mirror of
https://github.com/zeromq/libzmq.git
synced 2025-03-09 15:26:04 +00:00
gssapi: move new options to DRAFT section
Problem: The new GSSAPI NAMESPACE options should have been added to the DRAFT section of the API so they can be changed until stabilized. Solution: - Move defines to the DRAFT section of zmq.h - Duplicate them in zmq_draft.h, as is the local custom - Compile only if defined (ZMQ_BUILD_DRAFT_API) - Refactor internals slightly to avoid #ifdef hell
This commit is contained in:
Jim Garlick
parent
c49436ad94
commit
9fbf2e2eb6
@ -368,13 +368,6 @@ ZMQ_EXPORT const char *zmq_msg_gets (const zmq_msg_t *msg, const char *property)
|
||||
#define ZMQ_VMCI_BUFFER_MAX_SIZE 87
|
||||
#define ZMQ_VMCI_CONNECT_TIMEOUT 88
|
||||
#define ZMQ_USE_FD 89
|
||||
#define ZMQ_GSSAPI_PRINCIPAL_NAMETYPE 90
|
||||
#define ZMQ_GSSAPI_SERVICE_PRINCIPAL_NAMETYPE 91
|
||||
|
||||
/* GSSAPI principal name types */
|
||||
#define ZMQ_GSSAPI_NT_HOSTBASED 0
|
||||
#define ZMQ_GSSAPI_NT_USER_NAME 1
|
||||
#define ZMQ_GSSAPI_NT_KRB5_PRINCIPAL 2
|
||||
|
||||
/* Message options */
|
||||
#define ZMQ_MORE 1
|
||||
@ -638,6 +631,18 @@ ZMQ_EXPORT int zmq_timers_reset (void *timers, int timer_id);
|
||||
ZMQ_EXPORT long zmq_timers_timeout (void *timers);
|
||||
ZMQ_EXPORT int zmq_timers_execute (void *timers);
|
||||
|
||||
/******************************************************************************/
|
||||
/* GSSAPI socket options to set name type */
|
||||
/******************************************************************************/
|
||||
|
||||
#define ZMQ_GSSAPI_PRINCIPAL_NAMETYPE 1090
|
||||
#define ZMQ_GSSAPI_SERVICE_PRINCIPAL_NAMETYPE 1091
|
||||
|
||||
/* GSSAPI principal name types */
|
||||
#define ZMQ_GSSAPI_NT_HOSTBASED 0
|
||||
#define ZMQ_GSSAPI_NT_USER_NAME 1
|
||||
#define ZMQ_GSSAPI_NT_KRB5_PRINCIPAL 2
|
||||
|
||||
#endif // ZMQ_BUILD_DRAFT_API
|
||||
|
||||
|
||||
|
||||
@ -51,8 +51,12 @@ zmq::gssapi_client_t::gssapi_client_t (const options_t &options_) :
|
||||
service_name = static_cast <char *>(malloc(service_size+1));
|
||||
assert(service_name);
|
||||
memcpy(service_name, options_.gss_service_principal.c_str(), service_size+1 );
|
||||
service_name_type = convert_nametype (options_.gss_service_principal_nt);
|
||||
|
||||
#ifdef ZMQ_BUILD_DRAFT_API
|
||||
service_name_type = convert_nametype (options_.gss_service_principal_nt);
|
||||
#else
|
||||
service_name_type = GSS_C_NT_HOSTBASED_SERVICE;
|
||||
#endif
|
||||
maj_stat = GSS_S_COMPLETE;
|
||||
if(!options_.gss_principal.empty())
|
||||
{
|
||||
@ -61,8 +65,12 @@ zmq::gssapi_client_t::gssapi_client_t (const options_t &options_) :
|
||||
assert(principal_name);
|
||||
memcpy(principal_name, options_.gss_principal.c_str(), principal_size+1 );
|
||||
|
||||
if (acquire_credentials (principal_name, &cred,
|
||||
options_.gss_principal_nt) != 0)
|
||||
#ifdef ZMQ_BUILD_DRAFT_API
|
||||
gss_OID name_type = convert_nametype (options_.gss_principal_nt);
|
||||
#else
|
||||
gss_OID name_type = GSS_C_NT_HOSTBASED_SERVICE;
|
||||
#endif
|
||||
if (acquire_credentials (principal_name, &cred, name_type) != 0)
|
||||
maj_stat = GSS_S_FAILURE;
|
||||
}
|
||||
|
||||
|
||||
@ -320,9 +320,9 @@ int zmq::gssapi_mechanism_base_t::process_ready (msg_t *msg_)
|
||||
bytes_left -= 6;
|
||||
return parse_metadata (ptr, bytes_left);
|
||||
}
|
||||
|
||||
const gss_OID zmq::gssapi_mechanism_base_t::convert_nametype (int zmq_nametype)
|
||||
{
|
||||
#ifdef ZMQ_BUILD_DRAFT_API
|
||||
switch (zmq_nametype) {
|
||||
case ZMQ_GSSAPI_NT_HOSTBASED:
|
||||
return GSS_C_NT_HOSTBASED_SERVICE;
|
||||
@ -335,22 +335,22 @@ const gss_OID zmq::gssapi_mechanism_base_t::convert_nametype (int zmq_nametype)
|
||||
return GSS_C_NT_USER_NAME;
|
||||
#endif
|
||||
}
|
||||
#endif
|
||||
return NULL;
|
||||
}
|
||||
|
||||
int zmq::gssapi_mechanism_base_t::acquire_credentials (char * service_name_, gss_cred_id_t * cred_, int zmq_name_type_)
|
||||
int zmq::gssapi_mechanism_base_t::acquire_credentials (char * service_name_, gss_cred_id_t * cred_, gss_OID name_type_)
|
||||
{
|
||||
OM_uint32 maj_stat;
|
||||
OM_uint32 min_stat;
|
||||
gss_name_t server_name;
|
||||
gss_OID name_type = convert_nametype (zmq_name_type_);
|
||||
|
||||
gss_buffer_desc name_buf;
|
||||
name_buf.value = service_name_;
|
||||
name_buf.length = strlen ((char *) name_buf.value) + 1;
|
||||
|
||||
maj_stat = gss_import_name (&min_stat, &name_buf,
|
||||
name_type, &server_name);
|
||||
name_type_, &server_name);
|
||||
|
||||
if (maj_stat != GSS_S_COMPLETE)
|
||||
return -1;
|
||||
|
||||
@ -86,7 +86,7 @@ namespace zmq
|
||||
// underlying mechanism.
|
||||
static int acquire_credentials (char * principal_name_,
|
||||
gss_cred_id_t * cred_,
|
||||
int zmq_name_type_);
|
||||
gss_OID name_type_);
|
||||
|
||||
protected:
|
||||
// Opaque GSSAPI token for outgoing data
|
||||
|
||||
@ -58,9 +58,12 @@ zmq::gssapi_server_t::gssapi_server_t (session_base_t *session_,
|
||||
principal_name = static_cast <char *>(malloc(principal_size+1));
|
||||
assert(principal_name);
|
||||
memcpy(principal_name, options_.gss_principal.c_str(), principal_size+1 );
|
||||
|
||||
if (acquire_credentials (principal_name, &cred,
|
||||
options_.gss_principal_nt) != 0)
|
||||
#ifdef ZMQ_BUILD_DRAFT_API
|
||||
gss_OID name_type = convert_nametype (options_.gss_principal_nt);
|
||||
#else
|
||||
gss_OID name_type = GSS_C_NT_HOSTBASED_SERVICE;
|
||||
#endif
|
||||
if (acquire_credentials (principal_name, &cred, name_type) != 0)
|
||||
maj_stat = GSS_S_FAILURE;
|
||||
}
|
||||
}
|
||||
|
||||
@ -69,8 +69,10 @@ zmq::options_t::options_t () :
|
||||
tcp_keepalive_intvl (-1),
|
||||
mechanism (ZMQ_NULL),
|
||||
as_server (0),
|
||||
#ifdef ZMQ_BUILD_DRAFT_API
|
||||
gss_principal_nt (ZMQ_GSSAPI_NT_HOSTBASED),
|
||||
gss_service_principal_nt (ZMQ_GSSAPI_NT_HOSTBASED),
|
||||
#endif
|
||||
gss_plaintext (false),
|
||||
socket_id (0),
|
||||
conflate (false),
|
||||
@ -511,6 +513,7 @@ int zmq::options_t::setsockopt (int option_, const void *optval_,
|
||||
return 0;
|
||||
}
|
||||
break;
|
||||
#ifdef ZMQ_BUILD_DRAFT_API
|
||||
case ZMQ_GSSAPI_PRINCIPAL_NAMETYPE:
|
||||
if (is_int && (value == ZMQ_GSSAPI_NT_HOSTBASED
|
||||
|| value == ZMQ_GSSAPI_NT_USER_NAME
|
||||
@ -527,6 +530,7 @@ int zmq::options_t::setsockopt (int option_, const void *optval_,
|
||||
return 0;
|
||||
}
|
||||
break;
|
||||
#endif
|
||||
#endif
|
||||
|
||||
case ZMQ_HANDSHAKE_IVL:
|
||||
|
||||
@ -198,11 +198,11 @@ namespace zmq
|
||||
// Principals for GSSAPI mechanism
|
||||
std::string gss_principal;
|
||||
std::string gss_service_principal;
|
||||
|
||||
#ifdef ZMQ_BUILD_DRAFT_API
|
||||
// Name types GSSAPI principals
|
||||
int gss_principal_nt;
|
||||
int gss_service_principal_nt;
|
||||
|
||||
#endif
|
||||
// If true, gss encryption will be disabled
|
||||
bool gss_plaintext;
|
||||
|
||||
|
||||
@ -116,6 +116,18 @@ int zmq_timers_reset (void *timers, int timer_id);
|
||||
long zmq_timers_timeout (void *timers);
|
||||
int zmq_timers_execute (void *timers);
|
||||
|
||||
/******************************************************************************/
|
||||
/* GSSAPI socket options to set name type */
|
||||
/******************************************************************************/
|
||||
|
||||
#define ZMQ_GSSAPI_PRINCIPAL_NAMETYPE 1090
|
||||
#define ZMQ_GSSAPI_SERVICE_PRINCIPAL_NAMETYPE 1091
|
||||
|
||||
/* GSSAPI principal name types */
|
||||
#define ZMQ_GSSAPI_NT_HOSTBASED 0
|
||||
#define ZMQ_GSSAPI_NT_USER_NAME 1
|
||||
#define ZMQ_GSSAPI_NT_KRB5_PRINCIPAL 2
|
||||
|
||||
#endif // ZMQ_BUILD_DRAFT_API
|
||||
|
||||
#endif //ifndef __ZMQ_DRAFT_H_INCLUDED__
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user