fill in all mo that make sense for now
This commit is contained in:
Love Hornquist Astrand
@@ -99,24 +99,14 @@ extern gss_OID_desc __gss_krb5_import_cred_x_oid_desc;
|
||||
#define GSS_KRB5_IMPORT_CRED_X (&__gss_krb5_import_cred_x_oid_desc)
|
||||
|
||||
/* glue for gss_inquire_saslname_for_mech */
|
||||
extern gss_OID_desc __gss_ma_sasl_mech_name_oid_desc;
|
||||
#define GSS_MA_SASL_MECH_NAME (&__gss_ma_sasl_mech_name_oid_desc)
|
||||
extern gss_OID_desc __gss_c_ma_sasl_mech_name_oid_desc;
|
||||
#define GSS_C_MA_SASL_MECH_NAME (&__gss_c_ma_sasl_mech_name_oid_desc)
|
||||
|
||||
extern gss_OID_desc __gss_ma_mech_name_oid_desc;
|
||||
#define GSS_MA_MECH_NAME (&__gss_ma_mech_name_oid_desc)
|
||||
extern gss_OID_desc __gss_c_ma_mech_name_oid_desc;
|
||||
#define GSS_C_MA_MECH_NAME (&__gss_c_ma_mech_name_oid_desc)
|
||||
|
||||
extern gss_OID_desc __gss_ma_mech_description_oid_desc;
|
||||
#define GSS_MA_MECH_DESCRIPTION (&__gss_ma_mech_description_oid_desc)
|
||||
|
||||
/* glue for gss_display_mech_attr */
|
||||
extern gss_OID_desc __gss_ma_attr_name_oid_desc;
|
||||
#define GSS_MA_ATTR_NAME (&__gss_ma_attr_name_oid_desc)
|
||||
|
||||
extern gss_OID_desc __gss_ma_attr_short_desc_oid_desc;
|
||||
#define GSS_MA_ATTR_SHORT_DESC (&__gss_ma_attr_short_desc_oid_desc)
|
||||
|
||||
extern gss_OID_desc __gss_ma_attr_long_desc_oid_desc;
|
||||
#define GSS_MA_ATTR_LONG_DESC (&__gss_ma_attr_long_desc_oid_desc)
|
||||
extern gss_OID_desc __gss_c_ma_mech_description_oid_desc;
|
||||
#define GSS_C_MA_MECH_DESCRIPTION (&__gss_c_ma_mech_description_oid_desc)
|
||||
|
||||
/*
|
||||
* Digest mechanisms - 1.2.752.43.14
|
||||
@@ -143,4 +133,88 @@ extern gss_OID_desc __gss_c_peer_has_updated_spnego_oid_desc;
|
||||
/*
|
||||
* OID mappings with name and short description and and slightly longer description
|
||||
*/
|
||||
/*
|
||||
* RFC5587
|
||||
*/
|
||||
extern gss_OID_desc __gss_c_ma_mech_concrete_oid_desc;
|
||||
#define GSS_C_MA_MECH_CONCRETE (&__gss_c_ma_mech_concrete_oid_desc)
|
||||
|
||||
extern gss_OID_desc __gss_c_ma_mech_pseudo_oid_desc;
|
||||
#define GSS_C_MA_MECH_PSEUDO (&__gss_c_ma_mech_pseudo_oid_desc)
|
||||
|
||||
extern gss_OID_desc __gss_c_ma_mech_composite_oid_desc;
|
||||
#define GSS_C_MA_MECH_COMPOSITE (&__gss_c_ma_mech_composite_oid_desc)
|
||||
|
||||
extern gss_OID_desc __gss_c_ma_mech_nego_oid_desc;
|
||||
#define GSS_C_MA_MECH_NEGO (&__gss_c_ma_mech_nego_oid_desc)
|
||||
|
||||
extern gss_OID_desc __gss_c_ma_mech_glue_oid_desc;
|
||||
#define GSS_C_MA_MECH_GLUE (&__gss_c_ma_mech_glue_oid_desc)
|
||||
|
||||
extern gss_OID_desc __gss_c_ma_not_mech_oid_desc;
|
||||
#define GSS_C_MA_NOT_MECH (&__gss_c_ma_not_mech_oid_desc)
|
||||
|
||||
extern gss_OID_desc __gss_c_ma_deprecated_oid_desc;
|
||||
#define GSS_C_MA_DEPRECATED (&__gss_c_ma_deprecated_oid_desc)
|
||||
|
||||
extern gss_OID_desc __gss_c_ma_not_dflt_mech_oid_desc;
|
||||
#define GSS_C_MA_NOT_DFLT_MECH (&__gss_c_ma_not_dflt_mech_oid_desc)
|
||||
|
||||
extern gss_OID_desc __gss_c_ma_itok_framed_oid_desc;
|
||||
#define GSS_C_MA_ITOK_FRAMED (&__gss_c_ma_itok_framed_oid_desc)
|
||||
|
||||
extern gss_OID_desc __gss_c_ma_auth_init_oid_desc;
|
||||
#define GSS_C_MA_AUTH_INIT (&__gss_c_ma_auth_init_oid_desc)
|
||||
|
||||
extern gss_OID_desc __gss_c_ma_auth_targ_oid_desc;
|
||||
#define GSS_C_MA_AUTH_TARG (&__gss_c_ma_auth_targ_oid_desc)
|
||||
|
||||
extern gss_OID_desc __gss_c_ma_auth_init_init_oid_desc;
|
||||
#define GSS_C_MA_AUTH_INIT_INIT (&__gss_c_ma_auth_init_init_oid_desc)
|
||||
|
||||
extern gss_OID_desc __gss_c_ma_auth_targ_init_oid_desc;
|
||||
#define GSS_C_MA_AUTH_TARG_INIT (&__gss_c_ma_auth_targ_init_oid_desc)
|
||||
|
||||
extern gss_OID_desc __gss_c_ma_auth_init_anon_oid_desc;
|
||||
#define GSS_C_MA_AUTH_INIT_ANON (&__gss_c_ma_auth_init_anon_oid_desc)
|
||||
|
||||
extern gss_OID_desc __gss_c_ma_auth_targ_anon_oid_desc;
|
||||
#define GSS_C_MA_AUTH_TARG_ANON (&__gss_c_ma_auth_targ_anon_oid_desc)
|
||||
|
||||
extern gss_OID_desc __gss_c_ma_deleg_cred_oid_desc;
|
||||
#define GSS_C_MA_DELEG_CRED (&__gss_c_ma_deleg_cred_oid_desc)
|
||||
|
||||
extern gss_OID_desc __gss_c_ma_integ_prot_oid_desc;
|
||||
#define GSS_C_MA_INTEG_PROT (&__gss_c_ma_integ_prot_oid_desc)
|
||||
|
||||
extern gss_OID_desc __gss_c_ma_conf_prot_oid_desc;
|
||||
#define GSS_C_MA_CONF_PROT (&__gss_c_ma_conf_prot_oid_desc)
|
||||
|
||||
extern gss_OID_desc __gss_c_ma_mic_oid_desc;
|
||||
#define GSS_C_MA_MIC (&__gss_c_ma_mic_oid_desc)
|
||||
|
||||
extern gss_OID_desc __gss_c_ma_wrap_oid_desc;
|
||||
#define GSS_C_MA_WRAP (&__gss_c_ma_wrap_oid_desc)
|
||||
|
||||
extern gss_OID_desc __gss_c_ma_prot_ready_oid_desc;
|
||||
#define GSS_C_MA_PROT_READY (&__gss_c_ma_prot_ready_oid_desc)
|
||||
|
||||
extern gss_OID_desc __gss_c_ma_replay_det_oid_desc;
|
||||
#define GSS_C_MA_REPLAY_DET (&__gss_c_ma_replay_det_oid_desc)
|
||||
|
||||
extern gss_OID_desc __gss_c_ma_oos_det_oid_desc;
|
||||
#define GSS_C_MA_OOS_DET (&__gss_c_ma_oos_det_oid_desc)
|
||||
|
||||
extern gss_OID_desc __gss_c_ma_cbindings_oid_desc;
|
||||
#define GSS_C_MA_CBINDINGS (&__gss_c_ma_cbindings_oid_desc)
|
||||
|
||||
extern gss_OID_desc __gss_c_ma_pfs_oid_desc;
|
||||
#define GSS_C_MA_PFS (&__gss_c_ma_pfs_oid_desc)
|
||||
|
||||
extern gss_OID_desc __gss_c_ma_compress_oid_desc;
|
||||
#define GSS_C_MA_COMPRESS (&__gss_c_ma_compress_oid_desc)
|
||||
|
||||
extern gss_OID_desc __gss_c_ma_ctx_trans_oid_desc;
|
||||
#define GSS_C_MA_CTX_TRANS (&__gss_c_ma_ctx_trans_oid_desc)
|
||||
|
||||
#endif /* GSSAPI_GSSAPI_OID */
|
||||
|
||||
@@ -397,13 +397,13 @@ typedef struct gss_mo_desc_struct gss_mo_desc;
|
||||
|
||||
struct gss_mo_desc_struct {
|
||||
gss_OID option;
|
||||
OM_uint32 flags;
|
||||
#define GSS_MO_MA 1
|
||||
#define GSS_MO_MA_CRITICAL 2
|
||||
const char *name;
|
||||
void *ctx;
|
||||
int (*get)(gss_const_OID, gss_mo_desc *, gss_buffer_t);
|
||||
int (*set)(gss_const_OID, gss_mo_desc *, int, gss_buffer_t);
|
||||
OM_uint32 flags;
|
||||
#define GSS_MO_MA 1
|
||||
#define GSS_MO_MA_CRITICAL 2
|
||||
};
|
||||
|
||||
|
||||
|
||||
@@ -69,6 +69,7 @@ usage (int ret)
|
||||
#define COL_VALUE "Value"
|
||||
#define COL_MECH "Mech"
|
||||
#define COL_EXPIRE "Expire"
|
||||
#define COL_SASL "SASL"
|
||||
|
||||
int
|
||||
supported_mechanisms(void *argptr, int argc, char **argv)
|
||||
@@ -91,10 +92,11 @@ supported_mechanisms(void *argptr, int argc, char **argv)
|
||||
rtbl_set_separator(ct, " ");
|
||||
rtbl_add_column(ct, COL_OID, 0);
|
||||
rtbl_add_column(ct, COL_NAME, 0);
|
||||
rtbl_add_column(ct, COL_DESC, 0);
|
||||
rtbl_add_column(ct, COL_SASL, 0);
|
||||
|
||||
for (i = 0; i < mechs->count; i++) {
|
||||
gss_buffer_desc str;
|
||||
const char *name = NULL;
|
||||
gss_buffer_desc str, sasl_name, mech_name, mech_desc;
|
||||
|
||||
maj_stat = gss_oid_to_str(&min_stat, &mechs->elements[i], &str);
|
||||
if (maj_stat != GSS_S_COMPLETE)
|
||||
@@ -104,9 +106,23 @@ supported_mechanisms(void *argptr, int argc, char **argv)
|
||||
(int)str.length, (char *)str.value);
|
||||
gss_release_buffer(&min_stat, &str);
|
||||
|
||||
name = gss_oid_to_name(&mechs->elements[i]);
|
||||
if (name)
|
||||
rtbl_add_column_entry(ct, COL_NAME, name);
|
||||
(void)gss_inquire_saslname_for_mech(&min_stat,
|
||||
&mechs->elements[i],
|
||||
&sasl_name,
|
||||
&mech_name,
|
||||
&mech_desc);
|
||||
|
||||
rtbl_add_column_entryv(ct, COL_NAME, "%.*s",
|
||||
(int)mech_name.length, (char *)mech_name.value);
|
||||
rtbl_add_column_entryv(ct, COL_DESC, "%.*s",
|
||||
(int)mech_desc.length, (char *)mech_desc.value);
|
||||
rtbl_add_column_entryv(ct, COL_SASL, "%.*s",
|
||||
(int)sasl_name.length, (char *)sasl_name.value);
|
||||
|
||||
gss_release_buffer(&min_stat, &mech_name);
|
||||
gss_release_buffer(&min_stat, &mech_desc);
|
||||
gss_release_buffer(&min_stat, &sasl_name);
|
||||
|
||||
}
|
||||
gss_release_oid_set(&min_stat, &mechs);
|
||||
|
||||
|
||||
@@ -175,29 +175,93 @@ gss_OID_desc GSSAPI_LIB_VARIABLE __gss_iakerb_min_msg_mechanism_oid_desc =
|
||||
* Context for krb5 calls.
|
||||
*/
|
||||
|
||||
static gss_mo_desc _gsskrb5_mech_options[] = {
|
||||
static gss_mo_desc krb5_mo[] = {
|
||||
{
|
||||
GSS_MA_SASL_MECH_NAME,
|
||||
GSS_C_MA_SASL_MECH_NAME,
|
||||
GSS_MO_MA,
|
||||
"SASL mech name",
|
||||
"GS2-KRB5",
|
||||
_gss_mo_get_ctx_as_string,
|
||||
NULL,
|
||||
GSS_MO_MA
|
||||
NULL
|
||||
},
|
||||
{
|
||||
GSS_MA_MECH_NAME,
|
||||
GSS_C_MA_MECH_NAME,
|
||||
GSS_MO_MA,
|
||||
"Mechanism name",
|
||||
"KRB5",
|
||||
_gss_mo_get_ctx_as_string,
|
||||
NULL,
|
||||
GSS_MO_MA,
|
||||
NULL
|
||||
},
|
||||
{
|
||||
GSS_MA_MECH_DESCRIPTION,
|
||||
GSS_C_MA_MECH_DESCRIPTION,
|
||||
GSS_MO_MA,
|
||||
"Mechanism description",
|
||||
"Heimdal Kerberos 5 mech",
|
||||
_gss_mo_get_ctx_as_string,
|
||||
NULL,
|
||||
NULL
|
||||
},
|
||||
{
|
||||
GSS_C_MA_MECH_CONCRETE,
|
||||
GSS_MO_MA
|
||||
},
|
||||
{
|
||||
GSS_C_MA_ITOK_FRAMED,
|
||||
GSS_MO_MA
|
||||
},
|
||||
{
|
||||
GSS_C_MA_AUTH_INIT,
|
||||
GSS_MO_MA
|
||||
},
|
||||
{
|
||||
GSS_C_MA_AUTH_TARG,
|
||||
GSS_MO_MA
|
||||
},
|
||||
{
|
||||
GSS_C_MA_AUTH_INIT_ANON,
|
||||
GSS_MO_MA
|
||||
},
|
||||
{
|
||||
GSS_C_MA_DELEG_CRED,
|
||||
GSS_MO_MA
|
||||
},
|
||||
{
|
||||
GSS_C_MA_INTEG_PROT,
|
||||
GSS_MO_MA
|
||||
},
|
||||
{
|
||||
GSS_C_MA_CONF_PROT,
|
||||
GSS_MO_MA
|
||||
},
|
||||
{
|
||||
GSS_C_MA_MIC,
|
||||
GSS_MO_MA
|
||||
},
|
||||
{
|
||||
GSS_C_MA_WRAP,
|
||||
GSS_MO_MA
|
||||
},
|
||||
{
|
||||
GSS_C_MA_PROT_READY,
|
||||
GSS_MO_MA
|
||||
},
|
||||
{
|
||||
GSS_C_MA_REPLAY_DET,
|
||||
GSS_MO_MA
|
||||
},
|
||||
{
|
||||
GSS_C_MA_OOS_DET,
|
||||
GSS_MO_MA
|
||||
},
|
||||
{
|
||||
GSS_C_MA_CBINDINGS,
|
||||
GSS_MO_MA
|
||||
},
|
||||
{
|
||||
GSS_C_MA_PFS,
|
||||
GSS_MO_MA
|
||||
},
|
||||
{
|
||||
GSS_C_MA_CTX_TRANS,
|
||||
GSS_MO_MA
|
||||
}
|
||||
};
|
||||
@@ -258,8 +322,8 @@ static gssapi_mech_interface_desc krb5_mech = {
|
||||
NULL,
|
||||
NULL,
|
||||
NULL,
|
||||
_gsskrb5_mech_options,
|
||||
sizeof(_gsskrb5_mech_options) / sizeof(_gsskrb5_mech_options[0])
|
||||
krb5_mo,
|
||||
sizeof(krb5_mo) / sizeof(krb5_mo[0])
|
||||
};
|
||||
|
||||
gssapi_mech_interface
|
||||
|
||||
@@ -146,11 +146,20 @@ gss_mo_name(gss_const_OID mech, gss_const_OID option, gss_buffer_t name)
|
||||
|
||||
for (n = 0; n < m->gm_mo_num; n++) {
|
||||
if (gss_oid_equal(option, m->gm_mo[n].option)) {
|
||||
/*
|
||||
* If ther is no name, its because its a GSS_C_MA and there is already a table for that.
|
||||
*/
|
||||
if (m->gm_mo[n].name) {
|
||||
name->value = strdup(m->gm_mo[n].name);
|
||||
if (name->value == NULL)
|
||||
return GSS_S_BAD_NAME;
|
||||
name->length = strlen(m->gm_mo[n].name);
|
||||
return GSS_S_COMPLETE;
|
||||
} else {
|
||||
OM_uint32 junk;
|
||||
return gss_display_mech_attr(&junk, option,
|
||||
NULL, name, NULL);
|
||||
}
|
||||
}
|
||||
}
|
||||
return GSS_S_BAD_NAME;
|
||||
@@ -161,7 +170,7 @@ gss_mo_name(gss_const_OID mech, gss_const_OID option, gss_buffer_t name)
|
||||
*/
|
||||
|
||||
static OM_uint32
|
||||
mo_name(const gss_const_OID mech, gss_const_OID option, gss_buffer_t name)
|
||||
mo_value(const gss_const_OID mech, gss_const_OID option, gss_buffer_t name)
|
||||
{
|
||||
if (name == NULL)
|
||||
return GSS_S_COMPLETE;
|
||||
@@ -202,16 +211,16 @@ gss_inquire_saslname_for_mech(OM_uint32 *minor_status,
|
||||
if (minor_status)
|
||||
*minor_status = 0;
|
||||
|
||||
if (desired_mech)
|
||||
if (desired_mech == NULL)
|
||||
return GSS_S_BAD_MECH;
|
||||
|
||||
major = mo_name(desired_mech, GSS_MA_SASL_MECH_NAME, sasl_mech_name);
|
||||
major = mo_value(desired_mech, GSS_C_MA_SASL_MECH_NAME, sasl_mech_name);
|
||||
if (major) return major;
|
||||
|
||||
major = mo_name(desired_mech, GSS_MA_MECH_NAME, mech_name);
|
||||
major = mo_value(desired_mech, GSS_C_MA_MECH_NAME, mech_name);
|
||||
if (major) return major;
|
||||
|
||||
major = mo_name(desired_mech, GSS_MA_MECH_DESCRIPTION, mech_description);
|
||||
major = mo_value(desired_mech, GSS_C_MA_MECH_DESCRIPTION, mech_description);
|
||||
if (major) return major;
|
||||
|
||||
return GSS_S_COMPLETE;
|
||||
@@ -242,7 +251,7 @@ gss_inquire_mech_for_saslname(OM_uint32 *minor_status,
|
||||
|
||||
SLIST_FOREACH(m, &_gss_mechs, gm_link) {
|
||||
|
||||
major = mo_name(&m->gm_mech_oid, GSS_MA_SASL_MECH_NAME, &name);
|
||||
major = mo_value(&m->gm_mech_oid, GSS_C_MA_SASL_MECH_NAME, &name);
|
||||
if (major)
|
||||
continue;
|
||||
if (name.length == sasl_mech_name->length &&
|
||||
|
||||
@@ -95,23 +95,14 @@ gss_OID_desc __gss_krb5_cred_no_ci_flags_x_oid_desc = { 6, "\x2a\x85\x70\x2b\x0d
|
||||
/* GSS_KRB5_IMPORT_CRED_X - 1.2.752.43.13.30 */
|
||||
gss_OID_desc __gss_krb5_import_cred_x_oid_desc = { 6, "\x2a\x85\x70\x2b\x0d\x1e" };
|
||||
|
||||
/* GSS_MA_SASL_MECH_NAME - 1.2.752.43.13.100 */
|
||||
gss_OID_desc __gss_ma_sasl_mech_name_oid_desc = { 6, "\x2a\x85\x70\x2b\x0d\x64" };
|
||||
/* GSS_C_MA_SASL_MECH_NAME - 1.2.752.43.13.100 */
|
||||
gss_OID_desc __gss_c_ma_sasl_mech_name_oid_desc = { 6, "\x2a\x85\x70\x2b\x0d\x64" };
|
||||
|
||||
/* GSS_MA_MECH_NAME - 1.2.752.43.13.101 */
|
||||
gss_OID_desc __gss_ma_mech_name_oid_desc = { 6, "\x2a\x85\x70\x2b\x0d\x65" };
|
||||
/* GSS_C_MA_MECH_NAME - 1.2.752.43.13.101 */
|
||||
gss_OID_desc __gss_c_ma_mech_name_oid_desc = { 6, "\x2a\x85\x70\x2b\x0d\x65" };
|
||||
|
||||
/* GSS_MA_MECH_DESCRIPTION - 1.2.752.43.13.102 */
|
||||
gss_OID_desc __gss_ma_mech_description_oid_desc = { 6, "\x2a\x85\x70\x2b\x0d\x66" };
|
||||
|
||||
/* GSS_MA_ATTR_NAME - 1.2.752.43.13.103 */
|
||||
gss_OID_desc __gss_ma_attr_name_oid_desc = { 6, "\x2a\x85\x70\x2b\x0d\x67" };
|
||||
|
||||
/* GSS_MA_ATTR_SHORT_DESC - 1.2.752.43.13.104 */
|
||||
gss_OID_desc __gss_ma_attr_short_desc_oid_desc = { 6, "\x2a\x85\x70\x2b\x0d\x68" };
|
||||
|
||||
/* GSS_MA_ATTR_LONG_DESC - 1.2.752.43.13.104 */
|
||||
gss_OID_desc __gss_ma_attr_long_desc_oid_desc = { 6, "\x2a\x85\x70\x2b\x0d\x68" };
|
||||
/* GSS_C_MA_MECH_DESCRIPTION - 1.2.752.43.13.102 */
|
||||
gss_OID_desc __gss_c_ma_mech_description_oid_desc = { 6, "\x2a\x85\x70\x2b\x0d\x66" };
|
||||
|
||||
/* GSS_SASL_DIGEST_MD5_MECHANISM - 1.2.752.43.14.1 */
|
||||
gss_OID_desc __gss_sasl_digest_md5_mechanism_oid_desc = { 6, "\x2a\x85\x70\x2b\x0e\x01" };
|
||||
@@ -128,17 +119,125 @@ gss_OID_desc __gss_spnego_mechanism_oid_desc = { 6, "\x2b\x06\x01\x05\x05\x02" }
|
||||
/* GSS_C_PEER_HAS_UPDATED_SPNEGO - 1.3.6.1.4.1.9513.19.5 */
|
||||
gss_OID_desc __gss_c_peer_has_updated_spnego_oid_desc = { 9, "\x2b\x06\x01\x04\x01\xca\x29\x13\x05" };
|
||||
|
||||
/* GSS_C_MA_MECH_CONCRETE - 1.3.6.1.5.5.13.1 */
|
||||
gss_OID_desc __gss_c_ma_mech_concrete_oid_desc = { 7, "\x2b\x06\x01\x05\x05\x0d\x01" };
|
||||
|
||||
/* GSS_C_MA_MECH_PSEUDO - 1.3.6.1.5.5.13.2 */
|
||||
gss_OID_desc __gss_c_ma_mech_pseudo_oid_desc = { 7, "\x2b\x06\x01\x05\x05\x0d\x02" };
|
||||
|
||||
/* GSS_C_MA_MECH_COMPOSITE - 1.3.6.1.5.5.13.3 */
|
||||
gss_OID_desc __gss_c_ma_mech_composite_oid_desc = { 7, "\x2b\x06\x01\x05\x05\x0d\x03" };
|
||||
|
||||
/* GSS_C_MA_MECH_NEGO - 1.3.6.1.5.5.13.4 */
|
||||
gss_OID_desc __gss_c_ma_mech_nego_oid_desc = { 7, "\x2b\x06\x01\x05\x05\x0d\x04" };
|
||||
|
||||
/* GSS_C_MA_MECH_GLUE - 1.3.6.1.5.5.13.5 */
|
||||
gss_OID_desc __gss_c_ma_mech_glue_oid_desc = { 7, "\x2b\x06\x01\x05\x05\x0d\x05" };
|
||||
|
||||
/* GSS_C_MA_NOT_MECH - 1.3.6.1.5.5.13.6 */
|
||||
gss_OID_desc __gss_c_ma_not_mech_oid_desc = { 7, "\x2b\x06\x01\x05\x05\x0d\x06" };
|
||||
|
||||
/* GSS_C_MA_DEPRECATED - 1.3.6.1.5.5.13.7 */
|
||||
gss_OID_desc __gss_c_ma_deprecated_oid_desc = { 7, "\x2b\x06\x01\x05\x05\x0d\x07" };
|
||||
|
||||
/* GSS_C_MA_NOT_DFLT_MECH - 1.3.6.1.5.5.13.8 */
|
||||
gss_OID_desc __gss_c_ma_not_dflt_mech_oid_desc = { 7, "\x2b\x06\x01\x05\x05\x0d\x08" };
|
||||
|
||||
/* GSS_C_MA_ITOK_FRAMED - 1.3.6.1.5.5.13.9 */
|
||||
gss_OID_desc __gss_c_ma_itok_framed_oid_desc = { 7, "\x2b\x06\x01\x05\x05\x0d\x09" };
|
||||
|
||||
/* GSS_C_MA_AUTH_INIT - 1.3.6.1.5.5.13.10 */
|
||||
gss_OID_desc __gss_c_ma_auth_init_oid_desc = { 7, "\x2b\x06\x01\x05\x05\x0d\x0a" };
|
||||
|
||||
/* GSS_C_MA_AUTH_TARG - 1.3.6.1.5.5.13.11 */
|
||||
gss_OID_desc __gss_c_ma_auth_targ_oid_desc = { 7, "\x2b\x06\x01\x05\x05\x0d\x0b" };
|
||||
|
||||
/* GSS_C_MA_AUTH_INIT_INIT - 1.3.6.1.5.5.13.12 */
|
||||
gss_OID_desc __gss_c_ma_auth_init_init_oid_desc = { 7, "\x2b\x06\x01\x05\x05\x0d\x0c" };
|
||||
|
||||
/* GSS_C_MA_AUTH_TARG_INIT - 1.3.6.1.5.5.13.13 */
|
||||
gss_OID_desc __gss_c_ma_auth_targ_init_oid_desc = { 7, "\x2b\x06\x01\x05\x05\x0d\x0d" };
|
||||
|
||||
/* GSS_C_MA_AUTH_INIT_ANON - 1.3.6.1.5.5.13.14 */
|
||||
gss_OID_desc __gss_c_ma_auth_init_anon_oid_desc = { 7, "\x2b\x06\x01\x05\x05\x0d\x0e" };
|
||||
|
||||
/* GSS_C_MA_AUTH_TARG_ANON - 1.3.6.1.5.5.13.15 */
|
||||
gss_OID_desc __gss_c_ma_auth_targ_anon_oid_desc = { 7, "\x2b\x06\x01\x05\x05\x0d\x0f" };
|
||||
|
||||
/* GSS_C_MA_DELEG_CRED - 1.3.6.1.5.5.13.16 */
|
||||
gss_OID_desc __gss_c_ma_deleg_cred_oid_desc = { 7, "\x2b\x06\x01\x05\x05\x0d\x10" };
|
||||
|
||||
/* GSS_C_MA_INTEG_PROT - 1.3.6.1.5.5.13.17 */
|
||||
gss_OID_desc __gss_c_ma_integ_prot_oid_desc = { 7, "\x2b\x06\x01\x05\x05\x0d\x11" };
|
||||
|
||||
/* GSS_C_MA_CONF_PROT - 1.3.6.1.5.5.13.18 */
|
||||
gss_OID_desc __gss_c_ma_conf_prot_oid_desc = { 7, "\x2b\x06\x01\x05\x05\x0d\x12" };
|
||||
|
||||
/* GSS_C_MA_MIC - 1.3.6.1.5.5.13.19 */
|
||||
gss_OID_desc __gss_c_ma_mic_oid_desc = { 7, "\x2b\x06\x01\x05\x05\x0d\x13" };
|
||||
|
||||
/* GSS_C_MA_WRAP - 1.3.6.1.5.5.13.20 */
|
||||
gss_OID_desc __gss_c_ma_wrap_oid_desc = { 7, "\x2b\x06\x01\x05\x05\x0d\x14" };
|
||||
|
||||
/* GSS_C_MA_PROT_READY - 1.3.6.1.5.5.13.21 */
|
||||
gss_OID_desc __gss_c_ma_prot_ready_oid_desc = { 7, "\x2b\x06\x01\x05\x05\x0d\x15" };
|
||||
|
||||
/* GSS_C_MA_REPLAY_DET - 1.3.6.1.5.5.13.22 */
|
||||
gss_OID_desc __gss_c_ma_replay_det_oid_desc = { 7, "\x2b\x06\x01\x05\x05\x0d\x16" };
|
||||
|
||||
/* GSS_C_MA_OOS_DET - 1.3.6.1.5.5.13.23 */
|
||||
gss_OID_desc __gss_c_ma_oos_det_oid_desc = { 7, "\x2b\x06\x01\x05\x05\x0d\x17" };
|
||||
|
||||
/* GSS_C_MA_CBINDINGS - 1.3.6.1.5.5.13.24 */
|
||||
gss_OID_desc __gss_c_ma_cbindings_oid_desc = { 7, "\x2b\x06\x01\x05\x05\x0d\x18" };
|
||||
|
||||
/* GSS_C_MA_PFS - 1.3.6.1.5.5.13.25 */
|
||||
gss_OID_desc __gss_c_ma_pfs_oid_desc = { 7, "\x2b\x06\x01\x05\x05\x0d\x19" };
|
||||
|
||||
/* GSS_C_MA_COMPRESS - 1.3.6.1.5.5.13.26 */
|
||||
gss_OID_desc __gss_c_ma_compress_oid_desc = { 7, "\x2b\x06\x01\x05\x05\x0d\x1a" };
|
||||
|
||||
/* GSS_C_MA_CTX_TRANS - 1.3.6.1.5.5.13.27 */
|
||||
gss_OID_desc __gss_c_ma_ctx_trans_oid_desc = { 7, "\x2b\x06\x01\x05\x05\x0d\x1b" };
|
||||
|
||||
struct _gss_oid_name_table _gss_ont_ma[] = {
|
||||
{ GSS_MA_SASL_MECH_NAME, "GSS_MA_SASL_MECH_NAME", "SASL mechanism name", "The name of the SASL mechanism" },
|
||||
{ GSS_MA_MECH_NAME, "GSS_MA_MECH_NAME", "GSS mech name", "The name of the GSS-API mechanism" },
|
||||
{ GSS_MA_MECH_DESCRIPTION, "GSS_MA_MECH_DESCRIPTION", "Mech description", "The long description of the mechanism" },
|
||||
{ GSS_C_MA_COMPRESS, "GSS_C_MA_COMPRESS", "compress", "" },
|
||||
{ GSS_C_MA_AUTH_TARG_INIT, "GSS_C_MA_AUTH_TARG_INIT", "auth-targ-princ-initial", "" },
|
||||
{ GSS_C_MA_CBINDINGS, "GSS_C_MA_CBINDINGS", "channel-bindings", "" },
|
||||
{ GSS_C_MA_WRAP, "GSS_C_MA_WRAP", "wrap", "" },
|
||||
{ GSS_C_MA_ITOK_FRAMED, "GSS_C_MA_ITOK_FRAMED", "initial-is-framed", "" },
|
||||
{ GSS_C_MA_MECH_NEGO, "GSS_C_MA_MECH_NEGO", "mech-negotiation-mech", "" },
|
||||
{ GSS_C_MA_MECH_COMPOSITE, "GSS_C_MA_MECH_COMPOSITE", "composite-mech", "" },
|
||||
{ GSS_C_MA_REPLAY_DET, "GSS_C_MA_REPLAY_DET", "replay-detection", "" },
|
||||
{ GSS_C_MA_AUTH_INIT_ANON, "GSS_C_MA_AUTH_INIT_ANON", "auth-init-princ-anon", "" },
|
||||
{ GSS_C_MA_PROT_READY, "GSS_C_MA_PROT_READY", "prot-ready", "" },
|
||||
{ GSS_C_MA_AUTH_INIT, "GSS_C_MA_AUTH_INIT", "auth-init-princ", "" },
|
||||
{ GSS_C_MA_PFS, "GSS_C_MA_PFS", "pfs", "" },
|
||||
{ GSS_C_MA_CONF_PROT, "GSS_C_MA_CONF_PROT", "conf-prot", "" },
|
||||
{ GSS_C_MA_MECH_PSEUDO, "GSS_C_MA_MECH_PSEUDO", "pseudo-mech", "" },
|
||||
{ GSS_C_MA_AUTH_TARG, "GSS_C_MA_AUTH_TARG", "auth-targ-princ", "" },
|
||||
{ GSS_C_MA_MECH_NAME, "GSS_C_MA_MECH_NAME", "GSS mech name", "The name of the GSS-API mechanism" },
|
||||
{ GSS_C_MA_NOT_MECH, "GSS_C_MA_NOT_MECH", "not-mech", "" },
|
||||
{ GSS_C_MA_MIC, "GSS_C_MA_MIC", "mic", "" },
|
||||
{ GSS_C_MA_DEPRECATED, "GSS_C_MA_DEPRECATED", "mech-deprecated", "" },
|
||||
{ GSS_C_MA_MECH_GLUE, "GSS_C_MA_MECH_GLUE", "mech-glue", "" },
|
||||
{ GSS_C_MA_DELEG_CRED, "GSS_C_MA_DELEG_CRED", "deleg-cred", "" },
|
||||
{ GSS_C_MA_NOT_DFLT_MECH, "GSS_C_MA_NOT_DFLT_MECH", "mech-not-default", "" },
|
||||
{ GSS_C_MA_AUTH_TARG_ANON, "GSS_C_MA_AUTH_TARG_ANON", "auth-targ-princ-anon", "" },
|
||||
{ GSS_C_MA_INTEG_PROT, "GSS_C_MA_INTEG_PROT", "integ-prot", "" },
|
||||
{ GSS_C_MA_CTX_TRANS, "GSS_C_MA_CTX_TRANS", "context-transfer", "" },
|
||||
{ GSS_C_MA_MECH_DESCRIPTION, "GSS_C_MA_MECH_DESCRIPTION", "Mech description", "The long description of the mechanism" },
|
||||
{ GSS_C_MA_OOS_DET, "GSS_C_MA_OOS_DET", "oos-detection", "" },
|
||||
{ GSS_C_MA_AUTH_INIT_INIT, "GSS_C_MA_AUTH_INIT_INIT", "auth-init-princ-initial", "" },
|
||||
{ GSS_C_MA_MECH_CONCRETE, "GSS_C_MA_MECH_CONCRETE", "concrete-mech", "Indicates that a mech is neither a pseudo-mechanism nor a composite mechanism" },
|
||||
{ GSS_C_MA_SASL_MECH_NAME, "GSS_C_MA_SASL_MECH_NAME", "SASL mechanism name", "The name of the SASL mechanism" },
|
||||
{ NULL }
|
||||
};
|
||||
|
||||
struct _gss_oid_name_table _gss_ont_mech[] = {
|
||||
{ GSS_KRB5_MECHANISM, "GSS_KRB5_MECHANISM", "Kerberos 5", "Heimdal Kerberos 5 mechanism" },
|
||||
{ GSS_SPNEGO_MECHANISM, "GSS_SPNEGO_MECHANISM", "SPNEGO", "Heimdal SPNEGO mechanism" },
|
||||
{ GSS_NTLM_MECHANISM, "GSS_NTLM_MECHANISM", "NTLM", "Heimdal NTLM mechanism" },
|
||||
{ GSS_KRB5_MECHANISM, "GSS_KRB5_MECHANISM", "Kerberos 5", "Heimdal Kerberos 5 mechanism" },
|
||||
{ NULL }
|
||||
};
|
||||
|
||||
|
||||
@@ -33,6 +33,33 @@
|
||||
|
||||
#include "ntlm.h"
|
||||
|
||||
static gss_mo_desc ntlm_mo[] = {
|
||||
{
|
||||
GSS_C_MA_SASL_MECH_NAME,
|
||||
GSS_MO_MA,
|
||||
"SASL mech name",
|
||||
"NTLM",
|
||||
_gss_mo_get_ctx_as_string,
|
||||
NULL
|
||||
},
|
||||
{
|
||||
GSS_C_MA_MECH_NAME,
|
||||
GSS_MO_MA,
|
||||
"Mechanism name",
|
||||
"NTLMSPP",
|
||||
_gss_mo_get_ctx_as_string,
|
||||
NULL
|
||||
},
|
||||
{
|
||||
GSS_C_MA_MECH_DESCRIPTION,
|
||||
GSS_MO_MA,
|
||||
"Mechanism description",
|
||||
"Heimdal NTLMSSP Mechanism",
|
||||
_gss_mo_get_ctx_as_string,
|
||||
NULL
|
||||
}
|
||||
};
|
||||
|
||||
static gssapi_mech_interface_desc ntlm_mech = {
|
||||
GMI_VERSION,
|
||||
"ntlm",
|
||||
@@ -66,7 +93,27 @@ static gssapi_mech_interface_desc ntlm_mech = {
|
||||
_gss_ntlm_inquire_names_for_mech,
|
||||
_gss_ntlm_inquire_mechs_for_name,
|
||||
_gss_ntlm_canonicalize_name,
|
||||
_gss_ntlm_duplicate_name
|
||||
_gss_ntlm_duplicate_name,
|
||||
NULL,
|
||||
NULL,
|
||||
NULL,
|
||||
NULL,
|
||||
NULL,
|
||||
NULL,
|
||||
NULL,
|
||||
NULL,
|
||||
NULL,
|
||||
NULL,
|
||||
NULL,
|
||||
NULL,
|
||||
NULL,
|
||||
NULL,
|
||||
NULL,
|
||||
NULL,
|
||||
NULL,
|
||||
NULL,
|
||||
ntlm_mo,
|
||||
sizeof(ntlm_mo) / sizeof(ntlm_mo[0])
|
||||
};
|
||||
|
||||
gssapi_mech_interface
|
||||
|
||||
@@ -37,13 +37,9 @@ oid base GSS_KRB5_CRED_NO_CI_FLAGS_X 1.2.752.43.13.29
|
||||
oid base GSS_KRB5_IMPORT_CRED_X 1.2.752.43.13.30
|
||||
|
||||
# /* glue for gss_inquire_saslname_for_mech */
|
||||
oid base GSS_MA_SASL_MECH_NAME 1.2.752.43.13.100
|
||||
oid base GSS_MA_MECH_NAME 1.2.752.43.13.101
|
||||
oid base GSS_MA_MECH_DESCRIPTION 1.2.752.43.13.102
|
||||
# /* glue for gss_display_mech_attr */
|
||||
oid base GSS_MA_ATTR_NAME 1.2.752.43.13.103
|
||||
oid base GSS_MA_ATTR_SHORT_DESC 1.2.752.43.13.104
|
||||
oid base GSS_MA_ATTR_LONG_DESC 1.2.752.43.13.104
|
||||
oid base GSS_C_MA_SASL_MECH_NAME 1.2.752.43.13.100
|
||||
oid base GSS_C_MA_MECH_NAME 1.2.752.43.13.101
|
||||
oid base GSS_C_MA_MECH_DESCRIPTION 1.2.752.43.13.102
|
||||
|
||||
#/*
|
||||
# * Digest mechanisms - 1.2.752.43.14
|
||||
@@ -71,6 +67,66 @@ desc mech GSS_KRB5_MECHANISM "Kerberos 5" "Heimdal Kerberos 5 mechanism"
|
||||
desc mech GSS_NTLM_MECHANISM "NTLM" "Heimdal NTLM mechanism"
|
||||
desc mech GSS_SPNEGO_MECHANISM "SPNEGO" "Heimdal SPNEGO mechanism"
|
||||
|
||||
desc ma GSS_MA_MECH_NAME "GSS mech name" "The name of the GSS-API mechanism"
|
||||
desc ma GSS_MA_SASL_MECH_NAME "SASL mechanism name" "The name of the SASL mechanism"
|
||||
desc ma GSS_MA_MECH_DESCRIPTION "Mech description" "The long description of the mechanism"
|
||||
desc ma GSS_C_MA_MECH_NAME "GSS mech name" "The name of the GSS-API mechanism"
|
||||
desc ma GSS_C_MA_SASL_MECH_NAME "SASL mechanism name" "The name of the SASL mechanism"
|
||||
desc ma GSS_C_MA_MECH_DESCRIPTION "Mech description" "The long description of the mechanism"
|
||||
|
||||
#/*
|
||||
# * RFC5587
|
||||
# */
|
||||
|
||||
oid base GSS_C_MA_MECH_CONCRETE 1.3.6.1.5.5.13.1
|
||||
oid base GSS_C_MA_MECH_PSEUDO 1.3.6.1.5.5.13.2
|
||||
oid base GSS_C_MA_MECH_COMPOSITE 1.3.6.1.5.5.13.3
|
||||
oid base GSS_C_MA_MECH_NEGO 1.3.6.1.5.5.13.4
|
||||
oid base GSS_C_MA_MECH_GLUE 1.3.6.1.5.5.13.5
|
||||
oid base GSS_C_MA_NOT_MECH 1.3.6.1.5.5.13.6
|
||||
oid base GSS_C_MA_DEPRECATED 1.3.6.1.5.5.13.7
|
||||
oid base GSS_C_MA_NOT_DFLT_MECH 1.3.6.1.5.5.13.8
|
||||
oid base GSS_C_MA_ITOK_FRAMED 1.3.6.1.5.5.13.9
|
||||
oid base GSS_C_MA_AUTH_INIT 1.3.6.1.5.5.13.10
|
||||
oid base GSS_C_MA_AUTH_TARG 1.3.6.1.5.5.13.11
|
||||
oid base GSS_C_MA_AUTH_INIT_INIT 1.3.6.1.5.5.13.12
|
||||
oid base GSS_C_MA_AUTH_TARG_INIT 1.3.6.1.5.5.13.13
|
||||
oid base GSS_C_MA_AUTH_INIT_ANON 1.3.6.1.5.5.13.14
|
||||
oid base GSS_C_MA_AUTH_TARG_ANON 1.3.6.1.5.5.13.15
|
||||
oid base GSS_C_MA_DELEG_CRED 1.3.6.1.5.5.13.16
|
||||
oid base GSS_C_MA_INTEG_PROT 1.3.6.1.5.5.13.17
|
||||
oid base GSS_C_MA_CONF_PROT 1.3.6.1.5.5.13.18
|
||||
oid base GSS_C_MA_MIC 1.3.6.1.5.5.13.19
|
||||
oid base GSS_C_MA_WRAP 1.3.6.1.5.5.13.20
|
||||
oid base GSS_C_MA_PROT_READY 1.3.6.1.5.5.13.21
|
||||
oid base GSS_C_MA_REPLAY_DET 1.3.6.1.5.5.13.22
|
||||
oid base GSS_C_MA_OOS_DET 1.3.6.1.5.5.13.23
|
||||
oid base GSS_C_MA_CBINDINGS 1.3.6.1.5.5.13.24
|
||||
oid base GSS_C_MA_PFS 1.3.6.1.5.5.13.25
|
||||
oid base GSS_C_MA_COMPRESS 1.3.6.1.5.5.13.26
|
||||
oid base GSS_C_MA_CTX_TRANS 1.3.6.1.5.5.13.27
|
||||
|
||||
desc ma GSS_C_MA_MECH_CONCRETE "concrete-mech" "Indicates that a mech is neither a pseudo-mechanism nor a composite mechanism"
|
||||
desc ma GSS_C_MA_MECH_PSEUDO "pseudo-mech" ""
|
||||
desc ma GSS_C_MA_MECH_COMPOSITE "composite-mech" ""
|
||||
desc ma GSS_C_MA_MECH_NEGO "mech-negotiation-mech" ""
|
||||
desc ma GSS_C_MA_MECH_GLUE "mech-glue" ""
|
||||
desc ma GSS_C_MA_NOT_MECH "not-mech" ""
|
||||
desc ma GSS_C_MA_DEPRECATED "mech-deprecated" ""
|
||||
desc ma GSS_C_MA_NOT_DFLT_MECH "mech-not-default" ""
|
||||
desc ma GSS_C_MA_ITOK_FRAMED "initial-is-framed" ""
|
||||
desc ma GSS_C_MA_AUTH_INIT "auth-init-princ" ""
|
||||
desc ma GSS_C_MA_AUTH_TARG "auth-targ-princ" ""
|
||||
desc ma GSS_C_MA_AUTH_INIT_INIT "auth-init-princ-initial" ""
|
||||
desc ma GSS_C_MA_AUTH_TARG_INIT "auth-targ-princ-initial" ""
|
||||
desc ma GSS_C_MA_AUTH_INIT_ANON "auth-init-princ-anon" ""
|
||||
desc ma GSS_C_MA_AUTH_TARG_ANON "auth-targ-princ-anon" ""
|
||||
desc ma GSS_C_MA_DELEG_CRED "deleg-cred" ""
|
||||
desc ma GSS_C_MA_INTEG_PROT "integ-prot" ""
|
||||
desc ma GSS_C_MA_CONF_PROT "conf-prot" ""
|
||||
desc ma GSS_C_MA_MIC "mic" ""
|
||||
desc ma GSS_C_MA_WRAP "wrap" ""
|
||||
desc ma GSS_C_MA_PROT_READY "prot-ready" ""
|
||||
desc ma GSS_C_MA_REPLAY_DET "replay-detection" ""
|
||||
desc ma GSS_C_MA_OOS_DET "oos-detection" ""
|
||||
desc ma GSS_C_MA_CBINDINGS "channel-bindings" ""
|
||||
desc ma GSS_C_MA_PFS "pfs" ""
|
||||
desc ma GSS_C_MA_COMPRESS "compress" ""
|
||||
desc ma GSS_C_MA_CTX_TRANS "context-transfer" ""
|
||||
|
||||
@@ -40,6 +40,41 @@
|
||||
* iso.org.dod.internet.security.mechanism.snego (1.3.6.1.5.5.2).
|
||||
*/
|
||||
|
||||
static gss_mo_desc spnego_mo[] = {
|
||||
{
|
||||
GSS_C_MA_SASL_MECH_NAME,
|
||||
GSS_MO_MA,
|
||||
"SASL mech name",
|
||||
"SPNEGO",
|
||||
_gss_mo_get_ctx_as_string,
|
||||
NULL
|
||||
},
|
||||
{
|
||||
GSS_C_MA_MECH_NAME,
|
||||
GSS_MO_MA,
|
||||
"Mechanism name",
|
||||
"SPNEGO",
|
||||
_gss_mo_get_ctx_as_string,
|
||||
NULL
|
||||
},
|
||||
{
|
||||
GSS_C_MA_MECH_DESCRIPTION,
|
||||
GSS_MO_MA,
|
||||
"Mechanism description",
|
||||
"Heimdal SPNEGO Mechanism",
|
||||
_gss_mo_get_ctx_as_string,
|
||||
NULL
|
||||
},
|
||||
{
|
||||
GSS_C_MA_MECH_NEGO,
|
||||
GSS_MO_MA
|
||||
},
|
||||
{
|
||||
GSS_C_MA_MECH_PSEUDO,
|
||||
GSS_MO_MA
|
||||
}
|
||||
};
|
||||
|
||||
static gssapi_mech_interface_desc spnego_mech = {
|
||||
GMI_VERSION,
|
||||
"spnego",
|
||||
@@ -84,7 +119,16 @@ static gssapi_mech_interface_desc spnego_mech = {
|
||||
_gss_spnego_wrap_iov_length,
|
||||
NULL,
|
||||
_gss_spnego_export_cred,
|
||||
_gss_spnego_import_cred
|
||||
_gss_spnego_import_cred,
|
||||
NULL,
|
||||
NULL,
|
||||
NULL,
|
||||
NULL,
|
||||
NULL,
|
||||
NULL,
|
||||
NULL,
|
||||
spnego_mo,
|
||||
sizeof(spnego_mo) / sizeof(spnego_mo[0])
|
||||
};
|
||||
|
||||
gssapi_mech_interface
|
||||
|
||||
Reference in New Issue
Block a user