Update from trunk r1375509 through r1450773asyncstore

git-svn-id: https://svn.apache.org/repos/asf/qpid/branches/asyncstore@1451244 13f79535-47bb-0310-9956-ffa450edef68

1 files changed, 157 insertions, 0 deletions

diff --git a/cpp/src/qpid/messaging/amqp/Sasl.cpp b/cpp/src/qpid/messaging/amqp/Sasl.cpp
new file mode 100644
index 0000000000..a8bae1adda
--- /dev/null
+++ b/cpp/src/qpid/messaging/amqp/Sasl.cpp
@@ -0,0 +1,157 @@
+/*
+ *
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+#include "ConnectionContext.h"
+#include "qpid/messaging/amqp/Sasl.h"
+#include "qpid/messaging/exceptions.h"
+#include "qpid/sys/SecurityLayer.h"
+#include "qpid/log/Statement.h"
+#include "qpid/Sasl.h"
+#include "qpid/SaslFactory.h"
+#include "qpid/StringUtils.h"
+#include <sstream>
+
+namespace qpid {
+namespace messaging {
+namespace amqp {
+
+Sasl::Sasl(const std::string& id, ConnectionContext& c, const std::string& hostname_)
+    : qpid::amqp::SaslClient(id), context(c),
+      sasl(qpid::SaslFactory::getInstance().create(c.username, c.password, c.service, hostname_, c.minSsf, c.maxSsf, false)),
+      hostname(hostname_), readHeader(true), writeHeader(true), haveOutput(false), state(NONE) {}
+
+std::size_t Sasl::decode(const char* buffer, std::size_t size)
+{
+    size_t decoded = 0;
+    if (readHeader) {
+        decoded += readProtocolHeader(buffer, size);
+        readHeader = !decoded;
+    }
+    if (state == NONE && decoded < size) {
+        decoded += read(buffer + decoded, size - decoded);
+    }
+    QPID_LOG(trace, id << " Sasl::decode(" << size << "): " << decoded);
+    return decoded;
+}
+
+std::size_t Sasl::encode(char* buffer, std::size_t size)
+{
+    size_t encoded = 0;
+    if (writeHeader) {
+         encoded += writeProtocolHeader(buffer, size);
+         writeHeader = !encoded;
+    }
+    if (encoded < size) {
+        encoded += write(buffer + encoded, size - encoded);
+    }
+    haveOutput = (encoded == size);
+    QPID_LOG(trace, id << " Sasl::encode(" << size << "): " << encoded);
+    return encoded;
+}
+
+bool Sasl::canEncode()
+{
+    QPID_LOG(trace, id << " Sasl::canEncode(): " << writeHeader << " || " << haveOutput);
+    return writeHeader || haveOutput;
+}
+
+void Sasl::mechanisms(const std::string& offered)
+{
+    QPID_LOG_CAT(debug, protocol, id << " Received SASL-MECHANISMS(" << offered << ")");
+    std::string response;
+
+    std::string mechanisms;
+    if (context.mechanism.size()) {
+        std::vector<std::string> allowed = split(context.mechanism, " ");
+        std::vector<std::string> supported = split(offered, " ");
+        std::stringstream intersection;
+        for (std::vector<std::string>::const_iterator i = allowed.begin(); i != allowed.end(); ++i) {
+            if (std::find(supported.begin(), supported.end(), *i) != supported.end()) {
+                intersection << *i << " ";
+            }
+        }
+        mechanisms = intersection.str();
+    } else {
+        mechanisms = offered;
+    }
+
+    if (sasl->start(mechanisms, response)) {
+        init(sasl->getMechanism(), &response, hostname.size() ? &hostname : 0);
+    } else {
+        init(sasl->getMechanism(), 0, hostname.size() ? &hostname : 0);
+    }
+    haveOutput = true;
+    context.activateOutput();
+}
+void Sasl::challenge(const std::string& challenge)
+{
+    QPID_LOG_CAT(debug, protocol, id << " Received SASL-CHALLENGE(" << challenge.size() << " bytes)");
+    std::string r = sasl->step(challenge);
+    response(&r);
+    haveOutput = true;
+    context.activateOutput();
+}
+namespace {
+const std::string EMPTY;
+}
+void Sasl::challenge()
+{
+    QPID_LOG_CAT(debug, protocol, id << " Received SASL-CHALLENGE(null)");
+    std::string r = sasl->step(EMPTY);
+    response(&r);
+}
+void Sasl::outcome(uint8_t result, const std::string& extra)
+{
+    QPID_LOG_CAT(debug, protocol, id << " Received SASL-OUTCOME(" << result << ", " << extra << ")");
+    outcome(result);
+}
+void Sasl::outcome(uint8_t result)
+{
+    QPID_LOG_CAT(debug, protocol, id << " Received SASL-OUTCOME(" << result << ")");
+    if (result) state = FAILED;
+    else state = SUCCEEDED;
+
+    securityLayer = sasl->getSecurityLayer(context.maxFrameSize);
+    if (securityLayer.get()) {
+        securityLayer->init(&context);
+    }
+    context.activateOutput();
+}
+
+qpid::sys::Codec* Sasl::getSecurityLayer()
+{
+    return securityLayer.get();
+}
+
+bool Sasl::authenticated()
+{
+    switch (state) {
+      case SUCCEEDED: return true;
+      case FAILED: throw qpid::messaging::UnauthorizedAccess("Failed to authenticate");
+      case NONE: default: return false;
+    }
+}
+
+std::string Sasl::getAuthenticatedUsername()
+{
+    return sasl->getUserId();
+}
+
+}}} // namespace qpid::messaging::amqp