gss: intern OIDs (#447)
Intern OIDs so that gss_release_oid() can be a NOOP.
This commit is contained in:
Luke Howard
committed by
Nico Williams
Nico Williams
parent
a8f0905b71
commit
4a93c4774a
@@ -112,6 +112,7 @@ while(<>) {
|
||||
printf "/* $name - $oid */\n";
|
||||
printf "gss_OID_desc GSSAPI_LIB_VARIABLE $store = { $length, rk_UNCONST(\"$data\") };\n\n";
|
||||
}
|
||||
push(@oidstorage, $store);
|
||||
} elsif (/^desc\s+([\w]+)\s+(\w+)\s+(\"[^\"]*\")\s+(\"[^\"]*\")/) {
|
||||
my ($type, $oid, $short, $long) = ($1, $2, $3, $4);
|
||||
my $object = { type=> $type, oid => $oid, short => $short, long => $long };
|
||||
@@ -138,4 +139,11 @@ foreach my $k (sort keys %types) {
|
||||
|
||||
if ($header) {
|
||||
printf "#endif /* GSSAPI_GSSAPI_OID */\n";
|
||||
} else {
|
||||
printf "gss_OID _gss_ot_internal[] = {\n";
|
||||
foreach my $k (@oidstorage) {
|
||||
print " &$k,\n";
|
||||
}
|
||||
printf "};\n\n";
|
||||
printf "size_t _gss_ot_internal_count = sizeof(_gss_ot_internal) / sizeof(_gss_ot_internal[0]);\n";
|
||||
}
|
||||
|
||||
@@ -56,7 +56,7 @@ mech_authorize_localname(OM_uint32 *minor_status,
|
||||
major_status = m->gm_authorize_localname(minor_status,
|
||||
mn->gmn_name,
|
||||
&user->gn_value,
|
||||
&user->gn_type);
|
||||
user->gn_type);
|
||||
if (major_status != GSS_S_UNAUTHORIZED)
|
||||
break;
|
||||
}
|
||||
@@ -75,7 +75,7 @@ attr_authorize_localname(OM_uint32 *minor_status,
|
||||
OM_uint32 major_status = GSS_S_UNAVAILABLE;
|
||||
int more = -1;
|
||||
|
||||
if (!gss_oid_equal(&user->gn_type, GSS_C_NT_USER_NAME))
|
||||
if (!gss_oid_equal(user->gn_type, GSS_C_NT_USER_NAME))
|
||||
return GSS_S_BAD_NAMETYPE;
|
||||
|
||||
while (more != 0 && major_status != GSS_S_COMPLETE) {
|
||||
|
||||
@@ -44,7 +44,7 @@ gss_compare_name(OM_uint32 *minor_status,
|
||||
*/
|
||||
if (name1->gn_value.value && name2->gn_value.value) {
|
||||
*name_equal = 1;
|
||||
if (!gss_oid_equal(&name1->gn_type, &name2->gn_type)) {
|
||||
if (!gss_oid_equal(name1->gn_type, name2->gn_type)) {
|
||||
*name_equal = 0;
|
||||
} else if (name1->gn_value.length != name2->gn_value.length ||
|
||||
memcmp(name1->gn_value.value, name2->gn_value.value,
|
||||
|
||||
@@ -62,7 +62,7 @@ gss_display_name(OM_uint32 *minor_status,
|
||||
memcpy(output_name_buffer->value, name->gn_value.value,
|
||||
output_name_buffer->length);
|
||||
if (output_name_type)
|
||||
*output_name_type = &name->gn_type;
|
||||
*output_name_type = name->gn_type;
|
||||
|
||||
*minor_status = 0;
|
||||
return (GSS_S_COMPLETE);
|
||||
|
||||
@@ -48,7 +48,7 @@ gss_duplicate_name(OM_uint32 *minor_status,
|
||||
*/
|
||||
if (name->gn_value.value) {
|
||||
major_status = gss_import_name(minor_status,
|
||||
&name->gn_value, &name->gn_type, dest_name);
|
||||
&name->gn_value, name->gn_type, dest_name);
|
||||
if (major_status != GSS_S_COMPLETE)
|
||||
return (major_status);
|
||||
new_name = (struct _gss_name *) *dest_name;
|
||||
|
||||
@@ -47,22 +47,5 @@ gss_duplicate_oid (
|
||||
return GSS_S_COMPLETE;
|
||||
}
|
||||
|
||||
*dest_oid = malloc(sizeof(**dest_oid));
|
||||
if (*dest_oid == GSS_C_NO_OID) {
|
||||
*minor_status = ENOMEM;
|
||||
return GSS_S_FAILURE;
|
||||
}
|
||||
|
||||
(*dest_oid)->elements = malloc(src_oid->length);
|
||||
if ((*dest_oid)->elements == NULL) {
|
||||
free(*dest_oid);
|
||||
*dest_oid = GSS_C_NO_OID;
|
||||
*minor_status = ENOMEM;
|
||||
return GSS_S_FAILURE;
|
||||
}
|
||||
memcpy((*dest_oid)->elements, src_oid->elements, src_oid->length);
|
||||
(*dest_oid)->length = src_oid->length;
|
||||
|
||||
*minor_status = 0;
|
||||
return GSS_S_COMPLETE;
|
||||
return _gss_intern_oid(minor_status, src_oid, dest_oid);
|
||||
}
|
||||
|
||||
@@ -221,7 +221,7 @@ gss_import_name(OM_uint32 *minor_status,
|
||||
|
||||
HEIM_SLIST_INIT(&name->gn_mn);
|
||||
|
||||
major_status = _gss_copy_oid(minor_status,
|
||||
major_status = _gss_intern_oid(minor_status,
|
||||
name_type, &name->gn_type);
|
||||
if (major_status) {
|
||||
free(name);
|
||||
@@ -256,8 +256,7 @@ gss_import_name(OM_uint32 *minor_status,
|
||||
|
||||
major_status = (*m->gm_mech.gm_import_name)(minor_status,
|
||||
&name->gn_value,
|
||||
(name->gn_type.elements
|
||||
? &name->gn_type : GSS_C_NO_OID),
|
||||
name->gn_type,
|
||||
&mn->gmn_name);
|
||||
if (major_status != GSS_S_COMPLETE) {
|
||||
_gss_mg_error(&m->gm_mech, major_status, *minor_status);
|
||||
@@ -266,7 +265,7 @@ gss_import_name(OM_uint32 *minor_status,
|
||||
}
|
||||
|
||||
mn->gmn_mech = &m->gm_mech;
|
||||
mn->gmn_mech_oid = &m->gm_mech_oid;
|
||||
mn->gmn_mech_oid = m->gm_mech_oid;
|
||||
HEIM_SLIST_INSERT_HEAD(&name->gn_mn, mn, gmn_link);
|
||||
}
|
||||
|
||||
|
||||
@@ -56,7 +56,7 @@ gss_indicate_mechs(OM_uint32 *minor_status,
|
||||
gss_release_oid_set(minor_status, &set);
|
||||
} else {
|
||||
gss_add_oid_set_member(
|
||||
minor_status, &m->gm_mech_oid, mech_set);
|
||||
minor_status, m->gm_mech_oid, mech_set);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -151,7 +151,7 @@ gss_inquire_cred(OM_uint32 *minor_status,
|
||||
continue;
|
||||
}
|
||||
mn->gmn_mech = &m->gm_mech;
|
||||
mn->gmn_mech_oid = &m->gm_mech_oid;
|
||||
mn->gmn_mech_oid = m->gm_mech_oid;
|
||||
mn->gmn_name = mc_name;
|
||||
HEIM_SLIST_INSERT_HEAD(&name->gn_mn, mn, gmn_link);
|
||||
} else if (mc_name) {
|
||||
@@ -164,7 +164,7 @@ gss_inquire_cred(OM_uint32 *minor_status,
|
||||
|
||||
if (mechanisms)
|
||||
gss_add_oid_set_member(minor_status,
|
||||
&m->gm_mech_oid, mechanisms);
|
||||
m->gm_mech_oid, mechanisms);
|
||||
found++;
|
||||
}
|
||||
}
|
||||
|
||||
@@ -54,17 +54,17 @@ gss_inquire_mechs_for_name(OM_uint32 *minor_status,
|
||||
*/
|
||||
HEIM_SLIST_FOREACH(m, &_gss_mechs, gm_link) {
|
||||
major_status = gss_inquire_names_for_mech(minor_status,
|
||||
&m->gm_mech_oid, &name_types);
|
||||
m->gm_mech_oid, &name_types);
|
||||
if (major_status) {
|
||||
gss_release_oid_set(minor_status, mech_types);
|
||||
return (major_status);
|
||||
}
|
||||
gss_test_oid_set_member(minor_status,
|
||||
&name->gn_type, name_types, &present);
|
||||
name->gn_type, name_types, &present);
|
||||
gss_release_oid_set(minor_status, &name_types);
|
||||
if (present) {
|
||||
major_status = gss_add_oid_set_member(minor_status,
|
||||
&m->gm_mech_oid, mech_types);
|
||||
m->gm_mech_oid, mech_types);
|
||||
if (major_status) {
|
||||
gss_release_oid_set(minor_status, mech_types);
|
||||
return (major_status);
|
||||
|
||||
@@ -607,7 +607,7 @@ gsskrb5_extract_authz_data_from_sec_context(OM_uint32 *minor_status,
|
||||
gss_buffer_t ad_data)
|
||||
{
|
||||
gss_buffer_set_t data_set = GSS_C_NO_BUFFER_SET;
|
||||
OM_uint32 maj_stat;
|
||||
OM_uint32 maj_stat, tmp;
|
||||
gss_OID_desc oid_flat;
|
||||
heim_oid baseoid, oid;
|
||||
size_t size;
|
||||
@@ -653,7 +653,7 @@ gsskrb5_extract_authz_data_from_sec_context(OM_uint32 *minor_status,
|
||||
if (der_put_oid((unsigned char *)oid_flat.elements + oid_flat.length - 1,
|
||||
oid_flat.length, &oid, &size) != 0) {
|
||||
free(oid.components);
|
||||
free(oid_flat.elements);
|
||||
_gss_free_oid(&tmp, &oid_flat);
|
||||
*minor_status = EINVAL;
|
||||
return GSS_S_FAILURE;
|
||||
}
|
||||
@@ -669,7 +669,7 @@ gsskrb5_extract_authz_data_from_sec_context(OM_uint32 *minor_status,
|
||||
&oid_flat,
|
||||
&data_set);
|
||||
|
||||
free(oid_flat.elements);
|
||||
_gss_free_oid(&tmp, &oid_flat);
|
||||
|
||||
if (maj_stat)
|
||||
return maj_stat;
|
||||
|
||||
@@ -43,15 +43,15 @@ static HEIMDAL_MUTEX _gss_mech_mutex = HEIMDAL_MUTEX_INITIALIZER;
|
||||
* (e.g. 1.2.840.113554.1.2.2) to a gss_OID.
|
||||
*/
|
||||
static int
|
||||
_gss_string_to_oid(const char* s, gss_OID oid)
|
||||
_gss_string_to_oid(const char* s, gss_OID *oidp)
|
||||
{
|
||||
int number_count, i, j;
|
||||
size_t byte_count;
|
||||
const char *p, *q;
|
||||
char *res;
|
||||
gss_OID_desc oid;
|
||||
|
||||
oid->length = 0;
|
||||
oid->elements = NULL;
|
||||
*oidp = GSS_C_NO_OID;
|
||||
|
||||
/*
|
||||
* First figure out how many numbers in the oid, then
|
||||
@@ -142,11 +142,22 @@ _gss_string_to_oid(const char* s, gss_OID oid)
|
||||
res = malloc(byte_count);
|
||||
if (!res)
|
||||
return (ENOMEM);
|
||||
oid->length = byte_count;
|
||||
oid->elements = res;
|
||||
oid.length = byte_count;
|
||||
oid.elements = res;
|
||||
}
|
||||
}
|
||||
|
||||
{
|
||||
OM_uint32 minor_status, tmp;
|
||||
|
||||
if (GSS_ERROR(_gss_intern_oid(&minor_status, &oid, oidp))) {
|
||||
_gss_free_oid(&tmp, &oid);
|
||||
return (minor_status);
|
||||
}
|
||||
|
||||
_gss_free_oid(&tmp, &oid);
|
||||
}
|
||||
|
||||
return (0);
|
||||
}
|
||||
#endif
|
||||
@@ -205,7 +216,9 @@ add_builtin(gssapi_mech_interface mech)
|
||||
return ENOMEM;
|
||||
m->gm_so = NULL;
|
||||
m->gm_mech = *mech;
|
||||
m->gm_mech_oid = mech->gm_mech_oid; /* XXX */
|
||||
_gss_intern_oid(&minor_status, &mech->gm_mech_oid, &m->gm_mech_oid);
|
||||
if (minor_status)
|
||||
return minor_status;
|
||||
gss_add_oid_set_member(&minor_status,
|
||||
&m->gm_mech.gm_mech_oid, &_gss_mech_oids);
|
||||
|
||||
@@ -236,7 +249,7 @@ _gss_load_mech(void)
|
||||
char *name, *oid, *lib, *kobj;
|
||||
struct _gss_mech_switch *m;
|
||||
void *so;
|
||||
gss_OID_desc mech_oid;
|
||||
gss_OID mech_oid;
|
||||
int found;
|
||||
#endif
|
||||
|
||||
@@ -291,9 +304,8 @@ _gss_load_mech(void)
|
||||
*/
|
||||
found = 0;
|
||||
HEIM_SLIST_FOREACH(m, &_gss_mechs, gm_link) {
|
||||
if (gss_oid_equal(&m->gm_mech.gm_mech_oid, &mech_oid)) {
|
||||
if (gss_oid_equal(&m->gm_mech.gm_mech_oid, mech_oid)) {
|
||||
found = 1;
|
||||
free(mech_oid.elements);
|
||||
break;
|
||||
}
|
||||
}
|
||||
@@ -321,7 +333,7 @@ _gss_load_mech(void)
|
||||
m->gm_so = so;
|
||||
m->gm_mech_oid = mech_oid;
|
||||
m->gm_mech.gm_name = strdup(name);
|
||||
m->gm_mech.gm_mech_oid = mech_oid;
|
||||
m->gm_mech.gm_mech_oid = *mech_oid;
|
||||
m->gm_mech.gm_flags = 0;
|
||||
m->gm_mech.gm_compat = calloc(1, sizeof(struct gss_mech_compat_desc_struct));
|
||||
if (m->gm_mech.gm_compat == NULL)
|
||||
@@ -392,7 +404,7 @@ _gss_load_mech(void)
|
||||
|
||||
mi = dlsym(so, "gss_mo_init");
|
||||
if (mi != NULL) {
|
||||
major_status = mi(&minor_status, &mech_oid,
|
||||
major_status = mi(&minor_status, mech_oid,
|
||||
&m->gm_mech.gm_mo, &m->gm_mech.gm_mo_num);
|
||||
if (GSS_ERROR(major_status))
|
||||
goto bad;
|
||||
@@ -419,7 +431,7 @@ _gss_load_mech(void)
|
||||
bad:
|
||||
if (m != NULL) {
|
||||
free(m->gm_mech.gm_compat);
|
||||
free(m->gm_mech.gm_mech_oid.elements);
|
||||
/* do not free OID, it has been interned */
|
||||
free((char *)m->gm_mech.gm_name);
|
||||
free(m);
|
||||
}
|
||||
|
||||
@@ -357,12 +357,12 @@ gss_inquire_mech_for_saslname(OM_uint32 *minor_status,
|
||||
struct gss_mech_compat_desc_struct *gmc;
|
||||
|
||||
/* Native SPI */
|
||||
major = mo_value(&m->gm_mech_oid, GSS_C_MA_SASL_MECH_NAME, &name);
|
||||
major = mo_value(m->gm_mech_oid, GSS_C_MA_SASL_MECH_NAME, &name);
|
||||
if (major == GSS_S_COMPLETE &&
|
||||
name.length == sasl_mech_name->length &&
|
||||
memcmp(name.value, sasl_mech_name->value, name.length) == 0) {
|
||||
gss_release_buffer(&junk, &name);
|
||||
*mech_type = &m->gm_mech_oid;
|
||||
*mech_type = m->gm_mech_oid;
|
||||
return GSS_S_COMPLETE;
|
||||
}
|
||||
gss_release_buffer(&junk, &name);
|
||||
@@ -382,9 +382,9 @@ gss_inquire_mech_for_saslname(OM_uint32 *minor_status,
|
||||
if (GSS_ERROR(major)) {
|
||||
/* Algorithmically dervied SASL mechanism name */
|
||||
if (sasl_mech_name->length == 16 &&
|
||||
make_sasl_name(minor_status, &m->gm_mech_oid, buf) == GSS_S_COMPLETE &&
|
||||
make_sasl_name(minor_status, m->gm_mech_oid, buf) == GSS_S_COMPLETE &&
|
||||
memcmp(buf, sasl_mech_name->value, 16) == 0) {
|
||||
*mech_type = &m->gm_mech_oid;
|
||||
*mech_type = m->gm_mech_oid;
|
||||
return GSS_S_COMPLETE;
|
||||
}
|
||||
}
|
||||
|
||||
@@ -61,8 +61,7 @@ _gss_find_mn(OM_uint32 *minor_status, struct _gss_name *name, gss_OID mech,
|
||||
|
||||
major_status = m->gm_import_name(minor_status,
|
||||
&name->gn_value,
|
||||
(name->gn_type.elements
|
||||
? &name->gn_type : GSS_C_NO_OID),
|
||||
name->gn_type,
|
||||
&mn->gmn_name);
|
||||
if (major_status != GSS_S_COMPLETE) {
|
||||
_gss_mg_error(m, major_status, *minor_status);
|
||||
|
||||
@@ -264,3 +264,81 @@ struct _gss_oid_name_table _gss_ont_mech[] = {
|
||||
{ NULL, NULL, NULL, NULL }
|
||||
};
|
||||
|
||||
gss_OID _gss_ot_internal[] = {
|
||||
&__gss_krb5_copy_ccache_x_oid_desc,
|
||||
&__gss_krb5_get_tkt_flags_x_oid_desc,
|
||||
&__gss_krb5_extract_authz_data_from_sec_context_x_oid_desc,
|
||||
&__gss_krb5_compat_des3_mic_x_oid_desc,
|
||||
&__gss_krb5_register_acceptor_identity_x_oid_desc,
|
||||
&__gss_krb5_export_lucid_context_x_oid_desc,
|
||||
&__gss_krb5_export_lucid_context_v1_x_oid_desc,
|
||||
&__gss_krb5_set_dns_canonicalize_x_oid_desc,
|
||||
&__gss_krb5_get_subkey_x_oid_desc,
|
||||
&__gss_krb5_get_initiator_subkey_x_oid_desc,
|
||||
&__gss_krb5_get_acceptor_subkey_x_oid_desc,
|
||||
&__gss_krb5_send_to_kdc_x_oid_desc,
|
||||
&__gss_krb5_get_authtime_x_oid_desc,
|
||||
&__gss_krb5_get_service_keyblock_x_oid_desc,
|
||||
&__gss_krb5_set_allowable_enctypes_x_oid_desc,
|
||||
&__gss_krb5_set_default_realm_x_oid_desc,
|
||||
&__gss_krb5_ccache_name_x_oid_desc,
|
||||
&__gss_krb5_set_time_offset_x_oid_desc,
|
||||
&__gss_krb5_get_time_offset_x_oid_desc,
|
||||
&__gss_krb5_plugin_register_x_oid_desc,
|
||||
&__gss_ntlm_get_session_key_x_oid_desc,
|
||||
&__gss_c_nt_ntlm_oid_desc,
|
||||
&__gss_c_nt_dn_oid_desc,
|
||||
&__gss_krb5_nt_principal_name_referral_oid_desc,
|
||||
&__gss_c_ntlm_avguest_oid_desc,
|
||||
&__gss_c_ntlm_v1_oid_desc,
|
||||
&__gss_c_ntlm_v2_oid_desc,
|
||||
&__gss_c_ntlm_session_key_oid_desc,
|
||||
&__gss_c_ntlm_force_v1_oid_desc,
|
||||
&__gss_krb5_cred_no_ci_flags_x_oid_desc,
|
||||
&__gss_krb5_import_cred_x_oid_desc,
|
||||
&__gss_c_ma_sasl_mech_name_oid_desc,
|
||||
&__gss_c_ma_mech_name_oid_desc,
|
||||
&__gss_c_ma_mech_description_oid_desc,
|
||||
&__gss_c_cred_password_oid_desc,
|
||||
&__gss_c_cred_certificate_oid_desc,
|
||||
&__gss_sasl_digest_md5_mechanism_oid_desc,
|
||||
&__gss_netlogon_mechanism_oid_desc,
|
||||
&__gss_netlogon_set_session_key_x_oid_desc,
|
||||
&__gss_netlogon_set_sign_algorithm_x_oid_desc,
|
||||
&__gss_netlogon_nt_netbios_dns_name_oid_desc,
|
||||
&__gss_c_inq_win2k_pac_x_oid_desc,
|
||||
&__gss_c_inq_sspi_session_key_oid_desc,
|
||||
&__gss_krb5_mechanism_oid_desc,
|
||||
&__gss_ntlm_mechanism_oid_desc,
|
||||
&__gss_spnego_mechanism_oid_desc,
|
||||
&__gss_c_peer_has_updated_spnego_oid_desc,
|
||||
&__gss_c_ma_mech_concrete_oid_desc,
|
||||
&__gss_c_ma_mech_pseudo_oid_desc,
|
||||
&__gss_c_ma_mech_composite_oid_desc,
|
||||
&__gss_c_ma_mech_nego_oid_desc,
|
||||
&__gss_c_ma_mech_glue_oid_desc,
|
||||
&__gss_c_ma_not_mech_oid_desc,
|
||||
&__gss_c_ma_deprecated_oid_desc,
|
||||
&__gss_c_ma_not_dflt_mech_oid_desc,
|
||||
&__gss_c_ma_itok_framed_oid_desc,
|
||||
&__gss_c_ma_auth_init_oid_desc,
|
||||
&__gss_c_ma_auth_targ_oid_desc,
|
||||
&__gss_c_ma_auth_init_init_oid_desc,
|
||||
&__gss_c_ma_auth_targ_init_oid_desc,
|
||||
&__gss_c_ma_auth_init_anon_oid_desc,
|
||||
&__gss_c_ma_auth_targ_anon_oid_desc,
|
||||
&__gss_c_ma_deleg_cred_oid_desc,
|
||||
&__gss_c_ma_integ_prot_oid_desc,
|
||||
&__gss_c_ma_conf_prot_oid_desc,
|
||||
&__gss_c_ma_mic_oid_desc,
|
||||
&__gss_c_ma_wrap_oid_desc,
|
||||
&__gss_c_ma_prot_ready_oid_desc,
|
||||
&__gss_c_ma_replay_det_oid_desc,
|
||||
&__gss_c_ma_oos_det_oid_desc,
|
||||
&__gss_c_ma_cbindings_oid_desc,
|
||||
&__gss_c_ma_pfs_oid_desc,
|
||||
&__gss_c_ma_compress_oid_desc,
|
||||
&__gss_c_ma_ctx_trans_oid_desc,
|
||||
};
|
||||
|
||||
size_t _gss_ot_internal_count = sizeof(_gss_ot_internal) / sizeof(_gss_ot_internal[0]);
|
||||
|
||||
@@ -56,8 +56,7 @@ gss_release_name(OM_uint32 *minor_status,
|
||||
|
||||
name = (struct _gss_name *) *input_name;
|
||||
|
||||
if (name->gn_type.elements)
|
||||
free(name->gn_type.elements);
|
||||
gss_release_oid(minor_status, &name->gn_type);
|
||||
while (HEIM_SLIST_FIRST(&name->gn_mn)) {
|
||||
struct _gss_mechanism_name *mn;
|
||||
mn = HEIM_SLIST_FIRST(&name->gn_mn);
|
||||
|
||||
@@ -37,22 +37,10 @@
|
||||
GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL
|
||||
gss_release_oid(OM_uint32 *minor_status, gss_OID *oid)
|
||||
{
|
||||
gss_OID o = *oid;
|
||||
|
||||
*oid = GSS_C_NO_OID;
|
||||
|
||||
if (minor_status != NULL)
|
||||
*minor_status = 0;
|
||||
|
||||
if (o == GSS_C_NO_OID)
|
||||
return GSS_S_COMPLETE;
|
||||
|
||||
if (o->elements != NULL) {
|
||||
free(o->elements);
|
||||
o->elements = NULL;
|
||||
}
|
||||
o->length = 0;
|
||||
free(o);
|
||||
|
||||
return GSS_S_COMPLETE;
|
||||
}
|
||||
|
||||
@@ -70,7 +70,7 @@ gss_set_cred_option (OM_uint32 *minor_status,
|
||||
}
|
||||
|
||||
mc->gmc_mech = &m->gm_mech;
|
||||
mc->gmc_mech_oid = &m->gm_mech_oid;
|
||||
mc->gmc_mech_oid = m->gm_mech_oid;
|
||||
mc->gmc_cred = GSS_C_NO_CREDENTIAL;
|
||||
|
||||
major_status = m->gm_mech.gm_set_cred_option(
|
||||
|
||||
@@ -28,9 +28,9 @@
|
||||
|
||||
#include "mech_locl.h"
|
||||
|
||||
OM_uint32
|
||||
static OM_uint32
|
||||
_gss_copy_oid(OM_uint32 *minor_status,
|
||||
const gss_OID from_oid, gss_OID to_oid)
|
||||
gss_const_OID from_oid, gss_OID to_oid)
|
||||
{
|
||||
size_t len = from_oid->length;
|
||||
|
||||
@@ -58,6 +58,76 @@ _gss_free_oid(OM_uint32 *minor_status, gss_OID oid)
|
||||
return (GSS_S_COMPLETE);
|
||||
}
|
||||
|
||||
struct _gss_interned_oid {
|
||||
HEIM_SLIST_ENTRY(_gss_interned_oid) gio_link;
|
||||
gss_OID_desc gio_oid;
|
||||
};
|
||||
|
||||
static HEIM_SLIST_HEAD(_gss_interned_oid_list, _gss_interned_oid) interned_oids =
|
||||
HEIM_SLIST_HEAD_INITIALIZER(interned_oids);
|
||||
|
||||
extern gss_OID _gss_ot_internal[];
|
||||
extern size_t _gss_ot_internal_count;
|
||||
|
||||
static OM_uint32
|
||||
intern_oid_static(OM_uint32 *minor_status,
|
||||
gss_const_OID from_oid,
|
||||
gss_OID *to_oid)
|
||||
{
|
||||
size_t i;
|
||||
|
||||
/* statically allocated OIDs */
|
||||
for (i = 0; i < _gss_ot_internal_count; i++) {
|
||||
if (gss_oid_equal(_gss_ot_internal[i], from_oid)) {
|
||||
*minor_status = 0;
|
||||
*to_oid = _gss_ot_internal[i];
|
||||
return GSS_S_COMPLETE;
|
||||
}
|
||||
}
|
||||
|
||||
return GSS_S_CONTINUE_NEEDED;
|
||||
}
|
||||
|
||||
OM_uint32
|
||||
_gss_intern_oid(OM_uint32 *minor_status,
|
||||
gss_const_OID from_oid,
|
||||
gss_OID *to_oid)
|
||||
{
|
||||
OM_uint32 major_status;
|
||||
struct _gss_interned_oid *iop;
|
||||
|
||||
major_status = intern_oid_static(minor_status, from_oid, to_oid);
|
||||
if (major_status != GSS_S_CONTINUE_NEEDED)
|
||||
return major_status;
|
||||
|
||||
HEIM_SLIST_ATOMIC_FOREACH(iop, &interned_oids, gio_link) {
|
||||
if (gss_oid_equal(&iop->gio_oid, from_oid)) {
|
||||
*minor_status = 0;
|
||||
*to_oid = &iop->gio_oid;
|
||||
return GSS_S_COMPLETE;
|
||||
}
|
||||
}
|
||||
|
||||
iop = malloc(sizeof(*iop));
|
||||
if (iop == NULL) {
|
||||
*minor_status = ENOMEM;
|
||||
return GSS_S_FAILURE;
|
||||
}
|
||||
|
||||
major_status = _gss_copy_oid(minor_status, from_oid, &iop->gio_oid);
|
||||
if (GSS_ERROR(major_status)) {
|
||||
free(iop);
|
||||
return major_status;
|
||||
}
|
||||
|
||||
HEIM_SLIST_ATOMIC_INSERT_HEAD(&interned_oids, iop, gio_link);
|
||||
|
||||
*minor_status = 0;
|
||||
*to_oid = &iop->gio_oid;
|
||||
|
||||
return GSS_S_COMPLETE;
|
||||
}
|
||||
|
||||
OM_uint32
|
||||
_gss_copy_buffer(OM_uint32 *minor_status,
|
||||
const gss_buffer_t from_buf, gss_buffer_t to_buf)
|
||||
|
||||
@@ -46,6 +46,8 @@
|
||||
#include <dlfcn.h>
|
||||
#include <errno.h>
|
||||
|
||||
#include <heimbase.h>
|
||||
|
||||
#include <gssapi_asn1.h>
|
||||
#include <der.h>
|
||||
|
||||
|
||||
@@ -31,7 +31,7 @@
|
||||
|
||||
struct _gss_mech_switch {
|
||||
HEIM_SLIST_ENTRY(_gss_mech_switch) gm_link;
|
||||
gss_OID_desc gm_mech_oid;
|
||||
gss_OID gm_mech_oid;
|
||||
gss_OID_set gm_name_types;
|
||||
void *gm_so;
|
||||
gssapi_mech_interface_desc gm_mech;
|
||||
|
||||
@@ -94,4 +94,19 @@ struct { \
|
||||
#define HEIM_SLIST_FIRST(head) ((head)->slh_first)
|
||||
#define HEIM_SLIST_NEXT(elm, field) ((elm)->field.sle_next)
|
||||
|
||||
/*
|
||||
* Singly-linked List atomic functions.
|
||||
*/
|
||||
#include "heimbase.h"
|
||||
|
||||
#define HEIM_SLIST_ATOMIC_INSERT_HEAD(head, elm, field) do { \
|
||||
(elm)->field.sle_next = \
|
||||
heim_base_exchange_pointer(&(head)->slh_first, (elm)); \
|
||||
} while (/*CONSTCOND*/0)
|
||||
|
||||
#define HEIM_SLIST_ATOMIC_FOREACH(var, head, field) \
|
||||
for (heim_base_exchange_pointer(&(var), (head)->slh_first); \
|
||||
(var) != NULL; \
|
||||
heim_base_exchange_pointer(&(var), (var)->field.sle_next))
|
||||
|
||||
#endif /* !_MECHQUEUE_H_ */
|
||||
|
||||
@@ -36,7 +36,7 @@ struct _gss_mechanism_name {
|
||||
HEIM_SLIST_HEAD(_gss_mechanism_name_list, _gss_mechanism_name);
|
||||
|
||||
struct _gss_name {
|
||||
gss_OID_desc gn_type; /* type of name */
|
||||
gss_OID gn_type; /* type of name */
|
||||
gss_buffer_desc gn_value; /* value (as imported) */
|
||||
struct _gss_mechanism_name_list gn_mn; /* list of MNs */
|
||||
};
|
||||
|
||||
@@ -28,6 +28,6 @@
|
||||
*/
|
||||
|
||||
OM_uint32 _gss_free_oid(OM_uint32 *, gss_OID);
|
||||
OM_uint32 _gss_copy_oid(OM_uint32 *, const gss_OID, gss_OID);
|
||||
OM_uint32 _gss_intern_oid(OM_uint32 *, gss_const_OID, gss_OID *);
|
||||
OM_uint32 _gss_copy_buffer(OM_uint32 *minor_status,
|
||||
const gss_buffer_t from_buf, gss_buffer_t to_buf);
|
||||
|
||||
@@ -274,7 +274,7 @@ OM_uint32 GSSAPI_CALLCONV _gss_spnego_compare_name
|
||||
|
||||
*name_equal = 0;
|
||||
|
||||
if (!gss_oid_equal(&n1->type, &n2->type))
|
||||
if (!gss_oid_equal(n1->type, n2->type))
|
||||
return GSS_S_COMPLETE;
|
||||
if (n1->value.length != n2->value.length)
|
||||
return GSS_S_COMPLETE;
|
||||
@@ -322,7 +322,7 @@ OM_uint32 GSSAPI_CALLCONV _gss_spnego_import_name
|
||||
return GSS_S_FAILURE;
|
||||
}
|
||||
|
||||
maj_stat = _gss_copy_oid(minor_status, name_type, &name->type);
|
||||
maj_stat = _gss_intern_oid(minor_status, name_type, &name->type);
|
||||
if (maj_stat) {
|
||||
free(name);
|
||||
return GSS_S_FAILURE;
|
||||
@@ -369,7 +369,6 @@ OM_uint32 GSSAPI_CALLCONV _gss_spnego_release_name
|
||||
if (*input_name != GSS_C_NO_NAME) {
|
||||
OM_uint32 junk;
|
||||
spnego_name name = (spnego_name)*input_name;
|
||||
_gss_free_oid(&junk, &name->type);
|
||||
gss_release_buffer(&junk, &name->value);
|
||||
if (name->mech != GSS_C_NO_NAME)
|
||||
gss_release_name(&junk, &name->mech);
|
||||
|
||||
@@ -75,7 +75,7 @@ OM_uint32 GSSAPI_CALLCONV _gss_spnego_acquire_cred
|
||||
*output_cred_handle = GSS_C_NO_CREDENTIAL;
|
||||
|
||||
if (dname) {
|
||||
ret = gss_import_name(minor_status, &dname->value, &dname->type, &name);
|
||||
ret = gss_import_name(minor_status, &dname->value, dname->type, &name);
|
||||
if (ret) {
|
||||
return ret;
|
||||
}
|
||||
|
||||
@@ -223,7 +223,7 @@ spnego_initial
|
||||
|
||||
ctx->local = 1;
|
||||
|
||||
sub = gss_import_name(&minor, &name->value, &name->type, &ctx->target_name);
|
||||
sub = gss_import_name(&minor, &name->value, name->type, &ctx->target_name);
|
||||
if (GSS_ERROR(sub)) {
|
||||
*minor_status = minor;
|
||||
_gss_spnego_internal_delete_sec_context(&minor, &context, GSS_C_NO_BUFFER);
|
||||
|
||||
@@ -98,7 +98,7 @@ typedef struct {
|
||||
} *gssspnego_ctx;
|
||||
|
||||
typedef struct {
|
||||
gss_OID_desc type;
|
||||
gss_OID type;
|
||||
gss_buffer_desc value;
|
||||
gss_name_t mech;
|
||||
} *spnego_name;
|
||||
|
||||
Reference in New Issue
Block a user