Re: [Perlgssapi-developer] Re: Feedback on LWP-Authen-Negotiate-0.02

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Achim Grolms wrote:
> On Friday 17 February 2006 07:50, Leif Johansson wrote:
>> Dax Kelson wrote:
>>
>> Are you talking about the variable reuse for $status? Imho it is
>> acceptable in this case since they both represent return-status
>> from different functions from the same library.
> 
> GSSAPI::Name->import()
> 
> can fail. throwing away the return value is not a good idea.
> 
> a reason for fail can just be a typo in DNS or /etc/hosts
> (GSSAPI is using DNS for resolution to canonical hostname).
> 
> the implementation does not print debugging information,
> that is a problen (just think of expired credentials).
> 
> 
> This is my implementation:
> 
> 
> 
> 
> 
> 
> package LWP::Authen::Negotiate;
> 
> use strict;
> use warnings;
> 
> require Exporter;
> use AutoLoader qw(AUTOLOAD);
> 
> our @ISA = qw(Exporter);
> 
> # Items to export into callers namespace by default. Note: do not export
> # names by default without a very good reason. Use EXPORT_OK instead.
> # Do not simply export all your public functions/methods/constants.
> 
> # This allows declaration use LWP::Authen::Negotiate ':all';
> # If you do not need this, moving things directly into @EXPORT or @EXPORT_OK
> # will save memory.
> our %EXPORT_TAGS = ( 'all' => [ qw(
> 
> ) ] );
> 
> our @EXPORT_OK = ( @{ $EXPORT_TAGS{'all'} } );
> 
> our @EXPORT = qw(
> 
> );
> 
> our $VERSION = '0.04';
> 
> 
> use MIME::Base64 "2.12";
> use GSSAPI 0.18;
> 
> 
> sub authenticate
>   {
>     LWP::Debug::debug("authenticate() called");
>     my ($class,$ua,$proxy,$auth_param,$response,$request,$arg,$size) = @_;
> 
>     my $uri = URI->new($request->uri);
>     my $targethost = $request->uri()->host();
> 
>     my ($otime,$omech,$otoken,$oflags);
>     my $target;
>     my $status;
>     TRY: {
>         $status  = GSSAPI::Name->import(
>                       $target,
>                       join( '@', 'HTTP', $targethost ),
>         GSSAPI::OID::gss_nt_hostbased_service
>    );
>         last TRY if  ( $status->major != GSS_S_COMPLETE );
>         my $tname;
>         $target->display( $tname );
>         LWP::Debug::debug("target hostname $targethost");
>         LWP::Debug::debug("GSSAPI servicename $tname");
>         my $auth_header = $proxy ? "Proxy-Authorization" : "Authorization";
> 
>         my $itoken = q{};
>         foreach ($response->header('WWW-Authenticate')) {
>           last if /^Negotiate (.+)/ && ($itoken=decode_base64($1));
>         }
> 
>         my $ctx = GSSAPI::Context->new();
>         my $imech = GSSAPI::OID::gss_mech_krb5;
>         #my $iflags = GSS_C_MUTUAL_FLAG;
>         my $iflags = GSS_C_REPLAY_FLAG;
>         my $bindings = GSS_C_NO_CHANNEL_BINDINGS;
>         my $creds = GSS_C_NO_CREDENTIAL;
>         my $itime = 0;
>  $status = $ctx->init($creds,$target,$imech,$iflags,$itime,$bindings,$itoken,
>                       $omech,$otoken,$oflags,$otime);
>         if  (    $status->major == GSS_S_COMPLETE
>        or $status->major == GSS_S_CONTINUE_NEEDED   ) {
>             LWP::Debug::debug( 'successfull $ctx->init()');
>      my $referral = $request->clone;
>      $referral->header( $auth_header => "Negotiate ".encode_base64
> ($otoken,""));
>      return $ua->request( $referral, $arg, $size, $response );
>  }
>     }
>     if ( $status->major != GSS_S_COMPLETE  ) {
>        LWP::Debug::debug( $status->generic_message());
>        LWP::Debug::debug( $status->specific_message() );
>        return $response;
>     }
> }
> 
> 1;
> __END__
> 
> 
> -------------------------------------------------------
> This SF.net email is sponsored by: Splunk Inc. Do you grep through log files
> for problems?  Stop!  Download the new AJAX search engine that makes
> searching your log files as easy as surfing the  web.  DOWNLOAD SPLUNK!
> http://sel.as-us.falkag.net/sel?cmd=lnk&kid=103432&bid=230486&dat=121642
> _______________________________________________
> Perlgssapi-developer mailing list
> Per...@li...
> https://lists.sourceforge.net/lists/listinfo/perlgssapi-developer

Can you send me a patch for that against my 0.03 I just uploaded?
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFD9amm8Jx8FtbMZncRAltIAJ0SvyI97ubE6Mv65FfJtlvOxq09/ACggUda
susubIG7RurlKDyGQ5Uc84U=
=8ZU+
-----END PGP SIGNATURE-----