diff --git a/lib/gssapi/Makefile.am b/lib/gssapi/Makefile.am index e94465d18..554dbf1ac 100644 --- a/lib/gssapi/Makefile.am +++ b/lib/gssapi/Makefile.am @@ -78,6 +78,7 @@ mechsrc = \ mech/context.h \ mech/context.c \ mech/cred.h \ + mech/cred.c \ mech/compat.h \ mech/doxygen.c \ mech/gss_accept_sec_context.c \ diff --git a/lib/gssapi/NTMakefile b/lib/gssapi/NTMakefile index 871f07422..c60f6a445 100644 --- a/lib/gssapi/NTMakefile +++ b/lib/gssapi/NTMakefile @@ -96,6 +96,7 @@ mechsrc = \ mech/context.h \ mech/context.c \ mech/cred.h \ + mech/cred.c \ mech/gss_accept_sec_context.c \ mech/gss_acquire_cred.c \ mech/gss_acquire_cred_from.c \ @@ -328,6 +329,7 @@ libgssapi_OBJs = \ $(OBJ)\krb5/verify_mic.obj \ $(OBJ)\krb5/wrap.obj \ $(OBJ)\mech/context.obj \ + $(OBJ)\mech/cred.obj \ $(OBJ)\mech/gss_accept_sec_context.obj \ $(OBJ)\mech/gss_acquire_cred.obj \ $(OBJ)\mech/gss_acquire_cred_from.obj \ diff --git a/lib/gssapi/mech/cred.c b/lib/gssapi/mech/cred.c new file mode 100644 index 000000000..6d811db40 --- /dev/null +++ b/lib/gssapi/mech/cred.c @@ -0,0 +1,67 @@ +/* + * Copyright (c) 2011 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Portions Copyright (c) 2011 Apple Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of KTH nor the names of its contributors may be + * used to endorse or promote products derived from this software without + * specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY + * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR + * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, + * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR + * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF + * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +#include "mech_locl.h" +#include "heim_threads.h" +#include "heimbase.h" + + +void +_gss_mg_release_cred(struct _gss_cred *cred) +{ + struct _gss_mechanism_cred *mc; + OM_uint32 junk; + + while (HEIM_SLIST_FIRST(&cred->gc_mc)) { + mc = HEIM_SLIST_FIRST(&cred->gc_mc); + HEIM_SLIST_REMOVE_HEAD(&cred->gc_mc, gmc_link); + mc->gmc_mech->gm_release_cred(&junk, &mc->gmc_cred); + free(mc); + } + free(cred); +} + +struct _gss_cred * +_gss_mg_alloc_cred(void) +{ + struct _gss_cred *cred; + cred = calloc(1, sizeof(struct _gss_cred)); + if (cred == NULL) + return NULL; + HEIM_SLIST_INIT(&cred->gc_mc); + + return cred; +} + diff --git a/lib/gssapi/mech/cred.h b/lib/gssapi/mech/cred.h index 8dda8c668..33e7bb6e5 100644 --- a/lib/gssapi/mech/cred.h +++ b/lib/gssapi/mech/cred.h @@ -39,6 +39,18 @@ struct _gss_cred { struct _gss_mechanism_cred_list gc_mc; }; +struct _gss_cred * +_gss_mg_alloc_cred(void); + +void +_gss_mg_release_cred(struct _gss_cred *cred); + +struct _gss_mechanism_cred * +_gss_copy_cred(struct _gss_mechanism_cred *mc); + +void +_gss_mg_check_credential(gss_const_cred_id_t credential); + struct _gss_mechanism_name; OM_uint32 @@ -53,4 +65,3 @@ _gss_mg_add_mech_cred(OM_uint32 *minor_status, struct _gss_mechanism_cred **output_cred_handle, OM_uint32 *initiator_time_rec, OM_uint32 *acceptor_time_rec); - diff --git a/lib/gssapi/mech/gss_accept_sec_context.c b/lib/gssapi/mech/gss_accept_sec_context.c index 849bf322c..d7dc8a06f 100644 --- a/lib/gssapi/mech/gss_accept_sec_context.c +++ b/lib/gssapi/mech/gss_accept_sec_context.c @@ -249,7 +249,7 @@ gss_accept_sec_context(OM_uint32 *minor_status, /* * Make a new name and mark it as an MN. */ - struct _gss_name *name = _gss_make_name(m, src_mn); + struct _gss_name *name = _gss_create_name(src_mn, m); if (!name) { m->gm_release_name(minor_status, &src_mn); @@ -279,13 +279,12 @@ gss_accept_sec_context(OM_uint32 *minor_status, struct _gss_cred *dcred; struct _gss_mechanism_cred *dmc; - dcred = malloc(sizeof(struct _gss_cred)); + dcred = _gss_mg_alloc_cred(); if (!dcred) { *minor_status = ENOMEM; gss_delete_sec_context(&junk, context_handle, NULL); return (GSS_S_FAILURE); } - HEIM_SLIST_INIT(&dcred->gc_mc); dmc = malloc(sizeof(struct _gss_mechanism_cred)); if (!dmc) { free(dcred); diff --git a/lib/gssapi/mech/gss_acquire_cred_from.c b/lib/gssapi/mech/gss_acquire_cred_from.c index 0c8b7871f..5436dfa37 100644 --- a/lib/gssapi/mech/gss_acquire_cred_from.c +++ b/lib/gssapi/mech/gss_acquire_cred_from.c @@ -179,14 +179,12 @@ gss_acquire_cred_from(OM_uint32 *minor_status, } else mechs = _gss_mech_oids; - cred = calloc(1, sizeof(*cred)); + cred = _gss_mg_alloc_cred(); if (cred == NULL) { *minor_status = ENOMEM; return GSS_S_FAILURE; } - HEIM_SLIST_INIT(&cred->gc_mc); - if (actual_mechs) { major_status = gss_create_empty_oid_set(minor_status, actual_mechs); if (GSS_ERROR(major_status)) diff --git a/lib/gssapi/mech/gss_add_cred_from.c b/lib/gssapi/mech/gss_add_cred_from.c index 6569da1d6..31862c8d4 100644 --- a/lib/gssapi/mech/gss_add_cred_from.c +++ b/lib/gssapi/mech/gss_add_cred_from.c @@ -153,11 +153,11 @@ gss_add_cred_from(OM_uint32 *minor_status, /* Mutate the input credentials */ mut_cred = rk_UNCONST(input_cred_handle); } else { - if ((mut_cred = calloc(1, sizeof(*mut_cred))) == NULL) { + mut_cred = _gss_mg_alloc_cred(); + if (mut_cred == NULL) { *minor_status = ENOMEM; return GSS_S_UNAVAILABLE; } - HEIM_SLIST_INIT(&mut_cred->gc_mc); release_cred = (gss_cred_id_t)mut_cred; } @@ -214,8 +214,6 @@ done: major_status = gss_inquire_cred(minor_status, (gss_const_cred_id_t)mut_cred, NULL, NULL, NULL, actual_mechs); - if (major_status != GSS_S_COMPLETE) - _gss_mg_error(m, major_status, *minor_status); } if (major_status == GSS_S_COMPLETE) { if (output_cred_handle != NULL) diff --git a/lib/gssapi/mech/gss_canonicalize_name.c b/lib/gssapi/mech/gss_canonicalize_name.c index 4918e5e00..f1ff7660b 100644 --- a/lib/gssapi/mech/gss_canonicalize_name.c +++ b/lib/gssapi/mech/gss_canonicalize_name.c @@ -70,6 +70,8 @@ gss_canonicalize_name(OM_uint32 *minor_status, major_status = _gss_find_mn(minor_status, name, mech_type, &mn); if (major_status) return major_status; + if (mn == NULL) + return GSS_S_BAD_NAME; m = mn->gmn_mech; major_status = m->gm_canonicalize_name(minor_status, @@ -83,27 +85,12 @@ gss_canonicalize_name(OM_uint32 *minor_status, * Now we make a new name and mark it as an MN. */ *minor_status = 0; - name = malloc(sizeof(struct _gss_name)); + name = _gss_create_name(new_canonical_name, m); if (!name) { m->gm_release_name(minor_status, &new_canonical_name); *minor_status = ENOMEM; return (GSS_S_FAILURE); } - memset(name, 0, sizeof(struct _gss_name)); - - mn = malloc(sizeof(struct _gss_mechanism_name)); - if (!mn) { - m->gm_release_name(minor_status, &new_canonical_name); - free(name); - *minor_status = ENOMEM; - return (GSS_S_FAILURE); - } - - HEIM_SLIST_INIT(&name->gn_mn); - mn->gmn_mech = m; - mn->gmn_mech_oid = &m->gm_mech_oid; - mn->gmn_name = new_canonical_name; - HEIM_SLIST_INSERT_HEAD(&name->gn_mn, mn, gmn_link); *output_name = (gss_name_t) name; diff --git a/lib/gssapi/mech/gss_cred.c b/lib/gssapi/mech/gss_cred.c index e16829c0f..3660dbe46 100644 --- a/lib/gssapi/mech/gss_cred.c +++ b/lib/gssapi/mech/gss_cred.c @@ -133,13 +133,12 @@ gss_import_cred(OM_uint32 * minor_status, return GSS_S_FAILURE; } - cred = calloc(1, sizeof(struct _gss_cred)); + cred = _gss_mg_alloc_cred(); if (cred == NULL) { krb5_storage_free(sp); *minor_status = ENOMEM; return GSS_S_FAILURE; } - HEIM_SLIST_INIT(&cred->gc_mc); *cred_handle = (gss_cred_id_t)cred; diff --git a/lib/gssapi/mech/gss_delete_sec_context.c b/lib/gssapi/mech/gss_delete_sec_context.c index 69d9cb6a0..575cb198b 100644 --- a/lib/gssapi/mech/gss_delete_sec_context.c +++ b/lib/gssapi/mech/gss_delete_sec_context.c @@ -33,13 +33,15 @@ gss_delete_sec_context(OM_uint32 *minor_status, gss_ctx_id_t *context_handle, gss_buffer_t output_token) { - OM_uint32 major_status = GSS_S_COMPLETE; + OM_uint32 major_status; struct _gss_context *ctx = (struct _gss_context *) *context_handle; if (output_token) _mg_buffer_zero(output_token); *minor_status = 0; + major_status = GSS_S_COMPLETE; + if (ctx) { /* * If we have an implementation ctx, delete it, @@ -53,5 +55,5 @@ gss_delete_sec_context(OM_uint32 *minor_status, *context_handle = GSS_C_NO_CONTEXT; } - return (major_status); + return major_status; } diff --git a/lib/gssapi/mech/gss_duplicate_cred.c b/lib/gssapi/mech/gss_duplicate_cred.c index b780d1759..6534454b5 100644 --- a/lib/gssapi/mech/gss_duplicate_cred.c +++ b/lib/gssapi/mech/gss_duplicate_cred.c @@ -132,12 +132,11 @@ gss_duplicate_cred(OM_uint32 *minor_status, } *output_cred_handle = GSS_C_NO_CREDENTIAL; - new_cred = malloc(sizeof(struct _gss_cred)); + new_cred = _gss_mg_alloc_cred(); if (!new_cred) { *minor_status = ENOMEM; return GSS_S_FAILURE; } - HEIM_SLIST_INIT(&new_cred->gc_mc); *minor_status = 0; major_status = GSS_S_NO_CRED; diff --git a/lib/gssapi/mech/gss_duplicate_name.c b/lib/gssapi/mech/gss_duplicate_name.c index 1f58b4230..222b683e1 100644 --- a/lib/gssapi/mech/gss_duplicate_name.c +++ b/lib/gssapi/mech/gss_duplicate_name.c @@ -59,13 +59,11 @@ gss_duplicate_name(OM_uint32 *minor_status, mn->gmn_mech_oid, &mn2); } } else { - new_name = malloc(sizeof(struct _gss_name)); + new_name = _gss_create_name(NULL, NULL); if (!new_name) { *minor_status = ENOMEM; return (GSS_S_FAILURE); } - memset(new_name, 0, sizeof(struct _gss_name)); - HEIM_SLIST_INIT(&new_name->gn_mn); *dest_name = (gss_name_t) new_name; HEIM_SLIST_FOREACH(mn, &name->gn_mn, gmn_link) { diff --git a/lib/gssapi/mech/gss_import_name.c b/lib/gssapi/mech/gss_import_name.c index df2deba31..4d868ec3f 100644 --- a/lib/gssapi/mech/gss_import_name.c +++ b/lib/gssapi/mech/gss_import_name.c @@ -136,7 +136,7 @@ _gss_import_export_name(OM_uint32 *minor_status, /* * Now we make a new name and mark it as an MN. */ - name = _gss_make_name(m, new_canonical_name); + name = _gss_create_name(new_canonical_name, m); if (!name) { m->gm_release_name(minor_status, &new_canonical_name); return (GSS_S_FAILURE); @@ -215,7 +215,7 @@ gss_import_name(OM_uint32 *minor_status, *minor_status = 0; - name = calloc(1, sizeof(struct _gss_name)); + name = _gss_create_name(NULL, NULL); if (!name) { *minor_status = ENOMEM; return (GSS_S_FAILURE); @@ -226,7 +226,8 @@ gss_import_name(OM_uint32 *minor_status, major_status = _gss_intern_oid(minor_status, name_type, &name->gn_type); if (major_status) { - free(name); + rname = (gss_name_t)name; + gss_release_name(&ms, (gss_name_t *)&rname); return (GSS_S_FAILURE); } diff --git a/lib/gssapi/mech/gss_init_sec_context.c b/lib/gssapi/mech/gss_init_sec_context.c index 21e02aea6..cbf36f6d5 100644 --- a/lib/gssapi/mech/gss_init_sec_context.c +++ b/lib/gssapi/mech/gss_init_sec_context.c @@ -194,7 +194,7 @@ gss_init_sec_context(OM_uint32 * minor_status, major_status = m->gm_init_sec_context(minor_status, cred_handle, &ctx->gc_ctx, - mn->gmn_name, + mn ? mn->gmn_name : GSS_C_NO_NAME, mech_type, req_flags, time_req, diff --git a/lib/gssapi/mech/gss_inquire_context.c b/lib/gssapi/mech/gss_inquire_context.c index 63fae9180..e2a8e66f3 100644 --- a/lib/gssapi/mech/gss_inquire_context.c +++ b/lib/gssapi/mech/gss_inquire_context.c @@ -83,7 +83,7 @@ gss_inquire_context(OM_uint32 *minor_status, } if (src_name) { - name = _gss_make_name(m, src_mn); + name = _gss_create_name(src_mn, m); if (!name) { if (mech_type) *mech_type = GSS_C_NO_OID; @@ -95,7 +95,7 @@ gss_inquire_context(OM_uint32 *minor_status, } if (targ_name) { - name = _gss_make_name(m, targ_mn); + name = _gss_create_name(targ_mn, m); if (!name) { if (mech_type) *mech_type = GSS_C_NO_OID; diff --git a/lib/gssapi/mech/gss_inquire_cred.c b/lib/gssapi/mech/gss_inquire_cred.c index e8222c445..89bdc7af3 100644 --- a/lib/gssapi/mech/gss_inquire_cred.c +++ b/lib/gssapi/mech/gss_inquire_cred.c @@ -73,12 +73,11 @@ gss_inquire_cred(OM_uint32 *minor_status, *mechanisms = GSS_C_NO_OID_SET; if (name_ret) { - name = calloc(1, sizeof(*name)); + name = _gss_create_name(NULL, NULL); if (name == NULL) { *minor_status = ENOMEM; return (GSS_S_FAILURE); } - HEIM_SLIST_INIT(&name->gn_mn); } else { name = NULL; } diff --git a/lib/gssapi/mech/gss_inquire_cred_by_mech.c b/lib/gssapi/mech/gss_inquire_cred_by_mech.c index 8ff2cc43c..3a277eed4 100644 --- a/lib/gssapi/mech/gss_inquire_cred_by_mech.c +++ b/lib/gssapi/mech/gss_inquire_cred_by_mech.c @@ -78,7 +78,7 @@ gss_inquire_cred_by_mech(OM_uint32 *minor_status, } if (cred_name) { - name = _gss_make_name(m, mn); + name = _gss_create_name(mn, m); if (!name) { m->gm_release_name(minor_status, &mn); return (GSS_S_NO_CRED); diff --git a/lib/gssapi/mech/gss_names.c b/lib/gssapi/mech/gss_names.c index 240c47d45..20c3918ed 100644 --- a/lib/gssapi/mech/gss_names.c +++ b/lib/gssapi/mech/gss_names.c @@ -2,6 +2,8 @@ * Copyright (c) 2005 Doug Rabson * All rights reserved. * + * Portions Copyright (c) 2009 Apple Inc. All rights reserved. + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: @@ -29,8 +31,10 @@ #include "mech_locl.h" OM_uint32 -_gss_find_mn(OM_uint32 *minor_status, struct _gss_name *name, gss_OID mech, - struct _gss_mechanism_name **output_mn) +_gss_find_mn(OM_uint32 *minor_status, + struct _gss_name *name, + gss_const_OID mech, + struct _gss_mechanism_name ** output_mn) { OM_uint32 major_status; gssapi_mech_interface m; @@ -38,6 +42,10 @@ _gss_find_mn(OM_uint32 *minor_status, struct _gss_name *name, gss_OID mech, *output_mn = NULL; + /* null names are ok, some mechs might not have names */ + if (name == NULL) + return GSS_S_COMPLETE; + HEIM_SLIST_FOREACH(mn, &name->gn_mn, gmn_link) { if (gss_oid_equal(mech, mn->gmn_mech_oid)) break; @@ -82,28 +90,52 @@ _gss_find_mn(OM_uint32 *minor_status, struct _gss_name *name, gss_OID mech, * Make a name from an MN. */ struct _gss_name * -_gss_make_name(gssapi_mech_interface m, gss_name_t new_mn) +_gss_create_name(gss_name_t new_mn, + struct gssapi_mech_interface_desc *m) { struct _gss_name *name; struct _gss_mechanism_name *mn; - name = malloc(sizeof(struct _gss_name)); + name = calloc(1, sizeof(struct _gss_name)); if (!name) return (0); - memset(name, 0, sizeof(struct _gss_name)); - - mn = malloc(sizeof(struct _gss_mechanism_name)); - if (!mn) { - free(name); - return (0); - } HEIM_SLIST_INIT(&name->gn_mn); - mn->gmn_mech = m; - mn->gmn_mech_oid = &m->gm_mech_oid; - mn->gmn_name = new_mn; - HEIM_SLIST_INSERT_HEAD(&name->gn_mn, mn, gmn_link); + + if (new_mn) { + mn = malloc(sizeof(struct _gss_mechanism_name)); + if (!mn) { + free(name); + return (0); + } + + mn->gmn_mech = m; + mn->gmn_mech_oid = &m->gm_mech_oid; + mn->gmn_name = new_mn; + HEIM_SLIST_INSERT_HEAD(&name->gn_mn, mn, gmn_link); + } return (name); } +/* + * + */ + +void +_gss_mg_release_name(struct _gss_name *name) +{ + OM_uint32 junk; + + gss_release_oid(&junk, &name->gn_type); + + while (HEIM_SLIST_FIRST(&name->gn_mn)) { + struct _gss_mechanism_name *mn; + mn = HEIM_SLIST_FIRST(&name->gn_mn); + HEIM_SLIST_REMOVE_HEAD(&name->gn_mn, gmn_link); + mn->gmn_mech->gm_release_name(&junk, &mn->gmn_name); + free(mn); + } + gss_release_buffer(&junk, &name->gn_value); + free(name); +} diff --git a/lib/gssapi/mech/gss_release_cred.c b/lib/gssapi/mech/gss_release_cred.c index 341f9f658..3a85de58e 100644 --- a/lib/gssapi/mech/gss_release_cred.c +++ b/lib/gssapi/mech/gss_release_cred.c @@ -54,18 +54,11 @@ GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_release_cred(OM_uint32 *minor_status, gss_cred_id_t *cred_handle) { struct _gss_cred *cred = (struct _gss_cred *) *cred_handle; - struct _gss_mechanism_cred *mc; - if (*cred_handle == GSS_C_NO_CREDENTIAL) + if (cred == NULL) return (GSS_S_COMPLETE); - while (HEIM_SLIST_FIRST(&cred->gc_mc)) { - mc = HEIM_SLIST_FIRST(&cred->gc_mc); - HEIM_SLIST_REMOVE_HEAD(&cred->gc_mc, gmc_link); - mc->gmc_mech->gm_release_cred(minor_status, &mc->gmc_cred); - free(mc); - } - free(cred); + _gss_mg_release_cred(cred); *minor_status = 0; *cred_handle = GSS_C_NO_CREDENTIAL; diff --git a/lib/gssapi/mech/gss_release_name.c b/lib/gssapi/mech/gss_release_name.c index fba46c0c0..db1793ee0 100644 --- a/lib/gssapi/mech/gss_release_name.c +++ b/lib/gssapi/mech/gss_release_name.c @@ -55,18 +55,8 @@ gss_release_name(OM_uint32 *minor_status, return GSS_S_COMPLETE; name = (struct _gss_name *) *input_name; + _gss_mg_release_name(name); - gss_release_oid(minor_status, &name->gn_type); - while (HEIM_SLIST_FIRST(&name->gn_mn)) { - struct _gss_mechanism_name *mn; - mn = HEIM_SLIST_FIRST(&name->gn_mn); - HEIM_SLIST_REMOVE_HEAD(&name->gn_mn, gmn_link); - mn->gmn_mech->gm_release_name(minor_status, - &mn->gmn_name); - free(mn); - } - gss_release_buffer(minor_status, &name->gn_value); - free(name); *input_name = GSS_C_NO_NAME; return (GSS_S_COMPLETE); diff --git a/lib/gssapi/mech/gss_set_cred_option.c b/lib/gssapi/mech/gss_set_cred_option.c index 661fd071e..e4e3a177e 100644 --- a/lib/gssapi/mech/gss_set_cred_option.c +++ b/lib/gssapi/mech/gss_set_cred_option.c @@ -50,11 +50,11 @@ gss_set_cred_option (OM_uint32 *minor_status, if (cred == NULL) { struct _gss_mech_switch *m; - cred = malloc(sizeof(*cred)); - if (cred == NULL) + cred = _gss_mg_alloc_cred(); + if (cred == NULL) { + *minor_status = ENOMEM; return GSS_S_FAILURE; - - HEIM_SLIST_INIT(&cred->gc_mc); + } HEIM_SLIST_FOREACH(m, &_gss_mechs, gm_link) { diff --git a/lib/gssapi/mech/name.h b/lib/gssapi/mech/name.h index 10334957c..40cae4ce8 100644 --- a/lib/gssapi/mech/name.h +++ b/lib/gssapi/mech/name.h @@ -42,7 +42,8 @@ struct _gss_name { }; OM_uint32 - _gss_find_mn(OM_uint32 *, struct _gss_name *, gss_OID, + _gss_find_mn(OM_uint32 *, struct _gss_name *, gss_const_OID, struct _gss_mechanism_name **); struct _gss_name * - _gss_make_name(gssapi_mech_interface m, gss_name_t new_mn); + _gss_create_name(gss_name_t new_mn, gssapi_mech_interface m); +void _gss_mg_release_name(struct _gss_name *);