Rudiments
Public Member Functions | List of all members
gsscontext Class Reference

Inherits securitycontext.

Public Member Functions

 gsscontext ()
 
virtual ~gsscontext ()
 
void setCredentials (gsscredentials *credentials)
 
gsscredentialsgetCredentials ()
 
void setFileDescriptor (filedescriptor *fd)
 
filedescriptorgetFileDescriptor ()
 
void setDesiredLifetime (uint32_t desiredlifetime)
 
uint32_t getDesiredLifetime ()
 
void setDesiredMechanism (gssmechanism *desiredmechanism)
 
gssmechanismgetDesiredMechanism ()
 
void setDesiredFlags (uint32_t desiredflags)
 
void setDesiredFlags (const char *desiredflags)
 
uint32_t getDesiredFlags ()
 
void setService (const char *service)
 
const char * getService ()
 
bool connect ()
 
bool accept ()
 
uint32_t getActualLifetime ()
 
gssmechanismgetActualMechanism ()
 
uint32_t getActualFlags ()
 
uint32_t getRemainingLifetime ()
 
const char * getInitiator ()
 
const char * getAcceptor ()
 
bool getIsInitiator ()
 
bool getIsOpen ()
 
bool wrap (const unsigned char *input, size_t inputsize, unsigned char **output, size_t *outputsize)
 
bool wrap (const unsigned char *input, size_t inputsize, bool useencryption, unsigned char **output, size_t *outputsize, bool *encryptionused)
 
bool unwrap (const unsigned char *input, size_t inputsize, unsigned char **output, size_t *outputsize)
 
bool unwrap (const unsigned char *input, size_t inputsize, unsigned char **output, size_t *outputsize, bool *decryptionused)
 
bool getMic (const unsigned char *message, size_t messagesize, unsigned char **mic, size_t *micsize)
 
bool verifyMic (const unsigned char *message, size_t messagesize, const unsigned char *mic, size_t micsize)
 
ssize_t read (void *buf, ssize_t count)
 
ssize_t write (const void *buf, ssize_t count)
 
ssize_t pending ()
 
bool close ()
 
ssize_t getSizeMax ()
 
uint32_t getMajorStatus ()
 
uint32_t getMinorStatus ()
 
const char * getStatus ()
 
const char * getGSSMajorStatus ()
 
const char * getGSSMinorStatus ()
 
const char * getMechanismMajorStatus ()
 
const char * getMechanismMinorStatus ()
 

Constructor & Destructor Documentation

◆ gsscontext()

gsscontext::gsscontext ( )

Creates an instance of the gsscontext class.

◆ ~gsscontext()

virtual gsscontext::~gsscontext ( )
virtual

Deletes this instance of the gsscontext class.

Member Function Documentation

◆ accept()

bool gsscontext::accept ( )
virtual

Accepts a security context from the client with whom a connection is already established across the filedescriptor previously set using setFileDescriptor().

Note that if this instance is set as the current GSS context of a child of the socketserver class, then this method is called implicitly during a successful call to accept().

Returns true on success and false on failure.

Implements securitycontext.

◆ close()

bool gsscontext::close ( )
virtual

Releases any security context established during the previous call to connect() or accept().

Implements securitycontext.

◆ connect()

bool gsscontext::connect ( )
virtual

Initiates a security context with the server with whom a connection is already established across the filedescriptor previously set using setFileDescriptor().

Note that if this instance is set as the current security context of a child of the socketclient class, then this method is called implicitly during a successful call to connect().

Returns true on success and false on failure.

Implements securitycontext.

◆ getAcceptor()

const char* gsscontext::getAcceptor ( )

Returns the name of the principal who accepted this context.

◆ getActualFlags()

uint32_t gsscontext::getActualFlags ( )

Returns the context flags that were actually used during the most recent call to connect() or accept() or 0 if no call to an connect() or accept() method has been made, or if close() has been called.

◆ getActualLifetime()

uint32_t gsscontext::getActualLifetime ( )

Returns the actual lifetime of the context, assigned during the most recent call to connect() or accept(). Returns the largest unsigned 32-bit integer (indicating an indefinite lifetime, the default) if no call to connect() or accept() has been made, or if close() has been called.

◆ getActualMechanism()

gssmechanism* gsscontext::getActualMechanism ( )

Returns the security mechanism that was actually used during the most recent call to connect() or accept() or NULL if no call to connect() or accept() has been made, or if close() has been called.

◆ getCredentials()

gsscredentials* gsscontext::getCredentials ( )

Returns the credentials set by a previous call to setCredentials() or NULL if no credentials have been set.

◆ getDesiredFlags()

uint32_t gsscontext::getDesiredFlags ( )

Returns the context-flags set by a previous call to setDesiredFlags() or 0 if no flags have been set.

◆ getDesiredLifetime()

uint32_t gsscontext::getDesiredLifetime ( )

Returns the desired context-lifetime set by a previous call to setDesiredLifetime() or the largest 32-bit integer (indicating an indefinite lifetime, the default) if no desired context-lifetime has been set.

◆ getDesiredMechanism()

gssmechanism* gsscontext::getDesiredMechanism ( )

Returns the security mechanism set by a previous call to setDesiredMechanism() or NULL if no security mechanism has been set.

◆ getFileDescriptor()

filedescriptor* gsscontext::getFileDescriptor ( )
virtual

Returns the filedscriptor by a previous call to setFileDescriptor() or NULL if no filedescriptor has been set.

Implements securitycontext.

◆ getGSSMajorStatus()

const char* gsscontext::getGSSMajorStatus ( )

Returns the GSS major status string of the most recently failed call.

◆ getGSSMinorStatus()

const char* gsscontext::getGSSMinorStatus ( )

Returns the GSS minor status string of the most recently failed call.

◆ getInitiator()

const char* gsscontext::getInitiator ( )

Returns the name of the principal who initiated this context.

◆ getIsInitiator()

bool gsscontext::getIsInitiator ( )

Returns true if the calling process was the initator of this context and false if it was not.

◆ getIsOpen()

bool gsscontext::getIsOpen ( )

Returns true if the context has been initiated or accepted and false otherwise.

◆ getMajorStatus()

uint32_t gsscontext::getMajorStatus ( )

Returns the major-status code of the most recently failed call.

◆ getMechanismMajorStatus()

const char* gsscontext::getMechanismMajorStatus ( )

Returns the mechanism major status string of the most recently failed call.

◆ getMechanismMinorStatus()

const char* gsscontext::getMechanismMinorStatus ( )

Returns the mechanism minor status string of the most recently failed call.

◆ getMic()

bool gsscontext::getMic ( const unsigned char *  message,
size_t  messagesize,
unsigned char **  mic,
size_t *  micsize 
)

Generates a mechanism integrity code for "message" of size "messagesize", allocates a buffer internally to store the code, returns a pointer the buffer in "mic", and returns the size of the buffer in "micsize". Returns true on success and false on failure.

◆ getMinorStatus()

uint32_t gsscontext::getMinorStatus ( )

Returns the minor-status code of the most recently failed call.

◆ getRemainingLifetime()

uint32_t gsscontext::getRemainingLifetime ( )

Returns the remaining lifetime of the context.

◆ getService()

const char* gsscontext::getService ( )

Returns the service that will be requested during subsequent calls to connect().

◆ getSizeMax()

ssize_t gsscontext::getSizeMax ( )
virtual

Returns the maximum size that can be written or read in a single call to write() or read().

Implements securitycontext.

◆ getStatus()

const char* gsscontext::getStatus ( )

Returns the status string of the most recently failed call.

◆ pending()

ssize_t gsscontext::pending ( )
virtual

Returns the number of bytes that are buffered and available for immediate read.

Implements securitycontext.

◆ read()

ssize_t gsscontext::read ( void *  buf,
ssize_t  count 
)
virtual

Reads tokens from the file descriptor previously configured by setFileDescriptor(), unwraps them, and writes the unwrapped data to "buf" until "count" bytes have been read. Returns the number of unwrapped bytes that were written to "buf" or RESULT_ERROR if an error occurred.

Implements securitycontext.

◆ setCredentials()

void gsscontext::setCredentials ( gsscredentials credentials)

Sets the credentials that will be used during subsequent calls to connect() or accept().

◆ setDesiredFlags() [1/2]

void gsscontext::setDesiredFlags ( uint32_t  desiredflags)

Sets the context-flags that will be requested during subsequent calls to connect() or accept().

◆ setDesiredFlags() [2/2]

void gsscontext::setDesiredFlags ( const char *  desiredflags)

Sets the context-flags that will be requested during subsequent calls to connect() or accept().

◆ setDesiredLifetime()

void gsscontext::setDesiredLifetime ( uint32_t  desiredlifetime)

Sets the context-lifetime that will be requested during subsequent calls to connect() or accept(). Setting "desiredlifetime" to the largest 32-bit unsigned integer requests an indefinite lifetime.

◆ setDesiredMechanism()

void gsscontext::setDesiredMechanism ( gssmechanism desiredmechanism)

Sets the security mechanism that will be requested during subsequent calls to connect() or accept().

◆ setFileDescriptor()

void gsscontext::setFileDescriptor ( filedescriptor fd)
virtual

Sets the filedescriptor that will be used during subsequent calls to connect() or accept().

Note that if this instance is set as the current GSS context of a child of the socketclient class, then this method is called implicitly during a successful call to connect().

Note also that if this instance is set as the current GSS context of a child of the socketserver class, then this method is called implicitly during a successful call to accept().

Implements securitycontext.

◆ setService()

void gsscontext::setService ( const char *  service)

Sets the service that will be requested during subsequent calls to connect().

◆ unwrap() [1/2]

bool gsscontext::unwrap ( const unsigned char *  input,
size_t  inputsize,
unsigned char **  output,
size_t *  outputsize 
)

Unwraps "input" data of size "inputsize", allocates a buffer internally to store the unwrapped data, returns a pointer the buffer in "output", and returns the size of the buffer in "outputsize". Returns true on success and false on failure.

◆ unwrap() [2/2]

bool gsscontext::unwrap ( const unsigned char *  input,
size_t  inputsize,
unsigned char **  output,
size_t *  outputsize,
bool decryptionused 
)

Unwraps "input" data of size "inputsize", allocates a buffer internally to store the unwrapped data, returns a pointer the buffer in "output", and returns the size of the buffer in "outputsize". Returns whether decryption was performed or not in "decryptionused". Returns true on success and false on failure.

◆ verifyMic()

bool gsscontext::verifyMic ( const unsigned char *  message,
size_t  messagesize,
const unsigned char *  mic,
size_t  micsize 
)

Performs a mechanism integrity code for "message" of size "messagesize" and compares it to the data in "mic" of size "micsize". Returns true if they match and false otherwise.

◆ wrap() [1/2]

bool gsscontext::wrap ( const unsigned char *  input,
size_t  inputsize,
unsigned char **  output,
size_t *  outputsize 
)

Wraps "input" data of size "inputsize", allocates a buffer internally to store the wrapped data, returns a pointer the buffer in "output", and returns the size of the buffer in "outputsize". Returns true on success and false on failure.

◆ wrap() [2/2]

bool gsscontext::wrap ( const unsigned char *  input,
size_t  inputsize,
bool  useencryption,
unsigned char **  output,
size_t *  outputsize,
bool encryptionused 
)

Wraps "input" data of size "inputsize", allocates a buffer internally to store the wrapped data, returns a pointer the buffer in "output", and returns the size of the buffer in "outputsize". Attempts to encrypt the data if "useencryption" is set to true. Returns whether encryption was performed or not in "encryptionused". Returns true on success and false on failure.

◆ write()

ssize_t gsscontext::write ( const void *  buf,
ssize_t  count 
)
virtual

Wraps "count" bytes from "buf" and writes them to the file descriptor previously configured by setFileDescriptor(). Returns the number of unwrapped bytes that were written or RESULT_ERROR if an error occurred.

Implements securitycontext.