From f132e0b2a3c66becd305f6f2ac1c311f6e453001 Mon Sep 17 00:00:00 2001 From: Douglas Bagnall Date: Thu, 30 Jul 2015 17:41:35 +1200 Subject: [PATCH 1/5] GSSAPI: update lib/gssapi/gen-oid.pl to work with Perl 5 The invocation `require "getopts.pl"; Getopts(...)` works in Perl 4, but not in recent Perl 5. Signed-off-by: Douglas Bagnall --- lib/gssapi/gen-oid.pl | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/gssapi/gen-oid.pl b/lib/gssapi/gen-oid.pl index 4a519f89a..c02f5be9b 100644 --- a/lib/gssapi/gen-oid.pl +++ b/lib/gssapi/gen-oid.pl @@ -31,14 +31,14 @@ # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF # SUCH DAMAGE. -require 'getopts.pl'; +use Getopt::Std; my $output; my $CFILE, $HFILE; my $onlybase; my $header = 0; -Getopts('b:h') || die "foo"; +getopts('b:h') || die "USAGE: ./gen-oid [-b BASE] [-h HEADER]"; if($opt_b) { $onlybase = $opt_b; From afab2ff86778340fc54f532c2dcf2d383f393a48 Mon Sep 17 00:00:00 2001 From: Douglas Bagnall Date: Fri, 31 Jul 2015 15:01:07 +1200 Subject: [PATCH 2/5] GSSAPI: use rk_UNCONST() on password and cert oid These missed out on the rk_UNCONST()ification by virtue of being added in a parallel branch. In the diagram below, they got added in 02cf28e, while the rk_UNCONSTs were added in f5f9014. * cc47c8f Turn on -Wextra -Wno-sign-compare -Wno-unused-paramter and fix issues. * 3069d80 Merge branch 'master' into lukeh/acquire-cred-ex |\ | * f5f9014 Warning fixes from Christos Zoulas * | 02cf28e implement gss_acquire_cred_ex with password support |/ * 2170219 add more oids rk_UNCONST amounts to a cast to (void *), removing const. Signed-off-by: Douglas Bagnall --- lib/gssapi/mech/gss_oid.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/gssapi/mech/gss_oid.c b/lib/gssapi/mech/gss_oid.c index de70cca6a..a2d3bca44 100644 --- a/lib/gssapi/mech/gss_oid.c +++ b/lib/gssapi/mech/gss_oid.c @@ -104,10 +104,10 @@ gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ma_mech_name_oid_desc = { 6, rk_UNCONST gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ma_mech_description_oid_desc = { 6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x66") }; /* GSS_C_CRED_PASSWORD - 1.2.752.43.13.200 */ -gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_cred_password_oid_desc = { 7, "\x2a\x85\x70\x2b\x0d\x81\x48" }; +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_cred_password_oid_desc = { 7, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x81\x48") }; /* GSS_C_CRED_CERTIFICATE - 1.2.752.43.13.201 */ -gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_cred_certificate_oid_desc = { 7, "\x2a\x85\x70\x2b\x0d\x81\x49" }; +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_cred_certificate_oid_desc = { 7, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x81\x49") }; /* GSS_SASL_DIGEST_MD5_MECHANISM - 1.2.752.43.14.1 */ gss_OID_desc GSSAPI_LIB_VARIABLE __gss_sasl_digest_md5_mechanism_oid_desc = { 6, rk_UNCONST("\x2a\x85\x70\x2b\x0e\x01") }; From 0c36f11f1793ae84f1d06ea36f0e8d746d26e3fe Mon Sep 17 00:00:00 2001 From: Douglas Bagnall Date: Fri, 31 Jul 2015 11:49:55 +1200 Subject: [PATCH 3/5] GSSAPI: keep consistent sort order in lib/gssapi/gen-oid.pl Signed-off-by: Douglas Bagnall --- lib/gssapi/gen-oid.pl | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/gssapi/gen-oid.pl b/lib/gssapi/gen-oid.pl index c02f5be9b..fa8faeac4 100644 --- a/lib/gssapi/gen-oid.pl +++ b/lib/gssapi/gen-oid.pl @@ -122,10 +122,10 @@ while(<>) { } -foreach my $k (keys %types) { +foreach my $k (sort keys %types) { if (!$header) { print "struct _gss_oid_name_table _gss_ont_" . $k . "[] = {\n"; - foreach my $m (values %tables) { + foreach my $m (sort {$$a->{oid} cmp $$b->{oid}} values %tables) { if ($$m->{type} eq $k) { printf " { %s, \"%s\", %s, %s },\n", $$m->{oid}, $$m->{oid}, $$m->{short}, $$m->{long}; } From 0d31145e9defc7d58953a13c422ccac407ce6b61 Mon Sep 17 00:00:00 2001 From: Douglas Bagnall Date: Fri, 31 Jul 2015 14:45:22 +1200 Subject: [PATCH 4/5] GSSAPI: generate full NULL structure initializers in gen-oid.pl As seen in commit cc47c8fa7 (Roland C. Dowdeswell , "Turn on -Wextra -Wno-sign-compare -Wno-unused-paramter and fix issues"), compilers can be persuaded to dislike a single {NULL} and prefer {NULL, NULL, NULL, NULL}. That patch altered the C code directly; here we change the generating file to match. Signed-off-by: Douglas Bagnall --- lib/gssapi/gen-oid.pl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/gssapi/gen-oid.pl b/lib/gssapi/gen-oid.pl index fa8faeac4..a2341ad98 100644 --- a/lib/gssapi/gen-oid.pl +++ b/lib/gssapi/gen-oid.pl @@ -130,7 +130,7 @@ foreach my $k (sort keys %types) { printf " { %s, \"%s\", %s, %s },\n", $$m->{oid}, $$m->{oid}, $$m->{short}, $$m->{long}; } } - printf " { NULL }\n"; + printf " { NULL, NULL, NULL, NULL }\n"; printf "};\n\n"; } From 832d7af01872252c9e9c754a6387971622d3e30c Mon Sep 17 00:00:00 2001 From: Douglas Bagnall Date: Fri, 31 Jul 2015 14:34:19 +1200 Subject: [PATCH 5/5] GSSAPI: regenerate lib/gssapi/mech/gss_oid.c with consistent sort This is generated from lib/gssapi/oid.txt using lib/gssapi/gen-oid.pl, which sorts the entries to ensure minimal diff churn when an oid is added or changed. The lack of effective changes can be seen by sorting both versions, a bit like this: $ git show HEAD~~:lib/gssapi/mech/gss_oid.c | sort > /tmp/gss_oid.c-OLD $ cat lib/gssapi/mech/gss_oid.c | sort > /tmp/gss_oid.c-NEW $ diff -u /tmp/gss_oid.c* $ #Nothing to see! This is of course not a reliable check in general, but works for this simple file in concert with ordinary inspection. Signed-off-by: Douglas Bagnall --- lib/gssapi/mech/gss_oid.c | 50 +++++++++++++++++++-------------------- 1 file changed, 25 insertions(+), 25 deletions(-) diff --git a/lib/gssapi/mech/gss_oid.c b/lib/gssapi/mech/gss_oid.c index a2d3bca44..8bd05a866 100644 --- a/lib/gssapi/mech/gss_oid.c +++ b/lib/gssapi/mech/gss_oid.c @@ -224,43 +224,43 @@ gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ma_compress_oid_desc = { 7, rk_UNCONST( gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ma_ctx_trans_oid_desc = { 7, rk_UNCONST("\x2b\x06\x01\x05\x05\x0d\x1b") }; struct _gss_oid_name_table _gss_ont_ma[] = { - { GSS_C_MA_COMPRESS, "GSS_C_MA_COMPRESS", "compress", "" }, + { GSS_C_MA_AUTH_INIT, "GSS_C_MA_AUTH_INIT", "auth-init-princ", "" }, + { GSS_C_MA_AUTH_INIT_ANON, "GSS_C_MA_AUTH_INIT_ANON", "auth-init-princ-anon", "" }, + { GSS_C_MA_AUTH_INIT_INIT, "GSS_C_MA_AUTH_INIT_INIT", "auth-init-princ-initial", "" }, + { GSS_C_MA_AUTH_TARG, "GSS_C_MA_AUTH_TARG", "auth-targ-princ", "" }, + { GSS_C_MA_AUTH_TARG_ANON, "GSS_C_MA_AUTH_TARG_ANON", "auth-targ-princ-anon", "" }, { GSS_C_MA_AUTH_TARG_INIT, "GSS_C_MA_AUTH_TARG_INIT", "auth-targ-princ-initial", "" }, { GSS_C_MA_CBINDINGS, "GSS_C_MA_CBINDINGS", "channel-bindings", "" }, - { GSS_C_MA_WRAP, "GSS_C_MA_WRAP", "wrap", "" }, - { GSS_C_MA_ITOK_FRAMED, "GSS_C_MA_ITOK_FRAMED", "initial-is-framed", "" }, - { GSS_C_MA_MECH_NEGO, "GSS_C_MA_MECH_NEGO", "mech-negotiation-mech", "" }, - { GSS_C_MA_MECH_COMPOSITE, "GSS_C_MA_MECH_COMPOSITE", "composite-mech", "" }, - { GSS_C_MA_REPLAY_DET, "GSS_C_MA_REPLAY_DET", "replay-detection", "" }, - { GSS_C_MA_AUTH_INIT_ANON, "GSS_C_MA_AUTH_INIT_ANON", "auth-init-princ-anon", "" }, - { GSS_C_MA_PROT_READY, "GSS_C_MA_PROT_READY", "prot-ready", "" }, - { GSS_C_MA_AUTH_INIT, "GSS_C_MA_AUTH_INIT", "auth-init-princ", "" }, - { GSS_C_MA_PFS, "GSS_C_MA_PFS", "pfs", "" }, + { GSS_C_MA_COMPRESS, "GSS_C_MA_COMPRESS", "compress", "" }, { GSS_C_MA_CONF_PROT, "GSS_C_MA_CONF_PROT", "conf-prot", "" }, - { GSS_C_MA_MECH_PSEUDO, "GSS_C_MA_MECH_PSEUDO", "pseudo-mech", "" }, - { GSS_C_MA_AUTH_TARG, "GSS_C_MA_AUTH_TARG", "auth-targ-princ", "" }, - { GSS_C_MA_MECH_NAME, "GSS_C_MA_MECH_NAME", "GSS mech name", "The name of the GSS-API mechanism" }, - { GSS_C_MA_NOT_MECH, "GSS_C_MA_NOT_MECH", "not-mech", "" }, - { GSS_C_MA_MIC, "GSS_C_MA_MIC", "mic", "" }, - { GSS_C_MA_DEPRECATED, "GSS_C_MA_DEPRECATED", "mech-deprecated", "" }, - { GSS_C_MA_MECH_GLUE, "GSS_C_MA_MECH_GLUE", "mech-glue", "" }, - { GSS_C_MA_DELEG_CRED, "GSS_C_MA_DELEG_CRED", "deleg-cred", "" }, - { GSS_C_MA_NOT_DFLT_MECH, "GSS_C_MA_NOT_DFLT_MECH", "mech-not-default", "" }, - { GSS_C_MA_AUTH_TARG_ANON, "GSS_C_MA_AUTH_TARG_ANON", "auth-targ-princ-anon", "" }, - { GSS_C_MA_INTEG_PROT, "GSS_C_MA_INTEG_PROT", "integ-prot", "" }, { GSS_C_MA_CTX_TRANS, "GSS_C_MA_CTX_TRANS", "context-transfer", "" }, - { GSS_C_MA_MECH_DESCRIPTION, "GSS_C_MA_MECH_DESCRIPTION", "Mech description", "The long description of the mechanism" }, - { GSS_C_MA_OOS_DET, "GSS_C_MA_OOS_DET", "oos-detection", "" }, - { GSS_C_MA_AUTH_INIT_INIT, "GSS_C_MA_AUTH_INIT_INIT", "auth-init-princ-initial", "" }, + { GSS_C_MA_DELEG_CRED, "GSS_C_MA_DELEG_CRED", "deleg-cred", "" }, + { GSS_C_MA_DEPRECATED, "GSS_C_MA_DEPRECATED", "mech-deprecated", "" }, + { GSS_C_MA_INTEG_PROT, "GSS_C_MA_INTEG_PROT", "integ-prot", "" }, + { GSS_C_MA_ITOK_FRAMED, "GSS_C_MA_ITOK_FRAMED", "initial-is-framed", "" }, + { GSS_C_MA_MECH_COMPOSITE, "GSS_C_MA_MECH_COMPOSITE", "composite-mech", "" }, { GSS_C_MA_MECH_CONCRETE, "GSS_C_MA_MECH_CONCRETE", "concrete-mech", "Indicates that a mech is neither a pseudo-mechanism nor a composite mechanism" }, + { GSS_C_MA_MECH_DESCRIPTION, "GSS_C_MA_MECH_DESCRIPTION", "Mech description", "The long description of the mechanism" }, + { GSS_C_MA_MECH_GLUE, "GSS_C_MA_MECH_GLUE", "mech-glue", "" }, + { GSS_C_MA_MECH_NAME, "GSS_C_MA_MECH_NAME", "GSS mech name", "The name of the GSS-API mechanism" }, + { GSS_C_MA_MECH_NEGO, "GSS_C_MA_MECH_NEGO", "mech-negotiation-mech", "" }, + { GSS_C_MA_MECH_PSEUDO, "GSS_C_MA_MECH_PSEUDO", "pseudo-mech", "" }, + { GSS_C_MA_MIC, "GSS_C_MA_MIC", "mic", "" }, + { GSS_C_MA_NOT_DFLT_MECH, "GSS_C_MA_NOT_DFLT_MECH", "mech-not-default", "" }, + { GSS_C_MA_NOT_MECH, "GSS_C_MA_NOT_MECH", "not-mech", "" }, + { GSS_C_MA_OOS_DET, "GSS_C_MA_OOS_DET", "oos-detection", "" }, + { GSS_C_MA_PFS, "GSS_C_MA_PFS", "pfs", "" }, + { GSS_C_MA_PROT_READY, "GSS_C_MA_PROT_READY", "prot-ready", "" }, + { GSS_C_MA_REPLAY_DET, "GSS_C_MA_REPLAY_DET", "replay-detection", "" }, { GSS_C_MA_SASL_MECH_NAME, "GSS_C_MA_SASL_MECH_NAME", "SASL mechanism name", "The name of the SASL mechanism" }, + { GSS_C_MA_WRAP, "GSS_C_MA_WRAP", "wrap", "" }, { NULL, NULL, NULL, NULL } }; struct _gss_oid_name_table _gss_ont_mech[] = { { GSS_KRB5_MECHANISM, "GSS_KRB5_MECHANISM", "Kerberos 5", "Heimdal Kerberos 5 mechanism" }, - { GSS_SPNEGO_MECHANISM, "GSS_SPNEGO_MECHANISM", "SPNEGO", "Heimdal SPNEGO mechanism" }, { GSS_NTLM_MECHANISM, "GSS_NTLM_MECHANISM", "NTLM", "Heimdal NTLM mechanism" }, + { GSS_SPNEGO_MECHANISM, "GSS_SPNEGO_MECHANISM", "SPNEGO", "Heimdal SPNEGO mechanism" }, { NULL, NULL, NULL, NULL } };