drill-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From laurentgo <...@git.apache.org>
Subject [GitHub] drill pull request #578: DRILL-4280: Kerberos Authentication
Date Mon, 31 Oct 2016 20:14:45 GMT
Github user laurentgo commented on a diff in the pull request:

    https://github.com/apache/drill/pull/578#discussion_r85798971
  
    --- Diff: contrib/native/client/src/clientlib/drillClientImpl.cpp ---
    @@ -1849,4 +2048,150 @@ void ZookeeperImpl:: debugPrint(){
         }
     }
     
    +typedef int (*sasl_callback_proc_t)(void); // see sasl_callback_ft
    +
    +static int SaslAuthenticatorImpl::userNameCallback(void *context, int id, const char
**result, unsigned *len) {
    +    const std::string* const username = (const std::string* const) context;
    +
    +    if ((SASL_CB_USER == id || SASL_CB_AUTHNAME == id)
    +        && username != NULL) {
    +        *result = username->c_str();
    +//        *len = (unsigned int) username->length();
    +    }
    +    return SASL_OK;
    +}
    +
    +static int SaslAuthenticatorImpl::passwordCallback(sasl_conn_t *conn, void *context,
int id, sasl_secret_t **psecret) {
    +    const SaslAuthenticatorImpl* const authenticator = (const SaslAuthenticatorImpl*
const) context;
    +
    +    if (SASL_CB_PASS == id) {
    +        const std::string password = authenticator->m_password;
    +        const size_t length = password.length();
    +        authenticator->m_secret->len = length;
    +        std::memcpy(authenticator->m_secret->data, password.c_str(), length);
    +        *psecret = authenticator->m_secret;
    +    }
    +   return SASL_OK;
    +}
    +
    +SaslAuthenticatorImpl::SaslAuthenticatorImpl(const DrillUserProperties* const properties)
:
    +    m_properties(properties), m_pConnection(NULL), m_secret(NULL), m_servicename(NULL),
m_servicehost(NULL) {
    +}
    +
    +SaslAuthenticatorImpl::~SaslAuthenticatorImpl() {
    +    if (m_secret) {
    +        free(m_secret);
    +    }
    +    // may be to use negotiated security layers before disposing in the future
    +    if (m_pConnection) {
    +        sasl_dispose(&m_pConnection);
    +    }
    +    m_pConnection = NULL;
    +}
    +
    +int SaslAuthenticatorImpl::init(std::vector<std::string> mechanisms,
    +                                std::string &chosenMech,
    +                                const char **out,
    +                                unsigned *outlen) {
    +    // set params
    +    std::string authMechanismToUse = NULL;
    +    for (size_t i = 0; i < m_properties->size(); i++) {
    +        const std::map<std::string, uint32_t>::const_iterator it =
    +                DrillUserProperties::USER_PROPERTIES.find(m_properties->keyAt(i));
    +        if (it == DrillUserProperties::USER_PROPERTIES.end()) {
    +            continue;
    +        }
    +        if (IS_BITSET((*it).second, USERPROP_FLAGS_USERNAME)) {
    +            DRILL_MT_LOG(DRILL_LOG(LOG_TRACE) << "Setting name" << std::endl;)
    +            m_username = m_properties->valueAt(i);
    +            continue;
    +        }
    +        if (IS_BITSET((*it).second, USERPROP_FLAGS_PASSWORD)) {
    +            DRILL_MT_LOG(DRILL_LOG(LOG_TRACE) << "Setting password" << std::endl;)
    +            m_password = m_properties->valueAt(i);
    +            m_secret = (sasl_secret_t *) malloc(sizeof(sasl_secret_t) + m_password.length());
    +            authMechanismToUse = "plain";
    +            continue;
    +        }
    +        if (IS_BITSET((*it).second, USERPROP_FLAGS_AUTH_MECHANISM)) {
    +            DRILL_MT_LOG(DRILL_LOG(LOG_TRACE) << "Setting service name" <<
std::endl;)
    +            authMechanismToUse = m_properties->valueAt(i);
    +            continue;
    +        }
    +        if (IS_BITSET((*it).second, USERPROP_FLAGS_SERVICE_NAME)) {
    +            DRILL_MT_LOG(DRILL_LOG(LOG_TRACE) << "Setting service name" <<
std::endl;)
    +            m_servicename = m_properties->valueAt(i);
    +            continue;
    +        }
    +        if (IS_BITSET((*it).second, USERPROP_FLAGS_SERVICE_HOST)) {
    +            DRILL_MT_LOG(DRILL_LOG(LOG_TRACE) << "Setting service host" <<
std::endl;)
    +            m_servicehost = m_properties->valueAt(i);
    +        }
    +    }
    +    if (authMechanismToUse == NULL) {
    +        return SASL_NOMECH;
    +    }
    +
    +    bool isSupportedByServer = false;
    +    for (size_t i = 0; i < mechanisms.size(); i++) {
    --- End diff --
    
    you can use the find function...


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---

Mime
View raw message