()
| 1458 | } |
| 1459 | |
| 1460 | func (b *Broker) authenticateViaSASLv1() error { |
| 1461 | metricRegistry := b.metricRegistry |
| 1462 | if b.conf.Net.SASL.Handshake { |
| 1463 | handshakeRequest := &SaslHandshakeRequest{Mechanism: string(b.conf.Net.SASL.Mechanism), Version: b.conf.Net.SASL.Version} |
| 1464 | handshakeResponse := new(SaslHandshakeResponse) |
| 1465 | prom := makeResponsePromise(handshakeResponse) |
| 1466 | |
| 1467 | handshakeErr := b.sendInternal(handshakeRequest, prom) |
| 1468 | if handshakeErr != nil { |
| 1469 | Logger.Printf("Error while performing SASL handshake %s: %s\n", b.addr, handshakeErr) |
| 1470 | return handshakeErr |
| 1471 | } |
| 1472 | handshakeErr = handleResponsePromise(handshakeRequest, handshakeResponse, prom, metricRegistry) |
| 1473 | if handshakeErr != nil { |
| 1474 | Logger.Printf("Error while handling SASL handshake response %s: %s\n", b.addr, handshakeErr) |
| 1475 | return handshakeErr |
| 1476 | } |
| 1477 | |
| 1478 | if !errors.Is(handshakeResponse.Err, ErrNoError) { |
| 1479 | return handshakeResponse.Err |
| 1480 | } |
| 1481 | } |
| 1482 | |
| 1483 | authSendReceiver := func(authBytes []byte) (*SaslAuthenticateResponse, error) { |
| 1484 | authenticateRequest := b.createSaslAuthenticateRequest(authBytes) |
| 1485 | authenticateResponse := new(SaslAuthenticateResponse) |
| 1486 | prom := makeResponsePromise(authenticateResponse) |
| 1487 | authErr := b.sendInternal(authenticateRequest, prom) |
| 1488 | if authErr != nil { |
| 1489 | Logger.Printf("Error while performing SASL Auth %s\n", b.addr) |
| 1490 | return nil, authErr |
| 1491 | } |
| 1492 | authErr = handleResponsePromise(authenticateRequest, authenticateResponse, prom, metricRegistry) |
| 1493 | if authErr != nil { |
| 1494 | Logger.Printf("Error while performing SASL Auth %s: %s\n", b.addr, authErr) |
| 1495 | return nil, authErr |
| 1496 | } |
| 1497 | |
| 1498 | if !errors.Is(authenticateResponse.Err, ErrNoError) { |
| 1499 | var err error = authenticateResponse.Err |
| 1500 | if authenticateResponse.ErrorMessage != nil { |
| 1501 | err = Wrap(authenticateResponse.Err, errors.New(*authenticateResponse.ErrorMessage)) |
| 1502 | } |
| 1503 | return nil, err |
| 1504 | } |
| 1505 | |
| 1506 | b.computeSaslSessionLifetime(authenticateResponse) |
| 1507 | return authenticateResponse, nil |
| 1508 | } |
| 1509 | |
| 1510 | switch b.conf.Net.SASL.Mechanism { |
| 1511 | case SASLTypeGSSAPI: |
| 1512 | b.kerberosAuthenticator.Config = &b.conf.Net.SASL.GSSAPI |
| 1513 | if b.kerberosAuthenticator.NewKerberosClientFunc == nil { |
| 1514 | b.kerberosAuthenticator.NewKerberosClientFunc = NewKerberosClient |
| 1515 | } |
| 1516 | return b.kerberosAuthenticator.AuthorizeV2(b, authSendReceiver) |
| 1517 | case SASLTypeOAuth: |
no test coverage detected