data, Q_ULONG maxlen); + Q_LONG writeBlock(const char *data, Q_ULONG len); + Q_LONG readLine(char *data, Q_ULONG maxlen); + TQString readLine(); + void writeLine(TQString); + + int setUsingKerberos(bool krbactive); + void setServiceName(TQString name); + void setServerFQDN(TQString name); + + private: + int initializeKerberosInterface(); + void freeKerberosConnection(); + void sendSASLDataToNetwork(const char *buffer, unsigned length, int netfd); + unsigned int getSASLDataFromNetwork(char *buf, int trunclen); + int transmitEncryptedData(int fd, const char* readbuf, int cc); + int receiveEncryptedData(char *buf, int trunclen); + + private: + bool m_kerberosRequested; + TQString m_serviceName; + TQString m_serverFQDN; + + private: + SASLDataPrivate *saslData; +}; + +#endif // TDEKRBSOCKET_H \ No newline at end of file diff --git a/clients/tde/src/part/commanalyzer/Makefile.am b/clients/tde/src/part/commanalyzer/Makefile.am index db98e9e..ebb008a 100644 --- a/clients/tde/src/part/commanalyzer/Makefile.am +++ b/clients/tde/src/part/commanalyzer/Makefile.am @@ -3,7 +3,7 @@ METASOURCES = AUTO #Part kde_module_LTLIBRARIES = libremotelab_commanalyzer.la -libremotelab_commanalyzer_la_LIBADD = ../../widgets/libtracewidget.la ../../widgets/libfloatspinbox.la $(LIB_KFILE) $(LIB_KPARTS) $(LIB_TDEUI) $(LIB_QT) +libremotelab_commanalyzer_la_LIBADD = ../../lib/libtdekrbsocket.la ../../widgets/libtracewidget.la ../../widgets/libfloatspinbox.la $(LIB_KFILE) $(LIB_KPARTS) $(LIB_TDEUI) $(LIB_QT) libremotelab_commanalyzer_la_LDFLAGS = $(all_libraries) $(KDE_PLUGIN) -ltdecore -ltdeui -lkio -ltdefx libremotelab_commanalyzer_la_SOURCES = \ part.cpp layout.ui -- cgit v1.2.1