gssapi_mechanism_base.hpp
Go to the documentation of this file.
1 /* SPDX-License-Identifier: MPL-2.0 */
2 
3 #ifndef __ZMQ_GSSAPI_MECHANISM_BASE_HPP_INCLUDED__
4 #define __ZMQ_GSSAPI_MECHANISM_BASE_HPP_INCLUDED__
5 
6 #ifdef HAVE_LIBGSSAPI_KRB5
7 
8 #if HAVE_GSSAPI_GSSAPI_GENERIC_H
9 #include <gssapi/gssapi_generic.h>
10 #endif
11 #include <gssapi/gssapi_krb5.h>
12 
13 #include "mechanism_base.hpp"
14 #include "options.hpp"
15 
16 namespace zmq
17 {
18 class msg_t;
19 
24 class gssapi_mechanism_base_t : public virtual mechanism_base_t
25 {
26  public:
27  gssapi_mechanism_base_t (session_base_t *session_,
28  const options_t &options_);
29  ~gssapi_mechanism_base_t () ZMQ_OVERRIDE = 0;
30 
31  protected:
32  // Produce a context-level GSSAPI token (INITIATE command)
33  // during security context initialization.
34  int produce_initiate (msg_t *msg_, void *data_, size_t data_len_);
35 
36  // Process a context-level GSSAPI token (INITIATE command)
37  // during security context initialization.
38  int process_initiate (msg_t *msg_, void **data_, size_t &data_len_);
39 
40  // Produce a metadata ready msg (READY) to conclude handshake
41  int produce_ready (msg_t *msg_);
42 
43  // Process a metadata ready msg (READY)
44  int process_ready (msg_t *msg_);
45 
46  // Encode a per-message GSSAPI token (MESSAGE command) using
47  // the established security context.
48  int encode_message (msg_t *msg_);
49 
50  // Decode a per-message GSSAPI token (MESSAGE command) using
51  // the established security context.
52  int decode_message (msg_t *msg_);
53 
54  // Convert ZMQ_GSSAPI_NT values to GSSAPI name_type
55  static const gss_OID convert_nametype (int zmq_name_type_);
56 
57  // Acquire security context credentials from the
58  // underlying mechanism.
59  static int acquire_credentials (char *principal_name_,
60  gss_cred_id_t *cred_,
61  gss_OID name_type_);
62 
63  protected:
64  // Opaque GSSAPI token for outgoing data
65  gss_buffer_desc send_tok;
66 
67  // Opaque GSSAPI token for incoming data
68  gss_buffer_desc recv_tok;
69 
70  // Opaque GSSAPI representation of principal
71  gss_name_t target_name;
72 
73  // Human-readable principal name
74  char *principal_name;
75 
76  // Status code returned by GSSAPI functions
77  OM_uint32 maj_stat;
78 
79  // Status code returned by the underlying mechanism
80  OM_uint32 min_stat;
81 
82  // Status code returned by the underlying mechanism
83  // during context initialization
84  OM_uint32 init_sec_min_stat;
85 
86  // Flags returned by GSSAPI (ignored)
87  OM_uint32 ret_flags;
88 
89  // Flags returned by GSSAPI (ignored)
90  OM_uint32 gss_flags;
91 
92  // Credentials used to establish security context
93  gss_cred_id_t cred;
94 
95  // Opaque GSSAPI representation of the security context
96  gss_ctx_id_t context;
97 
98  // If true, use gss to encrypt messages. If false, only utilize gss for auth.
99  bool do_encryption;
100 };
101 }
102 
103 #endif
104 
105 #endif
data_
StringPiece data_
Definition: bytestream_unittest.cc:60
benchmarks.python.py_benchmark.const
const
Definition: py_benchmark.py:14
zmq
Definition: zmq.hpp:229
ZMQ_OVERRIDE
#define ZMQ_OVERRIDE
Definition: zmq.hpp:91
options.hpp
mechanism_base.hpp
options_
DebugStringOptions options_
Definition: src/google/protobuf/descriptor.cc:2410

libaditof
Author(s):
autogenerated on Wed May 21 2025 02:06:53