1 /*
2 * Copyright 2017 MongoDB, Inc.
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17 /* for size_t */
18 #include <bson.h>
19 #include "mongoc-config.h"
20
21 #ifdef MONGOC_ENABLE_SASL
22 #include "mongoc-cluster-private.h"
23 #include "mongoc-log.h"
24 #include "mongoc-trace-private.h"
25 #include "mongoc-stream-private.h"
26 #include "mongoc-stream-socket.h"
27 #include "mongoc-error.h"
28 #include "mongoc-util-private.h"
29
30 #ifdef MONGOC_ENABLE_SASL_CYRUS
31 #include "mongoc-cluster-cyrus-private.h"
32 #endif
33 #ifdef MONGOC_ENABLE_SASL_SSPI
34 #include "mongoc-cluster-sspi-private.h"
35 #endif
36 #ifdef MONGOC_ENABLE_SASL_GSSAPI
37 #include "mongoc-cluster-gssapi-private.h"
38 #endif
39
40 void
_mongoc_cluster_build_sasl_start(bson_t * cmd,const char * mechanism,const char * buf,uint32_t buflen)41 _mongoc_cluster_build_sasl_start (bson_t *cmd,
42 const char *mechanism,
43 const char *buf,
44 uint32_t buflen)
45 {
46 BSON_APPEND_INT32 (cmd, "saslStart", 1);
47 BSON_APPEND_UTF8 (cmd, "mechanism", "GSSAPI");
48 bson_append_utf8 (cmd, "payload", 7, buf, buflen);
49 BSON_APPEND_INT32 (cmd, "autoAuthorize", 1);
50 }
51 void
_mongoc_cluster_build_sasl_continue(bson_t * cmd,int conv_id,const char * buf,uint32_t buflen)52 _mongoc_cluster_build_sasl_continue (bson_t *cmd,
53 int conv_id,
54 const char *buf,
55 uint32_t buflen)
56 {
57 BSON_APPEND_INT32 (cmd, "saslContinue", 1);
58 BSON_APPEND_INT32 (cmd, "conversationId", conv_id);
59 bson_append_utf8 (cmd, "payload", 7, buf, buflen);
60 }
61 int
_mongoc_cluster_get_conversation_id(const bson_t * reply)62 _mongoc_cluster_get_conversation_id (const bson_t *reply)
63 {
64 bson_iter_t iter;
65
66 if (bson_iter_init_find (&iter, reply, "conversationId") &&
67 BSON_ITER_HOLDS_INT32 (&iter)) {
68 return bson_iter_int32 (&iter);
69 }
70
71 return 0;
72 }
73
74 /*
75 *--------------------------------------------------------------------------
76 *
77 * _mongoc_cluster_auth_node_sasl --
78 *
79 * Perform authentication for a cluster node using SASL. This is
80 * only supported for GSSAPI at the moment.
81 *
82 * Returns:
83 * true if successful; otherwise false and @error is set.
84 *
85 * Side effects:
86 * error may be set.
87 *
88 *--------------------------------------------------------------------------
89 */
90
91 bool
_mongoc_cluster_auth_node_sasl(mongoc_cluster_t * cluster,mongoc_stream_t * stream,const char * hostname,bson_error_t * error)92 _mongoc_cluster_auth_node_sasl (mongoc_cluster_t *cluster,
93 mongoc_stream_t *stream,
94 const char *hostname,
95 bson_error_t *error)
96 {
97 #ifdef MONGOC_ENABLE_SASL_CYRUS
98 return _mongoc_cluster_auth_node_cyrus (cluster, stream, hostname, error);
99 #endif
100 #ifdef MONGOC_ENABLE_SASL_SSPI
101 return _mongoc_cluster_auth_node_sspi (cluster, stream, hostname, error);
102 #endif
103 #ifdef MONGOC_ENABLE_SASL_GSSAPI
104 return _mongoc_cluster_auth_node_gssapi (cluster, stream, hostname, error);
105 #endif
106 }
107 #endif
108