FabInfra-Mirror/bffh
1
0
Fork 0
mirror of https://gitlab.com/fabinfra/fabaccess/bffh.git synced 2025-06-11 10:53:19 +02:00
Code Issues Packages Projects Releases Wiki Activity

Update to latest rsasl

Browse Source
This commit is contained in:
Nadja Reitzenstein
2022-11-01 10:47:51 +01:00
parent 3cf152a164
commit 0ed53f5cc9
9 changed files with 107 additions and 102 deletions
Download Patch File Download Diff File Expand all files Collapse all files

44
bffhd/capnp/authenticationsystem.rs
View File

@ -16,6 +16,7 @@ use api::authenticationsystem_capnp::authentication::{
AbortParams, AbortResults, Server as AuthenticationSystem, StepParams, StepResults,
};
use api::authenticationsystem_capnp::{response, response::Error as ErrorCode};
use crate::authentication::V;
const TARGET: &str = "bffh::api::authenticationsystem";
@ -28,7 +29,7 @@ impl Authentication {
pub fn new(
parent: &Span,
mechanism: &Mechname, /* TODO: this is stored in session as well, get it out of there. */
session: Session,
session: Session<V>,
sessionmanager: SessionManager,
) -> Self {
let span = tracing::info_span!(
@ -93,7 +94,7 @@ enum State {
InvalidMechanism,
Finished,
Aborted,
Running(Session, SessionManager),
Running(Session<V>, SessionManager),
}
impl AuthenticationSystem for Authentication {
@ -122,36 +123,35 @@ impl AuthenticationSystem for Authentication {
{
let data: &[u8] = pry!(pry!(params.get()).get_data());
let mut out = Cursor::new(Vec::new());
let mut out = Vec::new();
match session.step(Some(data), &mut out) {
Ok(SaslState::Finished(sent)) => {
self.state = State::Finished;
let uid = pry!(session.get_property::<AuthId>().ok_or_else(|| {
tracing::warn!("Authentication didn't provide an authid as required.");
capnp::Error::failed(
"Authentication didn't provide an authid as required".to_string(),
)
}));
let session = pry!(manager.open(&self.span, uid.as_ref()).ok_or_else(|| {
tracing::warn!(uid = uid.as_str(), "Failed to lookup the given user");
capnp::Error::failed("Failed to lookup the given user".to_string())
}));
if let Some(user) = session.validation() {
let session = manager.open(&self.span, user);
response = Response {
union_field: "successful",
};
response = Response {
union_field: "successful",
};
let mut builder = builder.init_successful();
if sent == MessageSent::Yes {
builder.set_additional_data(out.as_slice());
}
let mut builder = builder.init_successful();
if sent == MessageSent::Yes {
builder.set_additional_data(out.into_inner().as_slice());
APISession::build(session, builder)
} else {
let mut builder = builder.init_failed();
builder.set_code(ErrorCode::InvalidCredentials);
response = Response {
union_field: "error",
};
}
APISession::build(session, builder)
}
Ok(SaslState::Running) => {
self.state = State::Running(session, manager);
builder.set_challenge(out.into_inner().as_slice());
builder.set_challenge(out.as_slice());
response = Response {
union_field: "challenge",

7
bffhd/capnp/connection.rs
View File

@ -95,9 +95,10 @@ impl bootstrap::Server for BootCap {
let builder = result.get();
let mechs: Vec<_> = self
.authentication
.list_available_mechs()
.sess()
.get_available()
.into_iter()
.map(|m| m.as_str())
.map(|m| m.mechanism.as_str())
.collect();
let mut mechbuilder = builder.init_mechs(mechs.len() as u32);
for (i, m) in mechs.iter().enumerate() {
@ -146,7 +147,7 @@ impl bootstrap::Server for BootCap {
tracing::trace!(params.mechanism = mechanism, "method call");
let mechname = Mechname::new(mechanism.as_bytes());
let mechname = Mechname::parse(mechanism.as_bytes());
let auth = if let Ok(mechname) = mechname {
if let Ok(session) = self.authentication.start(mechname) {
Authentication::new(&self.span, mechname, session, self.sessionmanager.clone())