def make_verf(self, data): """Verifier sent with each RPC call 'data' is packed header upto and including cred """ if self.init: return self._none else: token = self.gss_context.get_signature(data) return opaque_auth(RPCSEC_GSS, token)
def make_verf(self, data): """Verifier sent with each RPC call 'data' is packed header upto and including cred """ if self.init: return self._none else: d = gssapi.getMIC(self.gss_context, data) major = d['major'] if major != gssapi.GSS_S_COMPLETE: raise SecError, "gssapi.getMIC returned: %s" % \ show_major(major) return opaque_auth(RPCSEC_GSS, d['token'])
def make_cred(self): """Credential sent with each RPC call""" if self.init == 1: # first call in context creation cred = self._make_cred_gss('', rpc_gss_svc_none, RPCSEC_GSS_INIT) elif self.init > 1: # subsequent calls in context creation cred = self._make_cred_gss('', rpc_gss_svc_none, RPCSEC_GSS_CONTINUE_INIT) else: # data transfer calls self.lock.acquire() self.gss_seq_num += 1 # FRED - check for overflow self.lock.release() cred = self._make_cred_gss(self.gss_handle, self.service, seq=self.gss_seq_num) return opaque_auth(RPCSEC_GSS, cred)
def make_verf(self, data): """Verifier sent with each RPC call 'data' is packed header upto and including cred """ if self.init: return self._none else: d = gssapi.getMIC(self.gss_context, data) major = d['major'] if major != gssapi.GSS_S_COMPLETE: raise SecError("gssapi.getMIC returned: %s" % \ show_major(major)) return opaque_auth(RPCSEC_GSS, d['token'])
class SecFlavor(object): _none = opaque_auth(AUTH_NONE, b'') def initialize(self, client): pass def secure_data(self, data, cred): """Add any security info/encryption to procedure arg/res 'data' is the data stream that would be sent if there were no security 'cred' is the opaque_auth structure that will be sent in header """ return data def unsecure_data(self, data, cred): """Remove any security cruft from procedure arg/res 'data' is the received security wrapped data stream 'cred' is the opaque_auth structure received in header """ return data def make_cred(self): """Credential sent with each RPC call""" return self._none def make_verf(self, data): """Verifier sent with each RPC call 'data' is packed header upto and including cred """ return self._none def make_reply_verf(self, cred, stat): """Verifier sent by server with each RPC reply""" return self._none def get_owner(self): """Return uid""" return 0 def get_group(self): """Return gid""" return 0 def check_verf(self, rverf, cred): """Raise error if there is a problem with reply verifier""" pass
def make_reply_verf(self, cred, stat): cred = self._gss_cred_from_opaque_auth(cred) i = None if stat: # Return trivial verf on error return self._none elif cred.gss_proc != RPCSEC_GSS_DATA: # STUB - init requires getMIC(seq_window) i = WINDOWSIZE else: # Else return getMIC(cred.seq_num) i = cred.seq_num p = self.getpacker() p.reset() p.pack_uint(i) d = gssapi.getMIC(self.gss_context, p.get_buffer()) if d['major'] != gssapi.GSS_S_COMPLETE: raise SecError("gssapi.getMIC returned: %s" % \ show_major(d['major'])) return opaque_auth(RPCSEC_GSS, d['token'])
class SecFlavor(object): _none = opaque_auth(AUTH_NONE, '') def initialize(self, client): pass def secure_data(self, data, seqnum): """Filter procedure arguments before sending to server""" return data def unsecure_data(self, data, seqnum): """Filter procedure results received from server""" return data def make_cred(self): """Credential and seqnum sent with each RPC call""" return self._none, None def make_verf(self, data): """Verifier sent with each RPC call 'data' is packed header upto and including cred """ return self._none def make_reply_verf(self, data): """Verifier sent by server with each RPC reply""" # FRED - currently data is always '' return self._none def get_owner(self): """Return uid""" return 0 def get_group(self): """Return gid""" return 0
def make_cred(self): return opaque_auth(AUTH_SYS, self.cred)
def make_cred(self): return opaque_auth(AUTH_SYS, self.cred), None