diff --git a/lib/gssapi/krb5/accept_sec_context.c b/lib/gssapi/krb5/accept_sec_context.c index 3f8e2740e..1cd933049 100644 --- a/lib/gssapi/krb5/accept_sec_context.c +++ b/lib/gssapi/krb5/accept_sec_context.c @@ -377,7 +377,8 @@ gsskrb5_acceptor_start(OM_uint32 * minor_status, krb5_keytab keytab = NULL; int is_cfx = 0; int close_kt = 0; - const gsskrb5_cred acceptor_cred = (gsskrb5_cred)acceptor_cred_handle; + gsskrb5_const_cred acceptor_cred = + (gsskrb5_const_cred)acceptor_cred_handle; /* * We may, or may not, have an escapsulation. diff --git a/lib/gssapi/krb5/authorize_localname.c b/lib/gssapi/krb5/authorize_localname.c index 5621c1f9c..0c13428dd 100644 --- a/lib/gssapi/krb5/authorize_localname.c +++ b/lib/gssapi/krb5/authorize_localname.c @@ -39,7 +39,7 @@ _gsskrb5_authorize_localname(OM_uint32 *minor_status, gss_const_OID user_name_type) { krb5_context context; - krb5_principal princ = (krb5_principal)input_name; + krb5_const_principal princ = (krb5_const_principal)input_name; char *user; int user_ok; @@ -58,7 +58,8 @@ _gsskrb5_authorize_localname(OM_uint32 *minor_status, user[user_name->length] = '\0'; *minor_status = 0; - user_ok = krb5_kuserok(context, princ, user); + /* XXX krb5_kuserok should take krb5_const_principal */ + user_ok = krb5_kuserok(context, rk_UNCONST(princ), user); free(user); diff --git a/lib/gssapi/krb5/context_time.c b/lib/gssapi/krb5/context_time.c index 58249cb5a..6a0c28423 100644 --- a/lib/gssapi/krb5/context_time.c +++ b/lib/gssapi/krb5/context_time.c @@ -72,7 +72,7 @@ OM_uint32 GSSAPI_CALLCONV _gsskrb5_context_time krb5_context context; OM_uint32 endtime; OM_uint32 major_status; - const gsskrb5_ctx ctx = (const gsskrb5_ctx) context_handle; + gsskrb5_ctx ctx = rk_UNCONST(context_handle); GSSAPI_KRB5_INIT (&context); diff --git a/lib/gssapi/krb5/duplicate_cred.c b/lib/gssapi/krb5/duplicate_cred.c index a44ec3b23..822208d46 100644 --- a/lib/gssapi/krb5/duplicate_cred.c +++ b/lib/gssapi/krb5/duplicate_cred.c @@ -72,7 +72,7 @@ OM_uint32 GSSAPI_CALLCONV _gsskrb5_duplicate_cred ( *output_cred_handle = (gss_cred_id_t)dup; /* making sure to release on error */ - cred = (gsskrb5_cred)input_cred_handle; + cred = rk_UNCONST(input_cred_handle); HEIMDAL_MUTEX_lock(&cred->cred_id_mutex); dup->destination_realm = NULL; diff --git a/lib/gssapi/krb5/get_mic.c b/lib/gssapi/krb5/get_mic.c index 47b0a4ac7..566a431fd 100644 --- a/lib/gssapi/krb5/get_mic.c +++ b/lib/gssapi/krb5/get_mic.c @@ -42,7 +42,7 @@ OM_uint32 GSSAPI_CALLCONV _gsskrb5_get_mic ) { krb5_context context; - const gsskrb5_ctx ctx = (const gsskrb5_ctx) context_handle; + const gsskrb5_ctx ctx = rk_UNCONST(context_handle); krb5_keyblock *key; OM_uint32 ret; diff --git a/lib/gssapi/krb5/gsskrb5_locl.h b/lib/gssapi/krb5/gsskrb5_locl.h index fbbb168c6..17be1dd82 100644 --- a/lib/gssapi/krb5/gsskrb5_locl.h +++ b/lib/gssapi/krb5/gsskrb5_locl.h @@ -95,7 +95,7 @@ IS_DCE_STYLE(gsskrb5_ctx ctx) return (ctx->flags & GSS_C_DCE_STYLE) != 0; } -typedef struct { +typedef struct gsskrb5_cred { krb5_principal principal; char *destination_realm; /* Realm of acceptor service, if delegated */ int cred_flags; @@ -109,6 +109,7 @@ typedef struct { HEIMDAL_MUTEX cred_id_mutex; krb5_enctype *enctypes; } *gsskrb5_cred; +typedef const struct gsskrb5_cred *gsskrb5_const_cred; typedef struct Principal *gsskrb5_name; diff --git a/lib/gssapi/krb5/init_sec_context.c b/lib/gssapi/krb5/init_sec_context.c index e52c81d8f..0a2bb22a2 100644 --- a/lib/gssapi/krb5/init_sec_context.c +++ b/lib/gssapi/krb5/init_sec_context.c @@ -367,7 +367,7 @@ do_delegation (krb5_context context, static OM_uint32 init_auth (OM_uint32 * minor_status, - gsskrb5_cred cred, + gsskrb5_const_cred cred, gsskrb5_ctx ctx, krb5_context context, gss_const_name_t name, @@ -478,7 +478,7 @@ failure: static OM_uint32 init_auth_restart (OM_uint32 * minor_status, - gsskrb5_cred cred, + gsskrb5_const_cred cred, gsskrb5_ctx ctx, krb5_context context, OM_uint32 req_flags, @@ -875,7 +875,7 @@ OM_uint32 GSSAPI_CALLCONV _gsskrb5_init_sec_context ) { krb5_context context; - gsskrb5_cred cred = (gsskrb5_cred)cred_handle; + gsskrb5_const_cred cred = (gsskrb5_const_cred)cred_handle; gsskrb5_ctx ctx; OM_uint32 ret; diff --git a/lib/gssapi/krb5/inquire_context.c b/lib/gssapi/krb5/inquire_context.c index e225c33ba..8fc0129b0 100644 --- a/lib/gssapi/krb5/inquire_context.c +++ b/lib/gssapi/krb5/inquire_context.c @@ -47,7 +47,7 @@ OM_uint32 GSSAPI_CALLCONV _gsskrb5_inquire_context ( { krb5_context context; OM_uint32 ret; - gsskrb5_ctx ctx = (gsskrb5_ctx)context_handle; + gsskrb5_ctx ctx = rk_UNCONST(context_handle); gss_name_t name; if (src_name) diff --git a/lib/gssapi/krb5/inquire_cred.c b/lib/gssapi/krb5/inquire_cred.c index b7b67f783..3c456f288 100644 --- a/lib/gssapi/krb5/inquire_cred.c +++ b/lib/gssapi/krb5/inquire_cred.c @@ -45,7 +45,7 @@ OM_uint32 GSSAPI_CALLCONV _gsskrb5_inquire_cred krb5_context context; gss_cred_id_t aqcred_init = GSS_C_NO_CREDENTIAL; gss_cred_id_t aqcred_accept = GSS_C_NO_CREDENTIAL; - gsskrb5_cred cred = (gsskrb5_cred)cred_handle; + gsskrb5_cred cred = rk_UNCONST(cred_handle); gss_OID_set amechs = GSS_C_NO_OID_SET; gss_OID_set imechs = GSS_C_NO_OID_SET; OM_uint32 junk; diff --git a/lib/gssapi/krb5/inquire_cred_by_oid.c b/lib/gssapi/krb5/inquire_cred_by_oid.c index 7dae3d25c..a78750895 100644 --- a/lib/gssapi/krb5/inquire_cred_by_oid.c +++ b/lib/gssapi/krb5/inquire_cred_by_oid.c @@ -39,7 +39,7 @@ OM_uint32 GSSAPI_CALLCONV _gsskrb5_inquire_cred_by_oid gss_buffer_set_t *data_set) { krb5_context context; - gsskrb5_cred cred = (gsskrb5_cred)cred_handle; + gsskrb5_cred cred = rk_UNCONST(cred_handle); krb5_error_code ret; gss_buffer_desc buffer; char *str; diff --git a/lib/gssapi/krb5/inquire_sec_context_by_oid.c b/lib/gssapi/krb5/inquire_sec_context_by_oid.c index 49d86d11c..b9b40970b 100644 --- a/lib/gssapi/krb5/inquire_sec_context_by_oid.c +++ b/lib/gssapi/krb5/inquire_sec_context_by_oid.c @@ -533,7 +533,7 @@ OM_uint32 GSSAPI_CALLCONV _gsskrb5_inquire_sec_context_by_oid gss_buffer_set_t *data_set) { krb5_context context; - const gsskrb5_ctx ctx = (const gsskrb5_ctx) context_handle; + const gsskrb5_ctx ctx = rk_UNCONST(context_handle); unsigned suffix; if (ctx == NULL) { diff --git a/lib/gssapi/krb5/process_context_token.c b/lib/gssapi/krb5/process_context_token.c index 601b0e8a5..b317452c0 100644 --- a/lib/gssapi/krb5/process_context_token.c +++ b/lib/gssapi/krb5/process_context_token.c @@ -49,7 +49,7 @@ OM_uint32 GSSAPI_CALLCONV _gsskrb5_process_context_token ( GSSAPI_KRB5_INIT (&context); ret = _gsskrb5_verify_mic_internal(minor_status, - (gsskrb5_ctx)context_handle, + rk_UNCONST(context_handle), context, token_buffer, &empty_buffer, GSS_C_QOP_DEFAULT, diff --git a/lib/gssapi/krb5/store_cred.c b/lib/gssapi/krb5/store_cred.c index 6d727b4e2..a4f5e87ef 100644 --- a/lib/gssapi/krb5/store_cred.c +++ b/lib/gssapi/krb5/store_cred.c @@ -203,7 +203,7 @@ _gsskrb5_store_cred_into2(OM_uint32 *minor_status, return GSS_S_BAD_MECH; if (input_cred_handle == GSS_C_NO_CREDENTIAL) return GSS_S_CALL_INACCESSIBLE_READ; - input_cred = (gsskrb5_cred)input_cred_handle; + input_cred = rk_UNCONST(input_cred_handle); /* Sanity check the input_cred */ if (input_cred->usage != cred_usage && input_cred->usage != GSS_C_BOTH) { diff --git a/lib/gssapi/krb5/unwrap.c b/lib/gssapi/krb5/unwrap.c index 23fa6aab7..cdb8f76a1 100644 --- a/lib/gssapi/krb5/unwrap.c +++ b/lib/gssapi/krb5/unwrap.c @@ -45,7 +45,7 @@ OM_uint32 GSSAPI_CALLCONV _gsskrb5_unwrap krb5_keyblock *key; krb5_context context; OM_uint32 ret; - gsskrb5_ctx ctx = (gsskrb5_ctx) context_handle; + gsskrb5_ctx ctx = rk_UNCONST(context_handle); output_message_buffer->value = NULL; output_message_buffer->length = 0; diff --git a/lib/gssapi/krb5/verify_mic.c b/lib/gssapi/krb5/verify_mic.c index 73f654720..cfe7db8b3 100644 --- a/lib/gssapi/krb5/verify_mic.c +++ b/lib/gssapi/krb5/verify_mic.c @@ -104,7 +104,7 @@ _gsskrb5_verify_mic *qop_state = GSS_C_QOP_DEFAULT; ret = _gsskrb5_verify_mic_internal(minor_status, - (gsskrb5_ctx)context_handle, + rk_UNCONST(context_handle), context, message_buffer, token_buffer, qop_state, (void *)(intptr_t)"\x01\x01"); diff --git a/lib/gssapi/krb5/wrap.c b/lib/gssapi/krb5/wrap.c index 1709a8727..45da06d03 100644 --- a/lib/gssapi/krb5/wrap.c +++ b/lib/gssapi/krb5/wrap.c @@ -147,7 +147,7 @@ _gsskrb5_wrap_size_limit ( krb5_context context; krb5_keyblock *key; OM_uint32 ret; - const gsskrb5_ctx ctx = (const gsskrb5_ctx) context_handle; + const gsskrb5_ctx ctx = rk_UNCONST(context_handle); GSSAPI_KRB5_INIT (&context); @@ -207,7 +207,7 @@ _gsskrb5_wrap krb5_context context; krb5_keyblock *key; OM_uint32 ret; - const gsskrb5_ctx ctx = (const gsskrb5_ctx) context_handle; + const gsskrb5_ctx ctx = rk_UNCONST(context_handle); output_message_buffer->value = NULL; output_message_buffer->length = 0;