CDRIVER-2000 Implement user canonicalization

bjori · bjori · commit 426d233291b9 · 2017-01-25T11:12:38.000-08:00
diff --git a/src/mongoc/mongoc-cluster-sasl.c b/src/mongoc/mongoc-cluster-sasl.c
@@ -210,13 +210,15 @@ _mongoc_cluster_auth_node_sasl (mongoc_cluster_t *cluster,
 
       if (sasl.step == 1) {
          _mongoc_cluster_build_sasl_start (
-            &cmd, mechanism ? mechanism : "GSSAPI", (const char *)buf, buflen);
+            &cmd, mechanism ? mechanism : "GSSAPI", (const char *) buf, buflen);
       } else {
-         _mongoc_cluster_build_sasl_continue (&cmd, conv_id, (const char *)buf, buflen);
+         _mongoc_cluster_build_sasl_continue (
+            &cmd, conv_id, (const char *) buf, buflen);
       }
 
       TRACE ("SASL: authenticating (step %d)", sasl.step);
 
+      TRACE ("Sending: %s", bson_as_json (&cmd, NULL));
       if (!mongoc_cluster_run_command (cluster,
                                        stream,
                                        0,
@@ -225,10 +227,12 @@ _mongoc_cluster_auth_node_sasl (mongoc_cluster_t *cluster,
                                        &cmd,
                                        &reply,
                                        error)) {
+         TRACE ("Replied with: %s", bson_as_json (&reply, NULL));
          bson_destroy (&cmd);
          bson_destroy (&reply);
          goto failure;
       }
+      TRACE ("Replied with: %s", bson_as_json (&reply, NULL));
 
       bson_destroy (&cmd);
 
@@ -252,6 +256,7 @@ _mongoc_cluster_auth_node_sasl (mongoc_cluster_t *cluster,
       }
 
       tmpstr = bson_iter_utf8 (&iter, &buflen);
+      TRACE ("Got string: %s, (len=%" PRIu32 ")\n", tmpstr, buflen);
 
       if (buflen > sizeof buf) {
          bson_set_error (error,
diff --git a/src/mongoc/mongoc-sasl.c b/src/mongoc/mongoc-sasl.c
@@ -23,6 +23,7 @@
 #include "mongoc-error.h"
 #include "mongoc-sasl-private.h"
 #include "mongoc-util-private.h"
+#include "mongoc-trace-private.h"
 
 
 #ifndef SASL_CALLBACK_FN
@@ -70,6 +71,23 @@ _mongoc_sasl_set_pass (mongoc_sasl_t *sasl, const char *pass)
 }
 
 
+static int
+_mongoc_sasl_canon_user (sasl_conn_t *conn,
+                         void *context,
+                         const char *in,
+                         unsigned inlen,
+                         unsigned flags,
+                         const char *user_realm,
+                         char *out,
+                         unsigned out_max,
+                         unsigned *out_len)
+{
+   TRACE ("Canonicalizing %s (%" PRIu32 ")\n", in, inlen);
+   strcpy (out, in);
+   *out_len = inlen;
+   return SASL_OK;
+}
+
 static int
 _mongoc_sasl_get_user (mongoc_sasl_t *sasl,
                        int param_id,
@@ -185,6 +203,7 @@ _mongoc_sasl_init (mongoc_sasl_t *sasl)
       {SASL_CB_AUTHNAME, SASL_CALLBACK_FN (_mongoc_sasl_get_user), sasl},
       {SASL_CB_USER, SASL_CALLBACK_FN (_mongoc_sasl_get_user), sasl},
       {SASL_CB_PASS, SASL_CALLBACK_FN (_mongoc_sasl_get_pass), sasl},
+      {SASL_CB_CANON_USER, SASL_CALLBACK_FN (_mongoc_sasl_canon_user), sasl},
       {SASL_CB_LIST_END}};
 
    BSON_ASSERT (sasl);
@@ -352,6 +371,7 @@ _mongoc_sasl_step (mongoc_sasl_t *sasl,
    BSON_ASSERT (outbuf);
    BSON_ASSERT (outbuflen);
 
+   TRACE ("Running %d, inbuflen: %" PRIu32, sasl->step, inbuflen);
    sasl->step++;
 
    if (sasl->step == 1) {
@@ -364,11 +384,13 @@ _mongoc_sasl_step (mongoc_sasl_t *sasl,
       return false;
    }
 
+   TRACE ("Running %d, inbuflen: %" PRIu32, sasl->step, inbuflen);
    if (!inbuflen) {
       bson_set_error (error,
                       MONGOC_ERROR_SASL,
                       MONGOC_ERROR_CLIENT_AUTHENTICATE,
-                      "SASL Failure: no payload provided from server.");
+                      "SASL Failure: no payload provided from server: %s",
+                      sasl_errdetail (sasl->conn));
       return false;
    }
 
