From dbeeb18a53315d14c542617371492c218d49c627 Mon Sep 17 00:00:00 2001 From: Love Hornquist Astrand Date: Thu, 25 Nov 2010 18:32:33 -0800 Subject: [PATCH] generate oids using table --- lib/gssapi/Makefile.am | 8 +++ lib/gssapi/gen-oid.pl | 74 ++++++++++++++++++++++ lib/gssapi/gssapi/gssapi.h | 10 +-- lib/gssapi/gssapi/gssapi_krb5.h | 73 ---------------------- lib/gssapi/gssapi/gssapi_oid.h | 107 ++++++++++++++++++++++++++++++++ lib/gssapi/krb5/external.c | 95 ---------------------------- lib/gssapi/mech/gss_mo.c | 39 +++++++++++- lib/gssapi/mech/gss_oid.c | 98 +++++++++++++++++++++++++++++ lib/gssapi/oid.txt | 49 +++++++++++++++ 9 files changed, 376 insertions(+), 177 deletions(-) create mode 100644 lib/gssapi/gen-oid.pl create mode 100644 lib/gssapi/gssapi/gssapi_oid.h create mode 100644 lib/gssapi/mech/gss_oid.c create mode 100644 lib/gssapi/oid.txt diff --git a/lib/gssapi/Makefile.am b/lib/gssapi/Makefile.am index 6a88bd946..63348d12e 100644 --- a/lib/gssapi/Makefile.am +++ b/lib/gssapi/Makefile.am @@ -113,6 +113,7 @@ mechsrc = \ mech/gss_mech_switch.c \ mech/gss_mo.o \ mech/gss_names.c \ + mech/gss_oid.c \ mech/gss_oid_equal.c \ mech/gss_oid_to_str.c \ mech/gss_process_context_token.c \ @@ -219,10 +220,12 @@ noinst_HEADERS = \ ntlm/ntlm-private.h \ spnego/spnego-private.h \ krb5/gsskrb5-private.h + nobase_include_HEADERS = \ gssapi/gssapi.h \ gssapi/gssapi_krb5.h \ gssapi/gssapi_ntlm.h \ + gssapi/gssapi_oid.h \ gssapi/gssapi_spnego.h gssapidir = $(includedir)/gssapi @@ -324,6 +327,11 @@ EXTRA_DIST = \ $(libgssapi_la_OBJECTS): gkrb5_err.h gssapi_asn1.h gssapi_asn1-priv.h $(libgssapi_la_OBJECTS): spnego_asn1.h spnego_asn1-priv.h +$(libgssapi_la_OBJECTS): $(srcdir)/gssapi/gssapi_oid.h gkrb5_err.h gkrb5_err.c: $(srcdir)/krb5/gkrb5_err.et $(COMPILE_ET) $(srcdir)/krb5/gkrb5_err.et + +$(srcdir)/gssapi/gssapi_oid.h $(srcdir)/mech/gss_oid.c: + perl $(srcdir)/gen-oid.pl -b base -h $(srcdir)/oid.txt > $(srcdir)/gssapi/gssapi_oid.h + perl $(srcdir)/gen-oid.pl -b base $(srcdir)/oid.txt > $(srcdir)/mech/gss_oid.c diff --git a/lib/gssapi/gen-oid.pl b/lib/gssapi/gen-oid.pl new file mode 100644 index 000000000..2b2a2bc91 --- /dev/null +++ b/lib/gssapi/gen-oid.pl @@ -0,0 +1,74 @@ +#!/usr/bin/perl + +require 'getopts.pl'; + +my $output; +my $CFILE, $HFILE; +my $onlybase; +my $header = 0; + +Getopts('b:h') || die "foo"; + +if($opt_b) { + $onlybase = $opt_b; +} + +$header = 1 if ($opt_h); + +if ($header) { + printf "#ifndef GSSAPI_GSSAPI_OID\n"; + printf "#define GSSAPI_GSSAPI_OID 1\n\n"; +} else { + printf "#include \"gssapi.h\"\n\n"; +} + +while(<>) { + + if (/^\w*#(.*)/) { + my $comment = $1; + + if ($header) { + printf("$comment\n"); + } + + } elsif (/^oid\s+([\w\.]+)\s+(\w+)\s+([\w\.]+)/) { + my ($base, $name, $oid) = ($1, $2, $3); + + next if (defined $onlybase and $onlybase ne $base); + + my $store = "__" . lc($name) . "_oid_desc"; + + # encode oid + + my @array = split(/\./, $oid); + my $length = 0; + my $data = ""; + + my $num = $array[0] * 40 + $array[1]; + $data .= sprintf("\\x%x", $num); + $length += 1; + + foreach $num (@array[2 .. $#array]) { + my $num2 = $num; + while ($num2) { + my $p = int($num2 % 128); + $num2 = int($num2 / 128); + $p |= 0x80 if ($num2); + $data .= sprintf("\\x%02x", $p); + $length += 1; + } + } + if ($header) { + printf "extern gss_OID_desc $store;\n"; + printf "#define $name (&$store)\n\n"; + } else { + printf "/* $name - $oid */\n"; + printf "gss_OID_desc $store = { $length, \"$data\" };\n\n"; + } + } + +} + +if ($header) { + printf "#endif /* GSSAPI_GSSAPI_OID */\n"; +} diff --git a/lib/gssapi/gssapi/gssapi.h b/lib/gssapi/gssapi/gssapi.h index c8454661d..2ec13615d 100644 --- a/lib/gssapi/gssapi/gssapi.h +++ b/lib/gssapi/gssapi/gssapi.h @@ -270,6 +270,8 @@ typedef OM_uint32 gss_qop_t; GSSAPI_CPP_START +#include + /* * The implementation must reserve static storage for a * gss_OID_desc object containing the value @@ -372,14 +374,6 @@ extern GSSAPI_LIB_VARIABLE gss_OID_desc __gss_c_nt_anonymous_oid_desc; extern GSSAPI_LIB_VARIABLE gss_OID_desc __gss_c_nt_export_name_oid_desc; #define GSS_C_NT_EXPORT_NAME (&__gss_c_nt_export_name_oid_desc) -/* - * Digest mechanism - */ - -extern gss_OID_desc GSSAPI_LIB_VARIABLE __gss_sasl_digest_md5_mechanism_oid_desc; -#define GSS_SASL_DIGEST_MD5_MECHANISM (&__gss_sasl_digest_md5_mechanism_oid_desc) - - /* Major status codes */ #define GSS_S_COMPLETE 0 diff --git a/lib/gssapi/gssapi/gssapi_krb5.h b/lib/gssapi/gssapi/gssapi_krb5.h index 28f9c3777..2f605f5ee 100644 --- a/lib/gssapi/gssapi/gssapi_krb5.h +++ b/lib/gssapi/gssapi/gssapi_krb5.h @@ -68,79 +68,6 @@ extern gss_OID_desc GSSAPI_LIB_VARIABLE __gss_krb5_mechanism_oid_desc; #define gss_mech_krb5 GSS_KRB5_MECHANISM #define gss_krb5_nt_general_name GSS_KRB5_NT_PRINCIPAL_NAME -/* Extensions set contexts options */ -extern GSSAPI_LIB_VARIABLE gss_OID_desc __gss_krb5_copy_ccache_x_oid_desc; -#define GSS_KRB5_COPY_CCACHE_X (&__gss_krb5_copy_ccache_x_oid_desc) - -extern GSSAPI_LIB_VARIABLE gss_OID_desc __gss_krb5_compat_des3_mic_x_oid_desc; -#define GSS_KRB5_COMPAT_DES3_MIC_X (&__gss_krb5_compat_des3_mic_x_oid_desc) - -extern GSSAPI_LIB_VARIABLE gss_OID_desc __gss_krb5_register_acceptor_identity_x_oid_desc; -#define GSS_KRB5_REGISTER_ACCEPTOR_IDENTITY_X (&__gss_krb5_register_acceptor_identity_x_oid_desc) - -extern GSSAPI_LIB_VARIABLE gss_OID_desc __gss_krb5_set_dns_canonicalize_x_oid_desc; -#define GSS_KRB5_SET_DNS_CANONICALIZE_X (&__gss_krb5_set_dns_canonicalize_x_oid_desc) - -extern GSSAPI_LIB_VARIABLE gss_OID_desc __gss_krb5_send_to_kdc_x_oid_desc; -#define GSS_KRB5_SEND_TO_KDC_X (&__gss_krb5_send_to_kdc_x_oid_desc) - -extern GSSAPI_LIB_VARIABLE gss_OID_desc __gss_krb5_set_default_realm_x_oid_desc; -#define GSS_KRB5_SET_DEFAULT_REALM_X (&__gss_krb5_set_default_realm_x_oid_desc) - -extern GSSAPI_LIB_VARIABLE gss_OID_desc __gss_krb5_ccache_name_x_oid_desc; -#define GSS_KRB5_CCACHE_NAME_X (&__gss_krb5_ccache_name_x_oid_desc) - -extern GSSAPI_LIB_VARIABLE gss_OID_desc __gss_krb5_set_time_offset_x_oid_desc; -#define GSS_KRB5_SET_TIME_OFFSET_X (&__gss_krb5_set_time_offset_x_oid_desc) - -extern GSSAPI_LIB_VARIABLE gss_OID_desc __gss_krb5_get_time_offset_x_oid_desc; -#define GSS_KRB5_GET_TIME_OFFSET_X (&__gss_krb5_get_time_offset_x_oid_desc) - -extern GSSAPI_LIB_VARIABLE gss_OID_desc __gss_krb5_plugin_register_x_oid_desc; -#define GSS_KRB5_PLUGIN_REGISTER_X (&__gss_krb5_plugin_register_x_oid_desc) - -/* Extensions inquire context */ -extern GSSAPI_LIB_VARIABLE gss_OID_desc __gss_krb5_get_tkt_flags_x_oid_desc; -#define GSS_KRB5_GET_TKT_FLAGS_X (&__gss_krb5_get_tkt_flags_x_oid_desc) - -extern GSSAPI_LIB_VARIABLE gss_OID_desc __gss_krb5_extract_authz_data_from_sec_context_x_oid_desc; -#define GSS_KRB5_EXTRACT_AUTHZ_DATA_FROM_SEC_CONTEXT_X (&__gss_krb5_extract_authz_data_from_sec_context_x_oid_desc) - -extern GSSAPI_LIB_VARIABLE gss_OID_desc __gss_c_peer_has_updated_spnego_oid_desc; -#define GSS_C_PEER_HAS_UPDATED_SPNEGO (&__gss_c_peer_has_updated_spnego_oid_desc) - -extern GSSAPI_LIB_VARIABLE gss_OID_desc __gss_krb5_export_lucid_context_x_oid_desc; -#define GSS_KRB5_EXPORT_LUCID_CONTEXT_X (&__gss_krb5_export_lucid_context_x_oid_desc) - -extern GSSAPI_LIB_VARIABLE gss_OID_desc __gss_krb5_export_lucid_context_v1_x_oid_desc; -#define GSS_KRB5_EXPORT_LUCID_CONTEXT_V1_X (&__gss_krb5_export_lucid_context_v1_x_oid_desc) - -extern GSSAPI_LIB_VARIABLE gss_OID_desc __gss_krb5_get_subkey_x_oid_desc; -#define GSS_KRB5_GET_SUBKEY_X (&__gss_krb5_get_subkey_x_oid_desc) - -extern GSSAPI_LIB_VARIABLE gss_OID_desc __gss_krb5_get_initiator_subkey_x_oid_desc; -#define GSS_KRB5_GET_INITIATOR_SUBKEY_X (&__gss_krb5_get_initiator_subkey_x_oid_desc) - -extern GSSAPI_LIB_VARIABLE gss_OID_desc __gss_krb5_get_acceptor_subkey_x_oid_desc; -#define GSS_KRB5_GET_ACCEPTOR_SUBKEY_X (&__gss_krb5_get_acceptor_subkey_x_oid_desc) - -extern GSSAPI_LIB_VARIABLE gss_OID_desc __gss_krb5_get_authtime_x_oid_desc; -#define GSS_KRB5_GET_AUTHTIME_X (&__gss_krb5_get_authtime_x_oid_desc) - -extern GSSAPI_LIB_VARIABLE gss_OID_desc __gss_krb5_get_service_keyblock_x_oid_desc; -#define GSS_KRB5_GET_SERVICE_KEYBLOCK_X (&__gss_krb5_get_service_keyblock_x_oid_desc) - -/* Extensions creds */ - -extern GSSAPI_LIB_VARIABLE gss_OID_desc __gss_krb5_import_cred_x_oid_desc; -#define GSS_KRB5_IMPORT_CRED_X (&__gss_krb5_import_cred_x_oid_desc) - -extern GSSAPI_LIB_VARIABLE gss_OID_desc __gss_krb5_set_allowable_enctypes_x_oid_desc; -#define GSS_KRB5_SET_ALLOWABLE_ENCTYPES_X (&__gss_krb5_set_allowable_enctypes_x_oid_desc) - -extern GSSAPI_LIB_VARIABLE gss_OID_desc __gss_krb5_cred_no_ci_flags_x_oid_desc; -#define GSS_KRB5_CRED_NO_CI_FLAGS_X (&__gss_krb5_cred_no_ci_flags_x_oid_desc) - /* * kerberos mechanism specific functions */ diff --git a/lib/gssapi/gssapi/gssapi_oid.h b/lib/gssapi/gssapi/gssapi_oid.h new file mode 100644 index 000000000..aa8b00d24 --- /dev/null +++ b/lib/gssapi/gssapi/gssapi_oid.h @@ -0,0 +1,107 @@ +#ifndef GSSAPI_GSSAPI_OID +#define GSSAPI_GSSAPI_OID 1 + + /* + * 1.2.752.43.13 Heimdal GSS-API Extentions + */ +extern gss_OID_desc __gss_krb5_copy_ccache_x_oid_desc; +#define GSS_KRB5_COPY_CCACHE_X (&__gss_krb5_copy_ccache_x_oid_desc) + +extern gss_OID_desc __gss_krb5_get_tkt_flags_x_oid_desc; +#define GSS_KRB5_GET_TKT_FLAGS_X (&__gss_krb5_get_tkt_flags_x_oid_desc) + +extern gss_OID_desc __gss_krb5_extract_authz_data_from_sec_context_x_oid_desc; +#define GSS_KRB5_EXTRACT_AUTHZ_DATA_FROM_SEC_CONTEXT_X (&__gss_krb5_extract_authz_data_from_sec_context_x_oid_desc) + +extern gss_OID_desc __gss_krb5_compat_des3_mic_x_oid_desc; +#define GSS_KRB5_COMPAT_DES3_MIC_X (&__gss_krb5_compat_des3_mic_x_oid_desc) + +extern gss_OID_desc __gss_krb5_register_acceptor_identity_x_oid_desc; +#define GSS_KRB5_REGISTER_ACCEPTOR_IDENTITY_X (&__gss_krb5_register_acceptor_identity_x_oid_desc) + +extern gss_OID_desc __gss_krb5_export_lucid_context_x_oid_desc; +#define GSS_KRB5_EXPORT_LUCID_CONTEXT_X (&__gss_krb5_export_lucid_context_x_oid_desc) + +extern gss_OID_desc __gss_krb5_export_lucid_context_v1_x_oid_desc; +#define GSS_KRB5_EXPORT_LUCID_CONTEXT_v1_X (&__gss_krb5_export_lucid_context_v1_x_oid_desc) + +extern gss_OID_desc __gss_krb5_set_dns_canonicalize_x_oid_desc; +#define GSS_KRB5_SET_DNS_CANONICALIZE_X (&__gss_krb5_set_dns_canonicalize_x_oid_desc) + +extern gss_OID_desc __gss_krb5_get_subkey_x_oid_desc; +#define GSS_KRB5_GET_SUBKEY_X (&__gss_krb5_get_subkey_x_oid_desc) + +extern gss_OID_desc __gss_krb5_get_initiator_subkey_x_oid_desc; +#define GSS_KRB5_GET_INITIATOR_SUBKEY_X (&__gss_krb5_get_initiator_subkey_x_oid_desc) + +extern gss_OID_desc __gss_krb5_get_acceptor_subkey_x_oid_desc; +#define GSS_KRB5_GET_ACCEPTOR_SUBKEY_X (&__gss_krb5_get_acceptor_subkey_x_oid_desc) + +extern gss_OID_desc __gss_krb5_send_to_kdc_x_oid_desc; +#define GSS_KRB5_SEND_TO_KDC_X (&__gss_krb5_send_to_kdc_x_oid_desc) + +extern gss_OID_desc __gss_krb5_get_authtime_x_oid_desc; +#define GSS_KRB5_GET_AUTHTIME_X (&__gss_krb5_get_authtime_x_oid_desc) + +extern gss_OID_desc __gss_krb5_get_service_keyblock_x_oid_desc; +#define GSS_KRB5_GET_SERVICE_KEYBLOCK_X (&__gss_krb5_get_service_keyblock_x_oid_desc) + +extern gss_OID_desc __gss_krb5_set_allowable_enctypes_x_oid_desc; +#define GSS_KRB5_SET_ALLOWABLE_ENCTYPES_X (&__gss_krb5_set_allowable_enctypes_x_oid_desc) + +extern gss_OID_desc __gss_krb5_set_default_realm_x_oid_desc; +#define GSS_KRB5_SET_DEFAULT_REALM_X (&__gss_krb5_set_default_realm_x_oid_desc) + +extern gss_OID_desc __gss_krb5_ccache_name_x_oid_desc; +#define GSS_KRB5_CCACHE_NAME_X (&__gss_krb5_ccache_name_x_oid_desc) + +extern gss_OID_desc __gss_krb5_set_time_offset_x_oid_desc; +#define GSS_KRB5_SET_TIME_OFFSET_X (&__gss_krb5_set_time_offset_x_oid_desc) + +extern gss_OID_desc __gss_krb5_get_time_offset_x_oid_desc; +#define GSS_KRB5_GET_TIME_OFFSET_X (&__gss_krb5_get_time_offset_x_oid_desc) + +extern gss_OID_desc __gss_krb5_plugin_register_x_oid_desc; +#define GSS_KRB5_PLUGIN_REGISTER_X (&__gss_krb5_plugin_register_x_oid_desc) + +extern gss_OID_desc __gss_ntlm_get_session_key_x_oid_desc; +#define GSS_NTLM_GET_SESSION_KEY_X (&__gss_ntlm_get_session_key_x_oid_desc) + +extern gss_OID_desc __gss_c_nt_ntlm_oid_desc; +#define GSS_C_NT_NTLM (&__gss_c_nt_ntlm_oid_desc) + +extern gss_OID_desc __gss_c_nt_dn_oid_desc; +#define GSS_C_NT_DN (&__gss_c_nt_dn_oid_desc) + +extern gss_OID_desc __gss_krb5_nt_principal_name_referral_oid_desc; +#define GSS_KRB5_NT_PRINCIPAL_NAME_REFERRAL (&__gss_krb5_nt_principal_name_referral_oid_desc) + +extern gss_OID_desc __gss_c_ntlm_avguest_oid_desc; +#define GSS_C_NTLM_AVGUEST (&__gss_c_ntlm_avguest_oid_desc) + +extern gss_OID_desc __gss_c_ntlm_v1_oid_desc; +#define GSS_C_NTLM_V1 (&__gss_c_ntlm_v1_oid_desc) + +extern gss_OID_desc __gss_c_ntlm_v2_oid_desc; +#define GSS_C_NTLM_V2 (&__gss_c_ntlm_v2_oid_desc) + +extern gss_OID_desc __gss_c_ntlm_session_key_oid_desc; +#define GSS_C_NTLM_SESSION_KEY (&__gss_c_ntlm_session_key_oid_desc) + +extern gss_OID_desc __gss_c_ntlm_force_v1_oid_desc; +#define GSS_C_NTLM_FORCE_V1 (&__gss_c_ntlm_force_v1_oid_desc) + + /* glue for gss_inquire_saslname_for_mech */ +extern gss_OID_desc __gss_ma_sasl_mech_name_oid_desc; +#define GSS_MA_SASL_MECH_NAME (&__gss_ma_sasl_mech_name_oid_desc) + +/* + * Digest mechanisms + */ +extern gss_OID_desc __gss_sasl_digest_md5_mechanism_oid_desc; +#define GSS_SASL_DIGEST_MD5_MECHANISM (&__gss_sasl_digest_md5_mechanism_oid_desc) + +extern gss_OID_desc __gss_c_peer_has_updated_spnego_oid_desc; +#define GSS_C_PEER_HAS_UPDATED_SPNEGO (&__gss_c_peer_has_updated_spnego_oid_desc) + +#endif /* GSSAPI_GSSAPI_OID */ diff --git a/lib/gssapi/krb5/external.c b/lib/gssapi/krb5/external.c index ef33c5575..7f32380e7 100644 --- a/lib/gssapi/krb5/external.c +++ b/lib/gssapi/krb5/external.c @@ -212,101 +212,6 @@ gss_OID_desc GSSAPI_LIB_VARIABLE __gss_iakerb_proxy_mechanism_oid_desc = gss_OID_desc GSSAPI_LIB_VARIABLE __gss_iakerb_min_msg_mechanism_oid_desc = {7, rk_UNCONST("\x2b\x06\x01\x05\x05\x0a\x02") }; -/* - * - */ - -gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_peer_has_updated_spnego_oid_desc = - {9, (void *)"\x2b\x06\x01\x04\x01\xa9\x4a\x13\x05"}; - -/* - * 1.2.752.43.13 Heimdal GSS-API Extentions - */ - -/* 1.2.752.43.13.1 */ -gss_OID_desc GSSAPI_LIB_VARIABLE __gss_krb5_copy_ccache_x_oid_desc = - {6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x01")}; - -/* 1.2.752.43.13.2 */ -gss_OID_desc GSSAPI_LIB_VARIABLE __gss_krb5_get_tkt_flags_x_oid_desc = - {6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x02")}; - -/* 1.2.752.43.13.3 */ -gss_OID_desc GSSAPI_LIB_VARIABLE __gss_krb5_extract_authz_data_from_sec_context_x_oid_desc = - {6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x03")}; - -/* 1.2.752.43.13.4 */ -gss_OID_desc GSSAPI_LIB_VARIABLE __gss_krb5_compat_des3_mic_x_oid_desc = - {6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x04")}; - -/* 1.2.752.43.13.5 */ -gss_OID_desc GSSAPI_LIB_VARIABLE __gss_krb5_register_acceptor_identity_x_oid_desc = - {6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x05")}; - -/* 1.2.752.43.13.6 */ -gss_OID_desc GSSAPI_LIB_VARIABLE __gss_krb5_export_lucid_context_x_oid_desc = - {6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x06")}; - -/* 1.2.752.43.13.6.1 */ -gss_OID_desc GSSAPI_LIB_VARIABLE __gss_krb5_export_lucid_context_v1_x_oid_desc = - {7, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x06\x01")}; - -/* 1.2.752.43.13.7 */ -gss_OID_desc GSSAPI_LIB_VARIABLE __gss_krb5_set_dns_canonicalize_x_oid_desc = - {6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x07")}; - -/* 1.2.752.43.13.8 */ -gss_OID_desc GSSAPI_LIB_VARIABLE __gss_krb5_get_subkey_x_oid_desc = - {6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x08")}; - -/* 1.2.752.43.13.9 */ -gss_OID_desc GSSAPI_LIB_VARIABLE __gss_krb5_get_initiator_subkey_x_oid_desc = - {6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x09")}; - -/* 1.2.752.43.13.10 */ -gss_OID_desc GSSAPI_LIB_VARIABLE __gss_krb5_get_acceptor_subkey_x_oid_desc = - {6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x0a")}; - -/* 1.2.752.43.13.11 */ -gss_OID_desc GSSAPI_LIB_VARIABLE __gss_krb5_send_to_kdc_x_oid_desc = - {6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x0b")}; - -/* 1.2.752.43.13.12 */ -gss_OID_desc GSSAPI_LIB_VARIABLE __gss_krb5_get_authtime_x_oid_desc = - {6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x0c")}; - -/* 1.2.752.43.13.13 */ -gss_OID_desc GSSAPI_LIB_VARIABLE __gss_krb5_get_service_keyblock_x_oid_desc = - {6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x0d")}; - -/* 1.2.752.43.13.14 */ -gss_OID_desc GSSAPI_LIB_VARIABLE __gss_krb5_set_allowable_enctypes_x_oid_desc = - {6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x0e")}; - -/* 1.2.752.43.13.15 */ -gss_OID_desc GSSAPI_LIB_VARIABLE __gss_krb5_set_default_realm_x_oid_desc = - {6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x0f")}; - -/* 1.2.752.43.13.16 */ -gss_OID_desc GSSAPI_LIB_VARIABLE __gss_krb5_ccache_name_x_oid_desc = - {6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x10")}; - -/* 1.2.752.43.13.17 */ -gss_OID_desc GSSAPI_LIB_VARIABLE __gss_krb5_set_time_offset_x_oid_desc = - {6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x11")}; - -/* 1.2.752.43.13.18 */ -gss_OID_desc GSSAPI_LIB_VARIABLE __gss_krb5_get_time_offset_x_oid_desc = - {6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x12")}; - -/* 1.2.752.43.13.19 */ -gss_OID_desc GSSAPI_LIB_VARIABLE __gss_krb5_plugin_register_x_oid_desc = - {6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x13")}; - -/* 1.2.752.43.14.1 */ -gss_OID_desc GSSAPI_LIB_VARIABLE __gss_sasl_digest_md5_mechanism_oid_desc = - {6, rk_UNCONST("\x2a\x85\x70\x2b\x0e\x01") }; - /* * Context for krb5 calls. */ diff --git a/lib/gssapi/mech/gss_mo.c b/lib/gssapi/mech/gss_mo.c index 284ebba76..697a0f250 100644 --- a/lib/gssapi/mech/gss_mo.c +++ b/lib/gssapi/mech/gss_mo.c @@ -69,7 +69,7 @@ gss_mo_set(gss_OID mech, gss_OID option, int enable, gss_buffer_t value) return 0; } -int +OM_uint32 gss_mo_get(gss_OID mech, gss_OID option, gss_buffer_t value) { gssapi_mech_interface m; @@ -142,6 +142,19 @@ gss_mo_name(gss_OID mech, gss_OID option, gss_buffer_t name) return GSS_S_BAD_NAME; } +/** + * Returns differnt protocol names and description of the mechanism. + * + * @param desired_mech mech list query + * @param sasl_mech_name SASL GS2 protocol name + * @param mech_name gssapi protocol name + * @param mech_description description of gssapi mech + * + * @return returns GSS_S_COMPLETE or a error code. + * + * @ingroup gssapi + */ + GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_inquire_saslname_for_mech(OM_uint32 *minor_status, const gss_OID desired_mech, @@ -149,10 +162,34 @@ gss_inquire_saslname_for_mech(OM_uint32 *minor_status, gss_buffer_t mech_name, gss_buffer_t mech_description) { + OM_uint32 major; + _mg_buffer_zero(sasl_mech_name); _mg_buffer_zero(mech_name); _mg_buffer_zero(mech_description); + if (minor_status) + *minor_status = 0; + + if (desired_mech) + return GSS_S_BAD_MECH; + + if (sasl_mech_name) { + major = gss_mo_get(desired_mech, GSS_MA_SASL_MECH_NAME, sasl_mech_name); + if (major) + return major; + } + if (mech_name) { + major = gss_mo_get(desired_mech, GSS_MA_MECH_NAME, mech_name); + if (major) + return major; + } + if (mech_description) { + major = gss_mo_get(desired_mech, GSS_MA_MECH_DESCRIPTION, mech_description); + if (major) + return major; + } + return GSS_S_COMPLETE; } diff --git a/lib/gssapi/mech/gss_oid.c b/lib/gssapi/mech/gss_oid.c new file mode 100644 index 000000000..f39978cf7 --- /dev/null +++ b/lib/gssapi/mech/gss_oid.c @@ -0,0 +1,98 @@ +#include "gssapi.h" + +/* GSS_KRB5_COPY_CCACHE_X - 1.2.752.43.13.1 */ +gss_OID_desc __gss_krb5_copy_ccache_x_oid_desc = { 6, "\x2a\xf0\x05\x2b\x0d\x01" }; + +/* GSS_KRB5_GET_TKT_FLAGS_X - 1.2.752.43.13.2 */ +gss_OID_desc __gss_krb5_get_tkt_flags_x_oid_desc = { 6, "\x2a\xf0\x05\x2b\x0d\x02" }; + +/* GSS_KRB5_EXTRACT_AUTHZ_DATA_FROM_SEC_CONTEXT_X - 1.2.752.43.13.3 */ +gss_OID_desc __gss_krb5_extract_authz_data_from_sec_context_x_oid_desc = { 6, "\x2a\xf0\x05\x2b\x0d\x03" }; + +/* GSS_KRB5_COMPAT_DES3_MIC_X - 1.2.752.43.13.4 */ +gss_OID_desc __gss_krb5_compat_des3_mic_x_oid_desc = { 6, "\x2a\xf0\x05\x2b\x0d\x04" }; + +/* GSS_KRB5_REGISTER_ACCEPTOR_IDENTITY_X - 1.2.752.43.13.5 */ +gss_OID_desc __gss_krb5_register_acceptor_identity_x_oid_desc = { 6, "\x2a\xf0\x05\x2b\x0d\x05" }; + +/* GSS_KRB5_EXPORT_LUCID_CONTEXT_X - 1.2.752.43.13.6 */ +gss_OID_desc __gss_krb5_export_lucid_context_x_oid_desc = { 6, "\x2a\xf0\x05\x2b\x0d\x06" }; + +/* GSS_KRB5_EXPORT_LUCID_CONTEXT_v1_X - 1.2.752.43.13.6.1 */ +gss_OID_desc __gss_krb5_export_lucid_context_v1_x_oid_desc = { 7, "\x2a\xf0\x05\x2b\x0d\x06\x01" }; + +/* GSS_KRB5_SET_DNS_CANONICALIZE_X - 1.2.752.43.13.7 */ +gss_OID_desc __gss_krb5_set_dns_canonicalize_x_oid_desc = { 6, "\x2a\xf0\x05\x2b\x0d\x07" }; + +/* GSS_KRB5_GET_SUBKEY_X - 1.2.752.43.13.8 */ +gss_OID_desc __gss_krb5_get_subkey_x_oid_desc = { 6, "\x2a\xf0\x05\x2b\x0d\x08" }; + +/* GSS_KRB5_GET_INITIATOR_SUBKEY_X - 1.2.752.43.13.9 */ +gss_OID_desc __gss_krb5_get_initiator_subkey_x_oid_desc = { 6, "\x2a\xf0\x05\x2b\x0d\x09" }; + +/* GSS_KRB5_GET_ACCEPTOR_SUBKEY_X - 1.2.752.43.13.10 */ +gss_OID_desc __gss_krb5_get_acceptor_subkey_x_oid_desc = { 6, "\x2a\xf0\x05\x2b\x0d\x0a" }; + +/* GSS_KRB5_SEND_TO_KDC_X - 1.2.752.43.13.11 */ +gss_OID_desc __gss_krb5_send_to_kdc_x_oid_desc = { 6, "\x2a\xf0\x05\x2b\x0d\x0b" }; + +/* GSS_KRB5_GET_AUTHTIME_X - 1.2.752.43.13.12 */ +gss_OID_desc __gss_krb5_get_authtime_x_oid_desc = { 6, "\x2a\xf0\x05\x2b\x0d\x0c" }; + +/* GSS_KRB5_GET_SERVICE_KEYBLOCK_X - 1.2.752.43.13.13 */ +gss_OID_desc __gss_krb5_get_service_keyblock_x_oid_desc = { 6, "\x2a\xf0\x05\x2b\x0d\x0d" }; + +/* GSS_KRB5_SET_ALLOWABLE_ENCTYPES_X - 1.2.752.43.13.14 */ +gss_OID_desc __gss_krb5_set_allowable_enctypes_x_oid_desc = { 6, "\x2a\xf0\x05\x2b\x0d\x0e" }; + +/* GSS_KRB5_SET_DEFAULT_REALM_X - 1.2.752.43.13.15 */ +gss_OID_desc __gss_krb5_set_default_realm_x_oid_desc = { 6, "\x2a\xf0\x05\x2b\x0d\x0f" }; + +/* GSS_KRB5_CCACHE_NAME_X - 1.2.752.43.13.16 */ +gss_OID_desc __gss_krb5_ccache_name_x_oid_desc = { 6, "\x2a\xf0\x05\x2b\x0d\x10" }; + +/* GSS_KRB5_SET_TIME_OFFSET_X - 1.2.752.43.13.17 */ +gss_OID_desc __gss_krb5_set_time_offset_x_oid_desc = { 6, "\x2a\xf0\x05\x2b\x0d\x11" }; + +/* GSS_KRB5_GET_TIME_OFFSET_X - 1.2.752.43.13.18 */ +gss_OID_desc __gss_krb5_get_time_offset_x_oid_desc = { 6, "\x2a\xf0\x05\x2b\x0d\x12" }; + +/* GSS_KRB5_PLUGIN_REGISTER_X - 1.2.752.43.13.19 */ +gss_OID_desc __gss_krb5_plugin_register_x_oid_desc = { 6, "\x2a\xf0\x05\x2b\x0d\x13" }; + +/* GSS_NTLM_GET_SESSION_KEY_X - 1.2.752.43.13.20 */ +gss_OID_desc __gss_ntlm_get_session_key_x_oid_desc = { 6, "\x2a\xf0\x05\x2b\x0d\x14" }; + +/* GSS_C_NT_NTLM - 1.2.752.43.13.21 */ +gss_OID_desc __gss_c_nt_ntlm_oid_desc = { 6, "\x2a\xf0\x05\x2b\x0d\x15" }; + +/* GSS_C_NT_DN - 1.2.752.43.13.22 */ +gss_OID_desc __gss_c_nt_dn_oid_desc = { 6, "\x2a\xf0\x05\x2b\x0d\x16" }; + +/* GSS_KRB5_NT_PRINCIPAL_NAME_REFERRAL - 1.2.752.43.13.23 */ +gss_OID_desc __gss_krb5_nt_principal_name_referral_oid_desc = { 6, "\x2a\xf0\x05\x2b\x0d\x17" }; + +/* GSS_C_NTLM_AVGUEST - 1.2.752.43.13.24 */ +gss_OID_desc __gss_c_ntlm_avguest_oid_desc = { 6, "\x2a\xf0\x05\x2b\x0d\x18" }; + +/* GSS_C_NTLM_V1 - 1.2.752.43.13.25 */ +gss_OID_desc __gss_c_ntlm_v1_oid_desc = { 6, "\x2a\xf0\x05\x2b\x0d\x19" }; + +/* GSS_C_NTLM_V2 - 1.2.752.43.13.26 */ +gss_OID_desc __gss_c_ntlm_v2_oid_desc = { 6, "\x2a\xf0\x05\x2b\x0d\x1a" }; + +/* GSS_C_NTLM_SESSION_KEY - 1.2.752.43.13.27 */ +gss_OID_desc __gss_c_ntlm_session_key_oid_desc = { 6, "\x2a\xf0\x05\x2b\x0d\x1b" }; + +/* GSS_C_NTLM_FORCE_V1 - 1.2.752.43.13.28 */ +gss_OID_desc __gss_c_ntlm_force_v1_oid_desc = { 6, "\x2a\xf0\x05\x2b\x0d\x1c" }; + +/* GSS_MA_SASL_MECH_NAME - 1.2.752.43.13.28 */ +gss_OID_desc __gss_ma_sasl_mech_name_oid_desc = { 6, "\x2a\xf0\x05\x2b\x0d\x1c" }; + +/* GSS_SASL_DIGEST_MD5_MECHANISM - 1.2.752.43.14.1 */ +gss_OID_desc __gss_sasl_digest_md5_mechanism_oid_desc = { 6, "\x2a\xf0\x05\x2b\x0e\x01" }; + +/* GSS_C_PEER_HAS_UPDATED_SPNEGO - 1.3.6.1.4.1.9513.19.5 */ +gss_OID_desc __gss_c_peer_has_updated_spnego_oid_desc = { 9, "\x2b\x06\x01\x04\x01\xa9\x4a\x13\x05" }; + diff --git a/lib/gssapi/oid.txt b/lib/gssapi/oid.txt new file mode 100644 index 000000000..11a044925 --- /dev/null +++ b/lib/gssapi/oid.txt @@ -0,0 +1,49 @@ + + +# /* +# * 1.2.752.43.13 Heimdal GSS-API Extentions +# */ + +oid base GSS_KRB5_COPY_CCACHE_X 1.2.752.43.13.1 +oid base GSS_KRB5_GET_TKT_FLAGS_X 1.2.752.43.13.2 +oid base GSS_KRB5_EXTRACT_AUTHZ_DATA_FROM_SEC_CONTEXT_X 1.2.752.43.13.3 +oid base GSS_KRB5_COMPAT_DES3_MIC_X 1.2.752.43.13.4 +oid base GSS_KRB5_REGISTER_ACCEPTOR_IDENTITY_X 1.2.752.43.13.5 +oid base GSS_KRB5_EXPORT_LUCID_CONTEXT_X 1.2.752.43.13.6 +oid base GSS_KRB5_EXPORT_LUCID_CONTEXT_v1_X 1.2.752.43.13.6.1 +oid base GSS_KRB5_SET_DNS_CANONICALIZE_X 1.2.752.43.13.7 +oid base GSS_KRB5_GET_SUBKEY_X 1.2.752.43.13.8 +oid base GSS_KRB5_GET_INITIATOR_SUBKEY_X 1.2.752.43.13.9 +oid base GSS_KRB5_GET_ACCEPTOR_SUBKEY_X 1.2.752.43.13.10 +oid base GSS_KRB5_SEND_TO_KDC_X 1.2.752.43.13.11 +oid base GSS_KRB5_GET_AUTHTIME_X 1.2.752.43.13.12 +oid base GSS_KRB5_GET_SERVICE_KEYBLOCK_X 1.2.752.43.13.13 +oid base GSS_KRB5_SET_ALLOWABLE_ENCTYPES_X 1.2.752.43.13.14 +oid base GSS_KRB5_SET_DEFAULT_REALM_X 1.2.752.43.13.15 +oid base GSS_KRB5_CCACHE_NAME_X 1.2.752.43.13.16 +oid base GSS_KRB5_SET_TIME_OFFSET_X 1.2.752.43.13.17 +oid base GSS_KRB5_GET_TIME_OFFSET_X 1.2.752.43.13.18 +oid base GSS_KRB5_PLUGIN_REGISTER_X 1.2.752.43.13.19 +oid base GSS_NTLM_GET_SESSION_KEY_X 1.2.752.43.13.20 +oid base GSS_C_NT_NTLM 1.2.752.43.13.21 +oid base GSS_C_NT_DN 1.2.752.43.13.22 +oid base GSS_KRB5_NT_PRINCIPAL_NAME_REFERRAL 1.2.752.43.13.23 +oid base GSS_C_NTLM_AVGUEST 1.2.752.43.13.24 +oid base GSS_C_NTLM_V1 1.2.752.43.13.25 +oid base GSS_C_NTLM_V2 1.2.752.43.13.26 +oid base GSS_C_NTLM_SESSION_KEY 1.2.752.43.13.27 +oid base GSS_C_NTLM_FORCE_V1 1.2.752.43.13.28 + +# /* glue for gss_inquire_saslname_for_mech */ +oid base GSS_MA_SASL_MECH_NAME 1.2.752.43.13.28 + +#/* +# * Digest mechanisms +# */ + +oid base GSS_SASL_DIGEST_MD5_MECHANISM 1.2.752.43.14.1 + +oid base GSS_C_PEER_HAS_UPDATED_SPNEGO 1.3.6.1.4.1.9513.19.5 + +gss_OID_desc GSSAPI_LIB_VARIABLE ___oid_desc = + {9, (void *)"\x2b\x06\x01\x04\x01\xa9\x4a\x13\x05"};