pax_global_header00006660000000000000000000000064145565116340014524gustar00rootroot0000000000000052 comment=de85a6b3d8f08f8fa5be4fc86f5999016a860b78 libgssglue-0.9/000077500000000000000000000000001455651163400135345ustar00rootroot00000000000000libgssglue-0.9/.gitignore000066400000000000000000000011201455651163400155160ustar00rootroot00000000000000*.lo *.o *~ .deps/ .libs/ /ChangeLog /INSTALL /Makefile /Makefile.in /TAGS /aclocal.m4 /autom4te.cache/ /build-aux/ /compile /config.guess /config.log /config.status /config.sub /configure /depcomp /install-sh /libgssglue-*.tar.gz /libgssglue.pc /libtool /ltmain.sh /m4/libtool.m4 /m4/ltoptions.m4 /m4/ltsugar.m4 /m4/ltversion.m4 /m4/lt~obsolete.m4 /missing /src/Makefile /src/Makefile.in /src/TAGS /src/gssglue/config.h /src/gssglue/config.h.in /src/gssglue/gssapi/gssapi.h /src/gssglue/stamp-h1 /src/libgssglue.la /tests/*.log /tests/*.trs /tests/Makefile /tests/Makefile.in /tests/generic libgssglue-0.9/.gitlab-ci.yml000066400000000000000000000271151455651163400161760ustar00rootroot00000000000000# Copyright (c) 2022-2023 Simon Josefsson. # # Redistribution and use in source and binary forms, with or without # modification, are permitted provided that the following conditions # are met: # # 1. Redistributions of source code must retain the above copyright # notice, this list of conditions and the following disclaimer. # # 2. Redistributions in binary form must reproduce the above # copyright notice, this list of conditions and the following # disclaimer in the documentation and/or other materials provided # with the distribution. # # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS # "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT # LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS # FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE # COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, # INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, # BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; # LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER # CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT # LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN # ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE # POSSIBILITY OF SUCH DAMAGE. # # SPDX-License-Identifier: BSD-2-Clause default: interruptible: true artifacts: when: always paths: - "*.tar.gz" - ./*.log - ./config.h - ./**/*.log .bootstrap: script: - ./bootstrap .tarball: stage: test script: - tar xfa libgssglue-*.tar.gz - cd `ls -d libgssglue-* | grep -v tar.gz` .localchecks: script: - cc -o a tests/generic.c -Isrc/gssglue src/.libs/libgssglue.a -ldl - ./a - cc -o b tests/generic.c -Isrc/gssglue src/.libs/libgssglue.so -ldl - LD_PRELOAD=src/.libs/libgssglue.so ./b - make install - cc -o c tests/generic.c -I/usr/local/include/gssglue -L/usr/local/lib -Wl,-rpath,/usr/local/lib -lgssglue -ldl - ./c CentOS7: stage: build image: centos:7 before_script: - yum update -y | tail - yum -y install make gcc autoconf automake libtool | tail script: - !reference [.bootstrap, script] - ./configure - make check V=1 VERBOSE=t CPPFLAGS="-Wall" - make distcheck V=1 - !reference [.localchecks, script] Debian11: stage: build image: debian:11-slim before_script: - apt-get update -qq | tail - env DEBIAN_FRONTEND=noninteractive apt-get install -y -qq autoconf automake libtool make git valgrind | tail script: - !reference [.bootstrap, script] - ./configure - make check V=1 VERBOSE=t CPPFLAGS="-Wall -Werror" - make distcheck V=1 - make check LOG_COMPILER="valgrind --error-exitcode=1 --leak-check=full" - !reference [.localchecks, script] - git diff --exit-code # nothing should change version controlled files Trisquel11: stage: build image: kpengboy/trisquel:11.0 before_script: - apt-get update -qq | tail - env DEBIAN_FRONTEND=noninteractive apt-get install -y -qq autoconf automake libtool make git valgrind | tail script: - !reference [.bootstrap, script] - ./configure - make check V=1 VERBOSE=t CPPFLAGS="-Wall -Werror" - make distcheck V=1 - make check LOG_COMPILER="valgrind --error-exitcode=1 --leak-check=full" - !reference [.localchecks, script] - git diff --exit-code # nothing should change version controlled files Ubuntu-rolling: stage: build image: ubuntu:rolling before_script: - apt-get update -qq | tail - env DEBIAN_FRONTEND=noninteractive apt-get install -y -qq autoconf automake libtool make git valgrind indent | tail script: - !reference [.bootstrap, script] - ./configure - make check V=1 VERBOSE=t CPPFLAGS="-Wall -Werror" - make distcheck V=1 - make check LOG_COMPILER="valgrind --error-exitcode=1 --leak-check=full" - !reference [.localchecks, script] - make indent - git diff --exit-code # nothing should change version controlled files Gentoo: stage: build image: gentoo/stage3 script: - !reference [.bootstrap, script] - ./configure - make check V=1 VERBOSE=t CPPFLAGS="-Wall -Werror" - make distcheck V=1 - !reference [.localchecks, script] # https://docs.gitlab.com/ee/user/application_security/sast/ sast: stage: build include: - template: Security/SAST.gitlab-ci.yml # https://clang.llvm.org/docs/AddressSanitizer.html # https://github.com/google/sanitizers/wiki/AddressSanitizer # https://clang.llvm.org/docs/UndefinedBehaviorSanitizer.html # https://clang.llvm.org/docs/LeakSanitizer.html # https://github.com/google/sanitizers/wiki/AddressSanitizerLeakSanitizer # https://github.com/google/sanitizers/wiki/AddressSanitizerFlags Fedora39-clang-ASan-UBSan: image: fedora:39 stage: build interruptible: true before_script: - dnf update -y | tail - dnf -y install make clang autoconf automake libtool git indent | tail script: - ./bootstrap - ./configure CC=clang CFLAGS="-g -O1 -fsanitize=undefined -fsanitize=address -fsanitize-address-use-after-scope -fno-sanitize-recover=undefined -fno-omit-frame-pointer -fno-optimize-sibling-calls" - ASAN_OPTIONS=detect_stack_use_after_return=1:check_initialization_order=1:strict_init_order=1 make check VERBOSE=t V=1 - make indent - git diff --exit-code # nothing should change version controlled files # https://www.synopsys.com/blogs/software-security/integrating-coverity-scan-with-gitlab-ci/ Coverity: stage: build image: debian:11-slim only: refs: - master - coverity allow_failure: true interruptible: true before_script: - apt-get update -qq | tail - env DEBIAN_FRONTEND=noninteractive apt-get install -y -qq autoconf automake libtool make git curl | tail script: - test -n "$COVERITY_SCAN_TOKEN" && test -n "$COVERITY_SCAN_PROJECT_NAME" - curl -o /tmp/cov-analysis-linux64.tgz https://scan.coverity.com/download/linux64 --form project=$COVERITY_SCAN_PROJECT_NAME --form token=$COVERITY_SCAN_TOKEN - sha1sum /tmp/cov-analysis-linux64.tgz - tar xfz /tmp/cov-analysis-linux64.tgz - time ./bootstrap - time ./configure CFLAGS="-g -Og" - cov-analysis-linux64-*/bin/cov-build --dir cov-int make check -j$(nproc) - tar cfz cov-int.tar.gz cov-int - curl https://scan.coverity.com/builds?project=$COVERITY_SCAN_PROJECT_NAME --form token=$COVERITY_SCAN_TOKEN --form email=$GITLAB_USER_EMAIL --form file=@cov-int.tar.gz --form version="`git describe --tags`" --form description="`git describe --tags` / $CI_COMMIT_TITLE / $CI_COMMIT_REF_NAME:$CI_PIPELINE_ID" artifacts: expire_in: 1 week paths: - cov-int/*.txt # https://docs.gitlab.com/ee/ci/runners/saas/macos/environment.html macOs12Xcode14: when: manual allow_failure: true stage: build image: macos-12-xcode-14 tags: [ saas-macos-medium-m1 ] before_script: - env HOMEBREW_NO_AUTO_UPDATE=1 HOMEBREW_NO_INSTALL_UPGRADE=1 HOMEBREW_NO_INSTALL_CLEANUP=1 HOMEBREW_NO_INSTALLED_DEPENDENTS_CHECK=1 brew install autoconf automake libtool script: - !reference [.bootstrap, script] - ./configure - make check V=1 VERBOSE=t CPPFLAGS="-Wall" - make distcheck V=1 - !reference [.localchecks, script] macOs13Xcode14: when: manual allow_failure: true stage: build image: macos-13-xcode-14 tags: [ saas-macos-medium-m1 ] before_script: - env HOMEBREW_NO_AUTO_UPDATE=1 HOMEBREW_NO_INSTALL_UPGRADE=1 HOMEBREW_NO_INSTALL_CLEANUP=1 HOMEBREW_NO_INSTALLED_DEPENDENTS_CHECK=1 brew install autoconf automake libtool script: - !reference [.bootstrap, script] - ./configure - make check V=1 VERBOSE=t CPPFLAGS="-Wall" - make distcheck V=1 - !reference [.localchecks, script] AlmaLinux8: extends: .tarball image: almalinux:8 needs: [Trisquel11] before_script: - yum -y install make gcc | tail script: - !reference [.tarball, script] - ./configure - make check V=1 VERBOSE=t CPPFLAGS="-Wall -Werror" - make distcheck V=1 - !reference [.localchecks, script] Ubuntu2204: extends: .tarball image: ubuntu:22.04 needs: [Trisquel11] before_script: - apt-get update -qq | tail - env DEBIAN_FRONTEND=noninteractive apt-get install -y -qq make gcc | tail script: - !reference [.tarball, script] - ./configure - make check V=1 VERBOSE=t CPPFLAGS="-Wall -Werror" - make distcheck V=1 - !reference [.localchecks, script] ArchLinux-tcc: extends: .tarball image: archlinux:latest needs: [Trisquel11] before_script: - pacman -Syu --noconfirm make tcc binutils | tail script: - !reference [.tarball, script] - ./configure CC=tcc - make check V=1 VERBOSE=t CPPFLAGS="-Wall" - make distcheck V=1 DISTCHECK_CONFIGURE_FLAGS='CC=tcc' - tcc -o a tests/generic.c -Isrc/gssglue src/.libs/libgssglue.a -ldl - ./a - tcc -o b tests/generic.c -Isrc/gssglue src/.libs/libgssglue.so -ldl - LD_PRELOAD=src/.libs/libgssglue.so ./b - make install - tcc -o c tests/generic.c -I/usr/local/include/gssglue -L/usr/local/lib -Wl,-rpath,/usr/local/lib -lgssglue -ldl - ./c Fedora39-clang: extends: .tarball image: fedora:36 needs: [Trisquel11] before_script: - dnf -y install make clang | tail script: - !reference [.tarball, script] - ./configure CC=clang - make check V=1 VERBOSE=t CPPFLAGS="-Wall -Werror" - make distcheck V=1 DISTCHECK_CONFIGURE_FLAGS='CC=clang' - clang -o a tests/generic.c -Isrc/gssglue src/.libs/libgssglue.a -ldl - ./a - clang -o b tests/generic.c -Isrc/gssglue src/.libs/libgssglue.so -ldl - LD_PRELOAD=src/.libs/libgssglue.so ./b - make install - clang -o c tests/generic.c -I/usr/local/include/gssglue -L/usr/local/lib -Wl,-rpath,/usr/local/lib -lgssglue -ldl - ./c Mingw32: when: manual allow_failure: true extends: .tarball image: debian:12-slim needs: [Trisquel11] before_script: - dpkg --add-architecture i386 - apt-get update -qq - env DEBIAN_FRONTEND=noninteractive apt-get install -y -qq make mingw-w64 wine wine32 wine64 libwine libwine:i386 binfmt-support wine-binfmt - update-binfmts --enable wine script: - !reference [.tarball, script] - ./configure --host=i686-w64-mingw32 CC='i686-w64-mingw32-gcc -static-libgcc' - make check V=1 VERBOSE=t B-gcc: extends: .tarball image: gcc:latest needs: [Trisquel11] before_script: - gcc --version script: - !reference [.tarball, script] - ./configure CC="/usr/local/bin/gcc -std=gnu2x" - make check V=1 VERBOSE=t CPPFLAGS="-Wall -Werror" - make distcheck V=1 - !reference [.localchecks, script] B-clang: extends: .tarball image: silkeh/clang:latest needs: [Trisquel11] before_script: - clang --version script: - !reference [.tarball, script] - ./configure CC="clang -std=gnu2x" - make check V=1 VERBOSE=t CPPFLAGS="-Wall -Werror" - make distcheck V=1 DISTCHECK_CONFIGURE_FLAGS='CC=clang' - !reference [.localchecks, script] D12-coverage: stage: build image: debian:12-slim stage: build before_script: - apt-get update -qq | tail - env DEBIAN_FRONTEND=noninteractive apt-get install -y -qq autoconf automake libtool make git lcov | tail script: - ./bootstrap - ./configure - lcov --directory . --zerocounters - make check CFLAGS="-g --coverage" VERBOSE=t - mkdir -p coverage - lcov --directory . --output-file coverage/libgssglue.info --capture - genhtml --output-directory coverage coverage/libgssglue.info --highlight --frames --legend --title "Libgssglue" - git diff --exit-code # nothing should change version controlled files artifacts: when: on_success paths: - coverage .pages: stage: deploy needs: ["D12-coverage"] script: - mkdir public - mv coverage/ public/ artifacts: paths: - public expire_in: 30 days pages: extends: .pages only: - master pages-test: extends: .pages except: - master libgssglue-0.9/AUTHORS000066400000000000000000000001451455651163400146040ustar00rootroot00000000000000Kevin W. Coffman, based on code from Sun Microsystems distributed with the MIT Kerberos distribution libgssglue-0.9/COPYING000066400000000000000000000076761455651163400146070ustar00rootroot00000000000000libgssapi is copyright 2006 The Regents of the University of Michigan, and based on code from Sun Microsystems and the Massachusetts Institute of Technology; see licenses on individual files (summarized below). University of Michigan code is copyright 2006, and provided under the following license: Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 3. Neither the name of the University nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. Code from Sun Microsystems is copyright 1996, available under the following license: Permission to use, copy, modify, distribute, and sell this software and its documentation for any purpose is hereby granted without fee, provided that the above copyright notice appears in all copies and that both that copyright notice and this permission notice appear in supporting documentation, and that the name of Sun Microsystems not be used in advertising or publicity pertaining to distribution of the software without specific, written prior permission. Sun Microsystems makes no representations about the suitability of this software for any purpose. It is provided "as is" without express or implied warranty. SUN MICROSYSTEMS DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO EVENT SHALL SUN MICROSYSTEMS BE LIABLE FOR ANY SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. Code from the Massachusetts Institute of Technology is Copyright 1995, available under the following license: Export of this software from the United States of America may require a specific license from the United States Government. It is the responsibility of any person or organization contemplating export to obtain such a license before exporting. WITHIN THAT CONSTRAINT, permission to use, copy, modify, and distribute this software and its documentation for any purpose and without fee is hereby granted, provided that the above copyright notice appear in all copies and that both that copyright notice and this permission notice appear in supporting documentation, and that the name of M.I.T. not be used in advertising or publicity pertaining to distribution of the software without specific, written prior permission. Furthermore if you modify this software you must label your software as modified software and not distribute it in such a fashion that it might be confused with the original M.I.T. software. M.I.T. makes no representations about the suitability of this software for any purpose. It is provided "as is" without express or implied warranty. libgssglue-0.9/Makefile.am000066400000000000000000000005671455651163400156000ustar00rootroot00000000000000SUBDIRS= src tests EXTRA_DIST = doc/gssapi_mech.conf dist-hook: rm -f $(distdir)/src/gssglue/gssapi/gssapi.h pkgconfigdir=$(libdir)/pkgconfig pkgconfig_DATA = libgssglue.pc indent_sources = src/*.c src/*.h src/gssglue/gssapi/gssapi.h.in tests/*.c indent: indent --original $(indent_sources) indent --original $(indent_sources) perl -pi -e 's/ $$//' $(indent_sources) libgssglue-0.9/NEWS000066400000000000000000000121131455651163400142310ustar00rootroot00000000000000202x-yy-zz: Release 0.9 Changes since libgssglue-0.8: - Some fixes to silence coverity. 2023-12-05: jas Release 0.8 Changes since libgssglue-0.7: - Fix compiler warnings about incompatible pointer types. - Drop K&R-style declarations in *.c. - Fix buffer copying in gss_canonicalize_name. - Improved CI/CD test coverage. 2022-08-16: jas Release 0.7 Changes since libgssglue-0.6: - Fix libgssapi_krb5.so.2 path in doc/gssapi_mech.conf. - Cleanups and code indentation. 2022-08-15: jas Release 0.6 Changes since libgssglue-0.5: - Add self-checks (to be improved). - Example doc/gssapi_mech.conf works on multiarch. - Cleanups and compiler warning fixes. 2022-07-12: jas Release 0.5 Changes since libgssglue-0.4: - Move development to GitLab https://gitlab.com/gsasl/libgssglue - Modernize and cleanup build environment. 2012-05-08: kwc Release 0.4 Changes since libgssglue-0.3: - Fix for CVE-2011-2709 Patch from Marcus Meissner Note: Although https://bugzilla.novell.com/show_bug.cgi?id=694598 mentions mount.nfs, libgssglue is not used by mount.nfs. 2011-06-22: kwc Release 0.3 Changes since libgssglue-0.2: - Add new typedefs defined in RFC 5587 and used in newer versions of MIT Kerberos. Fixes a commpile error in nfs-utils which uses gssapi.h from this package and other gss headers from the Kerberos distribution. 2011-03-16: kwc Release 0.2 Changes since libgssglue-0.1: - Modify the gss_acquire_cred() code to accept, and properly handle, an input name of GSS_C_NO_NAME. Other misc. changes to support this change. - Remove some generated files from git. Change autogen.sh to clean up files that might become outdated and incompatible. 2007-09-04: kwc Release 0.1 (of libgssglue) * **************************************** ***** RENAME library to libgssglue ***** **************************************** * Rename library from libgssapi to libgssglue to resolve conflicts with Heimdal and MIT libraries named libgssapi. * Patch from Luke Howard to allow application to continue to "function" even if no mechanisms are correctly configured. 2007-04-20: kwc Release 0.11 Changes since libgssapi-0.10: - Add glue routine for gss_krb5_ccache_name. Needed to work with Heimdal. (Need Heimdal 0.8.1 or later which has versioned symbols, which prevents glue functions from calling the wrong function.) 2006-06-22: kwc Release 0.10 Changes since libgssapi-0.9: - Add symbol versioning script and use it when linking the library. This allows us to use the gss_* symbols from MIT gssapi_krb5 libraries without namespace collision problems. This is required for use with MIT release 1.5 which no longer exports the krb5_gss_* symbols. (In addition, this should also allow us to work with Heimdal. Currently untested.) - Remove code that tries to get symbols with names krb5_gss_*. - Open dynamic libraries with RTLD_LOCAL 2006-04-08: kwc Release 0.9 Changes since libgssapi-0.8: - Correct declaration and implementation of gss_export_lucid_sec_context(). This results in an interface change. The soname is updated to reflect this. 2006-04-01: kwc Release 0.8 Changes since librpcsecgss-0.7: - Memory leak: free union_name in gss_acquire_cred if it was allocated there. - Don't exit() the application if initialization fails, just fail the operation. - Add glue routines for gss_canonicalize_name and gss_export_name - Make "first-class" routines for gss_get_mic, gss_verify_mic, gss_wrap, and gss_unwrap - Clean up some clutter of unused #ifde'd code - Patch from Timo Aaltonen for Debian packaging. - Change union_name definition such that external_name is a gss_buffer_desc rather than gss_buffer_t. Eliminates unnecessary malloc'ing and freeing. 2005-12-16: kwc Release 0.7 Changes since librpcsecgss-0.6: - A patch from Olaf Kirch to gss_inquire_cred() to remove a potential problem of an uninitialized variable and to return an error if generic_gss_copy_oid() fails. - Revert a bad change made to gss_free_lucid_sec_context(). - Clean up some compiler warnings 2005-12-07: kwc Release 0.6 Changes since librpcsecgss-0.5: - Generate gssapi.h using system information - Install gssapi.h in addition to the library (Currently installed in ${prefix}include/gssglue/gssapi/gssapi.h) - Add pkg-config support so that other packages can find and use the header and library. The pkgconfig information is installed by default in /usr/local/lib/pkgconfig which is not searched by dedault by pkg-config. - Consolidate initialization code so the same code can be used for MIT or Heimdal Kerberos w/o requiring configure-time information of which is installed 2005-05-02: kwc - More configuration cleanup - Remove hard-coded values from gssapi.h and use autoconf to get the right values for the machine - Building from a CVS checkout now requires that you run autoheader to generarte config.h.in 2005-03-02: kwc - Fix configuration issue. - Remove gss_release_oid() from glue layer. 2004-10-20: started libgssglue-0.9/README000077700000000000000000000000001455651163400156662README.mdustar00rootroot00000000000000libgssglue-0.9/README.md000066400000000000000000000027151455651163400150200ustar00rootroot00000000000000# Libgssglue Libgssglue provides a GSS-API library, but does not implement any mechanisms itself; instead it calls routines in other libraries, depending on the mechanism and system configuration. Libgssglue requires C99 (stdint.h etc) and POSIX (sys/types.h, unistd.h etc) and should work on all modern Unix-like platforms. Libgssglue is licensed under a BSD-3-clause license, see [COPYING](COPYING). # Building See [INSTALL](INSTALL) for building released tarball versions. To build libgssglue from git you need several tools: * C compiler, [gcc](https://www.gnu.org/software/gcc/) or [clang](https://clang.llvm.org/) * [Make](https://www.gnu.org/software/make/) * [Automake](https://www.gnu.org/software/automake/) * [Autoconf](https://www.gnu.org/software/autoconf/) * [Libtool](https://www.gnu.org/software/libtool/) * [Tar](https://www.gnu.org/software/tar/) (for 'make dist') * [Gzip](https://www.gnu.org/software/gzip/) (for 'make dist') * [Git](https://git-scm.com/) The required software is typically distributed with your operating system, and the instructions for installing them differ. Here are some hints: Debian/Ubuntu: ``` apt-get install -y autoconf automake libtool make indent git ``` Fedora/RHEL: ``` yum install -y make gcc autoconf automake libtool indent git ``` Build libgssglue as follows: ``` ./bootstrap ./configure make check ``` # Resources * https://gsasl.gitlab.io/libgssglue/coverage/src/ * https://scan.coverity.com/projects/libgssglue libgssglue-0.9/bootstrap000077500000000000000000000001031455651163400154710ustar00rootroot00000000000000#!/bin/sh set -x touch ChangeLog autoreconf --install --verbose libgssglue-0.9/configure.ac000066400000000000000000000011501455651163400160170ustar00rootroot00000000000000# -*- Autoconf -*- # Process this file with autoconf to produce a configure script. AC_INIT([libgssglue],[0.9],[https://gitlab.com/gsasl/libgssglue/-/issues]) AC_CONFIG_SRCDIR([src/g_accept_sec_context.c]) AC_CONFIG_AUX_DIR([build-aux]) AC_CONFIG_MACRO_DIRS([m4]) AM_INIT_AUTOMAKE AC_CONFIG_HEADERS([src/gssglue/config.h]) # Checks for programs. AC_PROG_CC LT_INIT gl_LD_VERSION_SCRIPT AC_CONFIG_FILES([Makefile src/Makefile src/gssglue/gssapi/gssapi.h tests/Makefile]) AC_CONFIG_FILES([libgssglue.pc]) AC_OUTPUT libgssglue-0.9/doc/000077500000000000000000000000001455651163400143015ustar00rootroot00000000000000libgssglue-0.9/doc/gssapi_mech.conf000066400000000000000000000015021455651163400174300ustar00rootroot00000000000000# Example /etc/gssapi_mech.conf file # # GSSAPI Mechanism Definitions # # This configuration file determines which GSS-API mechanisms # the gssd code should use # # NOTE: # The initialization function "mechglue_internal_krb5_init" # is used for the MIT krb5 gssapi mechanism. This special # function name indicates that an internal function should # be used to determine the entry points for the MIT gssapi # mechanism funtions. # # library initialization function # ================================ ========================== # The MIT K5 gssapi library, use special function for initialization. libgssapi_krb5.so.2 mechglue_internal_krb5_init # # The SPKM3 gssapi library function. Use the function spkm3_gss_initialize. # /usr/local/gss_mechs/spkm/spkm3/libgssapi_spkm3.so spkm3_gss_initialize libgssglue-0.9/libgssglue.pc.in000066400000000000000000000004201455651163400166210ustar00rootroot00000000000000prefix=@prefix@ exec_prefix=@exec_prefix@ libdir=@libdir@ includedir=@includedir@ Name: libgssglue Description: Library that implements multi-mechanism GSS-API interface. Requires: Version: @PACKAGE_VERSION@ Libs: -L@libdir@ -lgssglue -ldl Cflags: -I@includedir@/gssglue libgssglue-0.9/m4/000077500000000000000000000000001455651163400140545ustar00rootroot00000000000000libgssglue-0.9/m4/ld-version-script.m4000066400000000000000000000032041455651163400177010ustar00rootroot00000000000000# ld-version-script.m4 serial 5 dnl Copyright (C) 2008-2022 Free Software Foundation, Inc. dnl This file is free software; the Free Software Foundation dnl gives unlimited permission to copy and/or distribute it, dnl with or without modifications, as long as this notice is preserved. dnl From Simon Josefsson # FIXME: The test below returns a false positive for mingw # cross-compiles, 'local:' statements does not reduce number of # exported symbols in a DLL. Use --disable-ld-version-script to work # around the problem. # gl_LD_VERSION_SCRIPT # -------------------- # Check if LD supports linker scripts, and define automake conditional # HAVE_LD_VERSION_SCRIPT if so. AC_DEFUN([gl_LD_VERSION_SCRIPT], [ AC_ARG_ENABLE([ld-version-script], [AS_HELP_STRING([--enable-ld-version-script], [enable linker version script (default is enabled when possible)])], [have_ld_version_script=$enableval], [AC_CACHE_CHECK([if LD -Wl,--version-script works], [gl_cv_sys_ld_version_script], [gl_cv_sys_ld_version_script=no save_LDFLAGS=$LDFLAGS LDFLAGS="$LDFLAGS -Wl,--version-script=conftest.map" echo foo >conftest.map AC_LINK_IFELSE([AC_LANG_PROGRAM([[]], [[]])], [], [cat > conftest.map < #include #include OM_uint32 gss_accept_sec_context(OM_uint32 *minor_status, gss_ctx_id_t *context_handle, gss_cred_id_t verifier_cred_handle, gss_buffer_t input_token_buffer, gss_channel_bindings_t input_chan_bindings, gss_name_t *src_name, gss_OID *mech_type, gss_buffer_t output_token, OM_uint32 *ret_flags, OM_uint32 *time_rec, gss_cred_id_t *delegated_cred_handle) { OM_uint32 status, temp_status, temp_minor_status; gss_union_ctx_id_t union_ctx_id; gss_union_cred_t union_cred; gss_cred_id_t input_cred_handle = GSS_C_NO_CREDENTIAL; gss_name_t internal_name; gss_OID_desc token_mech_type_desc; gss_OID token_mech_type = &token_mech_type_desc; gss_mechanism mech; GSS_INITIALIZE; if (context_handle == NULL) return GSS_S_NO_CONTEXT; /* * if context_handle is GSS_C_NO_CONTEXT, allocate a union context * descriptor to hold the mech type information as well as the * underlying mechanism context handle. Otherwise, cast the * value of *context_handle to the union context variable. */ if (*context_handle == GSS_C_NO_CONTEXT) { /* * Get the token mech type */ status = __gss_get_mech_type(token_mech_type, input_token_buffer); if (status) return status; status = GSS_S_FAILURE; union_ctx_id = (gss_union_ctx_id_t) malloc(sizeof(gss_union_ctx_id_desc)); if (!union_ctx_id) { *minor_status = ENOMEM; goto error_out; } union_ctx_id->mech_type = (gss_OID) malloc(sizeof(gss_OID_desc)); if (!union_ctx_id->mech_type) { *minor_status = ENOMEM; goto error_out; } union_ctx_id->mech_type->elements = (void *) malloc(token_mech_type->length); if (!union_ctx_id->mech_type->elements) { *minor_status = ENOMEM; goto error_out; } union_ctx_id->mech_type->length = token_mech_type->length; memcpy(union_ctx_id->mech_type->elements, token_mech_type->elements, token_mech_type->length); /* * copy the supplied context handle */ union_ctx_id->internal_ctx_id = *context_handle; } else { union_ctx_id = *context_handle; token_mech_type = union_ctx_id->mech_type; } /* * get the appropriate cred handle from the union cred struct. * defaults to GSS_C_NO_CREDENTIAL if there is no cred, which will * use the default credential. */ union_cred = (gss_union_cred_t) verifier_cred_handle; input_cred_handle = __gss_get_mechanism_cred(union_cred, token_mech_type); /* * now select the approprate underlying mechanism routine and * call it. */ mech = __gss_get_mechanism(token_mech_type); if (mech && mech->gss_accept_sec_context) { status = mech->gss_accept_sec_context(minor_status, &union_ctx_id->internal_ctx_id, input_cred_handle, input_token_buffer, input_chan_bindings, &internal_name, mech_type, output_token, ret_flags, time_rec, delegated_cred_handle); /* * If there's more work to do, keep going... */ if (status == GSS_S_CONTINUE_NEEDED) goto continue_out; /* * if the call failed, return with failure */ if (status != GSS_S_COMPLETE) goto error_out; /* * if src_name is non-NULL, * convert internal_name into a union name equivalent * First call the mechanism specific display_name() * then call gss_import_name() to create * the union name struct cast to src_name */ if (src_name != NULL && status == GSS_S_COMPLETE) { temp_status = __gss_convert_name_to_union_name(&temp_minor_status, mech, internal_name, src_name); if (temp_status != GSS_S_COMPLETE) { if (minor_status) *minor_status = temp_minor_status; gss_release_buffer(&temp_minor_status, output_token); status = temp_status; goto error_out; } } continue_out: if (*context_handle == GSS_C_NO_CONTEXT) *context_handle = (gss_ctx_id_t *) union_ctx_id; return (status); } status = GSS_S_BAD_MECH; error_out: if (union_ctx_id) { if (union_ctx_id->mech_type) { if (union_ctx_id->mech_type->elements) free(union_ctx_id->mech_type->elements); free(union_ctx_id->mech_type); } free(union_ctx_id); } return (status); } libgssglue-0.9/src/g_acquire_cred.c000066400000000000000000000327141455651163400174320ustar00rootroot00000000000000/* * #pragma ident "@(#)g_acquire_cred.c 1.22 04/02/23 SMI" */ /* * Copyright 1996 by Sun Microsystems, Inc. * * Permission to use, copy, modify, distribute, and sell this software * and its documentation for any purpose is hereby granted without fee, * provided that the above copyright notice appears in all copies and * that both that copyright notice and this permission notice appear in * supporting documentation, and that the name of Sun Microsystems not be used * in advertising or publicity pertaining to distribution of the software * without specific, written prior permission. Sun Microsystems makes no * representations about the suitability of this software for any * purpose. It is provided "as is" without express or implied warranty. * * SUN MICROSYSTEMS DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE, * INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO * EVENT SHALL SUN MICROSYSTEMS BE LIABLE FOR ANY SPECIAL, INDIRECT OR * CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF * USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR * OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR * PERFORMANCE OF THIS SOFTWARE. */ /* * glue routine for gss_acquire_cred */ // Define these away #define map_errcode(code) #define map_error(code, mech) #include "mglueP.h" #include #include #include #include #include static OM_uint32 val_acq_cred_args(OM_uint32 *minor_status, gss_name_t desired_name, OM_uint32 time_req, gss_OID_set desired_mechs, int cred_usage, gss_cred_id_t *output_cred_handle, gss_OID_set *actual_mechs, OM_uint32 *time_rec) { /* * Initialize outputs. */ if (minor_status != NULL) *minor_status = 0; if (output_cred_handle != NULL) *output_cred_handle = GSS_C_NO_CREDENTIAL; if (actual_mechs != NULL) *actual_mechs = GSS_C_NULL_OID_SET; if (time_rec != NULL) *time_rec = 0; /* * Validate arguments. */ if (minor_status == NULL) return (GSS_S_CALL_INACCESSIBLE_WRITE); if (output_cred_handle == NULL) return (GSS_S_CALL_INACCESSIBLE_WRITE); if (cred_usage != GSS_C_ACCEPT && cred_usage != GSS_C_INITIATE && cred_usage != GSS_C_BOTH) { if (minor_status) { *minor_status = EINVAL; map_errcode(minor_status); } return GSS_S_FAILURE; } return (GSS_S_COMPLETE); } OM_uint32 gss_acquire_cred(OM_uint32 *minor_status, gss_name_t desired_name, OM_uint32 time_req, gss_OID_set desired_mechs, int cred_usage, gss_cred_id_t *output_cred_handle, gss_OID_set *actual_mechs, OM_uint32 *time_rec) { OM_uint32 major = GSS_S_FAILURE; OM_uint32 initTimeOut, acceptTimeOut, outTime = GSS_C_INDEFINITE; gss_OID_set_desc default_OID_set; gss_OID_set mechs; gss_OID_desc default_OID; gss_mechanism mech; unsigned int i; gss_union_cred_t creds; major = val_acq_cred_args(minor_status, desired_name, time_req, desired_mechs, cred_usage, output_cred_handle, actual_mechs, time_rec); if (major != GSS_S_COMPLETE) return (major); /* * Initial value needed below. */ major = GSS_S_FAILURE; /* * if desired_mechs equals GSS_C_NULL_OID_SET, then pick an * appropriate default. We use the first mechanism in the * mechansim list as the default. This set is created with * statics thus needs not be freed */ if (desired_mechs == GSS_C_NULL_OID_SET) { mech = __gss_get_mechanism(NULL); if (mech == NULL) return (GSS_S_BAD_MECH); mechs = &default_OID_set; default_OID_set.count = 1; default_OID_set.elements = &default_OID; default_OID.length = mech->mech_type.length; default_OID.elements = mech->mech_type.elements; } else mechs = desired_mechs; if (mechs->count == 0) return (GSS_S_BAD_MECH); /* * allocate the output credential structure */ creds = (gss_union_cred_t) malloc(sizeof(gss_union_cred_desc)); if (creds == NULL) return (GSS_S_FAILURE); /* * initialize to 0s */ (void) memset(creds, 0, sizeof(gss_union_cred_desc)); /* * for each requested mech attempt to obtain a credential */ for (i = 0; i < mechs->count; i++) { major = gss_add_cred(minor_status, (gss_cred_id_t) creds, desired_name, &mechs->elements[i], cred_usage, time_req, time_req, NULL, NULL, &initTimeOut, &acceptTimeOut); if (major == GSS_S_COMPLETE) { /* * update the credential's time */ if (cred_usage == GSS_C_ACCEPT) { if (outTime > acceptTimeOut) outTime = acceptTimeOut; } else if (cred_usage == GSS_C_INITIATE) { if (outTime > initTimeOut) outTime = initTimeOut; } else { /* * time_rec is the lesser of the * init/accept times */ if (initTimeOut > acceptTimeOut) outTime = (outTime > acceptTimeOut) ? acceptTimeOut : outTime; else outTime = (outTime > initTimeOut) ? initTimeOut : outTime; } } } /* for */ /* * ensure that we have at least one credential element */ if (creds->count < 1) { free(creds); return (major); } /* * fill in output parameters * setup the actual mechs output parameter */ if (actual_mechs != NULL) { gss_OID_set_desc oids; oids.count = creds->count; oids.elements = creds->mechs_array; major = generic_gss_copy_oid_set(minor_status, &oids, actual_mechs); if (GSS_ERROR(major)) { (void) gss_release_cred(minor_status, (gss_cred_id_t *) & creds); return (major); } } if (time_rec) *time_rec = outTime; *output_cred_handle = (gss_cred_id_t) creds; return (GSS_S_COMPLETE); } static OM_uint32 val_add_cred_args(OM_uint32 *minor_status, gss_cred_id_t input_cred_handle, gss_name_t desired_name, gss_OID desired_mech, gss_cred_usage_t cred_usage, OM_uint32 initiator_time_req, OM_uint32 acceptor_time_req, gss_cred_id_t *output_cred_handle, gss_OID_set *actual_mechs, OM_uint32 *initiator_time_rec, OM_uint32 *acceptor_time_rec) { /* * Initialize outputs. */ if (minor_status != NULL) *minor_status = 0; if (output_cred_handle != NULL) *output_cred_handle = GSS_C_NO_CREDENTIAL; if (actual_mechs != NULL) *actual_mechs = GSS_C_NO_OID_SET; if (acceptor_time_rec != NULL) *acceptor_time_rec = 0; if (initiator_time_rec != NULL) *initiator_time_rec = 0; /* * Validate arguments. */ if (minor_status == NULL) return (GSS_S_CALL_INACCESSIBLE_WRITE); if (input_cred_handle == GSS_C_NO_CREDENTIAL && output_cred_handle == NULL) return (GSS_S_CALL_INACCESSIBLE_WRITE | GSS_S_NO_CRED); if (cred_usage != GSS_C_ACCEPT && cred_usage != GSS_C_INITIATE && cred_usage != GSS_C_BOTH) { if (minor_status) { *minor_status = EINVAL; map_errcode(minor_status); } return GSS_S_FAILURE; } return (GSS_S_COMPLETE); } /* * V2 */ OM_uint32 gss_add_cred(OM_uint32 *minor_status, gss_cred_id_t input_cred_handle, gss_name_t desired_name, gss_OID desired_mech, gss_cred_usage_t cred_usage, OM_uint32 initiator_time_req, OM_uint32 acceptor_time_req, gss_cred_id_t *output_cred_handle, gss_OID_set *actual_mechs, OM_uint32 *initiator_time_rec, OM_uint32 *acceptor_time_rec) { OM_uint32 status, temp_minor_status; OM_uint32 time_req, time_rec; gss_union_name_t union_name; gss_union_cred_t new_union_cred, union_cred; gss_name_t internal_name = GSS_C_NO_NAME; gss_name_t allocated_name = GSS_C_NO_NAME; gss_mechanism mech; gss_cred_id_t cred = NULL; gss_OID new_mechs_array = NULL; gss_cred_id_t *new_cred_array = NULL; status = val_add_cred_args(minor_status, input_cred_handle, desired_name, desired_mech, cred_usage, initiator_time_req, acceptor_time_req, output_cred_handle, actual_mechs, initiator_time_rec, acceptor_time_rec); if (status != GSS_S_COMPLETE) return (status); mech = __gss_get_mechanism(desired_mech); if (!mech) return GSS_S_BAD_MECH; else if (!mech->gss_acquire_cred) return (GSS_S_UNAVAILABLE); if (input_cred_handle == GSS_C_NO_CREDENTIAL) { union_cred = malloc(sizeof(gss_union_cred_desc)); if (union_cred == NULL) return (GSS_S_FAILURE); (void) memset(union_cred, 0, sizeof(gss_union_cred_desc)); /* * for default credentials we will use GSS_C_NO_NAME */ internal_name = GSS_C_NO_NAME; } else { union_cred = (gss_union_cred_t) input_cred_handle; if (__gss_get_mechanism_cred(union_cred, desired_mech) != GSS_C_NO_CREDENTIAL) return (GSS_S_DUPLICATE_ELEMENT); /* * may need to create a mechanism specific name */ if (desired_name) { union_name = (gss_union_name_t) desired_name; if (union_name->mech_type && g_OID_equal(union_name->mech_type, &mech->mech_type)) internal_name = union_name->mech_name; else { if (__gss_import_internal_name(minor_status, &mech->mech_type, union_name, &allocated_name) != GSS_S_COMPLETE) return (GSS_S_BAD_NAME); internal_name = allocated_name; } } } if (cred_usage == GSS_C_ACCEPT) time_req = acceptor_time_req; else if (cred_usage == GSS_C_INITIATE) time_req = initiator_time_req; else if (cred_usage == GSS_C_BOTH) time_req = (acceptor_time_req > initiator_time_req) ? acceptor_time_req : initiator_time_req; else time_req = 0; status = mech->gss_acquire_cred(minor_status, internal_name, time_req, GSS_C_NULL_OID_SET, cred_usage, &cred, NULL, &time_rec); if (status != GSS_S_COMPLETE) { map_error(minor_status, mech); goto errout; } /* * may need to set credential auxinfo strucutre */ if (union_cred->auxinfo.creation_time == 0) { union_cred->auxinfo.creation_time = time(NULL); union_cred->auxinfo.time_rec = time_rec; union_cred->auxinfo.cred_usage = cred_usage; /* * we must set the name; if name is not supplied * we must do inquire cred to get it */ if (internal_name == NULL) { if (mech->gss_inquire_cred == NULL || ((status = mech->gss_inquire_cred(&temp_minor_status, cred, &allocated_name, NULL, NULL, NULL)) != GSS_S_COMPLETE)) goto errout; internal_name = allocated_name; } if (internal_name != GSS_C_NO_NAME) { status = mech->gss_display_name(&temp_minor_status, internal_name, &union_cred->auxinfo.name, &union_cred->auxinfo.name_type); if (status != GSS_S_COMPLETE) goto errout; } } /* * now add the new credential elements */ new_mechs_array = (gss_OID) malloc(sizeof(gss_OID_desc) * (union_cred->count + 1)); new_cred_array = (gss_cred_id_t *) malloc(sizeof(gss_cred_id_t) * (union_cred->count + 1)); if (!new_mechs_array || !new_cred_array) { status = GSS_S_FAILURE; goto errout; } if (acceptor_time_rec) if (cred_usage == GSS_C_ACCEPT || cred_usage == GSS_C_BOTH) *acceptor_time_rec = time_rec; if (initiator_time_rec) if (cred_usage == GSS_C_INITIATE || cred_usage == GSS_C_BOTH) *initiator_time_rec = time_rec; /* * OK, expand the mechanism array and the credential array */ (void) memcpy(new_mechs_array, union_cred->mechs_array, sizeof(gss_OID_desc) * union_cred->count); (void) memcpy(new_cred_array, union_cred->cred_array, sizeof(gss_cred_id_t) * union_cred->count); new_cred_array[union_cred->count] = cred; if ((new_mechs_array[union_cred->count].elements = malloc(mech->mech_type.length)) == NULL) goto errout; g_OID_copy(&new_mechs_array[union_cred->count], &mech->mech_type); if (actual_mechs != NULL) { gss_OID_set_desc oids; oids.count = union_cred->count + 1; oids.elements = new_mechs_array; status = generic_gss_copy_oid_set(minor_status, &oids, actual_mechs); if (GSS_ERROR(status)) { free(new_mechs_array[union_cred->count].elements); goto errout; } } if (output_cred_handle == NULL) { free(union_cred->mechs_array); free(union_cred->cred_array); new_union_cred = union_cred; } else { new_union_cred = malloc(sizeof(gss_union_cred_desc)); if (new_union_cred == NULL) { free(new_mechs_array[union_cred->count].elements); goto errout; } *new_union_cred = *union_cred; *output_cred_handle = (gss_cred_id_t) new_union_cred; } new_union_cred->mechs_array = new_mechs_array; new_union_cred->cred_array = new_cred_array; new_union_cred->count++; /* * We're done with the internal name. Free it if we allocated it. */ if (allocated_name) (void) __gss_release_internal_name(&temp_minor_status, &mech->mech_type, &allocated_name); return (GSS_S_COMPLETE); errout: if (new_mechs_array) free(new_mechs_array); if (new_cred_array) free(new_cred_array); if (cred != NULL && mech->gss_release_cred) mech->gss_release_cred(&temp_minor_status, &cred); if (allocated_name) (void) __gss_release_internal_name(&temp_minor_status, &mech->mech_type, &allocated_name); if (input_cred_handle == GSS_C_NO_CREDENTIAL && union_cred) { if (union_cred->auxinfo.name.value) free(union_cred->auxinfo.name.value); free(union_cred); } return (status); } libgssglue-0.9/src/g_canon_name.c000066400000000000000000000116501455651163400170760ustar00rootroot00000000000000/* * Copyright 1996 by Sun Microsystems, Inc. * * Permission to use, copy, modify, distribute, and sell this software * and its documentation for any purpose is hereby granted without fee, * provided that the above copyright notice appears in all copies and * that both that copyright notice and this permission notice appear in * supporting documentation, and that the name of Sun Microsystems not be used * in advertising or publicity pertaining to distribution of the software * without specific, written prior permission. Sun Microsystems makes no * representations about the suitability of this software for any * purpose. It is provided "as is" without express or implied warranty. * * SUN MICROSYSTEMS DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE, * INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO * EVENT SHALL SUN MICROSYSTEMS BE LIABLE FOR ANY SPECIAL, INDIRECT OR * CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF * USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR * OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR * PERFORMANCE OF THIS SOFTWARE. */ /* * glue routine for gss_canonicalize_name */ #include "mglueP.h" #include #include #include #include /* * Glue routine to copy an external name buffer (used by gss_canonicalize_name) */ static OM_uint32 __gss_copy_namebuf(gss_buffer_t src, gss_buffer_t dest) { if (dest == NULL) return (GSS_S_BAD_NAME); dest->value = (void *) malloc(src->length + 1); if (dest->value == NULL) { return (GSS_S_FAILURE); } memcpy(dest->value, src->value, src->length); dest->length = src->length; return (GSS_S_COMPLETE); } OM_uint32 gss_canonicalize_name(OM_uint32 *minor_status, const gss_name_t input_name, const gss_OID mech_type, gss_name_t *canon_name) { OM_uint32 minor, status; gss_union_name_t union_input_name, union_canon_name; gss_name_t mech_name = GSS_C_NO_NAME; gss_mechanism mech; GSS_INITIALIZE; if (!minor_status) return GSS_S_CALL_INACCESSIBLE_WRITE; *minor_status = 0; /* * if canon_name is NULL, simply return */ if (canon_name == NULL) return GSS_S_COMPLETE; *canon_name = GSS_C_NO_NAME; if (input_name == GSS_C_NO_NAME) return GSS_S_BAD_NAME; union_input_name = (gss_union_name_t) input_name; mech = __gss_get_mechanism(mech_type); if (mech == NULL || mech->gss_canonicalize_name == NULL) return GSS_S_BAD_MECH; status = GSS_S_FAILURE; /* * Create the union name struct that will hold the canonicalized * name and the name type. */ union_canon_name = (gss_union_name_t) malloc(sizeof(gss_union_name_desc)); if (union_canon_name == NULL) { *minor_status = ENOMEM; goto failure; } union_canon_name->name_type = GSS_C_NO_OID; union_canon_name->external_name.length = 0; union_canon_name->external_name.value = 0; union_canon_name->mech_type = GSS_C_NO_OID; union_canon_name->mech_name = GSS_C_NO_NAME; if (union_input_name->mech_type != GSS_C_NO_OID && g_OID_equal(&mech->mech_type, union_input_name->mech_type)) { /* * Input name was specific to this mech, just canonicalize */ status = mech->gss_canonicalize_name(minor_status, union_input_name->mech_name, &mech->mech_type, &mech_name); if (status != GSS_S_COMPLETE) goto failure; } else { /* * Input name was generic or specific to another mech; import * then canonicalize. */ gss_name_t internal_name = GSS_C_NO_NAME; if (mech->gss_import_name == NULL) { status = GSS_S_BAD_MECH; goto failure; } status = mech->gss_import_name(minor_status, &union_input_name->external_name, union_input_name->name_type, &internal_name); if (status != GSS_S_COMPLETE) goto failure; status = mech->gss_canonicalize_name(minor_status, internal_name, &mech->mech_type, &mech_name); if (status != GSS_S_COMPLETE) goto failure; __gss_release_internal_name(&minor, &mech->mech_type, &internal_name); } union_canon_name->mech_name = mech_name; status = __gss_copy_namebuf(&union_input_name->external_name, &union_canon_name->external_name); if (status != GSS_S_COMPLETE) goto failure; if (union_input_name->name_type != GSS_C_NO_OID) { status = generic_gss_copy_oid(minor_status, union_input_name->name_type, &union_canon_name->name_type); if (status != GSS_S_COMPLETE) goto failure; } status = generic_gss_copy_oid(minor_status, &mech->mech_type, &union_canon_name->mech_type); if (status != GSS_S_COMPLETE) goto failure; *canon_name = union_canon_name; return GSS_S_COMPLETE; failure: gss_release_name(&minor, (gss_name_t *) & union_canon_name); return status; } libgssglue-0.9/src/g_ccache_name.c000066400000000000000000000041501455651163400172030ustar00rootroot00000000000000/* * g_ccache_name.c * * Copyright (c) 2007 The Regents of the University of Michigan. * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. Neither the name of the University nor the names of its * contributors may be used to endorse or promote products derived * from this software without specific prior written permission. * * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE * DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * */ #include "mglueP.h" OM_uint32 gss_krb5_ccache_name(OM_uint32 *minor_status, const char *name, const char **out_name) { OM_uint32 status; gss_mechanism mech; gss_OID_desc krb5oid = { 9, "\052\206\110\206\367\022\001\002\002" }; GSS_INITIALIZE; mech = __gss_get_mechanism(&krb5oid); if (mech) { if (mech->krb5_ccache_name) { status = mech->krb5_ccache_name(minor_status, name, out_name); } else { status = GSS_S_BAD_BINDINGS; } return (status); } return (GSS_S_NO_CONTEXT); } libgssglue-0.9/src/g_compare_name.c000066400000000000000000000117221455651163400174260ustar00rootroot00000000000000/* * #ident "@(#)gss_compare_name.c 1.13 95/08/02 SMI" */ /* * Copyright 1996 by Sun Microsystems, Inc. * * Permission to use, copy, modify, distribute, and sell this software * and its documentation for any purpose is hereby granted without fee, * provided that the above copyright notice appears in all copies and * that both that copyright notice and this permission notice appear in * supporting documentation, and that the name of Sun Microsystems not be used * in advertising or publicity pertaining to distribution of the software * without specific, written prior permission. Sun Microsystems makes no * representations about the suitability of this software for any * purpose. It is provided "as is" without express or implied warranty. * * SUN MICROSYSTEMS DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE, * INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO * EVENT SHALL SUN MICROSYSTEMS BE LIABLE FOR ANY SPECIAL, INDIRECT OR * CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF * USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR * OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR * PERFORMANCE OF THIS SOFTWARE. */ /* * glue routine for gss_compare_name * */ #include "mglueP.h" #include #include OM_uint32 gss_compare_name(OM_uint32 *minor_status, gss_name_t name1, gss_name_t name2, int *name_equal) { OM_uint32 major_status, temp_minor; gss_union_name_t union_name1, union_name2; gss_mechanism mech = NULL; gss_name_t internal_name; GSS_INITIALIZE; if (name1 == 0 || name2 == 0) { if (name_equal) *name_equal = 0; return GSS_S_BAD_NAME; } union_name1 = (gss_union_name_t) name1; union_name2 = (gss_union_name_t) name2; /* * Try our hardest to make union_name1 be the mechanism-specific * name. (Of course we can't if both names aren't * mechanism-specific.) */ if (union_name1->mech_type == 0) { union_name1 = (gss_union_name_t) name2; union_name2 = (gss_union_name_t) name1; } /* * If union_name1 is mechanism specific, then fetch its mechanism * information. */ if (union_name1->mech_type) { mech = __gss_get_mechanism(union_name1->mech_type); if (!mech) return (GSS_S_BAD_MECH); if (!mech->gss_compare_name) return (GSS_S_BAD_BINDINGS); } if (name_equal == NULL) return GSS_S_COMPLETE; *name_equal = 0; /* Default to *not* equal.... */ /* * First case... both names are mechanism-specific */ if (union_name1->mech_type && union_name2->mech_type) { if (!g_OID_equal(union_name1->mech_type, union_name2->mech_type)) return (GSS_S_COMPLETE); if ((union_name1->mech_name == 0) || (union_name2->mech_name == 0)) /* * should never happen */ return (GSS_S_BAD_NAME); return (mech->gss_compare_name(minor_status, union_name1->mech_name, union_name2->mech_name, name_equal)); } /* * Second case... both names are NOT mechanism specific. * * All we do here is make sure the two name_types are equal and then * that the external_names are equal. Note the we do not take care * of the case where two different external names map to the same * internal name. We cannot determine this, since we as yet do not * know what mechanism to use for calling the underlying * gss_import_name(). */ if (!union_name1->mech_type && !union_name2->mech_type) { if (!g_OID_equal(union_name1->name_type, union_name2->name_type)) return (GSS_S_COMPLETE); if ((union_name1->external_name.length != union_name2->external_name.length) || (memcmp(union_name1->external_name.value, union_name2->external_name.value, union_name1->external_name.length) != 0)) return (GSS_S_COMPLETE); *name_equal = 1; return (GSS_S_COMPLETE); } /* * Final case... one name is mechanism specific, the other isn't. * * We attempt to convert the general name to the mechanism type of * the mechanism-specific name, and then do the compare. If we * can't import the general name, then we return that the name is * _NOT_ equal. */ if (union_name2->mech_type) { /* * We make union_name1 the mechanism specific name. */ union_name1 = (gss_union_name_t) name2; union_name2 = (gss_union_name_t) name1; } major_status = __gss_import_internal_name(minor_status, union_name1->mech_type, union_name2, &internal_name); if (major_status != GSS_S_COMPLETE) return (GSS_S_COMPLETE); if (!mech) return GSS_S_BAD_MECH; if (!mech->gss_compare_name) return GSS_S_UNAVAILABLE; major_status = mech->gss_compare_name(minor_status, union_name1->mech_name, internal_name, name_equal); __gss_release_internal_name(&temp_minor, union_name1->mech_type, &internal_name); return (major_status); } libgssglue-0.9/src/g_context_time.c000066400000000000000000000037631455651163400175100ustar00rootroot00000000000000/* * #ident "@(#)gss_context_time.c 1.8 95/08/07 SMI" */ /* * Copyright 1996, 2023 by Sun Microsystems, Inc. * * Permission to use, copy, modify, distribute, and sell this software * and its documentation for any purpose is hereby granted without fee, * provided that the above copyright notice appears in all copies and * that both that copyright notice and this permission notice appear in * supporting documentation, and that the name of Sun Microsystems not be used * in advertising or publicity pertaining to distribution of the software * without specific, written prior permission. Sun Microsystems makes no * representations about the suitability of this software for any * purpose. It is provided "as is" without express or implied warranty. * * SUN MICROSYSTEMS DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE, * INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO * EVENT SHALL SUN MICROSYSTEMS BE LIABLE FOR ANY SPECIAL, INDIRECT OR * CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF * USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR * OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR * PERFORMANCE OF THIS SOFTWARE. */ /* * glue routines for gss_context_time */ #include "mglueP.h" OM_uint32 gss_context_time(OM_uint32 *minor_status, gss_ctx_id_t context_handle, OM_uint32 *time_rec) { OM_uint32 status; gss_union_ctx_id_t ctx; gss_mechanism mech; GSS_INITIALIZE; if (context_handle == GSS_C_NO_CONTEXT) return GSS_S_NO_CONTEXT; /* * select the approprate underlying mechanism routine and * call it. */ ctx = (gss_union_ctx_id_t) context_handle; mech = __gss_get_mechanism(ctx->mech_type); if (mech) { if (mech->gss_context_time) status = mech->gss_context_time(minor_status, ctx->internal_ctx_id, time_rec); else status = GSS_S_BAD_BINDINGS; return (status); } return (GSS_S_NO_CONTEXT); } libgssglue-0.9/src/g_delete_sec_context.c000066400000000000000000000045461455651163400206460ustar00rootroot00000000000000/* * #ident "@(#)gss_delete_sec_context.c 1.10 95/08/07 SMI" */ /* * Copyright 1996 by Sun Microsystems, Inc. * * Permission to use, copy, modify, distribute, and sell this software * and its documentation for any purpose is hereby granted without fee, * provided that the above copyright notice appears in all copies and * that both that copyright notice and this permission notice appear in * supporting documentation, and that the name of Sun Microsystems not be used * in advertising or publicity pertaining to distribution of the software * without specific, written prior permission. Sun Microsystems makes no * representations about the suitability of this software for any * purpose. It is provided "as is" without express or implied warranty. * * SUN MICROSYSTEMS DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE, * INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO * EVENT SHALL SUN MICROSYSTEMS BE LIABLE FOR ANY SPECIAL, INDIRECT OR * CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF * USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR * OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR * PERFORMANCE OF THIS SOFTWARE. */ /* * glue routine for gss_delete_sec_context */ #include "mglueP.h" #include #include OM_uint32 gss_delete_sec_context(OM_uint32 *minor_status, gss_ctx_id_t *context_handle, gss_buffer_t output_token) { OM_uint32 status; gss_union_ctx_id_t ctx; gss_mechanism mech; GSS_INITIALIZE; /* * if the context_handle is Null, return NO_CONTEXT error */ if (context_handle == NULL || *context_handle == GSS_C_NO_CONTEXT) return (GSS_S_NO_CONTEXT); /* * select the approprate underlying mechanism routine and * call it. */ ctx = (gss_union_ctx_id_t) * context_handle; mech = __gss_get_mechanism(ctx->mech_type); if (mech) { if (mech->gss_delete_sec_context) status = mech->gss_delete_sec_context(minor_status, &ctx->internal_ctx_id, output_token); else status = GSS_S_BAD_BINDINGS; /* * now free up the space for the union context structure */ free(ctx->mech_type->elements); free(ctx->mech_type); free(*context_handle); *context_handle = NULL; return (status); } return (GSS_S_NO_CONTEXT); } libgssglue-0.9/src/g_dsp_name.c000066400000000000000000000052751455651163400165740ustar00rootroot00000000000000/* * #ident "@(#)g_dsp_name.c 1.2 96/02/06 SMI" */ /* * Copyright 1996 by Sun Microsystems, Inc. * * Permission to use, copy, modify, distribute, and sell this software * and its documentation for any purpose is hereby granted without fee, * provided that the above copyright notice appears in all copies and * that both that copyright notice and this permission notice appear in * supporting documentation, and that the name of Sun Microsystems not be used * in advertising or publicity pertaining to distribution of the software * without specific, written prior permission. Sun Microsystems makes no * representations about the suitability of this software for any * purpose. It is provided "as is" without express or implied warranty. * * SUN MICROSYSTEMS DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE, * INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO * EVENT SHALL SUN MICROSYSTEMS BE LIABLE FOR ANY SPECIAL, INDIRECT OR * CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF * USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR * OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR * PERFORMANCE OF THIS SOFTWARE. */ /* * glue routine for gss_display_name() * */ #include "mglueP.h" #include #include #include OM_uint32 gss_display_name(OM_uint32 *minor_status, gss_name_t input_name, gss_buffer_t output_name_buffer, gss_OID *output_name_type) { OM_uint32 major_status; gss_union_name_t union_name; if (input_name == GSS_C_NO_NAME) return GSS_S_BAD_NAME; union_name = (gss_union_name_t) input_name; if (union_name->mech_type) { /* * OK, we have a mechanism-specific name; let's use it! */ return (__gss_display_internal_name(minor_status, union_name->mech_type, union_name->mech_name, output_name_buffer, output_name_type)); } /* * copy the value of the external_name component of the union * name into the output_name_buffer and point the output_name_type * to the name_type component of union_name */ if (output_name_type != NULL) { major_status = generic_gss_copy_oid(minor_status, union_name->name_type, output_name_type); if (major_status) return (major_status); } if (output_name_buffer != NULL) { output_name_buffer->length = union_name->external_name.length; output_name_buffer->value = (void *) malloc(output_name_buffer->length); memcpy(output_name_buffer->value, union_name->external_name.value, output_name_buffer->length); } if (minor_status) *minor_status = 0; return (GSS_S_COMPLETE); } libgssglue-0.9/src/g_dsp_status.c000066400000000000000000000042051455651163400171670ustar00rootroot00000000000000/* * #ident "@(#)gss_display_status.c 1.8 95/08/07 SMI" */ /* * Copyright 1996 by Sun Microsystems, Inc. * * Permission to use, copy, modify, distribute, and sell this software * and its documentation for any purpose is hereby granted without fee, * provided that the above copyright notice appears in all copies and * that both that copyright notice and this permission notice appear in * supporting documentation, and that the name of Sun Microsystems not be used * in advertising or publicity pertaining to distribution of the software * without specific, written prior permission. Sun Microsystems makes no * representations about the suitability of this software for any * purpose. It is provided "as is" without express or implied warranty. * * SUN MICROSYSTEMS DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE, * INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO * EVENT SHALL SUN MICROSYSTEMS BE LIABLE FOR ANY SPECIAL, INDIRECT OR * CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF * USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR * OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR * PERFORMANCE OF THIS SOFTWARE. */ /* * glue routine gss_display_status * */ #include "mglueP.h" #include #include OM_uint32 gss_display_status(OM_uint32 *minor_status, OM_uint32 status_value, int status_type, gss_OID req_mech_type, OM_uint32 *message_context, gss_buffer_t status_string) { OM_uint32 status; gss_OID mech_type = (gss_OID) req_mech_type; gss_mechanism mech; GSS_INITIALIZE; /* * select the approprate underlying mechanism routine and * call it. */ mech = __gss_get_mechanism(mech_type); if (mech == NULL) return (GSS_S_BAD_MECH); if (mech_type == GSS_C_NULL_OID) mech_type = &mech->mech_type; if (mech->gss_display_status) status = mech->gss_display_status(minor_status, status_value, status_type, mech_type, message_context, status_string); else status = GSS_S_BAD_BINDINGS; return (status); } libgssglue-0.9/src/g_dup_name.c000066400000000000000000000110731455651163400165670ustar00rootroot00000000000000/* * Copyright 1996 by Sun Microsystems, Inc. * * Permission to use, copy, modify, distribute, and sell this software * and its documentation for any purpose is hereby granted without fee, * provided that the above copyright notice appears in all copies and * that both that copyright notice and this permission notice appear in * supporting documentation, and that the name of Sun Microsystems not be used * in advertising or publicity pertaining to distribution of the software * without specific, written prior permission. Sun Microsystems makes no * representations about the suitability of this software for any * purpose. It is provided "as is" without express or implied warranty. * * SUN MICROSYSTEMS DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE, * INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO * EVENT SHALL SUN MICROSYSTEMS BE LIABLE FOR ANY SPECIAL, INDIRECT OR * CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF * USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR * OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR * PERFORMANCE OF THIS SOFTWARE. * * created andros 2.24.01 from g_compare_name.c */ /* * glue routine for gss_duplicate_name * */ #include "mglueP.h" #include #include #include #include OM_uint32 gss_duplicate_name(OM_uint32 *minor_status, const gss_name_t in_name, gss_name_t *exp_name) { OM_uint32 tmp, major_status = GSS_S_COMPLETE; gss_union_name_t union_in_name, union_exp_name; gss_mechanism mech; GSS_INITIALIZE; /* * if exp_name is NULL, simply return */ if (exp_name == NULL) return (GSS_S_COMPLETE); *exp_name = NULL; if (in_name == 0) return (GSS_S_BAD_NAME); union_in_name = (gss_union_name_t) in_name; /* * Create the union name struct that will hold the exported * name and the name type. */ union_exp_name = (gss_union_name_t) malloc(sizeof(gss_union_name_desc)); if (!union_exp_name) { *minor_status = ENOMEM; goto allocation_failure; } union_exp_name->external_name.length = 0; union_exp_name->external_name.value = NULL; union_exp_name->gss_mech = union_in_name->gss_mech; union_exp_name->mech_type = GSS_C_NO_OID; if (union_in_name->mech_type != GSS_C_NO_OID && (generic_gss_copy_oid(&tmp, union_in_name->mech_type, &union_exp_name->mech_type) != GSS_S_COMPLETE)) { *minor_status = ENOMEM; goto allocation_failure; } union_exp_name->mech_name = NULL; union_exp_name->name_type = GSS_C_NO_OID; if (union_in_name->name_type != GSS_C_NO_OID && (generic_gss_copy_oid(&tmp, union_in_name->name_type, &union_exp_name->name_type) != GSS_S_COMPLETE)) { *minor_status = ENOMEM; goto allocation_failure; } union_exp_name->external_name.length = union_in_name->external_name.length; /* * we malloc length+1 to stick a NULL on the end, just in case * Note that this NULL is not included in ->length for a reason! */ union_exp_name->external_name.value = (void *) malloc(union_in_name->external_name.length); if (!union_exp_name->external_name.value) { *minor_status = ENOMEM; goto allocation_failure; } memcpy(union_exp_name->external_name.value, union_in_name->external_name.value, union_exp_name->external_name.length); /* * Mechanism specific name */ if (union_in_name->mech_type != GSS_C_NO_OID) { mech = __gss_get_mechanism(union_in_name->mech_type); if (!mech) { major_status = GSS_S_BAD_MECH; goto allocation_failure; } if (!mech->gss_duplicate_name) { major_status = GSS_S_BAD_BINDINGS; goto allocation_failure; } major_status = mech->gss_duplicate_name(minor_status, union_in_name->mech_name, &union_exp_name->mech_name); if (major_status != GSS_S_COMPLETE) { union_exp_name->mech_name = NULL; goto allocation_failure; } } *exp_name = union_exp_name; return (major_status); allocation_failure: if (union_exp_name) { if (union_exp_name->external_name.value) free(union_exp_name->external_name.value); if (union_exp_name->name_type) generic_gss_release_oid(&tmp, &union_exp_name->name_type); if (union_exp_name->mech_name) __gss_release_internal_name(minor_status, union_exp_name->mech_type, &union_exp_name->mech_name); if (union_exp_name->mech_type) generic_gss_release_oid(&tmp, &union_exp_name->mech_type); free(union_exp_name); } return (major_status); } libgssglue-0.9/src/g_exp_name.c000066400000000000000000000055151455651163400165770ustar00rootroot00000000000000/* * #ident "@(#)g_dsp_name.c 1.2 96/02/06 SMI" */ /* * Copyright 1996 by Sun Microsystems, Inc. * * Permission to use, copy, modify, distribute, and sell this software * and its documentation for any purpose is hereby granted without fee, * provided that the above copyright notice appears in all copies and * that both that copyright notice and this permission notice appear in * supporting documentation, and that the name of Sun Microsystems not be used * in advertising or publicity pertaining to distribution of the software * without specific, written prior permission. Sun Microsystems makes no * representations about the suitability of this software for any * purpose. It is provided "as is" without express or implied warranty. * * SUN MICROSYSTEMS DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE, * INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO * EVENT SHALL SUN MICROSYSTEMS BE LIABLE FOR ANY SPECIAL, INDIRECT OR * CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF * USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR * OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR * PERFORMANCE OF THIS SOFTWARE. */ /* * glue routine for gss_export_name() * */ #include "mglueP.h" OM_uint32 gss_export_name(OM_uint32 *minor_status, const gss_name_t input_name, gss_buffer_t exported_name) { gss_union_name_t union_name; gss_name_t internal_name = GSS_C_NO_NAME; gss_mechanism mech; OM_uint32 status; OM_uint32 minor; GSS_INITIALIZE; if (input_name == GSS_C_NO_NAME) return GSS_S_BAD_NAME; if (minor_status != NULL) *minor_status = 0; if (exported_name != GSS_C_NO_BUFFER) { exported_name->value = NULL; exported_name->length = 0; } union_name = (gss_union_name_t) input_name; /* * If it's not a mechanism specific name type then we pass * it on to the default mechanism (usually Kerberos) to deal * with */ if (union_name->mech_type != GSS_C_NO_OID) { mech = __gss_get_mechanism(union_name->mech_type); } else { mech = __gss_get_mechanism(GSS_C_NO_OID); } if (mech == NULL || mech->gss_export_name == NULL) return GSS_S_BAD_MECH; if (union_name->mech_type == GSS_C_NO_OID) { if (mech->gss_import_name == NULL) return GSS_S_BAD_MECH; status = mech->gss_import_name(minor_status, &union_name->external_name, union_name->name_type, &internal_name); if (status != GSS_S_COMPLETE) return GSS_S_BAD_NAME; } status = mech->gss_export_name(minor_status, internal_name ? internal_name : union_name->mech_name, exported_name); if (internal_name != GSS_C_NO_NAME) { __gss_release_internal_name(&minor, union_name->name_type, &internal_name); } return status; } libgssglue-0.9/src/g_exp_sec_context.c000066400000000000000000000062161455651163400201740ustar00rootroot00000000000000/* * #ident "@(#)g_exp_sec_context.c 1.2 96/01/18 SMI" */ /* * Copyright 1996 by Sun Microsystems, Inc. * * Permission to use, copy, modify, distribute, and sell this software * and its documentation for any purpose is hereby granted without fee, * provided that the above copyright notice appears in all copies and * that both that copyright notice and this permission notice appear in * supporting documentation, and that the name of Sun Microsystems not be used * in advertising or publicity pertaining to distribution of the software * without specific, written prior permission. Sun Microsystems makes no * representations about the suitability of this software for any * purpose. It is provided "as is" without express or implied warranty. * * SUN MICROSYSTEMS DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE, * INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO * EVENT SHALL SUN MICROSYSTEMS BE LIABLE FOR ANY SPECIAL, INDIRECT OR * CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF * USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR * OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR * PERFORMANCE OF THIS SOFTWARE. */ /* * glue routine for gss_export_sec_context */ #include "mglueP.h" #include #include #include #include OM_uint32 gss_export_sec_context(OM_uint32 *minor_status, gss_ctx_id_t *context_handle, gss_buffer_t interprocess_token) { OM_uint32 status; size_t length; gss_union_ctx_id_t ctx; gss_mechanism mech; gss_buffer_desc token; char *buf; GSS_INITIALIZE; if (context_handle == NULL || *context_handle == GSS_C_NO_CONTEXT) return GSS_S_NO_CONTEXT; /* * select the approprate underlying mechanism routine and * call it. */ ctx = (gss_union_ctx_id_t) * context_handle; mech = __gss_get_mechanism(ctx->mech_type); if (!mech) return GSS_S_BAD_MECH; if (!mech->gss_export_sec_context) return GSS_S_BAD_BINDINGS; status = mech->gss_export_sec_context(minor_status, &ctx->internal_ctx_id, &token); if (status != GSS_S_COMPLETE) return (status); length = token.length + 4 + ctx->mech_type->length; interprocess_token->length = length; interprocess_token->value = malloc(length); if (interprocess_token->value == 0) { (void) gss_release_buffer(minor_status, &token); *minor_status = ENOMEM; return (GSS_S_FAILURE); } buf = interprocess_token->value; length = ctx->mech_type->length; buf[3] = (unsigned char) (length & 0xFF); length >>= 8; buf[2] = (unsigned char) (length & 0xFF); length >>= 8; buf[1] = (unsigned char) (length & 0xFF); length >>= 8; buf[0] = (unsigned char) (length & 0xFF); memcpy(buf + 4, ctx->mech_type->elements, (size_t) ctx->mech_type->length); memcpy(buf + 4 + ctx->mech_type->length, token.value, token.length); (void) gss_release_buffer(minor_status, &token); free(ctx->mech_type->elements); free(ctx->mech_type); free(ctx); *context_handle = 0; return (GSS_S_COMPLETE); } libgssglue-0.9/src/g_get_mic.c000066400000000000000000000040711455651163400164060ustar00rootroot00000000000000/* * #ident "@(#)gss_get_mic.c 1.10 95/08/07 SMI" */ /* * Copyright 1996 by Sun Microsystems, Inc. * * Permission to use, copy, modify, distribute, and sell this software * and its documentation for any purpose is hereby granted without fee, * provided that the above copyright notice appears in all copies and * that both that copyright notice and this permission notice appear in * supporting documentation, and that the name of Sun Microsystems not be used * in advertising or publicity pertaining to distribution of the software * without specific, written prior permission. Sun Microsystems makes no * representations about the suitability of this software for any * purpose. It is provided "as is" without express or implied warranty. * * SUN MICROSYSTEMS DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE, * INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO * EVENT SHALL SUN MICROSYSTEMS BE LIABLE FOR ANY SPECIAL, INDIRECT OR * CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF * USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR * OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR * PERFORMANCE OF THIS SOFTWARE. */ /* * glue routine gss_get_mic (New for V2) */ #include "mglueP.h" OM_uint32 gss_get_mic(OM_uint32 *minor_status, gss_ctx_id_t context_handle, gss_qop_t qop_req, gss_buffer_t message_buffer, gss_buffer_t msg_token) { OM_uint32 status; gss_union_ctx_id_t ctx; gss_mechanism mech; GSS_INITIALIZE; if (context_handle == GSS_C_NO_CONTEXT) return GSS_S_NO_CONTEXT; /* * select the approprate underlying mechanism routine and * call it. */ ctx = (gss_union_ctx_id_t) context_handle; mech = __gss_get_mechanism(ctx->mech_type); if (mech) { if (mech->gss_get_mic) status = mech->gss_get_mic(minor_status, ctx->internal_ctx_id, qop_req, message_buffer, msg_token); else status = GSS_S_BAD_BINDINGS; return (status); } return (GSS_S_NO_CONTEXT); } libgssglue-0.9/src/g_glue.c000066400000000000000000000167111455651163400157370ustar00rootroot00000000000000/* * #ident "@(#)g_glue.c 1.1 96/02/06 SMI" */ /* * Copyright 1996 by Sun Microsystems, Inc. * * Permission to use, copy, modify, distribute, and sell this software * and its documentation for any purpose is hereby granted without fee, * provided that the above copyright notice appears in all copies and * that both that copyright notice and this permission notice appear in * supporting documentation, and that the name of Sun Microsystems not be used * in advertising or publicity pertaining to distribution of the software * without specific, written prior permission. Sun Microsystems makes no * representations about the suitability of this software for any * purpose. It is provided "as is" without express or implied warranty. * * SUN MICROSYSTEMS DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE, * INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO * EVENT SHALL SUN MICROSYSTEMS BE LIABLE FOR ANY SPECIAL, INDIRECT OR * CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF * USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR * OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR * PERFORMANCE OF THIS SOFTWARE. */ #include "mglueP.h" #include #include #include #include extern gss_mechanism *__gss_mechs_array; /* * This file contains the support routines for the glue layer. */ /* * given the mechs_array and a mechanism OID, return the * pointer to the mechanism, or NULL if that mechanism is * not supported. If the requested OID is NULL, then return * the first mechanism. */ gss_mechanism __gss_get_mechanism(gss_OID type) { int i; if (__gss_mechs_array == NULL) return NULL; if (__gss_mechs_array == NULL) return NULL; if (type == GSS_C_NULL_OID) return (__gss_mechs_array[0]); for (i = 0; __gss_mechs_array[i]->mech_type.length != 0; i++) { if ((__gss_mechs_array[i]->mech_type.length == type->length) && (memcmp (__gss_mechs_array[i]->mech_type.elements, type->elements, type->length) == 0)) { return (__gss_mechs_array[i]); } } return NULL; } /* * glue routine for get_mech_type * */ OM_uint32 __gss_get_mech_type(gss_OID OID, gss_buffer_t token) { unsigned char *buffer_ptr; int length; /* * This routine reads the prefix of "token" in order to determine * its mechanism type. It assumes the encoding suggested in * Appendix B of RFC 1508. This format starts out as follows : * * tag for APPLICATION 0, Sequence[constructed, definite length] * length of remainder of token * tag of OBJECT IDENTIFIER * length of mechanism OID * encoding of mechanism OID * * * Numerically, this looks like : * * 0x60 * - could be multiple bytes * 0x06 * - assume only one byte, hence OID length < 127 * * * The routine fills in the OID value and returns an error as necessary. */ if (token == NULL) return (GSS_S_DEFECTIVE_TOKEN); /* * Skip past the APP/Sequnce byte and the token length */ buffer_ptr = (unsigned char *) token->value; if (*(buffer_ptr++) != 0x60) return (GSS_S_DEFECTIVE_TOKEN); length = *buffer_ptr++; if (length & 0x80) { if ((length & 0x7f) > 4) return (GSS_S_DEFECTIVE_TOKEN); buffer_ptr += length & 0x7f; } if (*(buffer_ptr++) != 0x06) return (GSS_S_DEFECTIVE_TOKEN); OID->length = (OM_uint32) * (buffer_ptr++); OID->elements = (void *) buffer_ptr; return (GSS_S_COMPLETE); } /* * Internal routines to get and release an internal mechanism name */ #include "mglueP.h" OM_uint32 __gss_import_internal_name(OM_uint32 *minor_status, gss_OID mech_type, gss_union_name_t union_name, gss_name_t *internal_name) { OM_uint32 status; gss_mechanism mech; mech = __gss_get_mechanism(mech_type); if (mech) { if (mech->gss_import_name) status = mech->gss_import_name(minor_status, &union_name->external_name, union_name->name_type, internal_name); else status = GSS_S_BAD_BINDINGS; return (status); } return (GSS_S_BAD_MECH); } OM_uint32 __gss_display_internal_name(OM_uint32 *minor_status, gss_OID mech_type, gss_name_t internal_name, gss_buffer_t external_name, gss_OID *name_type) { OM_uint32 status; gss_mechanism mech; mech = __gss_get_mechanism(mech_type); if (mech) { if (mech->gss_display_name) status = mech->gss_display_name(minor_status, internal_name, external_name, name_type); else status = GSS_S_BAD_BINDINGS; return (status); } return (GSS_S_BAD_MECH); } OM_uint32 __gss_release_internal_name(OM_uint32 *minor_status, gss_OID mech_type, gss_name_t *internal_name) { OM_uint32 status; gss_mechanism mech; mech = __gss_get_mechanism(mech_type); if (mech) { if (mech->gss_release_name) status = mech->gss_release_name(minor_status, internal_name); else status = GSS_S_BAD_BINDINGS; return (status); } return (GSS_S_BAD_MECH); } /* * This function converts an internal gssapi name to a union gssapi * name. Note that internal_name should be considered "consumed" by * this call, whether or not we return an error. */ OM_uint32 __gss_convert_name_to_union_name(OM_uint32 *minor_status, gss_mechanism mech, gss_name_t internal_name, gss_name_t *external_name) { OM_uint32 major_status, tmp; gss_union_name_t union_name; major_status = GSS_S_FAILURE; *external_name = NULL; union_name = (gss_union_name_t) malloc(sizeof(gss_union_name_desc)); if (!union_name) { *minor_status = ENOMEM; goto allocation_failure; } union_name->external_name.length = 0; union_name->external_name.value = NULL; union_name->gss_mech = mech; union_name->name_type = GSS_C_NO_OID; union_name->mech_type = GSS_C_NO_OID; union_name->mech_name = internal_name; major_status = generic_gss_copy_oid(minor_status, &mech->mech_type, &union_name->mech_type); if (major_status != GSS_S_COMPLETE) goto allocation_failure; major_status = mech->gss_display_name(minor_status, internal_name, &union_name->external_name, &union_name->name_type); if (major_status != GSS_S_COMPLETE) goto allocation_failure; *external_name = union_name; return (GSS_S_COMPLETE); allocation_failure: if (union_name) { if (union_name->external_name.value) free(union_name->external_name.value); if (union_name->name_type) generic_gss_release_oid(&tmp, &union_name->name_type); if (union_name->mech_name) __gss_release_internal_name(minor_status, union_name->mech_type, &union_name->mech_name); if (union_name->mech_type) mech_gss_release_oid(&tmp, &union_name->mech_type, mech); free(union_name); } return (major_status); } /* * Glue routine for returning the mechanism-specific credential from a * external union credential. */ gss_cred_id_t __gss_get_mechanism_cred(gss_union_cred_t union_cred, gss_OID mech_type) { int i; if (union_cred == GSS_C_NO_CREDENTIAL) return GSS_C_NO_CREDENTIAL; for (i = 0; i < union_cred->count; i++) { if (g_OID_equal(mech_type, &union_cred->mechs_array[i])) return union_cred->cred_array[i]; } return GSS_C_NO_CREDENTIAL; } libgssglue-0.9/src/g_imp_name.c000066400000000000000000000112521455651163400165630ustar00rootroot00000000000000/* * #ident "@(#)g_imp_name.c 1.2 96/02/06 SMI" */ /* * Copyright 1996 by Sun Microsystems, Inc. * * Permission to use, copy, modify, distribute, and sell this software * and its documentation for any purpose is hereby granted without fee, * provided that the above copyright notice appears in all copies and * that both that copyright notice and this permission notice appear in * supporting documentation, and that the name of Sun Microsystems not be used * in advertising or publicity pertaining to distribution of the software * without specific, written prior permission. Sun Microsystems makes no * representations about the suitability of this software for any * purpose. It is provided "as is" without express or implied warranty. * * SUN MICROSYSTEMS DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE, * INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO * EVENT SHALL SUN MICROSYSTEMS BE LIABLE FOR ANY SPECIAL, INDIRECT OR * CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF * USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR * OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR * PERFORMANCE OF THIS SOFTWARE. */ /* * glue routine gss_import_name * */ #include "mglueP.h" #include #include #include #include OM_uint32 gss_import_name(OM_uint32 *minor_status, gss_buffer_t input_name_buffer, gss_OID input_name_type, gss_name_t *output_name) { gss_union_name_t union_name; OM_uint32 tmp, major_status = GSS_S_FAILURE; gss_OID mech; GSS_INITIALIZE; if (minor_status == NULL) return GSS_S_CALL_INACCESSIBLE_WRITE; *minor_status = 0; /* * if output_name is NULL, simply return */ if (output_name == NULL) return (GSS_S_COMPLETE); *output_name = 0; if (input_name_buffer == GSS_C_NO_BUFFER) return (GSS_S_BAD_NAME); /* * First create the union name struct that will hold the external * name and the name type. */ union_name = (gss_union_name_t) malloc(sizeof(gss_union_name_desc)); if (!union_name) { *minor_status = ENOMEM; goto allocation_failure; } union_name->mech_type = 0; union_name->mech_name = 0; union_name->name_type = 0; union_name->external_name.length = 0; union_name->external_name.value = NULL; union_name->gss_mech = NULL; /* * All we do here is record the external name and name_type. * When the name is actually used, the underlying gss_import_name() * is called for the appropriate mechanism. Note that the name type * is assumed to be constant, so only a pointer to it is stored in * union_name */ union_name->external_name.length = input_name_buffer->length; /* * we malloc length+1 to stick a NULL on the end, just in case */ /* * Note that this NULL is not included in ->length for a reason! */ union_name->external_name.value = (void *) malloc(input_name_buffer->length + 1); if (!union_name->external_name.value) { *minor_status = ENOMEM; goto allocation_failure; } memcpy(union_name->external_name.value, input_name_buffer->value, input_name_buffer->length); /* * add NULL to end of external_name.value, just in case... */ ((char *) union_name->external_name.value) [input_name_buffer->length] = '\0'; major_status = generic_gss_copy_oid(minor_status, input_name_type, &union_name->name_type); if (major_status != GSS_S_COMPLETE) goto allocation_failure; /* * See if this is a mechanism-specific name. If so, let's import * it now so we can get any error messages, and to avoid trouble * later... */ mech = gss_find_mechanism_from_name_type(input_name_type); if (mech) { major_status = generic_gss_copy_oid(minor_status, mech, &union_name->mech_type); if (major_status != GSS_S_COMPLETE) goto allocation_failure; major_status = __gss_import_internal_name(minor_status, mech, union_name, &union_name->mech_name); if (major_status) goto allocation_failure; } *output_name = (gss_name_t) union_name; return (GSS_S_COMPLETE); allocation_failure: if (union_name) { if (union_name->external_name.value) free(union_name->external_name.value); if (union_name->name_type) generic_gss_release_oid(&tmp, &union_name->name_type); if (union_name->mech_name) __gss_release_internal_name(minor_status, union_name->mech_type, &union_name->mech_name); if (union_name->mech_type) generic_gss_release_oid(&tmp, &union_name->mech_type); free(union_name); } return (major_status); } libgssglue-0.9/src/g_imp_sec_context.c000066400000000000000000000063501455651163400201640ustar00rootroot00000000000000/* * #ident "@(#)g_imp_sec_context.c 1.2 96/01/18 SMI" */ /* * Copyright 1996 by Sun Microsystems, Inc. * * Permission to use, copy, modify, distribute, and sell this software * and its documentation for any purpose is hereby granted without fee, * provided that the above copyright notice appears in all copies and * that both that copyright notice and this permission notice appear in * supporting documentation, and that the name of Sun Microsystems not be used * in advertising or publicity pertaining to distribution of the software * without specific, written prior permission. Sun Microsystems makes no * representations about the suitability of this software for any * purpose. It is provided "as is" without express or implied warranty. * * SUN MICROSYSTEMS DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE, * INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO * EVENT SHALL SUN MICROSYSTEMS BE LIABLE FOR ANY SPECIAL, INDIRECT OR * CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF * USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR * OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR * PERFORMANCE OF THIS SOFTWARE. */ /* * glue routine gss_export_sec_context */ #include "mglueP.h" #include #include #include #include OM_uint32 gss_import_sec_context(OM_uint32 *minor_status, gss_buffer_t interprocess_token, gss_ctx_id_t *context_handle) { size_t length; OM_uint32 status; char *p; gss_union_ctx_id_t ctx; gss_buffer_desc token; gss_mechanism mech; GSS_INITIALIZE; *minor_status = 0; if (interprocess_token->length == 0 || interprocess_token->value == 0) return (GSS_S_DEFECTIVE_TOKEN); status = GSS_S_FAILURE; ctx = (gss_union_ctx_id_t) malloc(sizeof(gss_union_ctx_id_desc)); if (!ctx) { *minor_status = ENOMEM; goto error_out; } ctx->mech_type = (gss_OID) malloc(sizeof(gss_OID_desc)); if (!ctx->mech_type) { *minor_status = ENOMEM; goto error_out; } p = interprocess_token->value; length = *p++; length = (length << 8) + *p++; length = (length << 8) + *p++; length = (length << 8) + *p++; ctx->mech_type->length = length; ctx->mech_type->elements = malloc(length); if (!ctx->mech_type->elements) { *minor_status = ENOMEM; goto error_out; } memcpy(ctx->mech_type->elements, p, length); p += length; token.length = interprocess_token->length - 4 - length; token.value = p; /* * select the approprate underlying mechanism routine and * call it. */ mech = __gss_get_mechanism(ctx->mech_type); if (!mech) { status = GSS_S_BAD_MECH; goto error_out; } if (!mech->gss_import_sec_context) { status = GSS_S_BAD_BINDINGS; goto error_out; } status = mech->gss_import_sec_context(minor_status, &token, &ctx->internal_ctx_id); if (status == GSS_S_COMPLETE) { *context_handle = ctx; return (GSS_S_COMPLETE); } error_out: if (ctx) { if (ctx->mech_type) { if (ctx->mech_type->elements) free(ctx->mech_type->elements); free(ctx->mech_type); } free(ctx); } return status; } libgssglue-0.9/src/g_indicate_mechs.c000066400000000000000000000076371455651163400177510ustar00rootroot00000000000000/* * #ident "@(#)gss_indicate_mechs.c 1.13 95/08/04 SMI" */ /* * Copyright 1996 by Sun Microsystems, Inc. * * Permission to use, copy, modify, distribute, and sell this software * and its documentation for any purpose is hereby granted without fee, * provided that the above copyright notice appears in all copies and * that both that copyright notice and this permission notice appear in * supporting documentation, and that the name of Sun Microsystems not be used * in advertising or publicity pertaining to distribution of the software * without specific, written prior permission. Sun Microsystems makes no * representations about the suitability of this software for any * purpose. It is provided "as is" without express or implied warranty. * * SUN MICROSYSTEMS DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE, * INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO * EVENT SHALL SUN MICROSYSTEMS BE LIABLE FOR ANY SPECIAL, INDIRECT OR * CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF * USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR * OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR * PERFORMANCE OF THIS SOFTWARE. */ /* * glue routine for gss_indicate_mechs */ #include "mglueP.h" #include #include #include #include extern gss_mechanism *__gss_mechs_array; static gss_OID_set_desc supported_mechs_desc; static gss_OID_set supported_mechs = NULL; OM_uint32 gss_indicate_mechs(OM_uint32 *minor_status, gss_OID_set *mech_set) { int i; gss_OID_set tmp_set; OM_uint32 lmaj; /* local major status */ GSS_INITIALIZE; if (minor_status == NULL) return GSS_S_CALL_INACCESSIBLE_WRITE; *minor_status = 0; if (mech_set == NULL) return GSS_S_COMPLETE; *mech_set = GSS_C_NO_OID_SET; if (__gss_mechs_array == NULL) { *mech_set = GSS_C_NO_OID_SET; return GSS_S_COMPLETE; } /* * Compute list of supported mechanisms if we haven't already done so */ if (supported_mechs == NULL) { supported_mechs = &supported_mechs_desc; supported_mechs->count = 0; /* * Build the mech_set from the OIDs in mechs_array. */ for (i = 0; __gss_mechs_array[i]->mech_type.length != 0; i++) supported_mechs->count++; supported_mechs->elements = (void *) malloc(supported_mechs->count * sizeof(gss_OID_desc)); if (supported_mechs->elements == NULL) { goto list_mem_error; } for (i = 0; i < supported_mechs->count; i++) { supported_mechs->elements[i].length = __gss_mechs_array[i]->mech_type.length; supported_mechs->elements[i].elements = (void *) malloc(__gss_mechs_array[i]->mech_type.length); if (supported_mechs->elements[i].elements == NULL) goto list_mem_error; memcpy(supported_mechs->elements[i].elements, __gss_mechs_array[i]->mech_type.elements, __gss_mechs_array[i]->mech_type.length); } } /* * List is initialized, return a copy to the caller */ lmaj = gss_create_empty_oid_set(minor_status, &tmp_set); if (lmaj != GSS_S_COMPLETE) return lmaj; tmp_set->count = supported_mechs->count; tmp_set->elements = (void *) malloc(tmp_set->count * sizeof(gss_OID_desc)); if (tmp_set->elements == NULL) { free(tmp_set); goto mem_error; } for (i = 0; i < tmp_set->count; i++) { tmp_set->elements[i].length = supported_mechs->elements[i].length; tmp_set->elements[i].elements = (void *) malloc(tmp_set->elements[i].length); if (tmp_set->elements[i].elements == NULL) { free(tmp_set->elements); free(tmp_set); goto mem_error; } memcpy(tmp_set->elements[i].elements, supported_mechs->elements[i].elements, tmp_set->elements[i].length); } *mech_set = tmp_set; return GSS_S_COMPLETE; list_mem_error: supported_mechs = NULL; mem_error: *minor_status = ENOMEM; return GSS_S_FAILURE; } libgssglue-0.9/src/g_init_sec_context.c000066400000000000000000000143421455651163400203420ustar00rootroot00000000000000/* * #ident "@(#)gss_init_sec_context.c 1.20 95/08/07 SMI" */ /* * Copyright 1996 by Sun Microsystems, Inc. * * Permission to use, copy, modify, distribute, and sell this software * and its documentation for any purpose is hereby granted without fee, * provided that the above copyright notice appears in all copies and * that both that copyright notice and this permission notice appear in * supporting documentation, and that the name of Sun Microsystems not be used * in advertising or publicity pertaining to distribution of the software * without specific, written prior permission. Sun Microsystems makes no * representations about the suitability of this software for any * purpose. It is provided "as is" without express or implied warranty. * * SUN MICROSYSTEMS DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE, * INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO * EVENT SHALL SUN MICROSYSTEMS BE LIABLE FOR ANY SPECIAL, INDIRECT OR * CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF * USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR * OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR * PERFORMANCE OF THIS SOFTWARE. */ /* * glue routine for gss_init_sec_context */ #include "mglueP.h" #include #include #include #include OM_uint32 gss_init_sec_context(OM_uint32 *minor_status, gss_cred_id_t claimant_cred_handle, gss_ctx_id_t *context_handle, gss_name_t target_name, gss_OID req_mech_type, OM_uint32 req_flags, OM_uint32 time_req, gss_channel_bindings_t input_chan_bindings, gss_buffer_t input_token, gss_OID *actual_mech_type, gss_buffer_t output_token, OM_uint32 *ret_flags, OM_uint32 *time_rec) { OM_uint32 status, temp_status, temp_minor_status; gss_union_name_t union_name; gss_union_cred_t union_cred; gss_name_t internal_name; gss_union_ctx_id_t union_ctx_id; gss_OID mech_type = (gss_OID) req_mech_type; gss_mechanism mech; gss_cred_id_t input_cred_handle; GSS_INITIALIZE; if (context_handle == NULL) return GSS_S_NO_CONTEXT; union_name = (gss_union_name_t) target_name; /* * If mech_type is NULL, and the target_name is * mechanism-specific, then set it to the mech_type of * target_name. */ if ((mech_type == GSS_C_NULL_OID) && union_name->mech_type) mech_type = union_name->mech_type; /* * obtain the gss mechanism information for the requested * mechanism. If mech_type is NULL, set it to the resultant * mechanism */ mech = __gss_get_mechanism(mech_type); if (mech == NULL) return (GSS_S_BAD_MECH); if (mech->gss_init_sec_context == NULL) return GSS_S_UNAVAILABLE; if (mech_type == GSS_C_NULL_OID) mech_type = &mech->mech_type; /* * If target_name is mechanism_specific, then it must match the * mech_type that we're about to use. Otherwise, do an import on * the external_name form of the target name. */ if (union_name->mech_type) { if (!g_OID_equal(union_name->mech_type, mech_type)) return (GSS_S_BAD_MECH); internal_name = union_name->mech_name; } else { if ((temp_status = __gss_import_internal_name(minor_status, mech_type, union_name, &internal_name))) return (GSS_S_BAD_NAME); } /* * if context_handle is GSS_C_NO_CONTEXT, allocate a union context * descriptor to hold the mech type information as well as the * underlying mechanism context handle. Otherwise, cast the * value of *context_handle to the union context variable. */ if (*context_handle == GSS_C_NO_CONTEXT) { union_ctx_id = (gss_union_ctx_id_t) malloc(sizeof(gss_union_ctx_id_desc)); if (!union_ctx_id) { *minor_status = ENOMEM; status = GSS_S_FAILURE; goto end; } union_ctx_id->mech_type = (gss_OID) malloc(sizeof(gss_OID_desc)); if (!union_ctx_id->mech_type) { free(union_ctx_id); *minor_status = ENOMEM; status = GSS_S_FAILURE; goto end; } /* * copy in the mech type information */ union_ctx_id->mech_type->elements = (void *) malloc(mech_type->length); if (!union_ctx_id->mech_type->elements) { free(union_ctx_id->mech_type); free(union_ctx_id); *minor_status = ENOMEM; status = GSS_S_FAILURE; goto end; } union_ctx_id->mech_type->length = mech_type->length; memcpy(union_ctx_id->mech_type->elements, mech_type->elements, mech_type->length); /* * copy the supplied context handle */ union_ctx_id->internal_ctx_id = *context_handle; } else union_ctx_id = *context_handle; /* * get the appropriate cred handle from the union cred struct. * defaults to GSS_C_NO_CREDENTIAL if there is no cred, which will * use the default credential. */ union_cred = (gss_union_cred_t) claimant_cred_handle; input_cred_handle = __gss_get_mechanism_cred(union_cred, mech_type); /* * now call the approprate underlying mechanism routine */ status = mech->gss_init_sec_context(minor_status, input_cred_handle, &union_ctx_id->internal_ctx_id, internal_name, mech_type, req_flags, time_req, input_chan_bindings, input_token, actual_mech_type, output_token, ret_flags, time_rec); if (status != GSS_S_COMPLETE && status != GSS_S_CONTINUE_NEEDED) { /* * RFC 2744 5.19 requires that we not create a context on a failed * first call to init, and recommends that on a failed subsequent call * we make the caller responsible for calling gss_delete_sec_context. * Even if the mech deleted its context, keep the union context around * for the caller to delete. */ if (*context_handle == GSS_C_NO_CONTEXT) { free(union_ctx_id->mech_type->elements); free(union_ctx_id->mech_type); free(union_ctx_id); } } else if (*context_handle == GSS_C_NO_CONTEXT) { *context_handle = (gss_ctx_id_t) union_ctx_id; } end: if (union_name->mech_name == NULL || union_name->mech_name != internal_name) { (void) __gss_release_internal_name(&temp_minor_status, mech_type, &internal_name); } return (status); } libgssglue-0.9/src/g_initialize.c000066400000000000000000000234411455651163400171420ustar00rootroot00000000000000/* * #ident "@(#)g_initialize.c 1.2 96/02/06 SMI" */ /* * Copyright 1996 by Sun Microsystems, Inc. * * Permission to use, copy, modify, distribute, and sell this software * and its documentation for any purpose is hereby granted without fee, * provided that the above copyright notice appears in all copies and * that both that copyright notice and this permission notice appear in * supporting documentation, and that the name of Sun Microsystems not be used * in advertising or publicity pertaining to distribution of the software * without specific, written prior permission. Sun Microsystems makes no * representations about the suitability of this software for any * purpose. It is provided "as is" without express or implied warranty. * * SUN MICROSYSTEMS DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE, * INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO * EVENT SHALL SUN MICROSYSTEMS BE LIABLE FOR ANY SPECIAL, INDIRECT OR * CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF * USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR * OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR * PERFORMANCE OF THIS SOFTWARE. */ /* * This function will initialize the gssapi mechglue library */ #include "mglueP.h" #include #include #include #include #include #if defined(_MSDOS) || defined(_WIN32) /* * syslog.h */ #define LOG_WARNING 5 /* * void syslog(int priority, const char * fmt, ...); */ #define syslog(priority, ...) fprintf(stderr, __VA_ARGS__) #else #include /* getuid, geteuid */ #include /* ditto */ #include #endif #ifdef USE_SOLARIS_SHARED_LIBRARIES #include #if defined(_MSDOS) || defined(_WIN32) #define MECH_CONF "C:\\Program Files\\libgssglue\\gssapi_mech.conf" #else #define MECH_CONF "/etc/gssapi_mech.conf" #endif #define MECH_SYM "gss_mech_initialize" static void solaris_initialize(void); #endif /* USE_SOLARIS_SHARED_LIBRARIES */ #if defined(__linux__) || defined(__GLIBC__) #define USE_LINUX_SHARED_LIBRARIES #endif #ifdef USE_LINUX_SHARED_LIBRARIES #include #define MECH_CONF "/etc/gssapi_mech.conf" #define MECH_SYM "gss_mech_initialize" static void linux_initialize(void); #endif /* USE_LINUX_SHARED_LIBRARIES */ extern gss_mechanism krb5_gss_initialize(); static int _gss_initialized = 0; static struct gss_config null_mech = { {0, NULL} }; gss_mechanism *__gss_mechs_array = NULL; /* * This function will add a new mechanism to the mechs_array */ static OM_uint32 add_mechanism(gss_mechanism mech, int replace) { gss_mechanism *temp_array; gss_OID_set mech_names; OM_uint32 minor_status, major_status; unsigned int i; if (mech == NULL) return GSS_S_COMPLETE; /* * initialize the mechs_array if it hasn't already been initialized */ if (__gss_mechs_array == NULL) { __gss_mechs_array = (gss_mechanism *) malloc(sizeof(gss_mechanism)); if (__gss_mechs_array == NULL) return ENOMEM; __gss_mechs_array[0] = &null_mech; } /* * Find the length of __gss_mechs_array, and look for an existing * entry for this OID */ for (i = 0; __gss_mechs_array[i]->mech_type.length != 0; i++) { if (!g_OID_equal(&__gss_mechs_array[i]->mech_type, &mech->mech_type)) continue; /* * We found a match. Replace it? */ if (!replace) return GSS_S_FAILURE; __gss_mechs_array[i] = mech; return GSS_S_COMPLETE; } /* * we didn't find it -- add it to the end of the __gss_mechs_array */ temp_array = (gss_mechanism *) realloc(__gss_mechs_array, (i + 2) * sizeof(gss_mechanism)); if (temp_array == NULL) return ENOMEM; temp_array[i++] = mech; temp_array[i] = &null_mech; __gss_mechs_array = temp_array; /* * OK, now let's register all of the name types this mechanism * knows how to deal with. */ major_status = gss_inquire_names_for_mech(&minor_status, &mech->mech_type, &mech_names); if (major_status != GSS_S_COMPLETE) return (GSS_S_COMPLETE); for (i = 0; i < mech_names->count; i++) { gss_add_mech_name_type(&minor_status, &mech_names->elements[i], &mech->mech_type); } #if 0 (void) gss_release_oid_set(&minor_status, &mech_names); #else /* * We've cheated and just copied references to the oids. * Don't release them! */ #endif return GSS_S_COMPLETE; } int gss_initialize(void) { /* * Make sure we've not run already */ if (_gss_initialized) return 0; _gss_initialized = 1; #ifdef USE_SOLARIS_SHARED_LIBRARIES solaris_initialize(); #elif defined(USE_LINUX_SHARED_LIBRARIES) linux_initialize(); #else { gss_mechanism mech; /* * Use hard-coded in mechanisms... I need to know what mechanisms * are supported... As more mechanisms become supported, they * should be added here, unless shared libraries are used. */ /* * Initialize the krb5 mechanism */ mech = (gss_mechanism) krb5_gss_initialize(); if (mech) add_mechanism(mech, 1); } #endif /* USE_SOLARIS_SHARED_LIBRARIES */ if (__gss_mechs_array == NULL) { syslog(LOG_WARNING, "warning: no gssapi mechanisms loaded!\n"); } return 0; } #ifdef USE_SOLARIS_SHARED_LIBRARIES /* * read the configuration file to find out what mechanisms to * load, load them, and then load the mechanism defitions in * and add the mechanisms */ static void solaris_initialize() { char buffer[BUFSIZ], *filename, *symname, *endp; FILE *conffile; void *dl; gss_mechanism(*sym) (void), mech; if ((getuid() != geteuid()) || ((filename = getenv("GSSAPI_MECH_CONF")) == NULL)) filename = MECH_CONF; if ((conffile = fopen(filename, "r")) == NULL) { fprintf(stderr, "warning: unable to open %s:" " errno %d (%s)\n", filename, errno, strerror(errno)); return; } while (fgets(buffer, BUFSIZ, conffile) != NULL) { /* * ignore lines beginning with # */ if (*buffer == '#') continue; /* * find the first white-space character after the filename */ for (symname = buffer; *symname && !isspace(*symname); symname++); /* * Now find the first non-white-space character */ if (*symname) { *symname = '\0'; symname++; while (*symname && isspace(*symname)) symname++; } if (!*symname) symname = MECH_SYM; else { /* * Find the end of the symname and make sure it is * NULL-terminated */ for (endp = symname; *endp && !isspace(*endp); endp++); if (*endp) *endp = '\0'; } if ((dl = dlopen(buffer, RTLD_NOW)) == NULL) { /* * for debugging only */ fprintf(stderr, "can't open %s: %s\n", buffer, dlerror()); continue; } if ((sym = (gss_mechanism(*)(void)) dlsym(dl, symname)) == NULL) { dlclose(dl); continue; } /* * Call the symbol to get the mechanism table */ mech = sym(); /* * And add the mechanism (or close the shared library) */ if (mech) add_mechanism(mech, 1); else dlclose(dl); } /* while */ fclose(conffile); return; } #endif /* USE_SOLARIS_SHARED_LIBRARIES */ #ifdef USE_LINUX_SHARED_LIBRARIES extern gss_mechanism internal_krb5_gss_initialize(void *dl); /* * read the configuration file to find out what mechanisms to * load, load them, and then load the mechanism defitions in * and add the mechanisms */ static void linux_initialize(void) { char buffer[BUFSIZ], *filename, *symname, *endp, *err_string; FILE *conffile; void *dl; gss_mechanism(*sym) (void), mech; if ((getuid() != geteuid()) || ((filename = getenv("GSSAPI_MECH_CONF")) == NULL)) filename = MECH_CONF; if ((conffile = fopen(filename, "r")) == NULL) { fprintf(stderr, "warning: unable to open %s:" " errno %d (%s)\n", filename, errno, strerror(errno)); return; } while (fgets(buffer, BUFSIZ, conffile) != NULL) { /* * ignore lines beginning with # */ if (*buffer == '#') continue; /* * find the first white-space character after the filename */ for (symname = buffer; *symname && !isspace(*symname); symname++); /* * Now find the first non-white-space character */ if (*symname) { *symname = '\0'; symname++; while (*symname && isspace(*symname)) symname++; } if (!*symname) symname = MECH_SYM; else { /* * Find the end of the symname and make sure it is * NULL-terminated */ for (endp = symname; *endp && !isspace(*endp); endp++); if (*endp) *endp = '\0'; } if ((dl = dlopen(buffer, RTLD_NOW | RTLD_LOCAL)) == NULL) { /* * for debugging only */ fprintf(stderr, "can't open %s: %s\n", buffer, dlerror()); continue; } /* * Special case for dealing with Kerberos 5 mechanism */ if (strcmp(symname, "mechglue_internal_krb5_init") == 0) { mech = internal_krb5_gss_initialize(dl); } else { if ((sym = (gss_mechanism(*)(void)) dlsym(dl, symname)) == NULL) { if ((err_string = dlerror()) != NULL) { fprintf(stderr, "%s: searching for symbol '%s' in '%s'\n", err_string, symname, buffer); dlclose(dl); } continue; } /* * Call the symbol to get the mechanism table */ mech = sym(); } /* * And add the mechanism (or close the shared library) */ if (mech) { add_mechanism(mech, 1); } else { syslog(LOG_WARNING, "Failed to initialize mechanism for library '%s'\n", buffer); dlclose(dl); } } /* while */ fclose(conffile); return; } #endif /* USE_LINUX_SHARED_LIBRARIES */ libgssglue-0.9/src/g_inq_context.c000066400000000000000000000062631455651163400173370ustar00rootroot00000000000000/* * #ident "@(#)g_inquire_context.c 1.2 96/01/18 SMI" */ /* * Copyright 1996 by Sun Microsystems, Inc. * * Permission to use, copy, modify, distribute, and sell this software * and its documentation for any purpose is hereby granted without fee, * provided that the above copyright notice appears in all copies and * that both that copyright notice and this permission notice appear in * supporting documentation, and that the name of Sun Microsystems not be used * in advertising or publicity pertaining to distribution of the software * without specific, written prior permission. Sun Microsystems makes no * representations about the suitability of this software for any * purpose. It is provided "as is" without express or implied warranty. * * SUN MICROSYSTEMS DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE, * INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO * EVENT SHALL SUN MICROSYSTEMS BE LIABLE FOR ANY SPECIAL, INDIRECT OR * CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF * USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR * OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR * PERFORMANCE OF THIS SOFTWARE. */ /* * glue routine for gss_inquire_context */ #include "mglueP.h" #include /* * Last argument new for V2 */ OM_uint32 gss_inquire_context(OM_uint32 *minor_status, gss_ctx_id_t context_handle, gss_name_t *src_name, gss_name_t *targ_name, OM_uint32 *lifetime_rec, gss_OID *mech_type, OM_uint32 *ctx_flags, int *locally_initiated, int *open) { gss_union_ctx_id_t ctx; gss_mechanism mech; OM_uint32 status, temp_minor; GSS_INITIALIZE; /* * if the context_handle is Null, return NO_CONTEXT error */ if (context_handle == GSS_C_NO_CONTEXT) return (GSS_S_NO_CONTEXT); /* * select the approprate underlying mechanism routine and * call it. */ ctx = (gss_union_ctx_id_t) context_handle; mech = __gss_get_mechanism(ctx->mech_type); if (!mech || !mech->gss_inquire_context || !mech->gss_display_name) { return (GSS_S_NO_CONTEXT); } status = mech->gss_inquire_context(minor_status, ctx->internal_ctx_id, src_name, targ_name, lifetime_rec, mech_type, ctx_flags, locally_initiated, open); if (status != GSS_S_COMPLETE) { return status; } /* * need to convert names */ if (src_name) { status = __gss_convert_name_to_union_name(minor_status, mech, *src_name, src_name); if (status != GSS_S_COMPLETE) { (void) mech->gss_release_name(&temp_minor, src_name); (void) mech->gss_release_name(&temp_minor, targ_name); if (mech_type) { mech_gss_release_oid(&temp_minor, mech_type, mech); } return (GSS_S_FAILURE); } } if (targ_name) { status = __gss_convert_name_to_union_name(minor_status, mech, *targ_name, targ_name); if (status != GSS_S_COMPLETE) { if (mech_type) { mech_gss_release_oid(&temp_minor, mech_type, mech); } return (GSS_S_FAILURE); } } return (GSS_S_COMPLETE); } libgssglue-0.9/src/g_inq_cred.c000066400000000000000000000120201455651163400165540ustar00rootroot00000000000000/* * #ident "@(#)gss_inquire_cred.c 1.9 95/08/02 SMI" */ /* * Copyright 1996 by Sun Microsystems, Inc. * * Permission to use, copy, modify, distribute, and sell this software * and its documentation for any purpose is hereby granted without fee, * provided that the above copyright notice appears in all copies and * that both that copyright notice and this permission notice appear in * supporting documentation, and that the name of Sun Microsystems not be used * in advertising or publicity pertaining to distribution of the software * without specific, written prior permission. Sun Microsystems makes no * representations about the suitability of this software for any * purpose. It is provided "as is" without express or implied warranty. * * SUN MICROSYSTEMS DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE, * INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO * EVENT SHALL SUN MICROSYSTEMS BE LIABLE FOR ANY SPECIAL, INDIRECT OR * CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF * USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR * OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR * PERFORMANCE OF THIS SOFTWARE. */ /* * glue routine for gss_inquire_cred */ #include "mglueP.h" #include #include #include #include #include OM_uint32 gss_inquire_cred(OM_uint32 *minor_status, gss_cred_id_t cred_handle, gss_name_t *name, OM_uint32 *lifetime, int *cred_usage, gss_OID_set *mechanisms) { OM_uint32 status, elapsed_time, temp_minor_status; gss_union_cred_t union_cred; gss_mechanism mech; gss_name_t internal_name; GSS_INITIALIZE; if (cred_handle == GSS_C_NO_CREDENTIAL) { /* * No credential was supplied. This means we can't get a mechanism * pointer to call the mechanism specific gss_inquire_cred. * So, call get_mechanism with an arguement of GSS_C_NULL_OID. * get_mechanism will return the first mechanism in the mech * array, which becomes the default mechanism. */ if ((mech = __gss_get_mechanism(GSS_C_NULL_OID)) == NULL) return (GSS_S_NO_CRED); if (!mech->gss_inquire_cred) return (GSS_S_FAILURE); status = mech->gss_inquire_cred(minor_status, GSS_C_NO_CREDENTIAL, name ? &internal_name : NULL, lifetime, cred_usage, mechanisms); if (status != GSS_S_COMPLETE) return (status); if (name) { /* * Convert internal_name into a union_name equivalent. */ status = __gss_convert_name_to_union_name(&temp_minor_status, mech, internal_name, name); if (status != GSS_S_COMPLETE) { if (minor_status) *minor_status = temp_minor_status; __gss_release_internal_name(&temp_minor_status, &mech->mech_type, &internal_name); return (status); } } return (GSS_S_COMPLETE); } /* * get the cred_handle cast as a union_credentials structure */ union_cred = (gss_union_cred_t) cred_handle; /* * get the information out of the union_cred structure that was * placed there during gss_acquire_cred. */ if (cred_usage != NULL) *cred_usage = union_cred->auxinfo.cred_usage; if (lifetime != NULL) { elapsed_time = time(0) - union_cred->auxinfo.creation_time; *lifetime = union_cred->auxinfo.time_rec < elapsed_time ? 0 : union_cred->auxinfo.time_rec - elapsed_time; } /* * if name is non_null, * call gss_import_name(), giving it the printable name held within * union_cred in order to get an internal name to pass back to the * caller. If this call fails, return failure to our caller. */ if (name != NULL) if (gss_import_name(&temp_minor_status, &union_cred->auxinfo.name, union_cred->auxinfo.name_type, name) != GSS_S_COMPLETE) return (GSS_S_DEFECTIVE_CREDENTIAL); /* * copy the mechanism set in union_cred into an OID set and return in * the mechanisms parameter. */ status = GSS_S_COMPLETE; if (mechanisms != NULL) { gss_OID_set_desc oids; oids.count = union_cred->count; oids.elements = union_cred->mechs_array; status = generic_gss_copy_oid_set(minor_status, &oids, mechanisms); } return (status); } OM_uint32 gss_inquire_cred_by_mech(OM_uint32 *minor_status, gss_cred_id_t cred_handle, gss_OID mech_type, gss_name_t *name, OM_uint32 *initiator_lifetime, OM_uint32 *acceptor_lifetime, gss_cred_usage_t *cred_usage) { gss_union_cred_t union_cred; gss_cred_id_t mech_cred; gss_mechanism mech; mech = __gss_get_mechanism(mech_type); if (!mech) return (GSS_S_BAD_MECH); if (!mech->gss_inquire_cred_by_mech) return (GSS_S_BAD_BINDINGS); union_cred = (gss_union_cred_t) cred_handle; mech_cred = __gss_get_mechanism_cred(union_cred, mech_type); return (mech->gss_inquire_cred_by_mech(minor_status, mech_cred, mech_type, name, initiator_lifetime, acceptor_lifetime, cred_usage)); } libgssglue-0.9/src/g_inq_names.c000066400000000000000000000036311455651163400167520ustar00rootroot00000000000000/* * #ident "@(#)g_inquire_names.c 1.1 95/12/19 SMI" */ /* * Copyright 1996 by Sun Microsystems, Inc. * * Permission to use, copy, modify, distribute, and sell this software * and its documentation for any purpose is hereby granted without fee, * provided that the above copyright notice appears in all copies and * that both that copyright notice and this permission notice appear in * supporting documentation, and that the name of Sun Microsystems not be used * in advertising or publicity pertaining to distribution of the software * without specific, written prior permission. Sun Microsystems makes no * representations about the suitability of this software for any * purpose. It is provided "as is" without express or implied warranty. * * SUN MICROSYSTEMS DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE, * INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO * EVENT SHALL SUN MICROSYSTEMS BE LIABLE FOR ANY SPECIAL, INDIRECT OR * CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF * USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR * OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR * PERFORMANCE OF THIS SOFTWARE. */ /* * glue routine for gss_inquire_names_for_mech */ #include "mglueP.h" /* * Last argument new for V2 */ OM_uint32 gss_inquire_names_for_mech(OM_uint32 *minor_status, gss_OID mechanism, gss_OID_set *name_types) { OM_uint32 status; gss_mechanism mech; GSS_INITIALIZE; /* * select the approprate underlying mechanism routine and * call it. */ mech = __gss_get_mechanism(mechanism); if (mech) { if (mech->gss_inquire_names_for_mech) status = mech->gss_inquire_names_for_mech(minor_status, mechanism, name_types); else status = GSS_S_BAD_BINDINGS; return (status); } return (GSS_S_NO_CONTEXT); } libgssglue-0.9/src/g_lucid_context.c000066400000000000000000000057311455651163400176470ustar00rootroot00000000000000/* * g_lucid_context.c * * Copyright (c) 2005 The Regents of the University of Michigan. * All rights reserved. * * Andy Adamson * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. Neither the name of the University nor the names of its * contributors may be used to endorse or promote products derived * from this software without specific prior written permission. * * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE * DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * */ #include "mglueP.h" OM_uint32 gss_export_lucid_sec_context(OM_uint32 *minor_status, gss_ctx_id_t *context_handle, OM_uint32 version, void **internal_buffer) { OM_uint32 status; gss_union_ctx_id_t ctx; gss_mechanism mech; GSS_INITIALIZE; if (context_handle == GSS_C_NO_CONTEXT) return GSS_S_NO_CONTEXT; ctx = (gss_union_ctx_id_t) * context_handle; mech = __gss_get_mechanism(ctx->mech_type); if (mech) { if (mech->gss_export_lucid_sec_context) status = mech->gss_export_lucid_sec_context(minor_status, &ctx->internal_ctx_id, version, internal_buffer); else status = GSS_S_BAD_BINDINGS; return (status); } return (GSS_S_NO_CONTEXT); } OM_uint32 gss_free_lucid_sec_context(OM_uint32 *minor_status, gss_ctx_id_t context_handle, void *internal_buffer) { OM_uint32 status; gss_union_ctx_id_t ctx; gss_mechanism mech; GSS_INITIALIZE; if (context_handle == GSS_C_NO_CONTEXT) return GSS_S_NO_CONTEXT; ctx = (gss_union_ctx_id_t) context_handle; mech = __gss_get_mechanism(ctx->mech_type); if (mech) { if (mech->gss_free_lucid_sec_context) status = mech->gss_free_lucid_sec_context(minor_status, internal_buffer); else status = GSS_S_BAD_BINDINGS; return (status); } return (GSS_S_NO_CONTEXT); } libgssglue-0.9/src/g_mechname.c000066400000000000000000000045671455651163400165660ustar00rootroot00000000000000/* * g_mechname.c --- registry of mechanism-specific name types * * This file contains a registry of mechanism-specific name types. It * is used to determine which name types not should be lazy evaluated, * but rather evaluated on the spot. */ #include "mglueP.h" #include #include #include #include static gss_mech_spec_name name_list = NULL; /* * generic searching helper function. */ static gss_mech_spec_name search_mech_spec(gss_OID name_type) { gss_mech_spec_name p; for (p = name_list; p; p = p->next) { if (g_OID_equal(name_type, p->name_type)) return p; } return NULL; } /* * Given a name_type, if it is specific to a mechanism, return the * mechanism OID. Otherwise, return NULL. */ gss_OID gss_find_mechanism_from_name_type(gss_OID name_type) { gss_mech_spec_name p; p = search_mech_spec(name_type); if (!p) return NULL; return p->mech; } /* * This function adds a (name_type, mechanism) pair to the * mechanism-specific name type registry. If an entry for the * name_type already exists, then zero out the mechanism entry. * Otherwise, enter the pair into the registry. */ OM_uint32 gss_add_mech_name_type(OM_uint32 *minor_status, gss_OID name_type, gss_OID mech) { OM_uint32 major_status, tmp; gss_mech_spec_name p; p = search_mech_spec(name_type); if (p) { /* * We found an entry for this name type; mark it as not being * a mechanism-specific name type. */ if (p->mech) { if (!g_OID_equal(mech, p->mech)) { generic_gss_release_oid(minor_status, &p->mech); p->mech = 0; } } return GSS_S_COMPLETE; } p = malloc(sizeof(gss_mech_spec_name_desc)); if (!p) { *minor_status = ENOMEM; goto allocation_failure; } p->name_type = 0; p->mech = 0; major_status = generic_gss_copy_oid(minor_status, name_type, &p->name_type); if (major_status) goto allocation_failure; major_status = generic_gss_copy_oid(minor_status, mech, &p->mech); if (major_status) goto allocation_failure; p->next = name_list; p->prev = 0; name_list = p; return GSS_S_COMPLETE; allocation_failure: if (p) { if (p->mech) generic_gss_release_oid(&tmp, &p->mech); if (p->name_type) generic_gss_release_oid(&tmp, &p->name_type); free(p); } return GSS_S_FAILURE; } libgssglue-0.9/src/g_mit_krb5_mech.c000066400000000000000000000151521455651163400175110ustar00rootroot00000000000000/* * g_mit_krb5_mech.c * * Copyright (c) 2004 The Regents of the University of Michigan. * All rights reserved. * * Kevin Coffman * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. Neither the name of the University nor the names of its * contributors may be used to endorse or promote products derived * from this software without specific prior written permission. * * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE * DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * */ #include "mglueP.h" #include #include /* * Table of function names that we need to locate within a mechanism's * shared library if it does not support the xxx_gss_initialize function. */ static char *glue_func_names[] = { "gss_acquire_cred", "gss_release_cred", "gss_init_sec_context", "gss_accept_sec_context", "gss_process_context_token", "gss_delete_sec_context", "gss_context_time", "gss_sign", "gss_verify", "gss_seal", "gss_unseal", "gss_display_status", "gss_indicate_mechs", "gss_compare_name", "gss_display_name", "gss_import_name", "gss_release_name", "gss_inquire_cred", "gss_add_cred", "gss_export_sec_context", "gss_import_sec_context", "gss_inquire_cred_by_mech", "gss_inquire_names_for_mech", "gss_inquire_context", "gss_internal_release_oid", "gss_wrap_size_limit", #if defined(ADD_GSSD_PNAME_TO_UID) "pname_to_uid", #endif "gss_duplicate_name", "gss_set_allowable_enctypes", "gss_verify_mic", "gss_export_lucid_sec_context", "gss_free_lucid_sec_context", "gss_get_mic", "gss_wrap", "gss_unwrap", "gss_canonicalize_name", "gss_export_name", "gss_krb5_ccache_name", NULL }; /* * The MIT and Heimdal libraries do not support the krb5_gss_initialize * function, so we need to locate the functions within the * gssapi_krb5.so library and fill in this structure. */ static struct gss_config krb5_mechanism = { {9, "\052\206\110\206\367\022\001\002\002"}, NULL, /* mechanism context -- we don't currently * use this */ NULL, /* gss_acquire_cred */ NULL, /* gss_release_cred */ NULL, /* gss_init_sec_context */ NULL, /* gss_accept_sec_context */ NULL, /* gss_process_context_token */ NULL, /* gss_delete_sec_context */ NULL, /* gss_context_time */ NULL, /* gss_sign */ NULL, /* gss_verify */ NULL, /* gss_seal */ NULL, /* gss_unseal */ NULL, /* gss_display_status */ NULL, /* gss_indicate_mechs */ NULL, /* gss_compare_name */ NULL, /* gss_display_name */ NULL, /* gss_import_name */ NULL, /* gss_release_name */ NULL, /* gss_inquire_cred */ NULL, /* gss_add_cred */ NULL, /* gss_export_sec_context */ NULL, /* gss_import_sec_context */ NULL, /* gss_inquire_cred_by_mech */ NULL, /* gss_inquire_names_for_mech */ NULL, /* gss_inquire_context */ NULL, /* gss_internal_release_oid */ NULL, /* gss_wrap_size_limit */ #if defined(ADD_GSSD_PNAME_TO_UID) NULL, /* pname_to_uid */ #endif NULL, /* gss_duplicate_name */ NULL, /* gss_set_allowable_enctypes */ NULL, /* gss_verify_mic */ NULL, /* gss_export_lucid_sec_context */ NULL, /* gss_free_lucid_sec_context */ NULL, /* gss_get_mic */ NULL, /* gss_wrap */ NULL, /* gss_unwrap */ NULL, /* gss_canonicalize_name */ NULL, /* gss_export_name */ NULL, /* gss_krb5_ccache_name */ }; /* * Given a handle to a dynamic library (dl) and a symbol * name (symname), return its address. Returns -1 if the * symbol cannot be located. (Note that the value of the * symbol could be NULL, which is valid.) */ void * locate_symbol(void *dl, char *symname, char *prefix) { void *sym; const char *err_string; char fullname[256]; snprintf(fullname, sizeof(fullname), "%s%s", prefix, symname); if ((sym = dlsym(dl, fullname)) == NULL) { if ((sym = dlsym(dl, symname)) == NULL) { if ((err_string = dlerror()) != NULL) { return (void *) -1; } else { return NULL; } } } return sym; } /* * Locate all the symbols in the Kerberos gssapi library and * fill in the gss_config (gss_mechanism) structure. */ gss_mechanism internal_krb5_gss_initialize(void *dl) { char *fname; void *p; void **fptr; int i; static gss_mechanism krb5_mech_ptr = (gss_mechanism) 0xdeadbeef; char *prefix = ""; if (krb5_mech_ptr != (gss_mechanism) 0xdeadbeef) return (krb5_mech_ptr); fptr = (void *) &krb5_mechanism.gss_acquire_cred; for (i = 0, fname = glue_func_names[i]; fname; i++, fname = glue_func_names[i]) { if ((p = locate_symbol(dl, fname, prefix)) != (void *) -1) { *fptr++ = p; } else { *fptr++ = NULL; } } /* * Special cases for "mechanism-specific" functions which have * a different name format than the rest of the gss routines :-/ */ if ((p = locate_symbol(dl, "gss_krb5_set_allowable_enctypes", "")) != (void *) -1) { krb5_mechanism.gss_set_allowable_enctypes = p; } if ((p = locate_symbol(dl, "gss_krb5_export_lucid_sec_context", "")) != (void *) -1) { krb5_mechanism.gss_export_lucid_sec_context = p; } if ((p = locate_symbol(dl, "gss_krb5_free_lucid_sec_context", "")) != (void *) -1) { krb5_mechanism.gss_free_lucid_sec_context = p; } krb5_mech_ptr = &krb5_mechanism; return (krb5_mech_ptr); } libgssglue-0.9/src/g_oid_ops.c000066400000000000000000000046511455651163400164370ustar00rootroot00000000000000/* * lib/gssapi/mechglue/g_oid_ops.c * * Copyright 1995 by the Massachusetts Institute of Technology. * All Rights Reserved. * * Export of this software from the United States of America may * require a specific license from the United States Government. * It is the responsibility of any person or organization contemplating * export to obtain such a license before exporting. * * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and * distribute this software and its documentation for any purpose and * without fee is hereby granted, provided that the above copyright * notice appear in all copies and that both that copyright notice and * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior * permission. Furthermore if you modify this software you must label * your software as modified software and not distribute it in such a * fashion that it might be confused with the original M.I.T. software. * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * */ /* * oid_ops.c - GSS-API V2 interfaces to manipulate OIDs */ #include "mglueP.h" #include /* * should include to get protos #include "../generic/gssapiP_generic.h" */ extern gss_mechanism *__gss_mechs_array; /* * Remove gss_release_oid() which was added in GSS-API V2 and * then removed in GSS-API V2 Revision 1. KWC 03/02/2005 */ OM_uint32 gss_create_empty_oid_set(OM_uint32 *minor_status, gss_OID_set *oid_set) { return generic_gss_create_empty_oid_set(minor_status, oid_set); } OM_uint32 gss_add_oid_set_member(OM_uint32 *minor_status, gss_OID member_oid, gss_OID_set *oid_set) { return generic_gss_add_oid_set_member(minor_status, member_oid, oid_set); } OM_uint32 gss_test_oid_set_member(OM_uint32 *minor_status, gss_OID member, gss_OID_set set, int *present) { return generic_gss_test_oid_set_member(minor_status, member, set, present); } OM_uint32 gss_oid_to_str(OM_uint32 *minor_status, gss_OID oid, gss_buffer_t oid_str) { return generic_gss_oid_to_str(minor_status, oid, oid_str); } OM_uint32 gss_str_to_oid(OM_uint32 *minor_status, gss_buffer_t oid_str, gss_OID *oid) { return generic_gss_str_to_oid(minor_status, oid_str, oid); } libgssglue-0.9/src/g_process_context.c000066400000000000000000000040361455651163400202220ustar00rootroot00000000000000/* * #ident "@(#)gss_process_context.c 1.9 95/08/07 SMI" */ /* * Copyright 1996 by Sun Microsystems, Inc. * * Permission to use, copy, modify, distribute, and sell this software * and its documentation for any purpose is hereby granted without fee, * provided that the above copyright notice appears in all copies and * that both that copyright notice and this permission notice appear in * supporting documentation, and that the name of Sun Microsystems not be used * in advertising or publicity pertaining to distribution of the software * without specific, written prior permission. Sun Microsystems makes no * representations about the suitability of this software for any * purpose. It is provided "as is" without express or implied warranty. * * SUN MICROSYSTEMS DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE, * INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO * EVENT SHALL SUN MICROSYSTEMS BE LIABLE FOR ANY SPECIAL, INDIRECT OR * CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF * USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR * OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR * PERFORMANCE OF THIS SOFTWARE. */ /* * glue routine gss_process_context */ #include "mglueP.h" OM_uint32 gss_process_context_token(OM_uint32 *minor_status, gss_ctx_id_t context_handle, gss_buffer_t token_buffer) { OM_uint32 status; gss_union_ctx_id_t ctx; gss_mechanism mech; GSS_INITIALIZE; if (context_handle == GSS_C_NO_CONTEXT) return GSS_S_NO_CONTEXT; /* * select the approprate underlying mechanism routine and * call it. */ ctx = (gss_union_ctx_id_t) context_handle; mech = __gss_get_mechanism(ctx->mech_type); if (mech) { if (mech->gss_process_context_token) status = mech->gss_process_context_token(minor_status, ctx->internal_ctx_id, token_buffer); else status = GSS_S_BAD_BINDINGS; return (status); } return (GSS_S_NO_CONTEXT); } libgssglue-0.9/src/g_rel_buffer.c000066400000000000000000000033151455651163400171120ustar00rootroot00000000000000/* * #ident "@(#)g_rel_buffer.c 1.2 96/02/06 SMI" */ /* * Copyright 1996 by Sun Microsystems, Inc. * * Permission to use, copy, modify, distribute, and sell this software * and its documentation for any purpose is hereby granted without fee, * provided that the above copyright notice appears in all copies and * that both that copyright notice and this permission notice appear in * supporting documentation, and that the name of Sun Microsystems not be used * in advertising or publicity pertaining to distribution of the software * without specific, written prior permission. Sun Microsystems makes no * representations about the suitability of this software for any * purpose. It is provided "as is" without express or implied warranty. * * SUN MICROSYSTEMS DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE, * INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO * EVENT SHALL SUN MICROSYSTEMS BE LIABLE FOR ANY SPECIAL, INDIRECT OR * CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF * USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR * OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR * PERFORMANCE OF THIS SOFTWARE. */ /* * glue routine for gss_release_buffer */ #include "mglueP.h" #include #include OM_uint32 gss_release_buffer(OM_uint32 *minor_status, gss_buffer_t buffer) { if (minor_status) *minor_status = 0; /* * if buffer is NULL, return */ if (buffer == GSS_C_NO_BUFFER) return (GSS_S_COMPLETE); if ((buffer->length != 0) && (buffer->value != NULL)) { free(buffer->value); buffer->length = 0; buffer->value = NULL; } return (GSS_S_COMPLETE); } libgssglue-0.9/src/g_rel_cred.c000066400000000000000000000054241455651163400165610ustar00rootroot00000000000000/* * #ident "@(#)gss_release_cred.c 1.15 95/08/07 SMI" */ /* * Copyright 1996 by Sun Microsystems, Inc. * * Permission to use, copy, modify, distribute, and sell this software * and its documentation for any purpose is hereby granted without fee, * provided that the above copyright notice appears in all copies and * that both that copyright notice and this permission notice appear in * supporting documentation, and that the name of Sun Microsystems not be used * in advertising or publicity pertaining to distribution of the software * without specific, written prior permission. Sun Microsystems makes no * representations about the suitability of this software for any * purpose. It is provided "as is" without express or implied warranty. * * SUN MICROSYSTEMS DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE, * INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO * EVENT SHALL SUN MICROSYSTEMS BE LIABLE FOR ANY SPECIAL, INDIRECT OR * CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF * USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR * OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR * PERFORMANCE OF THIS SOFTWARE. */ /* * glue routine for gss_release_cred */ #include "mglueP.h" #include #include OM_uint32 gss_release_cred(OM_uint32 *minor_status, gss_cred_id_t *cred_handle) { OM_uint32 status, temp_status; int j; gss_union_cred_t union_cred; gss_mechanism mech; GSS_INITIALIZE; if (minor_status) *minor_status = 0; /* * if the cred_handle is null, return a NO_CRED error */ if (cred_handle == GSS_C_NO_CREDENTIAL) return (GSS_S_NO_CRED); /* * Loop through the union_cred struct, selecting the approprate * underlying mechanism routine and calling it. At the end, * release all of the storage taken by the union_cred struct. */ union_cred = (gss_union_cred_t) * cred_handle; *cred_handle = NULL; if (union_cred == NULL) return GSS_S_NO_CRED; status = GSS_S_COMPLETE; for (j = 0; j < union_cred->count; j++) { mech = __gss_get_mechanism(&union_cred->mechs_array[j]); if (union_cred->mechs_array[j].elements) free(union_cred->mechs_array[j].elements); if (mech) { if (mech->gss_release_cred) { temp_status = mech->gss_release_cred(minor_status, &union_cred->cred_array [j]); if (temp_status != GSS_S_COMPLETE) status = GSS_S_NO_CRED; } else status = GSS_S_NO_CRED; } else status = GSS_S_NO_CRED; } gss_release_buffer(minor_status, &union_cred->auxinfo.name); free(union_cred->cred_array); free(union_cred->mechs_array); free(union_cred); return (status); } libgssglue-0.9/src/g_rel_name.c000066400000000000000000000043641455651163400165660ustar00rootroot00000000000000/* * #ident "@(#)gss_release_name.c 1.2 95/05/09 SMI" */ /* * Copyright 1996 by Sun Microsystems, Inc. * * Permission to use, copy, modify, distribute, and sell this software * and its documentation for any purpose is hereby granted without fee, * provided that the above copyright notice appears in all copies and * that both that copyright notice and this permission notice appear in * supporting documentation, and that the name of Sun Microsystems not be used * in advertising or publicity pertaining to distribution of the software * without specific, written prior permission. Sun Microsystems makes no * representations about the suitability of this software for any * purpose. It is provided "as is" without express or implied warranty. * * SUN MICROSYSTEMS DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE, * INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO * EVENT SHALL SUN MICROSYSTEMS BE LIABLE FOR ANY SPECIAL, INDIRECT OR * CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF * USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR * OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR * PERFORMANCE OF THIS SOFTWARE. */ /* * glue routine for gss_release_name */ #include "mglueP.h" #include #include #include OM_uint32 gss_release_name(OM_uint32 *minor_status, gss_name_t *input_name) { gss_union_name_t union_name; /* * if input_name is NULL, return error */ if (input_name == 0) return (GSS_S_BAD_NAME); /* * free up the space for the external_name and then * free the union_name descriptor */ union_name = (gss_union_name_t) * input_name; *input_name = 0; *minor_status = 0; if (union_name == GSS_C_NO_NAME) return GSS_S_BAD_NAME; if (union_name->name_type != GSS_C_NO_OID) generic_gss_release_oid(minor_status, &union_name->name_type); if (union_name->external_name.value) free(union_name->external_name.value); if (union_name->mech_type) { __gss_release_internal_name(minor_status, union_name->mech_type, &union_name->mech_name); } memset(union_name, 0, sizeof(*union_name)); free(union_name); return (GSS_S_COMPLETE); } libgssglue-0.9/src/g_rel_oid_set.c000066400000000000000000000035011455651163400172640ustar00rootroot00000000000000/* * #ident "@(#)gss_release_oid_set.c 1.12 95/08/23 SMI" */ /* * Copyright 1996 by Sun Microsystems, Inc. * * Permission to use, copy, modify, distribute, and sell this software * and its documentation for any purpose is hereby granted without fee, * provided that the above copyright notice appears in all copies and * that both that copyright notice and this permission notice appear in * supporting documentation, and that the name of Sun Microsystems not be used * in advertising or publicity pertaining to distribution of the software * without specific, written prior permission. Sun Microsystems makes no * representations about the suitability of this software for any * purpose. It is provided "as is" without express or implied warranty. * * SUN MICROSYSTEMS DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE, * INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO * EVENT SHALL SUN MICROSYSTEMS BE LIABLE FOR ANY SPECIAL, INDIRECT OR * CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF * USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR * OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR * PERFORMANCE OF THIS SOFTWARE. */ /* * glue routine for gss_release_oid_set */ #include "mglueP.h" #include #include OM_uint32 gss_release_oid_set(OM_uint32 *minor_status, gss_OID_set *set) { size_t index; gss_OID oid; if (minor_status) *minor_status = 0; if (set == NULL) return GSS_S_COMPLETE; if (*set == GSS_C_NULL_OID_SET) return (GSS_S_COMPLETE); for (index = 0; index < (*set)->count; index++) { oid = &(*set)->elements[index]; free(oid->elements); } free((*set)->elements); free(*set); *set = GSS_C_NULL_OID_SET; return (GSS_S_COMPLETE); } libgssglue-0.9/src/g_seal.c000066400000000000000000000046611455651163400157300ustar00rootroot00000000000000/* * #ident "@(#)gss_seal.c 1.10 95/08/07 SMI" */ /* * Copyright 1996 by Sun Microsystems, Inc. * * Permission to use, copy, modify, distribute, and sell this software * and its documentation for any purpose is hereby granted without fee, * provided that the above copyright notice appears in all copies and * that both that copyright notice and this permission notice appear in * supporting documentation, and that the name of Sun Microsystems not be used * in advertising or publicity pertaining to distribution of the software * without specific, written prior permission. Sun Microsystems makes no * representations about the suitability of this software for any * purpose. It is provided "as is" without express or implied warranty. * * SUN MICROSYSTEMS DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE, * INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO * EVENT SHALL SUN MICROSYSTEMS BE LIABLE FOR ANY SPECIAL, INDIRECT OR * CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF * USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR * OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR * PERFORMANCE OF THIS SOFTWARE. */ /* * glue routine for gss_seal */ #include "mglueP.h" OM_uint32 gss_seal(OM_uint32 *minor_status, gss_ctx_id_t context_handle, int conf_req_flag, int qop_req, gss_buffer_t input_message_buffer, int *conf_state, gss_buffer_t output_message_buffer) { OM_uint32 status; gss_union_ctx_id_t ctx; gss_mechanism mech; GSS_INITIALIZE; if (context_handle == GSS_C_NO_CONTEXT) return GSS_S_NO_CONTEXT; /* * select the approprate underlying mechanism routine and * call it. (If underlying mech only supports V2, then * use its wrap method instead.) */ ctx = (gss_union_ctx_id_t) context_handle; mech = __gss_get_mechanism(ctx->mech_type); if (mech) { if (mech->gss_seal) status = mech->gss_seal(minor_status, ctx->internal_ctx_id, conf_req_flag, qop_req, input_message_buffer, conf_state, output_message_buffer); else if (mech->gss_wrap) status = mech->gss_wrap(minor_status, ctx->internal_ctx_id, conf_req_flag, qop_req, input_message_buffer, conf_state, output_message_buffer); else status = GSS_S_BAD_BINDINGS; return (status); } return (GSS_S_NO_CONTEXT); } libgssglue-0.9/src/g_set_allowable_enctypes.c000066400000000000000000000043771455651163400215370ustar00rootroot00000000000000/* * #ident "@(#)gss_set_allowable_enctype.c 1.9 95/08/02 SMI" */ /* * Copyright 1996 by Sun Microsystems, Inc. * * Permission to use, copy, modify, distribute, and sell this software * and its documentation for any purpose is hereby granted without fee, * provided that the above copyright notice appears in all copies and * that both that copyright notice and this permission notice appear in * supporting documentation, and that the name of Sun Microsystems not be used * in advertising or publicity pertaining to distribution of the software * without specific, written prior permission. Sun Microsystems makes no * representations about the suitability of this software for any * purpose. It is provided "as is" without express or implied warranty. * * SUN MICROSYSTEMS DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE, * INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO * EVENT SHALL SUN MICROSYSTEMS BE LIABLE FOR ANY SPECIAL, INDIRECT OR * CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF * USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR * OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR * PERFORMANCE OF THIS SOFTWARE. */ /* * glue routine for gss_set_allowable_enctypes */ #include "mglueP.h" #include #include #include OM_uint32 gss_set_allowable_enctypes(OM_uint32 *minor_status, gss_cred_id_t cred_handle, gss_OID mech_type, OM_uint32 num_ktypes, void *ktypes) { gss_union_cred_t union_cred; gss_mechanism mech; gss_cred_id_t mech_cred; GSS_INITIALIZE; if (cred_handle == GSS_C_NO_CREDENTIAL) return (GSS_S_NO_CRED); if ((mech = __gss_get_mechanism(mech_type)) == NULL) return (GSS_S_BAD_MECH); if (!mech->gss_set_allowable_enctypes) return (GSS_S_FAILURE); /* * get the mechanism-specific cred handle */ union_cred = (gss_union_cred_t) cred_handle; mech_cred = __gss_get_mechanism_cred(union_cred, mech_type); if (mech_cred == GSS_C_NO_CREDENTIAL) return (GSS_S_NO_CRED); /* * Call the mechanism-specific routine */ return (mech->gss_set_allowable_enctypes(minor_status, mech_cred, num_ktypes, ktypes)); } libgssglue-0.9/src/g_sign.c000066400000000000000000000043371455651163400157440ustar00rootroot00000000000000/* * #ident "@(#)gss_sign.c 1.10 95/08/07 SMI" */ /* * Copyright 1996 by Sun Microsystems, Inc. * * Permission to use, copy, modify, distribute, and sell this software * and its documentation for any purpose is hereby granted without fee, * provided that the above copyright notice appears in all copies and * that both that copyright notice and this permission notice appear in * supporting documentation, and that the name of Sun Microsystems not be used * in advertising or publicity pertaining to distribution of the software * without specific, written prior permission. Sun Microsystems makes no * representations about the suitability of this software for any * purpose. It is provided "as is" without express or implied warranty. * * SUN MICROSYSTEMS DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE, * INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO * EVENT SHALL SUN MICROSYSTEMS BE LIABLE FOR ANY SPECIAL, INDIRECT OR * CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF * USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR * OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR * PERFORMANCE OF THIS SOFTWARE. */ /* * glue routine gss_sign */ #include "mglueP.h" OM_uint32 gss_sign(OM_uint32 *minor_status, gss_ctx_id_t context_handle, int qop_req, gss_buffer_t message_buffer, gss_buffer_t msg_token) { OM_uint32 status; gss_union_ctx_id_t ctx; gss_mechanism mech; GSS_INITIALIZE; if (context_handle == GSS_C_NO_CONTEXT) return GSS_S_NO_CONTEXT; /* * select the approprate underlying mechanism routine and * call it. (If mech only supports V2, then substitute * get_mic.) */ ctx = (gss_union_ctx_id_t) context_handle; mech = __gss_get_mechanism(ctx->mech_type); if (mech) { if (mech->gss_sign) status = mech->gss_sign(minor_status, ctx->internal_ctx_id, qop_req, message_buffer, msg_token); else if (mech->gss_get_mic) status = mech->gss_get_mic(minor_status, ctx->internal_ctx_id, qop_req, message_buffer, msg_token); else status = GSS_S_BAD_BINDINGS; return (status); } return (GSS_S_NO_CONTEXT); } libgssglue-0.9/src/g_unseal.c000066400000000000000000000050211455651163400162620ustar00rootroot00000000000000/* * #ident "@(#)gss_unseal.c 1.10 95/08/07 SMI" */ /* * Copyright 1996 by Sun Microsystems, Inc. * * Permission to use, copy, modify, distribute, and sell this software * and its documentation for any purpose is hereby granted without fee, * provided that the above copyright notice appears in all copies and * that both that copyright notice and this permission notice appear in * supporting documentation, and that the name of Sun Microsystems not be used * in advertising or publicity pertaining to distribution of the software * without specific, written prior permission. Sun Microsystems makes no * representations about the suitability of this software for any * purpose. It is provided "as is" without express or implied warranty. * * SUN MICROSYSTEMS DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE, * INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO * EVENT SHALL SUN MICROSYSTEMS BE LIABLE FOR ANY SPECIAL, INDIRECT OR * CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF * USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR * OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR * PERFORMANCE OF THIS SOFTWARE. */ /* * glue routine gss_unseal */ #include "mglueP.h" OM_uint32 gss_unseal(OM_uint32 *minor_status, gss_ctx_id_t context_handle, gss_buffer_t input_message_buffer, gss_buffer_t output_message_buffer, int *conf_state, int *qop_state) { OM_uint32 status; gss_union_ctx_id_t ctx; gss_mechanism mech; GSS_INITIALIZE; if (context_handle == GSS_C_NO_CONTEXT) return GSS_S_NO_CONTEXT; /* * select the approprate underlying mechanism routine and * call it. (If mech only supports V2, then substitute the * unwrap function.) */ ctx = (gss_union_ctx_id_t) context_handle; mech = __gss_get_mechanism(ctx->mech_type); if (mech) { if (mech->gss_unseal) status = mech->gss_unseal(minor_status, ctx->internal_ctx_id, input_message_buffer, output_message_buffer, conf_state, qop_state); else if (mech->gss_unwrap) { gss_qop_t local_qop_state; if (qop_state) local_qop_state = *qop_state; status = mech->gss_unwrap(minor_status, ctx->internal_ctx_id, input_message_buffer, output_message_buffer, conf_state, qop_state ? &local_qop_state : NULL); } else status = GSS_S_BAD_BINDINGS; return (status); } return (GSS_S_NO_CONTEXT); } libgssglue-0.9/src/g_unwrap.c000066400000000000000000000042151455651163400163130ustar00rootroot00000000000000/* * #ident "@(#)gss_unwrap.c 1.10 95/08/07 SMI" */ /* * Copyright 1996 by Sun Microsystems, Inc. * * Permission to use, copy, modify, distribute, and sell this software * and its documentation for any purpose is hereby granted without fee, * provided that the above copyright notice appears in all copies and * that both that copyright notice and this permission notice appear in * supporting documentation, and that the name of Sun Microsystems not be used * in advertising or publicity pertaining to distribution of the software * without specific, written prior permission. Sun Microsystems makes no * representations about the suitability of this software for any * purpose. It is provided "as is" without express or implied warranty. * * SUN MICROSYSTEMS DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE, * INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO * EVENT SHALL SUN MICROSYSTEMS BE LIABLE FOR ANY SPECIAL, INDIRECT OR * CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF * USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR * OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR * PERFORMANCE OF THIS SOFTWARE. */ /* * glue routine gss_unwrap (New for V2) */ #include "mglueP.h" OM_uint32 gss_unwrap(OM_uint32 *minor_status, gss_ctx_id_t context_handle, gss_buffer_t input_message_buffer, gss_buffer_t output_message_buffer, int *conf_state, gss_qop_t *qop_state) { OM_uint32 status; gss_union_ctx_id_t ctx; gss_mechanism mech; GSS_INITIALIZE; if (context_handle == GSS_C_NO_CONTEXT) return GSS_S_NO_CONTEXT; /* * select the approprate underlying mechanism routine and * call it. */ ctx = (gss_union_ctx_id_t) context_handle; mech = __gss_get_mechanism(ctx->mech_type); if (mech) { if (mech->gss_unwrap) status = mech->gss_unwrap(minor_status, ctx->internal_ctx_id, input_message_buffer, output_message_buffer, conf_state, qop_state); else status = GSS_S_BAD_BINDINGS; return (status); } return (GSS_S_NO_CONTEXT); } libgssglue-0.9/src/g_verify.c000066400000000000000000000046441455651163400163110ustar00rootroot00000000000000/* * #ident "@(#)gss_verify.c 1.9 95/08/07 SMI" */ /* * Copyright 1996 by Sun Microsystems, Inc. * * Permission to use, copy, modify, distribute, and sell this software * and its documentation for any purpose is hereby granted without fee, * provided that the above copyright notice appears in all copies and * that both that copyright notice and this permission notice appear in * supporting documentation, and that the name of Sun Microsystems not be used * in advertising or publicity pertaining to distribution of the software * without specific, written prior permission. Sun Microsystems makes no * representations about the suitability of this software for any * purpose. It is provided "as is" without express or implied warranty. * * SUN MICROSYSTEMS DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE, * INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO * EVENT SHALL SUN MICROSYSTEMS BE LIABLE FOR ANY SPECIAL, INDIRECT OR * CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF * USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR * OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR * PERFORMANCE OF THIS SOFTWARE. */ /* * glue routine for gss_verify */ #include "mglueP.h" OM_uint32 gss_verify(OM_uint32 *minor_status, gss_ctx_id_t context_handle, gss_buffer_t message_buffer, gss_buffer_t token_buffer, int *qop_state) { OM_uint32 status; gss_union_ctx_id_t ctx; gss_mechanism mech; GSS_INITIALIZE; if (context_handle == GSS_C_NO_CONTEXT) return GSS_S_NO_CONTEXT; /* * select the approprate underlying mechanism routine and * call it. (If mech only supports V2, then substitute * verify_mic.) */ ctx = (gss_union_ctx_id_t) context_handle; mech = __gss_get_mechanism(ctx->mech_type); if (mech) { if (mech->gss_verify_mic) { gss_qop_t local_qop_state; if (qop_state) local_qop_state = *qop_state; status = mech->gss_verify_mic(minor_status, ctx->internal_ctx_id, message_buffer, token_buffer, qop_state ? &local_qop_state : NULL); } else if (mech->gss_verify) { status = mech->gss_verify(minor_status, ctx->internal_ctx_id, message_buffer, token_buffer, qop_state); } else status = GSS_S_BAD_BINDINGS; return (status); } return (GSS_S_NO_CONTEXT); } libgssglue-0.9/src/g_verify_mic.c000066400000000000000000000041361455651163400171350ustar00rootroot00000000000000/* * #ident "@(#)gss_verify_mic.c 1.9 95/08/07 SMI" */ /* * Copyright 1996 by Sun Microsystems, Inc. * * Permission to use, copy, modify, distribute, and sell this software * and its documentation for any purpose is hereby granted without fee, * provided that the above copyright notice appears in all copies and * that both that copyright notice and this permission notice appear in * supporting documentation, and that the name of Sun Microsystems not be used * in advertising or publicity pertaining to distribution of the software * without specific, written prior permission. Sun Microsystems makes no * representations about the suitability of this software for any * purpose. It is provided "as is" without express or implied warranty. * * SUN MICROSYSTEMS DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE, * INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO * EVENT SHALL SUN MICROSYSTEMS BE LIABLE FOR ANY SPECIAL, INDIRECT OR * CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF * USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR * OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR * PERFORMANCE OF THIS SOFTWARE. */ /* * glue routine for gss_verify_mic (New for V2) */ #include "mglueP.h" OM_uint32 gss_verify_mic(OM_uint32 *minor_status, gss_ctx_id_t context_handle, gss_buffer_t message_buffer, gss_buffer_t token_buffer, gss_qop_t *qop_state) { OM_uint32 status; gss_union_ctx_id_t ctx; gss_mechanism mech; GSS_INITIALIZE; if (context_handle == GSS_C_NO_CONTEXT) return GSS_S_NO_CONTEXT; /* * select the approprate underlying mechanism routine and * call it. */ ctx = (gss_union_ctx_id_t) context_handle; mech = __gss_get_mechanism(ctx->mech_type); if (mech) { if (mech->gss_verify_mic) status = mech->gss_verify_mic(minor_status, ctx->internal_ctx_id, message_buffer, token_buffer, qop_state); else status = GSS_S_BAD_BINDINGS; return (status); } return (GSS_S_NO_CONTEXT); } libgssglue-0.9/src/g_wrap.c000066400000000000000000000060211455651163400157450ustar00rootroot00000000000000/* * #ident "@(#)gss_wrap.c 1.10 95/08/07 SMI" */ /* * Copyright 1996 by Sun Microsystems, Inc. * * Permission to use, copy, modify, distribute, and sell this software * and its documentation for any purpose is hereby granted without fee, * provided that the above copyright notice appears in all copies and * that both that copyright notice and this permission notice appear in * supporting documentation, and that the name of Sun Microsystems not be used * in advertising or publicity pertaining to distribution of the software * without specific, written prior permission. Sun Microsystems makes no * representations about the suitability of this software for any * purpose. It is provided "as is" without express or implied warranty. * * SUN MICROSYSTEMS DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE, * INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO * EVENT SHALL SUN MICROSYSTEMS BE LIABLE FOR ANY SPECIAL, INDIRECT OR * CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF * USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR * OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR * PERFORMANCE OF THIS SOFTWARE. */ /* * glue routine for gss_wrap (New for V2) */ #include "mglueP.h" OM_uint32 gss_wrap(OM_uint32 *minor_status, gss_ctx_id_t context_handle, int conf_req_flag, gss_qop_t qop_req, gss_buffer_t input_message_buffer, int *conf_state, gss_buffer_t output_message_buffer) { OM_uint32 status; gss_union_ctx_id_t ctx; gss_mechanism mech; GSS_INITIALIZE; if (context_handle == GSS_C_NO_CONTEXT) return GSS_S_NO_CONTEXT; /* * select the approprate underlying mechanism routine and * call it. */ ctx = (gss_union_ctx_id_t) context_handle; mech = __gss_get_mechanism(ctx->mech_type); if (mech) { if (mech->gss_wrap) status = mech->gss_wrap(minor_status, ctx->internal_ctx_id, conf_req_flag, qop_req, input_message_buffer, conf_state, output_message_buffer); else status = GSS_S_BAD_BINDINGS; return (status); } return (GSS_S_NO_CONTEXT); } /* * New for V2 */ OM_uint32 gss_wrap_size_limit(OM_uint32 *minor_status, gss_ctx_id_t context_handle, int conf_req_flag, gss_qop_t qop_req, OM_uint32 req_output_size, OM_uint32 *max_input_size) { OM_uint32 status; gss_union_ctx_id_t ctx; gss_mechanism mech; GSS_INITIALIZE; if (context_handle == GSS_C_NO_CONTEXT) return GSS_S_NO_CONTEXT; /* * select the approprate underlying mechanism routine and * call it. */ ctx = (gss_union_ctx_id_t) context_handle; mech = __gss_get_mechanism(ctx->mech_type); if (!mech) return (GSS_S_NO_CONTEXT); if (!mech->gss_wrap_size_limit) return (GSS_S_BAD_BINDINGS); status = mech->gss_wrap_size_limit(minor_status, context_handle, conf_req_flag, qop_req, req_output_size, max_input_size); return (status); } libgssglue-0.9/src/gen_oids.c000066400000000000000000000061221455651163400162570ustar00rootroot00000000000000/* * Copyright 1993 by OpenVision Technologies, Inc. * * Permission to use, copy, modify, distribute, and sell this software * and its documentation for any purpose is hereby granted without fee, * provided that the above copyright notice appears in all copies and * that both that copyright notice and this permission notice appear in * supporting documentation, and that the name of OpenVision not be used * in advertising or publicity pertaining to distribution of the software * without specific, written prior permission. OpenVision makes no * representations about the suitability of this software for any * purpose. It is provided "as is" without express or implied warranty. * * OPENVISION DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE, * INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO * EVENT SHALL OPENVISION BE LIABLE FOR ANY SPECIAL, INDIRECT OR * CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF * USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR * OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR * PERFORMANCE OF THIS SOFTWARE. */ #include "mglueP.h" /* * See krb5/gssapi_krb5.c for a description of the algorithm for * encoding an object identifier. */ /* * The OID of user_name is: * iso(1) member-body(2) US(840) mit(113554) infosys(1) gssapi(2) * generic(1) user_name(1) = 1.2.840.113554.1.2.1.1 * machine_uid_name: * iso(1) member-body(2) US(840) mit(113554) infosys(1) gssapi(2) * generic(1) machine_uid_name(2) = 1.2.840.113554.1.2.1.2 * string_uid_name: * iso(1) member-body(2) US(840) mit(113554) infosys(1) gssapi(2) * generic(1) string_uid_name(3) = 1.2.840.113554.1.2.1.3 * service_name: * iso(1) member-body(2) US(840) mit(113554) infosys(1) gssapi(2) * generic(1) service_name(4) = 1.2.840.113554.1.2.1.4 * anonymous_name: * iso(1) org(3) dod(6) internet(1) security(5) nametypes(6) * gss-anonymous-name(3) = 1.3.6.1.5.6.3 * exported_name: * iso(1) org(3) dod(6) internet(1) security(5) nametypes(6) * gss-api-exported-name(4) = 1.3.6.1.5.6.4 * */ static gss_OID_desc oids[] = { {10, "\052\206\110\206\367\022\001\002\001\001"}, {10, "\052\206\110\206\367\022\001\002\001\002"}, {10, "\052\206\110\206\367\022\001\002\001\003"}, {10, "\052\206\110\206\367\022\001\002\001\004"}, {6, "\053\006\001\005\006\003"}, {6, "\053\006\001\005\006\004"}, }; /* * rfc2744 defines the UPPERCASE names, the lowercase names are * the original MIT names and should not be used in new applications */ gss_OID GSS_C_NT_USER_NAME = oids + 0; gss_OID gss_nt_user_name = oids + 0; gss_OID GSS_C_NT_MACHINE_UID_NAME = oids + 1; gss_OID gss_nt_machine_uid_name = oids + 1; gss_OID GSS_C_NT_STRING_UID_NAME = oids + 2; gss_OID gss_nt_string_uid_name = oids + 2; gss_OID GSS_C_NT_HOSTBASED_SERVICE = oids + 3; gss_OID gss_nt_service_name = oids + 3; gss_OID GSS_C_NT_ANONYMOUS = oids + 4; gss_OID GSS_C_NT_EXPORT_NAME = oids + 5; libgssglue-0.9/src/gssd_pname_to_uid.c000066400000000000000000000043201455651163400201510ustar00rootroot00000000000000/* * #ident "@(#)gssd_pname_to_uid.c 1.5 95/08/02 SMI" */ /* * Copyright 1996 by Sun Microsystems, Inc. * * Permission to use, copy, modify, distribute, and sell this software * and its documentation for any purpose is hereby granted without fee, * provided that the above copyright notice appears in all copies and * that both that copyright notice and this permission notice appear in * supporting documentation, and that the name of Sun Microsystems not be used * in advertising or publicity pertaining to distribution of the software * without specific, written prior permission. Sun Microsystems makes no * representations about the suitability of this software for any * purpose. It is provided "as is" without express or implied warranty. * * SUN MICROSYSTEMS DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE, * INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO * EVENT SHALL SUN MICROSYSTEMS BE LIABLE FOR ANY SPECIAL, INDIRECT OR * CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF * USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR * OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR * PERFORMANCE OF THIS SOFTWARE. */ /* * glue routines that test the mech id either passed in to * gss_init_sec_contex() or gss_accept_sec_context() or within the glue * routine supported version of the security context and then call * the appropriate underlying mechanism library procedure. * */ #include "mglueP.h" #if defined(ADD_GSSD_PNAME_TO_UID) int gssd_pname_to_uid(pname, name_type, mech_type, uid) char *pname; gss_OID name_type; gss_OID mech_type; uid_t *uid; { int status; gss_mechanism mech; GSS_INITIALIZE; /* * find the appropriate mechanism specific pname_to_uid procedure and * call it. */ mech = __gss_get_mechanism(mech_type); if (mech) { if (mech_type == GSS_C_NULL_OID) mech_type = &mech->mech_type; if (mech->pname_to_uid) status = mech->pname_to_uid(pname, name_type, mech_type, uid); else status = GSS_S_BAD_MECH; } else status = GSS_S_BAD_MECH; return (status); } #endif libgssglue-0.9/src/gssglue/000077500000000000000000000000001455651163400157745ustar00rootroot00000000000000libgssglue-0.9/src/gssglue/gssapi/000077500000000000000000000000001455651163400172625ustar00rootroot00000000000000libgssglue-0.9/src/gssglue/gssapi/gssapi.h.in000066400000000000000000000630341455651163400213340ustar00rootroot00000000000000/* * Copyright 1993 by OpenVision Technologies, Inc. * * Permission to use, copy, modify, distribute, and sell this software * and its documentation for any purpose is hereby granted without fee, * provided that the above copyright notice appears in all copies and * that both that copyright notice and this permission notice appear in * supporting documentation, and that the name of OpenVision not be used * in advertising or publicity pertaining to distribution of the software * without specific, written prior permission. OpenVision makes no * representations about the suitability of this software for any * purpose. It is provided "as is" without express or implied warranty. * * OPENVISION DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE, * INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO * EVENT SHALL OPENVISION BE LIABLE FOR ANY SPECIAL, INDIRECT OR * CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF * USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR * OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR * PERFORMANCE OF THIS SOFTWARE. */ #ifndef _GSSAPI_H_GLUE_ #define _GSSAPI_H_GLUE_ #ifdef _GSSAPI_H_ #error It appears you have already included the MIT gssapi.h file #endif #ifdef GSSAPI_H_ #error It appears you have already included the Heimdal gssapi.h file #endif /* * Determine platform-dependent configuration. */ #ifdef __cplusplus extern "C" { #endif /* __cplusplus */ #include /* * First, include stddef.h to get size_t defined. */ #include /* * POSIX says that sys/types.h is where size_t is defined. */ #include /* * $Id: gssapi.h.in,v 1.2 2006/04/08 20:27:24 kwc Exp $ */ /* * First, define the three platform-dependent pointer types. */ typedef void *gss_name_t; typedef void *gss_cred_id_t; typedef void *gss_ctx_id_t; /* * The following type must be defined as the smallest natural unsigned integer * supported by the platform that has at least 32 bits of precision. */ typedef uint32_t gss_uint32; typedef int32_t gss_int32; typedef gss_uint32 OM_uint32; typedef struct gss_OID_desc_struct { OM_uint32 length; void *elements; } gss_OID_desc , *gss_OID; typedef struct gss_OID_set_desc_struct { size_t count; gss_OID elements; } gss_OID_set_desc, *gss_OID_set; typedef struct gss_buffer_desc_struct { size_t length; void *value; } gss_buffer_desc, *gss_buffer_t; typedef struct gss_channel_bindings_struct { OM_uint32 initiator_addrtype; gss_buffer_desc initiator_address; OM_uint32 acceptor_addrtype; gss_buffer_desc acceptor_address; gss_buffer_desc application_data; } *gss_channel_bindings_t; /* * For now, define a QOP-type as an OM_uint32 (pending resolution of ongoing * discussions). */ typedef OM_uint32 gss_qop_t; typedef int gss_cred_usage_t; /* * Flag bits for context-level services. */ #define GSS_C_DELEG_FLAG 1 #define GSS_C_MUTUAL_FLAG 2 #define GSS_C_REPLAY_FLAG 4 #define GSS_C_SEQUENCE_FLAG 8 #define GSS_C_CONF_FLAG 16 #define GSS_C_INTEG_FLAG 32 #define GSS_C_ANON_FLAG 64 #define GSS_C_PROT_READY_FLAG 128 #define GSS_C_TRANS_FLAG 256 /* * Credential usage options */ #define GSS_C_BOTH 0 #define GSS_C_INITIATE 1 #define GSS_C_ACCEPT 2 /* * Status code types for gss_display_status */ #define GSS_C_GSS_CODE 1 #define GSS_C_MECH_CODE 2 /* * The constant definitions for channel-bindings address families */ #define GSS_C_AF_UNSPEC 0 #define GSS_C_AF_LOCAL 1 #define GSS_C_AF_INET 2 #define GSS_C_AF_IMPLINK 3 #define GSS_C_AF_PUP 4 #define GSS_C_AF_CHAOS 5 #define GSS_C_AF_NS 6 #define GSS_C_AF_NBS 7 #define GSS_C_AF_ECMA 8 #define GSS_C_AF_DATAKIT 9 #define GSS_C_AF_CCITT 10 #define GSS_C_AF_SNA 11 #define GSS_C_AF_DECnet 12 #define GSS_C_AF_DLI 13 #define GSS_C_AF_LAT 14 #define GSS_C_AF_HYLINK 15 #define GSS_C_AF_APPLETALK 16 #define GSS_C_AF_BSC 17 #define GSS_C_AF_DSS 18 #define GSS_C_AF_OSI 19 #define GSS_C_AF_X25 21 #define GSS_C_AF_NULLADDR 255 /* * Various Null values. */ #define GSS_C_NO_NAME ((gss_name_t) 0) #define GSS_C_NO_BUFFER ((gss_buffer_t) 0) #define GSS_C_NO_OID ((gss_OID) 0) #define GSS_C_NO_OID_SET ((gss_OID_set) 0) #define GSS_C_NO_CONTEXT ((gss_ctx_id_t) 0) #define GSS_C_NO_CREDENTIAL ((gss_cred_id_t) 0) #define GSS_C_NO_CHANNEL_BINDINGS ((gss_channel_bindings_t) 0) #define GSS_C_EMPTY_BUFFER {0, NULL} /* * Some alternate names for a couple of the above values. These are defined * for V1 compatibility. */ #define GSS_C_NULL_OID GSS_C_NO_OID #define GSS_C_NULL_OID_SET GSS_C_NO_OID_SET /* * Define the default Quality of Protection for per-message services. Note * that an implementation that offers multiple levels of QOP may either reserve * a value (for example zero, as assumed here) to mean "default protection", or * alternatively may simply equate GSS_C_QOP_DEFAULT to a specific explicit * QOP value. However a value of 0 should always be interpreted by a GSSAPI * implementation as a request for the default protection level. */ #define GSS_C_QOP_DEFAULT 0 /* * Expiration time of 2^32-1 seconds means infinite lifetime for a * credential or security context */ #define GSS_C_INDEFINITE ((OM_uint32) 0xfffffffful) /* * Major status codes */ #define GSS_S_COMPLETE 0 /* * Some "helper" definitions to make the status code macros obvious. */ #define GSS_C_CALLING_ERROR_OFFSET 24 #define GSS_C_ROUTINE_ERROR_OFFSET 16 #define GSS_C_SUPPLEMENTARY_OFFSET 0 #define GSS_C_CALLING_ERROR_MASK ((OM_uint32) 0377ul) #define GSS_C_ROUTINE_ERROR_MASK ((OM_uint32) 0377ul) #define GSS_C_SUPPLEMENTARY_MASK ((OM_uint32) 0177777ul) /* * The macros that test status codes for error conditions. Note that the * GSS_ERROR() macro has changed slightly from the V1 GSSAPI so that it now * evaluates its argument only once. */ #define GSS_CALLING_ERROR(x) \ ((x) & (GSS_C_CALLING_ERROR_MASK << GSS_C_CALLING_ERROR_OFFSET)) #define GSS_ROUTINE_ERROR(x) \ ((x) & (GSS_C_ROUTINE_ERROR_MASK << GSS_C_ROUTINE_ERROR_OFFSET)) #define GSS_SUPPLEMENTARY_INFO(x) \ ((x) & (GSS_C_SUPPLEMENTARY_MASK << GSS_C_SUPPLEMENTARY_OFFSET)) #define GSS_ERROR(x) \ ((x) & ((GSS_C_CALLING_ERROR_MASK << GSS_C_CALLING_ERROR_OFFSET) | \ (GSS_C_ROUTINE_ERROR_MASK << GSS_C_ROUTINE_ERROR_OFFSET))) /* * Now the actual status code definitions */ /* * Calling errors: */ #define GSS_S_CALL_INACCESSIBLE_READ \ (((OM_uint32) 1ul) << GSS_C_CALLING_ERROR_OFFSET) #define GSS_S_CALL_INACCESSIBLE_WRITE \ (((OM_uint32) 2ul) << GSS_C_CALLING_ERROR_OFFSET) #define GSS_S_CALL_BAD_STRUCTURE \ (((OM_uint32) 3ul) << GSS_C_CALLING_ERROR_OFFSET) /* * Routine errors: */ #define GSS_S_BAD_MECH (((OM_uint32) 1ul) << GSS_C_ROUTINE_ERROR_OFFSET) #define GSS_S_BAD_NAME (((OM_uint32) 2ul) << GSS_C_ROUTINE_ERROR_OFFSET) #define GSS_S_BAD_NAMETYPE (((OM_uint32) 3ul) << GSS_C_ROUTINE_ERROR_OFFSET) #define GSS_S_BAD_BINDINGS (((OM_uint32) 4ul) << GSS_C_ROUTINE_ERROR_OFFSET) #define GSS_S_BAD_STATUS (((OM_uint32) 5ul) << GSS_C_ROUTINE_ERROR_OFFSET) #define GSS_S_BAD_SIG (((OM_uint32) 6ul) << GSS_C_ROUTINE_ERROR_OFFSET) #define GSS_S_NO_CRED (((OM_uint32) 7ul) << GSS_C_ROUTINE_ERROR_OFFSET) #define GSS_S_NO_CONTEXT (((OM_uint32) 8ul) << GSS_C_ROUTINE_ERROR_OFFSET) #define GSS_S_DEFECTIVE_TOKEN (((OM_uint32) 9ul) << GSS_C_ROUTINE_ERROR_OFFSET) #define GSS_S_DEFECTIVE_CREDENTIAL \ (((OM_uint32) 10ul) << GSS_C_ROUTINE_ERROR_OFFSET) #define GSS_S_CREDENTIALS_EXPIRED \ (((OM_uint32) 11ul) << GSS_C_ROUTINE_ERROR_OFFSET) #define GSS_S_CONTEXT_EXPIRED \ (((OM_uint32) 12ul) << GSS_C_ROUTINE_ERROR_OFFSET) #define GSS_S_FAILURE (((OM_uint32) 13ul) << GSS_C_ROUTINE_ERROR_OFFSET) #define GSS_S_BAD_QOP (((OM_uint32) 14ul) << GSS_C_ROUTINE_ERROR_OFFSET) #define GSS_S_UNAUTHORIZED (((OM_uint32) 15ul) << GSS_C_ROUTINE_ERROR_OFFSET) #define GSS_S_UNAVAILABLE (((OM_uint32) 16ul) << GSS_C_ROUTINE_ERROR_OFFSET) #define GSS_S_DUPLICATE_ELEMENT \ (((OM_uint32) 17ul) << GSS_C_ROUTINE_ERROR_OFFSET) #define GSS_S_NAME_NOT_MN \ (((OM_uint32) 18ul) << GSS_C_ROUTINE_ERROR_OFFSET) /* * Supplementary info bits: */ #define GSS_S_CONTINUE_NEEDED (1 << (GSS_C_SUPPLEMENTARY_OFFSET + 0)) #define GSS_S_DUPLICATE_TOKEN (1 << (GSS_C_SUPPLEMENTARY_OFFSET + 1)) #define GSS_S_OLD_TOKEN (1 << (GSS_C_SUPPLEMENTARY_OFFSET + 2)) #define GSS_S_UNSEQ_TOKEN (1 << (GSS_C_SUPPLEMENTARY_OFFSET + 3)) #define GSS_S_GAP_TOKEN (1 << (GSS_C_SUPPLEMENTARY_OFFSET + 4)) /* * Finally, function prototypes for the GSSAPI routines. */ /* * Reserved static storage for GSS_oids. Comments are quotes from RFC * 2744. The implementation must reserve static storage for a * gss_OID_desc object containing the value {10, (void * *)"\x2a\x86\x48\x86\xf7\x12\x01\x02\x01\x01"}, corresponding to an * object-identifier value of {iso(1) member-body(2) United * States(840) mit(113554) infosys(1) gssapi(2) generic(1) * user_name(1)}. The constant GSS_C_NT_USER_NAME should be * initialized to point to that gss_OID_desc. */ extern gss_OID GSS_C_NT_USER_NAME; /* * The implementation must reserve static storage for a * gss_OID_desc object containing the value * {10, (void *)"\x2a\x86\x48\x86\xf7\x12\x01\x02\x01\x02"}, * corresponding to an object-identifier value of * {iso(1) member-body(2) United States(840) mit(113554) * infosys(1) gssapi(2) generic(1) machine_uid_name(2)}. * The constant GSS_C_NT_MACHINE_UID_NAME should be * initialized to point to that gss_OID_desc. */ extern gss_OID GSS_C_NT_MACHINE_UID_NAME; /* * The implementation must reserve static storage for a * gss_OID_desc object containing the value * {10, (void *)"\x2a\x86\x48\x86\xf7\x12\x01\x02\x01\x03"}, * corresponding to an object-identifier value of * {iso(1) member-body(2) United States(840) mit(113554) * infosys(1) gssapi(2) generic(1) string_uid_name(3)}. * The constant GSS_C_NT_STRING_UID_NAME should be * initialized to point to that gss_OID_desc. */ extern gss_OID GSS_C_NT_STRING_UID_NAME; /* * The implementation must reserve static storage for a * gss_OID_desc object containing the value * {6, (void *)"\x2b\x06\x01\x05\x06\x02"}, * corresponding to an object-identifier value of * {iso(1) org(3) dod(6) internet(1) security(5) * nametypes(6) gss-host-based-services(2)). The constant * GSS_C_NT_HOSTBASED_SERVICE_X should be initialized to point * to that gss_OID_desc. This is a deprecated OID value, and * implementations wishing to support hostbased-service names * should instead use the GSS_C_NT_HOSTBASED_SERVICE OID, * defined below, to identify such names; * GSS_C_NT_HOSTBASED_SERVICE_X should be accepted a synonym * for GSS_C_NT_HOSTBASED_SERVICE when presented as an input * parameter, but should not be emitted by GSS-API * implementations extern gss_OID GSS_C_NT_HOSTBASED_SERVICE_X; */ /* * The implementation must reserve static storage for a * gss_OID_desc object containing the value * {10, (void *)"\x2a\x86\x48\x86\xf7\x12" * "\x01\x02\x01\x04"}, corresponding to an * object-identifier value of {iso(1) member-body(2) * Unites States(840) mit(113554) infosys(1) gssapi(2) * generic(1) service_name(4)}. The constant * GSS_C_NT_HOSTBASED_SERVICE should be initialized * to point to that gss_OID_desc. */ extern gss_OID GSS_C_NT_HOSTBASED_SERVICE; /* * The implementation must reserve static storage for a * gss_OID_desc object containing the value * {6, (void *)"\x2b\x06\01\x05\x06\x03"}, * corresponding to an object identifier value of * {1(iso), 3(org), 6(dod), 1(internet), 5(security), * 6(nametypes), 3(gss-anonymous-name)}. The constant * and GSS_C_NT_ANONYMOUS should be initialized to point * to that gss_OID_desc. */ extern gss_OID GSS_C_NT_ANONYMOUS; /* * The implementation must reserve static storage for a * gss_OID_desc object containing the value * {6, (void *)"\x2b\x06\x01\x05\x06\x04"}, * corresponding to an object-identifier value of * {1(iso), 3(org), 6(dod), 1(internet), 5(security), * 6(nametypes), 4(gss-api-exported-name)}. The constant * GSS_C_NT_EXPORT_NAME should be initialized to point * to that gss_OID_desc. */ extern gss_OID GSS_C_NT_EXPORT_NAME; /* * Function Prototypes */ OM_uint32 gss_acquire_cred(OM_uint32 *, /* minor_status */ gss_name_t, /* desired_name */ OM_uint32, /* time_req */ gss_OID_set, /* desired_mechs */ gss_cred_usage_t, /* cred_usage */ gss_cred_id_t *, /* output_cred_handle */ gss_OID_set *, /* actual_mechs */ OM_uint32 * /* time_rec */ ); OM_uint32 gss_release_cred(OM_uint32 *, /* minor_status */ gss_cred_id_t * /* cred_handle */ ); OM_uint32 gss_init_sec_context(OM_uint32 *, /* minor_status */ gss_cred_id_t, /* claimant_cred_handle */ gss_ctx_id_t *, /* context_handle */ gss_name_t, /* target_name */ gss_OID, /* mech_type (used * to be const) */ OM_uint32, /* req_flags */ OM_uint32, /* time_req */ gss_channel_bindings_t, /* input_chan_bindings */ gss_buffer_t, /* input_token */ gss_OID *, /* actual_mech_type */ gss_buffer_t, /* output_token */ OM_uint32 *, /* ret_flags */ OM_uint32 * /* time_rec */ ); OM_uint32 gss_accept_sec_context(OM_uint32 *, /* minor_status */ gss_ctx_id_t *, /* context_handle */ gss_cred_id_t, /* acceptor_cred_handle */ gss_buffer_t, /* input_token_buffer */ gss_channel_bindings_t, /* input_chan_bindings */ gss_name_t *, /* src_name */ gss_OID *, /* mech_type */ gss_buffer_t, /* output_token */ OM_uint32 *, /* ret_flags */ OM_uint32 *, /* time_rec */ gss_cred_id_t * /* delegated_cred_handle */ ); OM_uint32 gss_process_context_token(OM_uint32 *, /* minor_status */ gss_ctx_id_t, /* context_handle */ gss_buffer_t /* token_buffer */ ); OM_uint32 gss_delete_sec_context(OM_uint32 *, /* minor_status */ gss_ctx_id_t *, /* context_handle */ gss_buffer_t /* output_token */ ); OM_uint32 gss_context_time(OM_uint32 *, /* minor_status */ gss_ctx_id_t, /* context_handle */ OM_uint32 * /* time_rec */ ); /* * New for V2 */ OM_uint32 gss_get_mic(OM_uint32 *, /* minor_status */ gss_ctx_id_t, /* context_handle */ gss_qop_t, /* qop_req */ gss_buffer_t, /* message_buffer */ gss_buffer_t /* message_token */ ); /* * New for V2 */ OM_uint32 gss_verify_mic(OM_uint32 *, /* minor_status */ gss_ctx_id_t, /* context_handle */ gss_buffer_t, /* message_buffer */ gss_buffer_t, /* message_token */ gss_qop_t * /* qop_state */ ); /* * New for V2 */ OM_uint32 gss_wrap(OM_uint32 *, /* minor_status */ gss_ctx_id_t, /* context_handle */ int, /* conf_req_flag */ gss_qop_t, /* qop_req */ gss_buffer_t, /* input_message_buffer */ int *, /* conf_state */ gss_buffer_t /* output_message_buffer */ ); /* * New for V2 */ OM_uint32 gss_unwrap(OM_uint32 *, /* minor_status */ gss_ctx_id_t, /* context_handle */ gss_buffer_t, /* input_message_buffer */ gss_buffer_t, /* output_message_buffer */ int *, /* conf_state */ gss_qop_t * /* qop_state */ ); OM_uint32 gss_display_status(OM_uint32 *, /* minor_status */ OM_uint32, /* status_value */ int, /* status_type */ gss_OID, /* mech_type (used to be * const) */ OM_uint32 *, /* message_context */ gss_buffer_t /* status_string */ ); OM_uint32 gss_indicate_mechs(OM_uint32 *, /* minor_status */ gss_OID_set * /* mech_set */ ); OM_uint32 gss_compare_name(OM_uint32 *, /* minor_status */ gss_name_t, /* name1 */ gss_name_t, /* name2 */ int * /* name_equal */ ); OM_uint32 gss_display_name(OM_uint32 *, /* minor_status */ gss_name_t, /* input_name */ gss_buffer_t, /* output_name_buffer */ gss_OID * /* output_name_type */ ); OM_uint32 gss_import_name(OM_uint32 *, /* minor_status */ gss_buffer_t, /* input_name_buffer */ gss_OID, /* input_name_type(used to * be const) */ gss_name_t * /* output_name */ ); OM_uint32 gss_release_name(OM_uint32 *, /* minor_status */ gss_name_t * /* input_name */ ); OM_uint32 gss_release_buffer(OM_uint32 *, /* minor_status */ gss_buffer_t /* buffer */ ); OM_uint32 gss_release_oid_set(OM_uint32 *, /* minor_status */ gss_OID_set * /* set */ ); OM_uint32 gss_inquire_cred(OM_uint32 *, /* minor_status */ gss_cred_id_t, /* cred_handle */ gss_name_t *, /* name */ OM_uint32 *, /* lifetime */ gss_cred_usage_t *, /* cred_usage */ gss_OID_set * /* mechanisms */ ); /* * Last argument new for V2 */ OM_uint32 gss_inquire_context(OM_uint32 *, /* minor_status */ gss_ctx_id_t, /* context_handle */ gss_name_t *, /* src_name */ gss_name_t *, /* targ_name */ OM_uint32 *, /* lifetime_rec */ gss_OID *, /* mech_type */ OM_uint32 *, /* ctx_flags */ int *, /* locally_initiated */ int * /* open */ ); /* * New for V2 */ OM_uint32 gss_wrap_size_limit(OM_uint32 *, /* minor_status */ gss_ctx_id_t, /* context_handle */ int, /* conf_req_flag */ gss_qop_t, /* qop_req */ OM_uint32, /* req_output_size */ OM_uint32 * /* max_input_size */ ); /* * New for V2 */ OM_uint32 gss_import_name_object(OM_uint32 *, /* minor_status */ void *, /* input_name */ gss_OID, /* input_name_type */ gss_name_t * /* output_name */ ); /* * New for V2 */ OM_uint32 gss_export_name_object(OM_uint32 *, /* minor_status */ gss_name_t, /* input_name */ gss_OID, /* desired_name_type */ void * * /* output_name */ ); /* * New for V2 */ OM_uint32 gss_add_cred(OM_uint32 *, /* minor_status */ gss_cred_id_t, /* input_cred_handle */ gss_name_t, /* desired_name */ gss_OID, /* desired_mech */ gss_cred_usage_t, /* cred_usage */ OM_uint32, /* initiator_time_req */ OM_uint32, /* acceptor_time_req */ gss_cred_id_t *, /* output_cred_handle */ gss_OID_set *, /* actual_mechs */ OM_uint32 *, /* initiator_time_rec */ OM_uint32 * /* acceptor_time_rec */ ); /* * New for V2 */ OM_uint32 gss_inquire_cred_by_mech(OM_uint32 *, /* minor_status */ gss_cred_id_t, /* cred_handle */ gss_OID, /* mech_type */ gss_name_t *, /* name */ OM_uint32 *, /* initiator_lifetime */ OM_uint32 *, /* acceptor_lifetime */ gss_cred_usage_t * /* cred_usage */ ); /* * New for V2 */ OM_uint32 gss_export_sec_context(OM_uint32 *, /* minor_status */ gss_ctx_id_t *, /* context_handle */ gss_buffer_t /* interprocess_token */ ); /* * New for V2 */ OM_uint32 gss_import_sec_context(OM_uint32 *, /* minor_status */ gss_buffer_t, /* interprocess_token */ gss_ctx_id_t * /* context_handle */ ); /* * New for V2 */ OM_uint32 gss_create_empty_oid_set(OM_uint32 *, /* minor_status */ gss_OID_set * /* oid_set */ ); /* * New for V2 */ OM_uint32 gss_add_oid_set_member(OM_uint32 *, /* minor_status */ gss_OID, /* member_oid */ gss_OID_set * /* oid_set */ ); /* * New for V2 */ OM_uint32 gss_test_oid_set_member(OM_uint32 *, /* minor_status */ gss_OID, /* member */ gss_OID_set, /* set */ int * /* present */ ); /* * New for V2 */ OM_uint32 gss_str_to_oid(OM_uint32 *, /* minor_status */ gss_buffer_t, /* oid_str */ gss_OID * /* oid */ ); /* * New for V2 */ OM_uint32 gss_oid_to_str(OM_uint32 *, /* minor_status */ gss_OID, /* oid */ gss_buffer_t /* oid_str */ ); /* * New for V2 */ OM_uint32 gss_inquire_names_for_mech(OM_uint32 *, /* minor_status */ gss_OID, /* mechanism */ gss_OID_set * /* name_types */ ); /* * The following routines are obsolete variants of gss_get_mic, gss_wrap, * gss_verify_mic and gss_unwrap. They should be provided by GSSAPI V2 * implementations for backwards compatibility with V1 applications. Distinct * entrypoints (as opposed to #defines) should be provided, to allow GSSAPI * V1 applications to link against GSSAPI V2 implementations. */ OM_uint32 gss_sign(OM_uint32 *, /* minor_status */ gss_ctx_id_t, /* context_handle */ int, /* qop_req */ gss_buffer_t, /* message_buffer */ gss_buffer_t /* message_token */ ); OM_uint32 gss_verify(OM_uint32 *, /* minor_status */ gss_ctx_id_t, /* context_handle */ gss_buffer_t, /* message_buffer */ gss_buffer_t, /* token_buffer */ int * /* qop_state */ ); OM_uint32 gss_seal(OM_uint32 *, /* minor_status */ gss_ctx_id_t, /* context_handle */ int, /* conf_req_flag */ int, /* qop_req */ gss_buffer_t, /* input_message_buffer */ int *, /* conf_state */ gss_buffer_t /* output_message_buffer */ ); OM_uint32 gss_unseal(OM_uint32 *, /* minor_status */ gss_ctx_id_t, /* context_handle */ gss_buffer_t, /* input_message_buffer */ gss_buffer_t, /* output_message_buffer */ int *, /* conf_state */ int * /* qop_state */ ); /* * New for V2 */ OM_uint32 gss_export_name(OM_uint32 *, /* minor_status */ const gss_name_t, /* input_name */ gss_buffer_t /* exported_name */ ); /* * New for V2 */ OM_uint32 gss_duplicate_name(OM_uint32 *, /* minor_status */ const gss_name_t, /* input_name */ gss_name_t * /* dest_name */ ); /* * New for V2 */ OM_uint32 gss_canonicalize_name(OM_uint32 *, /* minor_status */ const gss_name_t, /* input_name */ const gss_OID, /* mech_type */ gss_name_t * /* output_name */ ); /* * The following routines are new functions added to this "glue" * library. They are not defined in the GSSAPI specification. */ /* * Added new here -- not in the spec */ OM_uint32 gss_export_lucid_sec_context(OM_uint32 *, /* minor_status */ gss_ctx_id_t *, /* context_handle */ OM_uint32, /* interface * version */ void ** /* internal * context */ ); /* * Added new here -- not in the spec */ OM_uint32 gss_free_lucid_sec_context(OM_uint32 *, /* minor_status */ gss_ctx_id_t, /* context_handle */ void * /* internal * context */ ); /* * Added new here -- not in the spec */ OM_uint32 gss_set_allowable_enctypes(OM_uint32 *, /* minor_status */ gss_cred_id_t, /* cred_handle */ gss_OID, /* mech type */ OM_uint32, /* num_ktypes */ void * /* ktypes */ ); /* * XXXX these are not part of the GSSAPI C bindings! (but should be) */ #define GSS_CALLING_ERROR_FIELD(x) \ (((x) >> GSS_C_CALLING_ERROR_OFFSET) & GSS_C_CALLING_ERROR_MASK) #define GSS_ROUTINE_ERROR_FIELD(x) \ (((x) >> GSS_C_ROUTINE_ERROR_OFFSET) & GSS_C_ROUTINE_ERROR_MASK) #define GSS_SUPPLEMENTARY_INFO_FIELD(x) \ (((x) >> GSS_C_SUPPLEMENTARY_OFFSET) & GSS_C_SUPPLEMENTARY_MASK) /* * XXXX This is a necessary evil until the spec is fixed */ #define GSS_S_CRED_UNAVAIL GSS_S_FAILURE /* * RFC 5587 */ typedef const gss_buffer_desc *gss_const_buffer_t; typedef const struct gss_channel_bindings_struct *gss_const_channel_bindings_t; typedef const struct gss_ctx_id_struct gss_const_ctx_id_t; typedef const struct gss_cred_id_struct gss_const_cred_id_t; typedef const struct gss_name_struct gss_const_name_t; typedef const gss_OID_desc *gss_const_OID; typedef const gss_OID_set_desc *gss_const_OID_set; #ifdef __cplusplus } #endif /* __cplusplus */ #endif /* _GSSAPI_H_GLUE_ */ libgssglue-0.9/src/mechglue.h000066400000000000000000000034371455651163400162740ustar00rootroot00000000000000/* * #ident "@(#)mechglue.h 1.13 95/08/07 SMI" */ /* * Copyright 1996 by Sun Microsystems, Inc. * * Permission to use, copy, modify, distribute, and sell this software * and its documentation for any purpose is hereby granted without fee, * provided that the above copyright notice appears in all copies and * that both that copyright notice and this permission notice appear in * supporting documentation, and that the name of Sun Microsystems not be used * in advertising or publicity pertaining to distribution of the software * without specific, written prior permission. Sun Microsystems makes no * representations about the suitability of this software for any * purpose. It is provided "as is" without express or implied warranty. * * SUN MICROSYSTEMS DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE, * INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO * EVENT SHALL SUN MICROSYSTEMS BE LIABLE FOR ANY SPECIAL, INDIRECT OR * CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF * USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR * OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR * PERFORMANCE OF THIS SOFTWARE. */ /* * This header contains the mechglue definitions. */ #ifndef _GSS_MECHGLUE_H #define _GSS_MECHGLUE_H #include "gssapi/gssapi.h" /********************************************************/ /* * GSSAPI Extension functions -- these functions aren't */ /* * in the GSSAPI, but they are provided in this library */ #if defined(ADD_GSSD_PNAME_TO_UID) int gssd_pname_to_uid(char *, gss_OID, gss_OID, uid_t *); #endif int gss_initialize(void); #define GSS_INITIALIZE \ if (gss_initialize() != 0) { \ return GSS_S_FAILURE; \ } #endif /* _GSS_MECHGLUE_H */ libgssglue-0.9/src/mglueP.h000066400000000000000000000357701455651163400157410ustar00rootroot00000000000000/* * #ident "@(#)mglueP.h 1.2 96/01/18 SMI" */ /* * This header contains the private mechglue definitions. * * Copyright (c) 1995, by Sun Microsystems, Inc. * All rights reserved. */ #ifndef _GSS_MECHGLUEP_H #define _GSS_MECHGLUEP_H #include "config.h" #include "mechglue.h" #define g_OID_equal(o1,o2) \ (((o1)->length == (o2)->length) && \ (memcmp((o1)->elements,(o2)->elements,(int) (o1)->length) == 0)) #define g_OID_copy(o1, o2) \ do { \ memcpy((o1)->elements, (o2)->elements, (o2)->length); \ (o1)->length = (o2)->length; \ } while (0) /* * Array of context IDs typed by mechanism OID */ typedef struct gss_union_ctx_id_t { gss_OID mech_type; gss_ctx_id_t internal_ctx_id; } gss_union_ctx_id_desc, *gss_union_ctx_id_t; /* * Structure for holding list of mechanism-specific name types */ typedef struct gss_mech_spec_name_t { gss_OID name_type; gss_OID mech; struct gss_mech_spec_name_t *next, *prev; } gss_mech_spec_name_desc, *gss_mech_spec_name; /* * Credential auxiliary info, used in the credential structure */ typedef struct gss_union_cred_auxinfo { gss_buffer_desc name; gss_OID name_type; time_t creation_time; OM_uint32 time_rec; int cred_usage; } gss_union_cred_auxinfo; /* * Set of Credentials typed on mechanism OID */ typedef struct gss_union_cred_t { int count; gss_OID mechs_array; gss_cred_id_t *cred_array; gss_union_cred_auxinfo auxinfo; } gss_union_cred_desc, *gss_union_cred_t; /********************************************************/ /* * The Mechanism Dispatch Table -- a mechanism needs to */ /* * define one of these and provide a function to return */ /* * it to initialize the GSSAPI library */ /* * This is the definition of the mechs_array struct, which is used to * define the mechs array table. This table is used to indirectly * access mechanism specific versions of the gssapi routines through * the routines in the glue module (gssd_mech_glue.c) * * This contants all of the functions defined in gssapi.h except for * gss_release_buffer() and gss_release_oid_set(), which I am * assuming, for now, to be equal across mechanisms. */ typedef struct gss_config { gss_OID_desc mech_type; void *context; OM_uint32(*gss_acquire_cred) (OM_uint32 *, /* minor_status */ gss_name_t, /* desired_name */ OM_uint32, /* time_req */ gss_OID_set, /* desired_mechs */ int, /* cred_usage */ gss_cred_id_t *, /* output_cred_handle */ gss_OID_set *, /* actual_mechs */ OM_uint32 * /* time_rec */ ); OM_uint32(*gss_release_cred) (OM_uint32 *, /* minor_status */ gss_cred_id_t * /* cred_handle */ ); OM_uint32(*gss_init_sec_context) (OM_uint32 *, /* minor_status */ gss_cred_id_t, /* claimant_cred_handle */ gss_ctx_id_t *, /* context_handle */ gss_name_t, /* target_name */ gss_OID, /* mech_type */ OM_uint32, /* req_flags */ OM_uint32, /* time_req */ gss_channel_bindings_t, /* input_chan_bindings */ gss_buffer_t, /* input_token */ gss_OID *, /* actual_mech_type */ gss_buffer_t, /* output_token */ OM_uint32 *, /* ret_flags */ OM_uint32 * /* time_rec */ ); OM_uint32(*gss_accept_sec_context) (OM_uint32 *, /* minor_status */ gss_ctx_id_t *, /* context_handle */ gss_cred_id_t, /* verifier_cred_handle */ gss_buffer_t, /* input_token_buffer */ gss_channel_bindings_t, /* input_chan_bindings */ gss_name_t *, /* src_name */ gss_OID *, /* mech_type */ gss_buffer_t, /* output_token */ OM_uint32 *, /* ret_flags */ OM_uint32 *, /* time_rec */ gss_cred_id_t * /* delegated_cred_handle */ ); OM_uint32(*gss_process_context_token) (OM_uint32 *, /* minor_status */ gss_ctx_id_t, /* context_handle */ gss_buffer_t /* token_buffer */ ); OM_uint32(*gss_delete_sec_context) (OM_uint32 *, /* minor_status */ gss_ctx_id_t *, /* context_handle */ gss_buffer_t /* output_token */ ); OM_uint32(*gss_context_time) (OM_uint32 *, /* minor_status */ gss_ctx_id_t, /* context_handle */ OM_uint32 * /* time_rec */ ); OM_uint32(*gss_sign) (OM_uint32 *, /* minor_status */ gss_ctx_id_t, /* context_handle */ int, /* qop_req */ gss_buffer_t, /* message_buffer */ gss_buffer_t /* message_token */ ); OM_uint32(*gss_verify) (OM_uint32 *, /* minor_status */ gss_ctx_id_t, /* context_handle */ gss_buffer_t, /* message_buffer */ gss_buffer_t, /* token_buffer */ int * /* qop_state */ ); OM_uint32(*gss_seal) (OM_uint32 *, /* minor_status */ gss_ctx_id_t, /* context_handle */ int, /* conf_req_flag */ int, /* qop_req */ gss_buffer_t, /* input_message_buffer */ int *, /* conf_state */ gss_buffer_t /* output_message_buffer */ ); OM_uint32(*gss_unseal) (OM_uint32 *, /* minor_status */ gss_ctx_id_t, /* context_handle */ gss_buffer_t, /* input_message_buffer */ gss_buffer_t, /* output_message_buffer */ int *, /* conf_state */ int * /* qop_state */ ); OM_uint32(*gss_display_status) (OM_uint32 *, /* minor_status */ OM_uint32, /* status_value */ int, /* status_type */ gss_OID, /* mech_type */ OM_uint32 *, /* message_context */ gss_buffer_t /* status_string */ ); OM_uint32(*gss_indicate_mechs) (OM_uint32 *, /* minor_status */ gss_OID_set * /* mech_set */ ); OM_uint32(*gss_compare_name) (OM_uint32 *, /* minor_status */ gss_name_t, /* name1 */ gss_name_t, /* name2 */ int * /* name_equal */ ); OM_uint32(*gss_display_name) (OM_uint32 *, /* minor_status */ gss_name_t, /* input_name */ gss_buffer_t, /* output_name_buffer */ gss_OID * /* output_name_type */ ); OM_uint32(*gss_import_name) (OM_uint32 *, /* minor_status */ gss_buffer_t, /* input_name_buffer */ gss_OID, /* input_name_type */ gss_name_t * /* output_name */ ); OM_uint32(*gss_release_name) (OM_uint32 *, /* minor_status */ gss_name_t * /* input_name */ ); OM_uint32(*gss_inquire_cred) (OM_uint32 *, /* minor_status */ gss_cred_id_t, /* cred_handle */ gss_name_t *, /* name */ OM_uint32 *, /* lifetime */ int *, /* cred_usage */ gss_OID_set * /* mechanisms */ ); OM_uint32(*gss_add_cred) (OM_uint32 *, /* minor_status */ gss_cred_id_t, /* input_cred_handle */ gss_name_t, /* desired_name */ gss_OID, /* desired_mech */ gss_cred_usage_t, /* cred_usage */ OM_uint32, /* initiator_time_req */ OM_uint32, /* acceptor_time_req */ gss_cred_id_t *, /* output_cred_handle */ gss_OID_set *, /* actual_mechs */ OM_uint32 *, /* initiator_time_rec */ OM_uint32 * /* acceptor_time_rec */ ); OM_uint32(*gss_export_sec_context) (OM_uint32 *, /* minor_status */ gss_ctx_id_t *, /* context_handle */ gss_buffer_t /* interprocess_token */ ); OM_uint32(*gss_import_sec_context) (OM_uint32 *, /* minor_status */ gss_buffer_t, /* interprocess_token */ gss_ctx_id_t * /* context_handle */ ); OM_uint32(*gss_inquire_cred_by_mech) (OM_uint32 *, /* minor_status */ gss_cred_id_t, /* cred_handle */ gss_OID, /* mech_type */ gss_name_t *, /* name */ OM_uint32 *, /* initiator_lifetime */ OM_uint32 *, /* acceptor_lifetime */ gss_cred_usage_t * /* cred_usage */ ); OM_uint32(*gss_inquire_names_for_mech) (OM_uint32 *, /* minor_status */ gss_OID, /* mechanism */ gss_OID_set * /* name_types */ ); OM_uint32(*gss_inquire_context) (OM_uint32 *, /* minor_status */ gss_ctx_id_t, /* context_handle */ gss_name_t *, /* src_name */ gss_name_t *, /* targ_name */ OM_uint32 *, /* lifetime_rec */ gss_OID *, /* mech_type */ OM_uint32 *, /* ctx_flags */ int *, /* locally_initiated */ int * /* open */ ); OM_uint32(*gss_internal_release_oid) (OM_uint32 *, /* minor_status */ gss_OID * /* OID */ ); OM_uint32(*gss_wrap_size_limit) (OM_uint32 *, /* minor_status */ gss_ctx_id_t, /* context_handle */ int, /* conf_req_flag */ gss_qop_t, /* qop_req */ OM_uint32, /* req_output_size */ OM_uint32 * /* max_input_size */ ); #if defined(ADD_GSSD_PNAME_TO_UID) OM_uint32(*pname_to_uid) (char *, /* pname */ gss_OID, /* name type */ gss_OID, /* mech type */ uid_t * /* uid */ ); #endif OM_uint32(*gss_duplicate_name) (OM_uint32 *, /* minor_status */ const gss_name_t, /* input_name */ gss_name_t * /* dest_name */ ); OM_uint32(*gss_set_allowable_enctypes) (OM_uint32 *, /* minor_status */ gss_cred_id_t, /* cred_handle */ OM_uint32, /* num_ktypes */ void * /* ktypes */ ); OM_uint32(*gss_verify_mic) (OM_uint32 *, /* minor_status */ gss_ctx_id_t, /* context_handle */ gss_buffer_t, /* message_buffer */ gss_buffer_t, /* token_buffer */ gss_qop_t * /* qop_state */ ); OM_uint32(*gss_export_lucid_sec_context) (OM_uint32 *, /* minor_status */ gss_ctx_id_t *, /* context_handle */ OM_uint32, /* interface version */ void ** /* internal context */ ); OM_uint32(*gss_free_lucid_sec_context) (OM_uint32 *, /* minor_status */ void * /* internal context */ ); OM_uint32(*gss_get_mic) (OM_uint32 *, /* minor_status */ gss_ctx_id_t, /* context_handle */ int, /* qop_req */ gss_buffer_t, /* message_buffer */ gss_buffer_t /* message_token */ ); OM_uint32(*gss_wrap) (OM_uint32 *, /* minor_status */ gss_ctx_id_t, /* context_handle */ int, /* conf_req_flag */ gss_qop_t, /* qop_req */ gss_buffer_t, /* input_message_buffer */ int *, /* conf_state */ gss_buffer_t /* output_message_buffer */ ); OM_uint32(*gss_unwrap) (OM_uint32 *, /* minor_status */ const gss_ctx_id_t, /* context_handle */ const gss_buffer_t, /* input_message_buffer */ gss_buffer_t, /* output_message_buffer */ int *, /* conf_state */ gss_qop_t * /* qop_state */ ); OM_uint32(*gss_canonicalize_name) (OM_uint32 *, /* minor_status */ const gss_name_t, /* input_name */ const gss_OID, /* mech_type */ gss_name_t * /* output_name */ ); OM_uint32(*gss_export_name) (OM_uint32 *, /* minor_status */ const gss_name_t, /* input_name */ gss_buffer_t /* exported_name */ ); OM_uint32(*krb5_ccache_name) (OM_uint32 *, /* minor_status */ const char *, /* name */ const char ** /* old_name */ ); } *gss_mechanism; /* * Generic GSSAPI names. A name can either be a generic name, or a * mechanism specific name.... */ typedef struct gss_union_name_t { gss_mechanism gss_mech; gss_OID name_type; gss_buffer_desc external_name; /* * These last two fields are only filled in for mechanism * names. */ gss_OID mech_type; gss_name_t mech_name; } gss_union_name_desc, *gss_union_name_t; /********************************************************/ /* * Internal mechglue routines */ gss_mechanism __gss_get_mechanism(gss_OID); OM_uint32 __gss_get_mech_type(gss_OID, gss_buffer_t); OM_uint32 __gss_import_internal_name(OM_uint32 *, gss_OID, gss_union_name_t, gss_name_t *); OM_uint32 __gss_display_internal_name(OM_uint32 *, gss_OID, gss_name_t, gss_buffer_t, gss_OID *); OM_uint32 __gss_release_internal_name(OM_uint32 *, gss_OID, gss_name_t *); OM_uint32 __gss_convert_name_to_union_name(OM_uint32 *, /* minor_status */ gss_mechanism, /* mech */ gss_name_t, /* internal_name */ gss_name_t * /* external_name */ ); gss_cred_id_t __gss_get_mechanism_cred(gss_union_cred_t, /* union_cred */ gss_OID /* mech_type */ ); OM_uint32 generic_gss_release_oid(OM_uint32 *, /* minor_status */ gss_OID * /* oid */ ); OM_uint32 mech_gss_release_oid(OM_uint32 *, /* minor_status */ gss_OID *, /* oid */ gss_mechanism /* gss_mech */ ); OM_uint32 generic_gss_copy_oid(OM_uint32 *, /* minor_status */ gss_OID, /* oid */ gss_OID * /* new_oid */ ); OM_uint32 generic_gss_create_empty_oid_set(OM_uint32 *, /* minor_status */ gss_OID_set * /* oid_set */ ); OM_uint32 generic_gss_add_oid_set_member(OM_uint32 *, /* minor_status */ gss_OID, /* member_oid */ gss_OID_set * /* oid_set */ ); OM_uint32 generic_gss_test_oid_set_member(OM_uint32 *, /* minor_status */ gss_OID, /* member */ gss_OID_set, /* set */ int * /* present */ ); OM_uint32 generic_gss_oid_to_str(OM_uint32 *, /* minor_status */ gss_OID, /* oid */ gss_buffer_t /* oid_str */ ); OM_uint32 generic_gss_str_to_oid(OM_uint32 *, /* minor_status */ gss_buffer_t, /* oid_str */ gss_OID * /* oid */ ); OM_uint32 generic_gss_copy_oid_set(OM_uint32 * minor_status, const gss_OID_set_desc * const oidset, gss_OID_set * new_oidset); gss_OID gss_find_mechanism_from_name_type(gss_OID); /* name_type */ OM_uint32 gss_add_mech_name_type(OM_uint32 *, /* minor_status */ gss_OID, /* name_type */ gss_OID /* mech */ ); #endif /* _GSS_MECHGLUEP_H */ libgssglue-0.9/src/oid_ops.c000066400000000000000000000265171455651163400161360ustar00rootroot00000000000000/* * lib/gssapi/generic/oid_ops.c * * Copyright 1995 by the Massachusetts Institute of Technology. * All Rights Reserved. * * Export of this software from the United States of America may * require a specific license from the United States Government. * It is the responsibility of any person or organization contemplating * export to obtain such a license before exporting. * * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and * distribute this software and its documentation for any purpose and * without fee is hereby granted, provided that the above copyright * notice appear in all copies and that both that copyright notice and * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior * permission. Furthermore if you modify this software you must label * your software as modified software and not distribute it in such a * fashion that it might be confused with the original M.I.T. software. * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * */ /* * oid_ops.c - GSS-API V2 interfaces to manipulate OIDs */ #include "mglueP.h" #include #include #include #include #include #include OM_uint32 generic_gss_release_oid(OM_uint32 *minor_status, gss_OID *oid) { *minor_status = 0; *oid = GSS_C_NO_OID; return (GSS_S_COMPLETE); } OM_uint32 mech_gss_release_oid(OM_uint32 *minor_status, gss_OID *oid, gss_mechanism gss_mech) { *minor_status = 0; if (*oid == GSS_C_NO_OID) return (GSS_S_COMPLETE); if (gss_mech == NULL) { return (GSS_S_COMPLETE); } if (gss_mech->gss_internal_release_oid) { return (gss_mech->gss_internal_release_oid(minor_status, oid)); } return (GSS_S_COMPLETE); } OM_uint32 generic_gss_copy_oid(OM_uint32 *minor_status, gss_OID oid, gss_OID *new_oid) { if (oid == GSS_C_NO_OID) { *new_oid = GSS_C_NO_OID; return (GSS_S_COMPLETE); } *new_oid = oid; return (GSS_S_COMPLETE); } OM_uint32 generic_gss_create_empty_oid_set(OM_uint32 *minor_status, gss_OID_set *oid_set) { if ((*oid_set = (gss_OID_set) malloc(sizeof(gss_OID_set_desc)))) { memset(*oid_set, 0, sizeof(gss_OID_set_desc)); *minor_status = 0; return (GSS_S_COMPLETE); } else { *minor_status = ENOMEM; return (GSS_S_FAILURE); } } OM_uint32 generic_gss_add_oid_set_member(OM_uint32 *minor_status, gss_OID member_oid, gss_OID_set *oid_set) { gss_OID elist; gss_OID lastel; elist = (*oid_set)->elements; /* * Get an enlarged copy of the array */ if (((*oid_set)->elements = (gss_OID) malloc(((*oid_set)->count + 1) * sizeof(gss_OID_desc)))) { /* * Copy in the old junk */ if (elist) memcpy((*oid_set)->elements, elist, ((*oid_set)->count * sizeof(gss_OID_desc))); /* * Duplicate the input element */ lastel = &(*oid_set)->elements[(*oid_set)->count]; if ((lastel->elements = (void *) malloc((size_t) member_oid->length))) { /* * Success - copy elements */ memcpy(lastel->elements, member_oid->elements, (size_t) member_oid->length); /* * Set length */ lastel->length = member_oid->length; /* * Update count */ (*oid_set)->count++; if (elist) free(elist); *minor_status = 0; return (GSS_S_COMPLETE); } else free((*oid_set)->elements); } /* * Failure - restore old contents of list */ (*oid_set)->elements = elist; *minor_status = ENOMEM; return (GSS_S_FAILURE); } OM_uint32 generic_gss_test_oid_set_member(OM_uint32 *minor_status, gss_OID member, gss_OID_set set, int *present) { size_t i; int result; result = 0; for (i = 0; i < set->count; i++) { if ((set->elements[i].length == member->length) && !memcmp(set->elements[i].elements, member->elements, (size_t) member->length)) { result = 1; break; } } *present = result; *minor_status = 0; return (GSS_S_COMPLETE); } /* * OID<->string routines. These are uuuuugly. */ OM_uint32 generic_gss_oid_to_str(OM_uint32 *minor_status, gss_OID oid, gss_buffer_t oid_str) { char numstr[128]; unsigned long number; int numshift; size_t string_length; size_t i; unsigned char *cp; char *bp; /* * Decoded according to krb5/gssapi_krb5.c */ /* * First determine the size of the string */ string_length = 0; number = 0; numshift = 0; cp = (unsigned char *) oid->elements; number = (unsigned long) cp[0]; sprintf(numstr, "%ld ", number / 40); string_length += strlen(numstr); sprintf(numstr, "%ld ", number % 40); string_length += strlen(numstr); for (i = 1; i < oid->length; i++) { if ((size_t) (numshift + 7) < (sizeof(unsigned long) * 8)) { number = (number << 7) | (cp[i] & 0x7f); numshift += 7; } else { *minor_status = EINVAL; return (GSS_S_FAILURE); } if ((cp[i] & 0x80) == 0) { sprintf(numstr, "%ld ", number); string_length += strlen(numstr); number = 0; numshift = 0; } } /* * If we get here, we've calculated the length of "n n n ... n ". Add 4 * here for "{ " and "}\0". */ string_length += 4; if ((bp = (char *) malloc(string_length))) { strcpy(bp, "{ "); number = (unsigned long) cp[0]; sprintf(numstr, "%ld ", number / 40); strcat(bp, numstr); sprintf(numstr, "%ld ", number % 40); strcat(bp, numstr); number = 0; cp = (unsigned char *) oid->elements; for (i = 1; i < oid->length; i++) { number = (number << 7) | (cp[i] & 0x7f); if ((cp[i] & 0x80) == 0) { sprintf(numstr, "%ld ", number); strcat(bp, numstr); number = 0; } } strcat(bp, "}"); oid_str->length = strlen(bp) + 1; oid_str->value = (void *) bp; *minor_status = 0; return (GSS_S_COMPLETE); } *minor_status = ENOMEM; return (GSS_S_FAILURE); } OM_uint32 generic_gss_str_to_oid(OM_uint32 *minor_status, gss_buffer_t oid_str, gss_OID *oid) { char *cp, *bp, *startp; int brace; long numbuf; long onumbuf; OM_uint32 nbytes; int index; unsigned char *op; brace = 0; bp = (char *) oid_str->value; cp = bp; /* * Skip over leading space */ while ((bp < &cp[oid_str->length]) && isspace(*bp)) bp++; if (*bp == '{') { brace = 1; bp++; } while ((bp < &cp[oid_str->length]) && isspace(*bp)) bp++; startp = bp; nbytes = 0; /* * The first two numbers are chewed up by the first octet. */ if (sscanf(bp, "%ld", &numbuf) != 1) { *minor_status = EINVAL; return (GSS_S_FAILURE); } while ((bp < &cp[oid_str->length]) && isdigit(*bp)) bp++; while ((bp < &cp[oid_str->length]) && isspace(*bp)) bp++; if (sscanf(bp, "%ld", &numbuf) != 1) { *minor_status = EINVAL; return (GSS_S_FAILURE); } while ((bp < &cp[oid_str->length]) && isdigit(*bp)) bp++; while ((bp < &cp[oid_str->length]) && isspace(*bp)) bp++; nbytes++; while (isdigit(*bp)) { if (sscanf(bp, "%ld", &numbuf) != 1) { *minor_status = EINVAL; return (GSS_S_FAILURE); } while (numbuf) { nbytes++; numbuf >>= 7; } while ((bp < &cp[oid_str->length]) && isdigit(*bp)) bp++; while ((bp < &cp[oid_str->length]) && isspace(*bp)) bp++; } if (brace && (*bp != '}')) { *minor_status = EINVAL; return (GSS_S_FAILURE); } /* * Phew! We've come this far, so the syntax is good. */ if ((*oid = (gss_OID) malloc(sizeof(gss_OID_desc)))) { if (((*oid)->elements = (void *) malloc((size_t) nbytes))) { (*oid)->length = nbytes; op = (unsigned char *) (*oid)->elements; bp = startp; sscanf(bp, "%ld", &numbuf); while (isdigit(*bp)) bp++; while (isspace(*bp)) bp++; onumbuf = 40 * numbuf; sscanf(bp, "%ld", &numbuf); onumbuf += numbuf; *op = (unsigned char) onumbuf; op++; while (isdigit(*bp)) bp++; while (isspace(*bp)) bp++; while (isdigit(*bp)) { sscanf(bp, "%ld", &numbuf); nbytes = 0; /* * Have to fill in the bytes msb-first */ onumbuf = numbuf; while (numbuf) { nbytes++; numbuf >>= 7; } numbuf = onumbuf; op += nbytes; index = -1; while (numbuf) { op[index] = (unsigned char) numbuf & 0x7f; if (index != -1) op[index] |= 0x80; index--; numbuf >>= 7; } while (isdigit(*bp)) bp++; while (isspace(*bp)) bp++; } *minor_status = 0; return (GSS_S_COMPLETE); } else { free(*oid); *oid = GSS_C_NO_OID; } } *minor_status = ENOMEM; return (GSS_S_FAILURE); } /* * Copyright 1993 by OpenVision Technologies, Inc. * * Permission to use, copy, modify, distribute, and sell this software * and its documentation for any purpose is hereby granted without fee, * provided that the above copyright notice appears in all copies and * that both that copyright notice and this permission notice appear in * supporting documentation, and that the name of OpenVision not be used * in advertising or publicity pertaining to distribution of the software * without specific, written prior permission. OpenVision makes no * representations about the suitability of this software for any * purpose. It is provided "as is" without express or implied warranty. * * OPENVISION DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE, * INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO * EVENT SHALL OPENVISION BE LIABLE FOR ANY SPECIAL, INDIRECT OR * CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF * USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR * OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR * PERFORMANCE OF THIS SOFTWARE. */ OM_uint32 generic_gss_copy_oid_set(OM_uint32 *minor_status, const gss_OID_set_desc *const oidset, gss_OID_set *new_oidset) { gss_OID_set_desc *copy; OM_uint32 minor = 0; OM_uint32 major = GSS_S_COMPLETE; OM_uint32 i; if (minor_status != NULL) *minor_status = 0; if (new_oidset != NULL) *new_oidset = GSS_C_NO_OID_SET; if (oidset == GSS_C_NO_OID_SET) return (GSS_S_CALL_INACCESSIBLE_READ); if (new_oidset == NULL) return (GSS_S_CALL_INACCESSIBLE_WRITE); if ((copy = (gss_OID_set_desc *) calloc(1, sizeof(*copy))) == NULL) { major = GSS_S_FAILURE; goto done; } if ((copy->elements = (gss_OID_desc *) calloc(oidset->count, sizeof(*copy->elements))) == NULL) { major = GSS_S_FAILURE; goto done; } copy->count = oidset->count; for (i = 0; i < copy->count; i++) { gss_OID_desc *out = ©->elements[i]; gss_OID_desc *in = &oidset->elements[i]; if ((out->elements = (void *) malloc(in->length)) == NULL) { major = GSS_S_FAILURE; goto done; } (void) memcpy(out->elements, in->elements, in->length); out->length = in->length; } *new_oidset = copy; done: if (major != GSS_S_COMPLETE) { (void) gss_release_oid_set(&minor, ©); } return (major); } libgssglue-0.9/src/symbol_versions000066400000000000000000000027221455651163400175060ustar00rootroot00000000000000libgssapi_CITI_2 { GSS_C_NT_ANONYMOUS; GSS_C_NT_EXPORT_NAME; GSS_C_NT_HOSTBASED_SERVICE; GSS_C_NT_HOSTBASED_SERVICE_X; GSS_C_NT_MACHINE_UID_NAME; GSS_C_NT_STRING_UID_NAME; GSS_C_NT_USER_NAME; gss_accept_sec_context; gss_acquire_cred; gss_add_cred; gss_add_oid_set_member; gss_canonicalize_name; gss_compare_name; gss_context_time; gss_create_empty_oid_set; gss_delete_sec_context; gss_display_name; gss_display_status; gss_duplicate_name; gss_export_lucid_sec_context; gss_export_name; gss_export_sec_context; gss_free_lucid_sec_context; gss_get_mic; gss_import_name; gss_import_sec_context; gss_indicate_mechs; gss_init_sec_context; gss_inquire_context; gss_inquire_cred; gss_inquire_cred_by_mech; gss_inquire_mechs_for_name; gss_inquire_names_for_mech; gss_process_context_token; gss_release_buffer; gss_release_cred; gss_release_name; gss_release_oid_set; gss_seal; gss_set_allowable_enctypes; gss_sign; gss_test_oid_set_member; gss_unseal; gss_unwrap; gss_verify; gss_verify_mic; gss_wrap; gss_wrap_size_limit; gss_krb5_ccache_name; }; HIDDEN { local: __*; _rest*; _save*; generic_*; internal_*; locate_symbol; mech_*; gssd_*; gss_find_mechanism_from_name_type; gss_oid_to_str; gss_str_to_oid; gss_add_mech_name_type; gss_initialize; }; libgssglue-0.9/tests/000077500000000000000000000000001455651163400146765ustar00rootroot00000000000000libgssglue-0.9/tests/Makefile.am000066400000000000000000000002141455651163400167270ustar00rootroot00000000000000AM_CPPFLAGS = -I$(top_srcdir)/src/gssglue AM_LDFLAGS = -no-install LDADD = ../src/libgssglue.la check_PROGRAMS = generic TESTS = generic libgssglue-0.9/tests/generic.c000066400000000000000000000162541455651163400164660ustar00rootroot00000000000000/* * Copyright (C) 2022 Simon Josefsson * * Permission to use, copy, modify, distribute, and sell this software * and its documentation for any purpose is hereby granted without fee, * provided that the above copyright notice appears in all copies and * that both that copyright notice and this permission notice appear in * supporting documentation, and that the name of OpenVision not be used * in advertising or publicity pertaining to distribution of the software * without specific, written prior permission. OpenVision makes no * representations about the suitability of this software for any * purpose. It is provided "as is" without express or implied warranty. * * OPENVISION DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE, * INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO * EVENT SHALL OPENVISION BE LIABLE FOR ANY SPECIAL, INDIRECT OR * CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF * USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR * OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR * PERFORMANCE OF THIS SOFTWARE. */ #include #include #include #include int main(void) { int errs = 0; gss_uint32 maj_stat, min_stat; gss_buffer_desc bufdesc, bufdesc2; gss_name_t service; gss_OID_set oids; int n; /* * OID set tests */ oids = GSS_C_NO_OID_SET; maj_stat = gss_create_empty_oid_set(&min_stat, &oids); if (maj_stat == GSS_S_COMPLETE) printf("PASS: gss_create_empty_oid_set\n"); else errs++, printf("FAIL: gss_create_empty_oid_set (%u,%u)\n", maj_stat, min_stat); /* * Test empty set */ maj_stat = gss_test_oid_set_member(&min_stat, GSS_C_NT_USER_NAME, oids, &n); if (maj_stat == GSS_S_COMPLETE) printf("PASS: gss_test_oid_set_member\n"); else errs++, printf("FAIL: gss_test_oid_set_member (%u,%u)\n", maj_stat, min_stat); if (n == 0) printf("PASS: gss_test_oid_set_member n==0\n"); else errs++, printf("FAIL: gss_test_oid_set_member n=%d!=0", n); /* * Add an OID */ maj_stat = gss_add_oid_set_member(&min_stat, GSS_C_NT_USER_NAME, &oids); if (maj_stat == GSS_S_COMPLETE) printf("PASS: gss_add_oid_set_member() OK\n"); else errs++, printf("FAIL: gss_add_oid_set_member() failed (%u,%u)\n", maj_stat, min_stat); /* * Test set for added OID */ maj_stat = gss_test_oid_set_member(&min_stat, GSS_C_NT_USER_NAME, oids, &n); if (maj_stat == GSS_S_COMPLETE) printf("PASS: gss_test_oid_set_member() OK\n"); else errs++, printf("FAIL: gss_test_oid_set_member() failed (%u,%u)\n", maj_stat, min_stat); printf(" OID present in set with the OID added to it => %d\n", n); if (n) printf("PASS: gss_test_oid_set_member() OK\n"); else errs++, printf("FAIL: gss_test_oid_set_member() failed (%u,%u)\n", maj_stat, min_stat); /* * Test set for another OID */ maj_stat = gss_test_oid_set_member(&min_stat, GSS_C_NT_ANONYMOUS, oids, &n); if (maj_stat == GSS_S_COMPLETE) printf("PASS: gss_test_oid_set_member() OK\n"); else errs++, printf("FAIL: gss_test_oid_set_member() failed (%u,%u)\n", maj_stat, min_stat); printf(" Another OID present in set without the OID => %d\n", n); if (!n) printf("PASS: gss_test_oid_set_member() OK\n"); else errs++, printf("FAIL: gss_test_oid_set_member() failed (%u,%u)\n", maj_stat, min_stat); /* * Add another OID */ maj_stat = gss_add_oid_set_member(&min_stat, GSS_C_NT_ANONYMOUS, &oids); if (maj_stat == GSS_S_COMPLETE) printf("PASS: gss_add_oid_set_member() OK\n"); else errs++, printf("FAIL: gss_add_oid_set_member() failed (%u,%u)\n", maj_stat, min_stat); /* * Test set for added OID */ maj_stat = gss_test_oid_set_member(&min_stat, GSS_C_NT_ANONYMOUS, oids, &n); if (maj_stat == GSS_S_COMPLETE) printf("PASS: gss_test_oid_set_member() OK\n"); else errs++, printf("FAIL: gss_test_oid_set_member() failed (%u,%u)\n", maj_stat, min_stat); printf(" Another OID present in set with it added => %d\n", n); if (n) printf("PASS: gss_test_oid_set_member() OK\n"); else errs++, printf("FAIL: gss_test_oid_set_member() failed (%u,%u)\n", maj_stat, min_stat); /* * Test set for first OID */ maj_stat = gss_test_oid_set_member(&min_stat, GSS_C_NT_USER_NAME, oids, &n); if (maj_stat == GSS_S_COMPLETE) printf("PASS: gss_test_oid_set_member() OK\n"); else errs++, printf("FAIL: gss_test_oid_set_member() failed (%u,%u)\n", maj_stat, min_stat); printf(" First OID present in set => %d\n", n); if (n) printf("PASS: gss_test_oid_set_member() OK\n"); else errs++, printf("FAIL: gss_test_oid_set_member() failed (%u,%u)\n", maj_stat, min_stat); maj_stat = gss_release_oid_set(&min_stat, &oids); if (maj_stat == GSS_S_COMPLETE) printf("PASS: gss_release_oid_set() OK\n"); else errs++, printf("FAIL: gss_release_oid_set() failed (%u,%u)\n", maj_stat, min_stat); /* * Check mechs */ oids = GSS_C_NO_OID_SET; maj_stat = gss_indicate_mechs(&min_stat, &oids); if (maj_stat == GSS_S_COMPLETE) printf("PASS: gss_indicate_mechs() OK\n"); else errs++, printf("FAIL: gss_indicate_mechs() failed (%u,%u)\n", maj_stat, min_stat); maj_stat = gss_release_oid_set(&min_stat, &oids); if (maj_stat == GSS_S_COMPLETE) printf("PASS: gss_release_oid_set() OK\n"); else errs++, printf("FAIL: gss_release_oid_set() failed (%u,%u)\n", maj_stat, min_stat); /* * Check name */ service = NULL; bufdesc.value = (char *) "imap@server.example.org@FOO"; bufdesc.length = strlen(bufdesc.value); maj_stat = gss_import_name(&min_stat, &bufdesc, GSS_C_NT_HOSTBASED_SERVICE, &service); if (maj_stat == GSS_S_COMPLETE) printf("PASS: gss_import_name() OK\n"); else errs++, printf("FAIL: gss_import_name() failed (%u,%u)\n", maj_stat, min_stat); maj_stat = gss_display_name(&min_stat, service, &bufdesc2, NULL); if (maj_stat == GSS_S_COMPLETE) printf("PASS: gss_display_name() OK\n"); else errs++, printf("FAIL: gss_display_name() failed (%u,%u)\n", maj_stat, min_stat); printf(" display_name() => %d: %.*s\n", (int) bufdesc2.length, (int) bufdesc2.length, (char *) bufdesc2.value); maj_stat = gss_release_buffer(&min_stat, &bufdesc2); if (maj_stat == GSS_S_COMPLETE) printf("PASS: gss_release_buffer() OK\n"); else errs++, printf("FAIL: gss_release_buffer() failed (%u,%u)\n", maj_stat, min_stat); /* * Release service allocated earlier. */ maj_stat = gss_release_name(&min_stat, &service); if (maj_stat == GSS_S_COMPLETE) printf("PASS: gss_release_name() OK\n"); else errs++, printf("FAIL: gss_release_name() failed (%u,%u)\n", maj_stat, min_stat); printf("Basic self tests done with %d errors\n", errs); return errs == 0 ? EXIT_SUCCESS : EXIT_FAILURE; }