| 638 | { } |
| 639 | |
| 640 | bool authenticate(PACKET* send, unsigned flags) |
| 641 | { |
| 642 | #ifdef DEV_BUILD |
| 643 | if (++hopsCount > 10) |
| 644 | #else |
| 645 | if (++hopsCount > 100) |
| 646 | #endif |
| 647 | { |
| 648 | (Arg::Gds(isc_login) << Arg::Gds(isc_auth_handshake_limit)).raise(); |
| 649 | } |
| 650 | |
| 651 | if (authPort->port_srv_auth_block->authCompleted()) |
| 652 | { |
| 653 | accept(send, &authPort->port_srv_auth_block->authBlockWriter); |
| 654 | return true; |
| 655 | } |
| 656 | |
| 657 | bool working = true; |
| 658 | LocalStatus ls; |
| 659 | CheckStatusWrapper st(&ls); |
| 660 | |
| 661 | authPort->port_srv_auth_block->createPluginsItr(); |
| 662 | authItr = authPort->port_srv_auth_block->plugins; |
| 663 | if (!authItr) |
| 664 | { |
| 665 | if (authPort->port_protocol >= PROTOCOL_VERSION13) |
| 666 | { |
| 667 | send->p_operation = op_cont_auth; |
| 668 | authPort->port_srv_auth_block->extractDataFromPluginTo(&send->p_auth_cont); |
| 669 | authPort->send(send); |
| 670 | memset(&send->p_auth_cont, 0, sizeof send->p_auth_cont); |
| 671 | return false; |
| 672 | } |
| 673 | } |
| 674 | |
| 675 | while (authItr && working && authItr->hasData()) |
| 676 | { |
| 677 | if (!authServer) |
| 678 | { |
| 679 | authServer = authItr->plugin(); |
| 680 | authPort->port_srv_auth_block->authBlockWriter.setPlugin(authItr->name()); |
| 681 | |
| 682 | if (authPort->getPortConfig()->getCryptSecurityDatabase() && |
| 683 | authPort->port_protocol >= PROTOCOL_VERSION15 && |
| 684 | authPort->port_server_crypt_callback) |
| 685 | { |
| 686 | authServer->setDbCryptCallback(&st, authPort->port_server_crypt_callback->getInterface()); |
| 687 | } |
| 688 | } |
| 689 | |
| 690 | // if we asked for more data but received nothing switch to next plugin |
| 691 | const bool forceNext = (flags & AUTH_CONTINUE) && |
| 692 | (!authPort->port_srv_auth_block->hasDataForPlugin()) && |
| 693 | (!authPort->port_srv_auth_block->authCompleted()); |
| 694 | |
| 695 | HANDSHAKE_DEBUG(fprintf(stderr, "Srv: authenticate: ServerAuth calls plug %s\n", |
| 696 | forceNext ? "forced-NEXT" : authItr->name())); |
| 697 | int authResult = forceNext ? IAuth::AUTH_CONTINUE : |
no test coverage detected