diff options
| author | Luke Howard <lukeh@padl.com> | 2011-04-02 08:59:33 +0000 |
|---|---|---|
| committer | Luke Howard <lukeh@padl.com> | 2011-04-02 08:59:33 +0000 |
| commit | 72e88654dbdfa92789dfe0224e818d2da261005a (patch) | |
| tree | ba6c5b3616418c772085d2047fbd8aa37e159554 | |
| parent | 4bff52185b15081f7f41e4107c8ccea32a076502 (diff) | |
| download | krb5-72e88654dbdfa92789dfe0224e818d2da261005a.zip krb5-72e88654dbdfa92789dfe0224e818d2da261005a.tar.gz krb5-72e88654dbdfa92789dfe0224e818d2da261005a.tar.bz2 | |
refactor krb5 plugin to use GSS_C_ATTR_SAML_ASSERTION
git-svn-id: svn://anonsvn.mit.edu/krb5/users/lhoward/saml2@24800 dc483132-0cff-0310-8789-dd5450dbe970
| -rw-r--r-- | src/plugins/authdata/saml_client/Makefile.in | 2 | ||||
| -rw-r--r-- | src/plugins/authdata/saml_client/saml_authdata.cpp | 21 | ||||
| -rw-r--r-- | src/plugins/authdata/saml_server/Makefile.in | 2 |
3 files changed, 13 insertions, 12 deletions
diff --git a/src/plugins/authdata/saml_client/Makefile.in b/src/plugins/authdata/saml_client/Makefile.in index eb8ad5f..b40c1d4 100644 --- a/src/plugins/authdata/saml_client/Makefile.in +++ b/src/plugins/authdata/saml_client/Makefile.in @@ -18,7 +18,7 @@ SO_EXT=.so SHLIB_EXPDEPS = $(TOPLIBD)/libk5crypto$(SHLIBEXT) \ $(TOPLIBD)/libkrb5$(SHLIBEXT) SAML_LIBS = -L/usr/local/lib -lsaml -lshibresolver -lshibsp -lxml-security-c -lxmltooling -lxerces-c -SHLIB_EXPLIBS= -lkrb5 -lcom_err -lk5crypto $(SUPPORT_LIB) $(LIBS) $(SAML_LIBS) +SHLIB_EXPLIBS= $(GSS_LIBS) $(KRB5_BASE_LIBS) $(SUPPORT_LIB) $(LIBS) $(SAML_LIBS) SHLIB_DIRS=-L$(TOPLIBD) SHLIB_RDIRS=$(KRB5_LIBDIR) diff --git a/src/plugins/authdata/saml_client/saml_authdata.cpp b/src/plugins/authdata/saml_client/saml_authdata.cpp index 1f2fefd..458813e 100644 --- a/src/plugins/authdata/saml_client/saml_authdata.cpp +++ b/src/plugins/authdata/saml_client/saml_authdata.cpp @@ -32,6 +32,8 @@ #include "../saml_server/saml_krb.h" +#include <gssapi/gssapi_ext.h> + #include <shibsp/exceptions.h> #include <shibsp/attribute/SimpleAttribute.h> #include <shibresolver/resolver.h> @@ -228,18 +230,12 @@ saml_fini(krb5_context kcontext, void *plugin_context) { } -static const krb5_data -saml_assertion_attr = { - KV5M_DATA, - /* XXX this is for Moonshot interoperability demonstrability only */ - sizeof("urn:ietf:params:gss-eap:saml-aaa-assertion") - 1, - (char *)"urn:ietf:params:gss-eap:saml-aaa-assertion" -}; - static krb5_boolean saml_is_assertion_attr(const krb5_data *attr) { - return data_eq(*attr, saml_assertion_attr); + return (attr->length == GSS_C_ATTR_SAML_ASSERTION->length && + memcmp(attr->data, GSS_C_ATTR_SAML_ASSERTION->value, + GSS_C_ATTR_SAML_ASSERTION->length) == 0); } static shibsp::Attribute * @@ -387,7 +383,12 @@ saml_get_attribute_types(krb5_context kcontext, return code; if (sc->assertion != NULL) { - code = krb5int_copy_data_contents_add0(kcontext, &saml_assertion_attr, &attrs[i++]); + krb5_data saml; + + saml.length = GSS_C_ATTR_SAML_ASSERTION->length; + saml.data = (char *)GSS_C_ATTR_SAML_ASSERTION->value; + + code = krb5int_copy_data_contents_add0(kcontext, &saml, &attrs[i++]); if (code != 0) { free(attrs); return code; diff --git a/src/plugins/authdata/saml_server/Makefile.in b/src/plugins/authdata/saml_server/Makefile.in index dfd6b03..9e93d82 100644 --- a/src/plugins/authdata/saml_server/Makefile.in +++ b/src/plugins/authdata/saml_server/Makefile.in @@ -19,7 +19,7 @@ SO_EXT=.so SAML_LIBS = -L/usr/local/lib -lsaml -lxml-security-c -lxmltooling -lxerces-c SHLIB_EXPDEPS = $(TOPLIBD)/libk5crypto$(SHLIBEXT) \ $(TOPLIBD)/libkrb5$(SHLIBEXT) -SHLIB_EXPLIBS= -lkrb5 -lcom_err -lk5crypto -lkdb_ldap -lkdb5 $(SUPPORT_LIB) $(LIBS) @LDAP_LIBS@ $(SAML_LIBS) +SHLIB_EXPLIBS= $(KRB5_BASE_LIBS) -lkdb_ldap $(KDB5_LIBS) $(SUPPORT_LIB) $(LIBS) @LDAP_LIBS@ $(SAML_LIBS) SHLIB_DIRS=-L$(TOPLIBD) SHLIB_RDIRS=$(KRB5_LIBDIR) |