Merge branch 'master' into lukeh/moonshot
Conflicts: lib/gssapi/krb5/external.c lib/libedit/src/vi.c
This commit is contained in:
Luke Howard
@@ -110,7 +110,7 @@ while(<>) {
|
||||
printf "#define $name (&$store)\n\n";
|
||||
} else {
|
||||
printf "/* $name - $oid */\n";
|
||||
printf "gss_OID_desc GSSAPI_LIB_VARIABLE $store = { $length, \"$data\" };\n\n";
|
||||
printf "gss_OID_desc GSSAPI_LIB_VARIABLE $store = { $length, rk_UNCONST(\"$data\") };\n\n";
|
||||
}
|
||||
} elsif (/^desc\s+([\w]+)\s+(\w+)\s+(\"[^\"]*\")\s+(\"[^\"]*\")/) {
|
||||
my ($type, $oid, $short, $long) = ($1, $2, $3, $4);
|
||||
|
||||
@@ -513,7 +513,7 @@ In GSS-API an contiguous string name is stored in a
|
||||
.Dv gss_buffer_t .
|
||||
.Pp
|
||||
Exported names also have the property that they are specified by the
|
||||
mechanism itself and compatible between diffrent GSS-API
|
||||
mechanism itself and compatible between different GSS-API
|
||||
implementations.
|
||||
.El
|
||||
.Sh ACCESS CONTROL
|
||||
|
||||
@@ -53,57 +53,52 @@ These functions constitute the gssapi library,
|
||||
.Em libgssapi .
|
||||
Declarations for these functions may be obtained from the include file
|
||||
.Pa gssapi.h .
|
||||
.sp 2
|
||||
.nf
|
||||
.ta \w'gss_inquire_names_for_mech'u+2n +\w'Description goes here'u
|
||||
\fIName/Page\fP \fIDescription\fP
|
||||
.ta \w'gss_inquire_names_for_mech'u+2n +\w'Description goes here'u+6nC
|
||||
.sp 5p
|
||||
gss_accept_sec_context.3
|
||||
gss_acquire_cred.3
|
||||
gss_add_cred.3
|
||||
gss_add_oid_set_member.3
|
||||
gss_canonicalize_name.3
|
||||
gss_compare_name.3
|
||||
gss_context_time.3
|
||||
gss_create_empty_oid_set.3
|
||||
gss_delete_sec_context.3
|
||||
gss_display_name.3
|
||||
gss_display_status.3
|
||||
gss_duplicate_name.3
|
||||
gss_export_name.3
|
||||
gss_export_sec_context.3
|
||||
gss_get_mic.3
|
||||
gss_import_name.3
|
||||
gss_import_sec_context.3
|
||||
gss_indicate_mechs.3
|
||||
gss_init_sec_context.3
|
||||
gss_inquire_context.3
|
||||
gss_inquire_cred.3
|
||||
gss_inquire_cred_by_mech.3
|
||||
gss_inquire_mechs_for_name.3
|
||||
gss_inquire_names_for_mech.3
|
||||
gss_krb5_ccache_name.3
|
||||
gss_krb5_compat_des3_mic.3
|
||||
gss_krb5_copy_ccache.3
|
||||
gss_krb5_extract_authz_data_from_sec_context.3
|
||||
gss_krb5_import_ccache.3
|
||||
gss_process_context_token.3
|
||||
gss_release_buffer.3
|
||||
gss_release_cred.3
|
||||
gss_release_name.3
|
||||
gss_release_oid_set.3
|
||||
gss_seal.3
|
||||
gss_sign.3
|
||||
gss_test_oid_set_member.3
|
||||
gss_unseal.3
|
||||
gss_unwrap.3
|
||||
gss_verify.3
|
||||
gss_verify_mic.3
|
||||
gss_wrap.3
|
||||
gss_wrap_size_limit.3
|
||||
.ta
|
||||
.Fi
|
||||
.Bl -column -compact
|
||||
.It Sy Name/Page
|
||||
.It Xr gss_accept_sec_context 3
|
||||
.It Xr gss_acquire_cred 3
|
||||
.It Xr gss_add_cred 3
|
||||
.It Xr gss_add_oid_set_member 3
|
||||
.It Xr gss_canonicalize_name 3
|
||||
.It Xr gss_compare_name 3
|
||||
.It Xr gss_context_time 3
|
||||
.It Xr gss_create_empty_oid_set 3
|
||||
.It Xr gss_delete_sec_context 3
|
||||
.It Xr gss_display_name 3
|
||||
.It Xr gss_display_status 3
|
||||
.It Xr gss_duplicate_name 3
|
||||
.It Xr gss_export_name 3
|
||||
.It Xr gss_export_sec_context 3
|
||||
.It Xr gss_get_mic 3
|
||||
.It Xr gss_import_name 3
|
||||
.It Xr gss_import_sec_context 3
|
||||
.It Xr gss_indicate_mechs 3
|
||||
.It Xr gss_init_sec_context 3
|
||||
.It Xr gss_inquire_context 3
|
||||
.It Xr gss_inquire_cred 3
|
||||
.It Xr gss_inquire_cred_by_mech 3
|
||||
.It Xr gss_inquire_mechs_for_name 3
|
||||
.It Xr gss_inquire_names_for_mech 3
|
||||
.It Xr gss_krb5_ccache_name 3
|
||||
.It Xr gss_krb5_compat_des3_mic 3
|
||||
.It Xr gss_krb5_copy_ccache 3
|
||||
.It Xr gss_krb5_extract_authz_data_from_sec_context 3
|
||||
.It Xr gss_krb5_import_ccache 3
|
||||
.It Xr gss_process_context_token 3
|
||||
.It Xr gss_release_buffer 3
|
||||
.It Xr gss_release_cred 3
|
||||
.It Xr gss_release_name 3
|
||||
.It Xr gss_release_oid_set 3
|
||||
.It Xr gss_seal 3
|
||||
.It Xr gss_sign 3
|
||||
.It Xr gss_test_oid_set_member 3
|
||||
.It Xr gss_unseal 3
|
||||
.It Xr gss_unwrap 3
|
||||
.It Xr gss_verify 3
|
||||
.It Xr gss_verify_mic 3
|
||||
.It Xr gss_wrap 3
|
||||
.It Xr gss_wrap_size_limit 3
|
||||
.El
|
||||
.Sh COMPATIBILITY
|
||||
The
|
||||
.Nm Heimdal
|
||||
@@ -147,7 +142,7 @@ the later will override.
|
||||
.Pp
|
||||
This config option modifies behaviour for both clients and servers.
|
||||
.Pp
|
||||
Microsoft implemented SPNEGO to Windows2000, however, they manage to
|
||||
Microsoft implemented SPNEGO to Windows2000, however, they managed to
|
||||
get it wrong, their implementation didn't fill in the MechListMIC in
|
||||
the reply token with the right content.
|
||||
There is a work around for this problem, but not all implementation
|
||||
|
||||
@@ -132,7 +132,7 @@ supported_mechanisms(void *argptr, int argc, char **argv)
|
||||
return 0;
|
||||
}
|
||||
|
||||
void static
|
||||
static void
|
||||
print_mech_attr(const char *mechname, gss_const_OID mech, gss_OID_set set)
|
||||
{
|
||||
gss_buffer_desc name, desc;
|
||||
|
||||
@@ -55,11 +55,13 @@ validate_keytab(krb5_context context, const char *name, krb5_keytab *id)
|
||||
}
|
||||
|
||||
OM_uint32
|
||||
_gsskrb5_register_acceptor_identity (const char *identity)
|
||||
_gsskrb5_register_acceptor_identity(OM_uint32 *min_stat, const char *identity)
|
||||
{
|
||||
krb5_context context;
|
||||
krb5_error_code ret;
|
||||
|
||||
*min_stat = 0;
|
||||
|
||||
ret = _gsskrb5_init(&context);
|
||||
if(ret)
|
||||
return GSS_S_FAILURE;
|
||||
@@ -92,8 +94,10 @@ _gsskrb5_register_acceptor_identity (const char *identity)
|
||||
}
|
||||
}
|
||||
HEIMDAL_MUTEX_unlock(&gssapi_keytab_mutex);
|
||||
if(ret)
|
||||
if(ret) {
|
||||
*min_stat = ret;
|
||||
return GSS_S_FAILURE;
|
||||
}
|
||||
return GSS_S_COMPLETE;
|
||||
}
|
||||
|
||||
|
||||
@@ -255,7 +255,7 @@ _gssapi_verify_mic_arcfour(OM_uint32 * minor_status,
|
||||
const gss_buffer_t token_buffer,
|
||||
gss_qop_t * qop_state,
|
||||
krb5_keyblock *key,
|
||||
char *type)
|
||||
const char *type)
|
||||
{
|
||||
krb5_error_code ret;
|
||||
uint32_t seq_number;
|
||||
@@ -270,7 +270,7 @@ _gssapi_verify_mic_arcfour(OM_uint32 * minor_status,
|
||||
p = token_buffer->value;
|
||||
omret = _gsskrb5_verify_header (&p,
|
||||
token_buffer->length,
|
||||
(u_char *)type,
|
||||
type,
|
||||
GSS_KRB5_MECHANISM);
|
||||
if (omret)
|
||||
return omret;
|
||||
|
||||
@@ -285,7 +285,8 @@ _gssapi_wrap_cfx_iov(OM_uint32 *minor_status,
|
||||
gss_iov_buffer_desc *header, *trailer, *padding;
|
||||
size_t gsshsize, k5hsize;
|
||||
size_t gsstsize, k5tsize;
|
||||
size_t i, rrc = 0, ec = 0;
|
||||
size_t rrc = 0, ec = 0;
|
||||
int i;
|
||||
gss_cfx_wrap_token token;
|
||||
krb5_error_code ret;
|
||||
int32_t seq_number;
|
||||
@@ -424,6 +425,9 @@ _gssapi_wrap_cfx_iov(OM_uint32 *minor_status,
|
||||
token->Flags = 0;
|
||||
token->Filler = 0xFF;
|
||||
|
||||
if ((ctx->more_flags & LOCAL) == 0)
|
||||
token->Flags |= CFXSentByAcceptor;
|
||||
|
||||
if (ctx->more_flags & ACCEPTOR_SUBKEY)
|
||||
token->Flags |= CFXAcceptorSubkey;
|
||||
|
||||
@@ -666,7 +670,7 @@ unrotate_iov(OM_uint32 *minor_status, size_t rrc, gss_iov_buffer_desc *iov, int
|
||||
q += iov[i].buffer.length;
|
||||
}
|
||||
}
|
||||
assert((q - p) == len);
|
||||
assert((size_t)(q - p) == len);
|
||||
|
||||
/* unrotate first part */
|
||||
q = p + rrc;
|
||||
|
||||
@@ -180,7 +180,7 @@ static gss_mo_desc krb5_mo[] = {
|
||||
GSS_C_MA_SASL_MECH_NAME,
|
||||
GSS_MO_MA,
|
||||
"SASL mech name",
|
||||
"GS2-KRB5",
|
||||
rk_UNCONST("GS2-KRB5"),
|
||||
_gss_mo_get_ctx_as_string,
|
||||
NULL
|
||||
},
|
||||
@@ -188,7 +188,7 @@ static gss_mo_desc krb5_mo[] = {
|
||||
GSS_C_MA_MECH_NAME,
|
||||
GSS_MO_MA,
|
||||
"Mechanism name",
|
||||
"KRB5",
|
||||
rk_UNCONST("KRB5"),
|
||||
_gss_mo_get_ctx_as_string,
|
||||
NULL
|
||||
},
|
||||
@@ -196,7 +196,7 @@ static gss_mo_desc krb5_mo[] = {
|
||||
GSS_C_MA_MECH_DESCRIPTION,
|
||||
GSS_MO_MA,
|
||||
"Mechanism description",
|
||||
"Heimdal Kerberos 5 mech",
|
||||
rk_UNCONST("Heimdal Kerberos 5 mech"),
|
||||
_gss_mo_get_ctx_as_string,
|
||||
NULL
|
||||
},
|
||||
@@ -214,19 +214,19 @@ static gss_mo_desc krb5_mo[] = {
|
||||
},
|
||||
{
|
||||
GSS_C_MA_AUTH_TARG,
|
||||
GSS_MO_MA
|
||||
.flags = GSS_MO_MA
|
||||
},
|
||||
{
|
||||
GSS_C_MA_AUTH_INIT_ANON,
|
||||
GSS_MO_MA
|
||||
.flags = GSS_MO_MA
|
||||
},
|
||||
{
|
||||
GSS_C_MA_DELEG_CRED,
|
||||
GSS_MO_MA
|
||||
.flags = GSS_MO_MA
|
||||
},
|
||||
{
|
||||
GSS_C_MA_INTEG_PROT,
|
||||
GSS_MO_MA
|
||||
.flags = GSS_MO_MA
|
||||
},
|
||||
{
|
||||
GSS_C_MA_CONF_PROT,
|
||||
@@ -273,7 +273,7 @@ static gss_mo_desc krb5_mo[] = {
|
||||
static gssapi_mech_interface_desc krb5_mech = {
|
||||
GMI_VERSION,
|
||||
"kerberos 5",
|
||||
{9, "\x2a\x86\x48\x86\xf7\x12\x01\x02\x02" },
|
||||
{9, rk_UNCONST("\x2a\x86\x48\x86\xf7\x12\x01\x02\x02") },
|
||||
0,
|
||||
_gsskrb5_acquire_cred,
|
||||
_gsskrb5_release_cred,
|
||||
@@ -324,9 +324,17 @@ static gssapi_mech_interface_desc krb5_mech = {
|
||||
NULL,
|
||||
krb5_mo,
|
||||
sizeof(krb5_mo) / sizeof(krb5_mo[0]),
|
||||
NULL,
|
||||
_gsskrb5_authorize_localname,
|
||||
_gsskrb5_pname_to_uid
|
||||
NULL,
|
||||
NULL,
|
||||
NULL,
|
||||
NULL,
|
||||
NULL,
|
||||
NULL,
|
||||
NULL,
|
||||
NULL,
|
||||
NULL,
|
||||
};
|
||||
|
||||
gssapi_mech_interface
|
||||
|
||||
@@ -422,11 +422,6 @@ init_auth
|
||||
goto failure;
|
||||
}
|
||||
|
||||
ret = _gss_DES3_get_mic_compat(minor_status, ctx, context);
|
||||
if (ret)
|
||||
goto failure;
|
||||
|
||||
|
||||
/*
|
||||
* This is hideous glue for (NFS) clients that wants to limit the
|
||||
* available enctypes to what it can support (encryption in
|
||||
@@ -469,6 +464,10 @@ init_auth
|
||||
|
||||
ctx->lifetime = ctx->kcred->times.endtime;
|
||||
|
||||
ret = _gss_DES3_get_mic_compat(minor_status, ctx, context);
|
||||
if (ret)
|
||||
goto failure;
|
||||
|
||||
ret = _gsskrb5_lifetime_left(minor_status,
|
||||
context,
|
||||
ctx->lifetime,
|
||||
@@ -676,7 +675,8 @@ init_auth_restart
|
||||
output_token->length = outbuf.length;
|
||||
} else {
|
||||
ret = _gsskrb5_encapsulate (minor_status, &outbuf, output_token,
|
||||
(u_char *)"\x01\x00", GSS_KRB5_MECHANISM);
|
||||
(u_char *)(intptr_t)"\x01\x00",
|
||||
GSS_KRB5_MECHANISM);
|
||||
krb5_data_free (&outbuf);
|
||||
if (ret)
|
||||
goto failure;
|
||||
@@ -911,20 +911,20 @@ OM_uint32 GSSAPI_CALLCONV _gsskrb5_init_sec_context
|
||||
return GSS_S_BAD_MECH;
|
||||
|
||||
if (input_token == GSS_C_NO_BUFFER || input_token->length == 0) {
|
||||
OM_uint32 ret;
|
||||
OM_uint32 ret1;
|
||||
|
||||
if (*context_handle != GSS_C_NO_CONTEXT) {
|
||||
*minor_status = 0;
|
||||
return GSS_S_FAILURE | GSS_S_CALL_BAD_STRUCTURE;
|
||||
}
|
||||
|
||||
ret = _gsskrb5_create_ctx(minor_status,
|
||||
ret1 = _gsskrb5_create_ctx(minor_status,
|
||||
context_handle,
|
||||
context,
|
||||
input_chan_bindings,
|
||||
INITIATOR_START);
|
||||
if (ret)
|
||||
return ret;
|
||||
if (ret1)
|
||||
return ret1;
|
||||
}
|
||||
|
||||
if (*context_handle == GSS_C_NO_CONTEXT) {
|
||||
|
||||
@@ -47,18 +47,21 @@ _gsskrb5_pseudo_random(OM_uint32 *minor_status,
|
||||
krb5_crypto crypto;
|
||||
krb5_data input, output;
|
||||
uint32_t num;
|
||||
OM_uint32 junk;
|
||||
unsigned char *p;
|
||||
krb5_keyblock *key = NULL;
|
||||
size_t dol;
|
||||
|
||||
if (ctx == NULL) {
|
||||
*minor_status = 0;
|
||||
return GSS_S_NO_CONTEXT;
|
||||
}
|
||||
|
||||
if (desired_output_len <= 0) {
|
||||
if (desired_output_len <= 0 || prf_in->length + 4 < prf_in->length) {
|
||||
*minor_status = 0;
|
||||
return GSS_S_FAILURE;
|
||||
}
|
||||
dol = desired_output_len;
|
||||
|
||||
GSSAPI_KRB5_INIT (&context);
|
||||
|
||||
@@ -88,21 +91,20 @@ _gsskrb5_pseudo_random(OM_uint32 *minor_status,
|
||||
return GSS_S_FAILURE;
|
||||
}
|
||||
|
||||
prf_out->value = malloc(desired_output_len);
|
||||
prf_out->value = malloc(dol);
|
||||
if (prf_out->value == NULL) {
|
||||
_gsskrb5_set_status(GSS_KRB5_S_KG_INPUT_TOO_LONG, "Out of memory");
|
||||
*minor_status = GSS_KRB5_S_KG_INPUT_TOO_LONG;
|
||||
krb5_crypto_destroy(context, crypto);
|
||||
return GSS_S_FAILURE;
|
||||
}
|
||||
prf_out->length = desired_output_len;
|
||||
prf_out->length = dol;
|
||||
|
||||
HEIMDAL_MUTEX_lock(&ctx->ctx_id_mutex);
|
||||
|
||||
input.length = prf_in->length + 4;
|
||||
input.data = malloc(prf_in->length + 4);
|
||||
if (input.data == NULL) {
|
||||
OM_uint32 junk;
|
||||
_gsskrb5_set_status(GSS_KRB5_S_KG_INPUT_TOO_LONG, "Out of memory");
|
||||
*minor_status = GSS_KRB5_S_KG_INPUT_TOO_LONG;
|
||||
gss_release_buffer(&junk, prf_out);
|
||||
@@ -110,15 +112,17 @@ _gsskrb5_pseudo_random(OM_uint32 *minor_status,
|
||||
HEIMDAL_MUTEX_unlock(&ctx->ctx_id_mutex);
|
||||
return GSS_S_FAILURE;
|
||||
}
|
||||
memcpy(((unsigned char *)input.data) + 4, prf_in->value, prf_in->length);
|
||||
memcpy(((uint8_t *)input.data) + 4, prf_in->value, prf_in->length);
|
||||
|
||||
num = 0;
|
||||
p = prf_out->value;
|
||||
while(desired_output_len > 0) {
|
||||
while(dol > 0) {
|
||||
size_t tsize;
|
||||
|
||||
_gsskrb5_encode_om_uint32(num, input.data);
|
||||
|
||||
ret = krb5_crypto_prf(context, crypto, &input, &output);
|
||||
if (ret) {
|
||||
OM_uint32 junk;
|
||||
*minor_status = ret;
|
||||
free(input.data);
|
||||
gss_release_buffer(&junk, prf_out);
|
||||
@@ -126,9 +130,11 @@ _gsskrb5_pseudo_random(OM_uint32 *minor_status,
|
||||
HEIMDAL_MUTEX_unlock(&ctx->ctx_id_mutex);
|
||||
return GSS_S_FAILURE;
|
||||
}
|
||||
memcpy(p, output.data, min(desired_output_len, output.length));
|
||||
|
||||
tsize = min(dol, output.length);
|
||||
memcpy(p, output.data, tsize);
|
||||
p += output.length;
|
||||
desired_output_len -= output.length;
|
||||
dol -= tsize;
|
||||
krb5_data_free(&output);
|
||||
num++;
|
||||
}
|
||||
|
||||
@@ -52,7 +52,8 @@ OM_uint32 GSSAPI_CALLCONV _gsskrb5_process_context_token (
|
||||
(gsskrb5_ctx)context_handle,
|
||||
context,
|
||||
token_buffer, &empty_buffer,
|
||||
GSS_C_QOP_DEFAULT, "\x01\x02");
|
||||
GSS_C_QOP_DEFAULT,
|
||||
"\x01\x02");
|
||||
|
||||
if (ret == GSS_S_COMPLETE)
|
||||
ret = _gsskrb5_delete_sec_context(minor_status,
|
||||
|
||||
@@ -141,7 +141,7 @@ OM_uint32
|
||||
_gssapi_msg_order_check(struct gss_msg_order *o, OM_uint32 seq_num)
|
||||
{
|
||||
OM_uint32 r;
|
||||
int i;
|
||||
size_t i;
|
||||
|
||||
if (o == NULL)
|
||||
return GSS_S_COMPLETE;
|
||||
|
||||
@@ -154,11 +154,10 @@ _gsskrb5_set_sec_context_option
|
||||
if (maj_stat != GSS_S_COMPLETE)
|
||||
return maj_stat;
|
||||
|
||||
_gsskrb5_register_acceptor_identity(str);
|
||||
maj_stat = _gsskrb5_register_acceptor_identity(minor_status, str);
|
||||
free(str);
|
||||
|
||||
*minor_status = 0;
|
||||
return GSS_S_COMPLETE;
|
||||
return maj_stat;
|
||||
|
||||
} else if (gss_oid_equal(desired_object, GSS_KRB5_SET_DEFAULT_REALM_X)) {
|
||||
char *str;
|
||||
|
||||
@@ -54,7 +54,7 @@ unwrap_des
|
||||
DES_key_schedule schedule;
|
||||
DES_cblock deskey;
|
||||
DES_cblock zero;
|
||||
int i;
|
||||
size_t i;
|
||||
uint32_t seq_number;
|
||||
size_t padlength;
|
||||
OM_uint32 ret;
|
||||
|
||||
@@ -44,7 +44,7 @@ verify_mic_des
|
||||
const gss_buffer_t token_buffer,
|
||||
gss_qop_t * qop_state,
|
||||
krb5_keyblock *key,
|
||||
char *type
|
||||
const char *type
|
||||
)
|
||||
{
|
||||
u_char *p;
|
||||
@@ -142,7 +142,7 @@ verify_mic_des3
|
||||
const gss_buffer_t token_buffer,
|
||||
gss_qop_t * qop_state,
|
||||
krb5_keyblock *key,
|
||||
char *type
|
||||
const char *type
|
||||
)
|
||||
{
|
||||
u_char *p;
|
||||
@@ -276,7 +276,7 @@ _gsskrb5_verify_mic_internal
|
||||
const gss_buffer_t message_buffer,
|
||||
const gss_buffer_t token_buffer,
|
||||
gss_qop_t * qop_state,
|
||||
char * type
|
||||
const char * type
|
||||
)
|
||||
{
|
||||
krb5_keyblock *key;
|
||||
@@ -348,7 +348,7 @@ _gsskrb5_verify_mic
|
||||
(gsskrb5_ctx)context_handle,
|
||||
context,
|
||||
message_buffer, token_buffer,
|
||||
qop_state, "\x01\x01");
|
||||
qop_state, (void *)(intptr_t)"\x01\x01");
|
||||
|
||||
return ret;
|
||||
}
|
||||
|
||||
@@ -214,7 +214,7 @@ wrap_des
|
||||
EVP_CIPHER_CTX des_ctx;
|
||||
DES_cblock deskey;
|
||||
DES_cblock zero;
|
||||
int i;
|
||||
size_t i;
|
||||
int32_t seq_number;
|
||||
size_t len, total_len, padlength, datalen;
|
||||
|
||||
|
||||
@@ -46,7 +46,7 @@ gss_acquire_cred(OM_uint32 *minor_status,
|
||||
struct _gss_cred *cred;
|
||||
struct _gss_mechanism_cred *mc;
|
||||
OM_uint32 min_time, cred_time;
|
||||
int i;
|
||||
size_t i;
|
||||
|
||||
*minor_status = 0;
|
||||
if (output_cred_handle == NULL)
|
||||
|
||||
@@ -168,7 +168,7 @@ gss_release_iov_buffer(OM_uint32 *minor_status,
|
||||
int iov_count)
|
||||
{
|
||||
OM_uint32 junk;
|
||||
size_t i;
|
||||
int i;
|
||||
|
||||
if (minor_status)
|
||||
*minor_status = 0;
|
||||
|
||||
@@ -100,7 +100,7 @@ GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL
|
||||
gss_release_buffer_set(OM_uint32 * minor_status,
|
||||
gss_buffer_set_t *buffer_set)
|
||||
{
|
||||
int i;
|
||||
size_t i;
|
||||
OM_uint32 minor;
|
||||
|
||||
*minor_status = 0;
|
||||
|
||||
@@ -85,7 +85,7 @@ gss_export_cred(OM_uint32 * minor_status,
|
||||
}
|
||||
|
||||
ret = krb5_storage_write(sp, buffer.value, buffer.length);
|
||||
if (ret != buffer.length) {
|
||||
if (ret < 0 || (size_t)ret != buffer.length) {
|
||||
gss_release_buffer(minor_status, &buffer);
|
||||
krb5_storage_free(sp);
|
||||
*minor_status = EINVAL;
|
||||
|
||||
@@ -35,7 +35,7 @@ gss_indicate_mechs(OM_uint32 *minor_status,
|
||||
struct _gss_mech_switch *m;
|
||||
OM_uint32 major_status;
|
||||
gss_OID_set set;
|
||||
int i;
|
||||
size_t i;
|
||||
|
||||
_gss_load_mech();
|
||||
|
||||
|
||||
@@ -37,7 +37,7 @@ gss_inquire_context(OM_uint32 *minor_status,
|
||||
gss_OID *mech_type,
|
||||
OM_uint32 *ctx_flags,
|
||||
int *locally_initiated,
|
||||
int *open)
|
||||
int *xopen)
|
||||
{
|
||||
OM_uint32 major_status;
|
||||
struct _gss_context *ctx = (struct _gss_context *) context_handle;
|
||||
@@ -47,8 +47,8 @@ gss_inquire_context(OM_uint32 *minor_status,
|
||||
|
||||
if (locally_initiated)
|
||||
*locally_initiated = 0;
|
||||
if (open)
|
||||
*open = 0;
|
||||
if (xopen)
|
||||
*xopen = 0;
|
||||
if (lifetime_rec)
|
||||
*lifetime_rec = 0;
|
||||
|
||||
@@ -68,7 +68,7 @@ gss_inquire_context(OM_uint32 *minor_status,
|
||||
mech_type,
|
||||
ctx_flags,
|
||||
locally_initiated,
|
||||
open);
|
||||
xopen);
|
||||
|
||||
if (major_status != GSS_S_COMPLETE) {
|
||||
_gss_mg_error(m, major_status, *minor_status);
|
||||
|
||||
@@ -52,7 +52,7 @@ gss_inquire_cred_by_oid (OM_uint32 *minor_status,
|
||||
|
||||
HEIM_SLIST_FOREACH(mc, &cred->gc_mc, gmc_link) {
|
||||
gss_buffer_set_t rset = GSS_C_NO_BUFFER_SET;
|
||||
int i;
|
||||
size_t i;
|
||||
|
||||
m = mc->gmc_mech;
|
||||
if (m == NULL) {
|
||||
|
||||
@@ -188,7 +188,7 @@ out:
|
||||
GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL
|
||||
gsskrb5_register_acceptor_identity(const char *identity)
|
||||
{
|
||||
struct _gss_mech_switch *m;
|
||||
gssapi_mech_interface m;
|
||||
gss_buffer_desc buffer;
|
||||
OM_uint32 junk;
|
||||
|
||||
@@ -197,14 +197,12 @@ gsskrb5_register_acceptor_identity(const char *identity)
|
||||
buffer.value = rk_UNCONST(identity);
|
||||
buffer.length = strlen(identity);
|
||||
|
||||
HEIM_SLIST_FOREACH(m, &_gss_mechs, gm_link) {
|
||||
if (m->gm_mech.gm_set_sec_context_option == NULL)
|
||||
continue;
|
||||
m->gm_mech.gm_set_sec_context_option(&junk, NULL,
|
||||
GSS_KRB5_REGISTER_ACCEPTOR_IDENTITY_X, &buffer);
|
||||
}
|
||||
m = __gss_get_mechanism(GSS_KRB5_MECHANISM);
|
||||
if (m == NULL || m->gm_set_sec_context_option == NULL)
|
||||
return GSS_S_FAILURE;
|
||||
|
||||
return (GSS_S_COMPLETE);
|
||||
return m->gm_set_sec_context_option(&junk, NULL,
|
||||
GSS_KRB5_REGISTER_ACCEPTOR_IDENTITY_X, &buffer);
|
||||
}
|
||||
|
||||
GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL
|
||||
@@ -441,7 +439,7 @@ gss_krb5_set_allowable_enctypes(OM_uint32 *minor_status,
|
||||
gss_buffer_desc buffer;
|
||||
krb5_storage *sp;
|
||||
krb5_data data;
|
||||
int i;
|
||||
size_t i;
|
||||
|
||||
sp = krb5_storage_emem();
|
||||
if (sp == NULL) {
|
||||
|
||||
@@ -605,28 +605,28 @@ gss_display_mech_attr(OM_uint32 * minor_status,
|
||||
return GSS_S_BAD_MECH_ATTR;
|
||||
|
||||
if (name) {
|
||||
gss_buffer_desc n;
|
||||
n.value = rk_UNCONST(ma->name);
|
||||
n.length = strlen(ma->name);
|
||||
major = _gss_copy_buffer(minor_status, &n, name);
|
||||
gss_buffer_desc bd;
|
||||
bd.value = rk_UNCONST(ma->name);
|
||||
bd.length = strlen(ma->name);
|
||||
major = _gss_copy_buffer(minor_status, &bd, name);
|
||||
if (major != GSS_S_COMPLETE)
|
||||
return major;
|
||||
}
|
||||
|
||||
if (short_desc) {
|
||||
gss_buffer_desc n;
|
||||
n.value = rk_UNCONST(ma->short_desc);
|
||||
n.length = strlen(ma->short_desc);
|
||||
major = _gss_copy_buffer(minor_status, &n, short_desc);
|
||||
gss_buffer_desc bd;
|
||||
bd.value = rk_UNCONST(ma->short_desc);
|
||||
bd.length = strlen(ma->short_desc);
|
||||
major = _gss_copy_buffer(minor_status, &bd, short_desc);
|
||||
if (major != GSS_S_COMPLETE)
|
||||
return major;
|
||||
}
|
||||
|
||||
if (long_desc) {
|
||||
gss_buffer_desc n;
|
||||
n.value = rk_UNCONST(ma->long_desc);
|
||||
n.length = strlen(ma->long_desc);
|
||||
major = _gss_copy_buffer(minor_status, &n, long_desc);
|
||||
gss_buffer_desc bd;
|
||||
bd.value = rk_UNCONST(ma->long_desc);
|
||||
bd.length = strlen(ma->long_desc);
|
||||
major = _gss_copy_buffer(minor_status, &bd, long_desc);
|
||||
if (major != GSS_S_COMPLETE)
|
||||
return major;
|
||||
}
|
||||
|
||||
@@ -2,220 +2,220 @@
|
||||
#include "mech_locl.h"
|
||||
|
||||
/* GSS_KRB5_COPY_CCACHE_X - 1.2.752.43.13.1 */
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_krb5_copy_ccache_x_oid_desc = { 6, "\x2a\x85\x70\x2b\x0d\x01" };
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_krb5_copy_ccache_x_oid_desc = { 6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x01") };
|
||||
|
||||
/* GSS_KRB5_GET_TKT_FLAGS_X - 1.2.752.43.13.2 */
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_krb5_get_tkt_flags_x_oid_desc = { 6, "\x2a\x85\x70\x2b\x0d\x02" };
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_krb5_get_tkt_flags_x_oid_desc = { 6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x02") };
|
||||
|
||||
/* GSS_KRB5_EXTRACT_AUTHZ_DATA_FROM_SEC_CONTEXT_X - 1.2.752.43.13.3 */
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_krb5_extract_authz_data_from_sec_context_x_oid_desc = { 6, "\x2a\x85\x70\x2b\x0d\x03" };
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_krb5_extract_authz_data_from_sec_context_x_oid_desc = { 6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x03") };
|
||||
|
||||
/* GSS_KRB5_COMPAT_DES3_MIC_X - 1.2.752.43.13.4 */
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_krb5_compat_des3_mic_x_oid_desc = { 6, "\x2a\x85\x70\x2b\x0d\x04" };
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_krb5_compat_des3_mic_x_oid_desc = { 6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x04") };
|
||||
|
||||
/* GSS_KRB5_REGISTER_ACCEPTOR_IDENTITY_X - 1.2.752.43.13.5 */
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_krb5_register_acceptor_identity_x_oid_desc = { 6, "\x2a\x85\x70\x2b\x0d\x05" };
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_krb5_register_acceptor_identity_x_oid_desc = { 6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x05") };
|
||||
|
||||
/* GSS_KRB5_EXPORT_LUCID_CONTEXT_X - 1.2.752.43.13.6 */
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_krb5_export_lucid_context_x_oid_desc = { 6, "\x2a\x85\x70\x2b\x0d\x06" };
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_krb5_export_lucid_context_x_oid_desc = { 6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x06") };
|
||||
|
||||
/* GSS_KRB5_EXPORT_LUCID_CONTEXT_V1_X - 1.2.752.43.13.6.1 */
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_krb5_export_lucid_context_v1_x_oid_desc = { 7, "\x2a\x85\x70\x2b\x0d\x06\x01" };
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_krb5_export_lucid_context_v1_x_oid_desc = { 7, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x06\x01") };
|
||||
|
||||
/* GSS_KRB5_SET_DNS_CANONICALIZE_X - 1.2.752.43.13.7 */
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_krb5_set_dns_canonicalize_x_oid_desc = { 6, "\x2a\x85\x70\x2b\x0d\x07" };
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_krb5_set_dns_canonicalize_x_oid_desc = { 6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x07") };
|
||||
|
||||
/* GSS_KRB5_GET_SUBKEY_X - 1.2.752.43.13.8 */
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_krb5_get_subkey_x_oid_desc = { 6, "\x2a\x85\x70\x2b\x0d\x08" };
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_krb5_get_subkey_x_oid_desc = { 6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x08") };
|
||||
|
||||
/* GSS_KRB5_GET_INITIATOR_SUBKEY_X - 1.2.752.43.13.9 */
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_krb5_get_initiator_subkey_x_oid_desc = { 6, "\x2a\x85\x70\x2b\x0d\x09" };
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_krb5_get_initiator_subkey_x_oid_desc = { 6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x09") };
|
||||
|
||||
/* GSS_KRB5_GET_ACCEPTOR_SUBKEY_X - 1.2.752.43.13.10 */
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_krb5_get_acceptor_subkey_x_oid_desc = { 6, "\x2a\x85\x70\x2b\x0d\x0a" };
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_krb5_get_acceptor_subkey_x_oid_desc = { 6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x0a") };
|
||||
|
||||
/* GSS_KRB5_SEND_TO_KDC_X - 1.2.752.43.13.11 */
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_krb5_send_to_kdc_x_oid_desc = { 6, "\x2a\x85\x70\x2b\x0d\x0b" };
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_krb5_send_to_kdc_x_oid_desc = { 6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x0b") };
|
||||
|
||||
/* GSS_KRB5_GET_AUTHTIME_X - 1.2.752.43.13.12 */
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_krb5_get_authtime_x_oid_desc = { 6, "\x2a\x85\x70\x2b\x0d\x0c" };
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_krb5_get_authtime_x_oid_desc = { 6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x0c") };
|
||||
|
||||
/* GSS_KRB5_GET_SERVICE_KEYBLOCK_X - 1.2.752.43.13.13 */
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_krb5_get_service_keyblock_x_oid_desc = { 6, "\x2a\x85\x70\x2b\x0d\x0d" };
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_krb5_get_service_keyblock_x_oid_desc = { 6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x0d") };
|
||||
|
||||
/* GSS_KRB5_SET_ALLOWABLE_ENCTYPES_X - 1.2.752.43.13.14 */
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_krb5_set_allowable_enctypes_x_oid_desc = { 6, "\x2a\x85\x70\x2b\x0d\x0e" };
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_krb5_set_allowable_enctypes_x_oid_desc = { 6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x0e") };
|
||||
|
||||
/* GSS_KRB5_SET_DEFAULT_REALM_X - 1.2.752.43.13.15 */
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_krb5_set_default_realm_x_oid_desc = { 6, "\x2a\x85\x70\x2b\x0d\x0f" };
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_krb5_set_default_realm_x_oid_desc = { 6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x0f") };
|
||||
|
||||
/* GSS_KRB5_CCACHE_NAME_X - 1.2.752.43.13.16 */
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_krb5_ccache_name_x_oid_desc = { 6, "\x2a\x85\x70\x2b\x0d\x10" };
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_krb5_ccache_name_x_oid_desc = { 6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x10") };
|
||||
|
||||
/* GSS_KRB5_SET_TIME_OFFSET_X - 1.2.752.43.13.17 */
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_krb5_set_time_offset_x_oid_desc = { 6, "\x2a\x85\x70\x2b\x0d\x11" };
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_krb5_set_time_offset_x_oid_desc = { 6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x11") };
|
||||
|
||||
/* GSS_KRB5_GET_TIME_OFFSET_X - 1.2.752.43.13.18 */
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_krb5_get_time_offset_x_oid_desc = { 6, "\x2a\x85\x70\x2b\x0d\x12" };
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_krb5_get_time_offset_x_oid_desc = { 6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x12") };
|
||||
|
||||
/* GSS_KRB5_PLUGIN_REGISTER_X - 1.2.752.43.13.19 */
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_krb5_plugin_register_x_oid_desc = { 6, "\x2a\x85\x70\x2b\x0d\x13" };
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_krb5_plugin_register_x_oid_desc = { 6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x13") };
|
||||
|
||||
/* GSS_NTLM_GET_SESSION_KEY_X - 1.2.752.43.13.20 */
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_ntlm_get_session_key_x_oid_desc = { 6, "\x2a\x85\x70\x2b\x0d\x14" };
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_ntlm_get_session_key_x_oid_desc = { 6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x14") };
|
||||
|
||||
/* GSS_C_NT_NTLM - 1.2.752.43.13.21 */
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_nt_ntlm_oid_desc = { 6, "\x2a\x85\x70\x2b\x0d\x15" };
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_nt_ntlm_oid_desc = { 6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x15") };
|
||||
|
||||
/* GSS_C_NT_DN - 1.2.752.43.13.22 */
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_nt_dn_oid_desc = { 6, "\x2a\x85\x70\x2b\x0d\x16" };
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_nt_dn_oid_desc = { 6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x16") };
|
||||
|
||||
/* GSS_KRB5_NT_PRINCIPAL_NAME_REFERRAL - 1.2.752.43.13.23 */
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_krb5_nt_principal_name_referral_oid_desc = { 6, "\x2a\x85\x70\x2b\x0d\x17" };
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_krb5_nt_principal_name_referral_oid_desc = { 6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x17") };
|
||||
|
||||
/* GSS_C_NTLM_AVGUEST - 1.2.752.43.13.24 */
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ntlm_avguest_oid_desc = { 6, "\x2a\x85\x70\x2b\x0d\x18" };
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ntlm_avguest_oid_desc = { 6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x18") };
|
||||
|
||||
/* GSS_C_NTLM_V1 - 1.2.752.43.13.25 */
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ntlm_v1_oid_desc = { 6, "\x2a\x85\x70\x2b\x0d\x19" };
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ntlm_v1_oid_desc = { 6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x19") };
|
||||
|
||||
/* GSS_C_NTLM_V2 - 1.2.752.43.13.26 */
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ntlm_v2_oid_desc = { 6, "\x2a\x85\x70\x2b\x0d\x1a" };
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ntlm_v2_oid_desc = { 6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x1a") };
|
||||
|
||||
/* GSS_C_NTLM_SESSION_KEY - 1.2.752.43.13.27 */
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ntlm_session_key_oid_desc = { 6, "\x2a\x85\x70\x2b\x0d\x1b" };
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ntlm_session_key_oid_desc = { 6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x1b") };
|
||||
|
||||
/* GSS_C_NTLM_FORCE_V1 - 1.2.752.43.13.28 */
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ntlm_force_v1_oid_desc = { 6, "\x2a\x85\x70\x2b\x0d\x1c" };
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ntlm_force_v1_oid_desc = { 6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x1c") };
|
||||
|
||||
/* GSS_KRB5_CRED_NO_CI_FLAGS_X - 1.2.752.43.13.29 */
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_krb5_cred_no_ci_flags_x_oid_desc = { 6, "\x2a\x85\x70\x2b\x0d\x1d" };
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_krb5_cred_no_ci_flags_x_oid_desc = { 6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x1d") };
|
||||
|
||||
/* GSS_KRB5_IMPORT_CRED_X - 1.2.752.43.13.30 */
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_krb5_import_cred_x_oid_desc = { 6, "\x2a\x85\x70\x2b\x0d\x1e" };
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_krb5_import_cred_x_oid_desc = { 6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x1e") };
|
||||
|
||||
/* GSS_C_MA_SASL_MECH_NAME - 1.2.752.43.13.100 */
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ma_sasl_mech_name_oid_desc = { 6, "\x2a\x85\x70\x2b\x0d\x64" };
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ma_sasl_mech_name_oid_desc = { 6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x64") };
|
||||
|
||||
/* GSS_C_MA_MECH_NAME - 1.2.752.43.13.101 */
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ma_mech_name_oid_desc = { 6, "\x2a\x85\x70\x2b\x0d\x65" };
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ma_mech_name_oid_desc = { 6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x65") };
|
||||
|
||||
/* GSS_C_MA_MECH_DESCRIPTION - 1.2.752.43.13.102 */
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ma_mech_description_oid_desc = { 6, "\x2a\x85\x70\x2b\x0d\x66" };
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ma_mech_description_oid_desc = { 6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x66") };
|
||||
|
||||
/* GSS_SASL_DIGEST_MD5_MECHANISM - 1.2.752.43.14.1 */
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_sasl_digest_md5_mechanism_oid_desc = { 6, "\x2a\x85\x70\x2b\x0e\x01" };
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_sasl_digest_md5_mechanism_oid_desc = { 6, rk_UNCONST("\x2a\x85\x70\x2b\x0e\x01") };
|
||||
|
||||
/* GSS_NETLOGON_MECHANISM - 1.2.752.43.14.2 */
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_netlogon_mechanism_oid_desc = { 6, "\x2a\x85\x70\x2b\x0e\x02" };
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_netlogon_mechanism_oid_desc = { 6, rk_UNCONST("\x2a\x85\x70\x2b\x0e\x02") };
|
||||
|
||||
/* GSS_NETLOGON_SET_SESSION_KEY_X - 1.2.752.43.14.3 */
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_netlogon_set_session_key_x_oid_desc = { 6, "\x2a\x85\x70\x2b\x0e\x03" };
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_netlogon_set_session_key_x_oid_desc = { 6, rk_UNCONST("\x2a\x85\x70\x2b\x0e\x03") };
|
||||
|
||||
/* GSS_NETLOGON_SET_SIGN_ALGORITHM_X - 1.2.752.43.14.4 */
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_netlogon_set_sign_algorithm_x_oid_desc = { 6, "\x2a\x85\x70\x2b\x0e\x04" };
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_netlogon_set_sign_algorithm_x_oid_desc = { 6, rk_UNCONST("\x2a\x85\x70\x2b\x0e\x04") };
|
||||
|
||||
/* GSS_NETLOGON_NT_NETBIOS_DNS_NAME - 1.2.752.43.14.5 */
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_netlogon_nt_netbios_dns_name_oid_desc = { 6, "\x2a\x85\x70\x2b\x0e\x05" };
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_netlogon_nt_netbios_dns_name_oid_desc = { 6, rk_UNCONST("\x2a\x85\x70\x2b\x0e\x05") };
|
||||
|
||||
/* GSS_C_INQ_WIN2K_PAC_X - 1.2.752.43.13.3.128 */
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_inq_win2k_pac_x_oid_desc = { 8, "\x2a\x85\x70\x2b\x0d\x03\x81\x00" };
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_inq_win2k_pac_x_oid_desc = { 8, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x03\x81\x00") };
|
||||
|
||||
/* GSS_C_INQ_SSPI_SESSION_KEY - 1.2.840.113554.1.2.2.5.5 */
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_inq_sspi_session_key_oid_desc = { 11, "\x2a\x86\x48\x86\xf7\x12\x01\x02\x02\x05\x05" };
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_inq_sspi_session_key_oid_desc = { 11, rk_UNCONST("\x2a\x86\x48\x86\xf7\x12\x01\x02\x02\x05\x05") };
|
||||
|
||||
/* GSS_KRB5_MECHANISM - 1.2.840.113554.1.2.2 */
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_krb5_mechanism_oid_desc = { 9, "\x2a\x86\x48\x86\xf7\x12\x01\x02\x02" };
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_krb5_mechanism_oid_desc = { 9, rk_UNCONST("\x2a\x86\x48\x86\xf7\x12\x01\x02\x02") };
|
||||
|
||||
/* GSS_NTLM_MECHANISM - 1.3.6.1.4.1.311.2.2.10 */
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_ntlm_mechanism_oid_desc = { 10, "\x2b\x06\x01\x04\x01\x82\x37\x02\x02\x0a" };
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_ntlm_mechanism_oid_desc = { 10, rk_UNCONST("\x2b\x06\x01\x04\x01\x82\x37\x02\x02\x0a") };
|
||||
|
||||
/* GSS_SPNEGO_MECHANISM - 1.3.6.1.5.5.2 */
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_spnego_mechanism_oid_desc = { 6, "\x2b\x06\x01\x05\x05\x02" };
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_spnego_mechanism_oid_desc = { 6, rk_UNCONST("\x2b\x06\x01\x05\x05\x02") };
|
||||
|
||||
/* GSS_C_PEER_HAS_UPDATED_SPNEGO - 1.3.6.1.4.1.9513.19.5 */
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_peer_has_updated_spnego_oid_desc = { 9, "\x2b\x06\x01\x04\x01\xca\x29\x13\x05" };
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_peer_has_updated_spnego_oid_desc = { 9, rk_UNCONST("\x2b\x06\x01\x04\x01\xca\x29\x13\x05") };
|
||||
|
||||
/* GSS_C_MA_MECH_CONCRETE - 1.3.6.1.5.5.13.1 */
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ma_mech_concrete_oid_desc = { 7, "\x2b\x06\x01\x05\x05\x0d\x01" };
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ma_mech_concrete_oid_desc = { 7, rk_UNCONST("\x2b\x06\x01\x05\x05\x0d\x01") };
|
||||
|
||||
/* GSS_C_MA_MECH_PSEUDO - 1.3.6.1.5.5.13.2 */
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ma_mech_pseudo_oid_desc = { 7, "\x2b\x06\x01\x05\x05\x0d\x02" };
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ma_mech_pseudo_oid_desc = { 7, rk_UNCONST("\x2b\x06\x01\x05\x05\x0d\x02") };
|
||||
|
||||
/* GSS_C_MA_MECH_COMPOSITE - 1.3.6.1.5.5.13.3 */
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ma_mech_composite_oid_desc = { 7, "\x2b\x06\x01\x05\x05\x0d\x03" };
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ma_mech_composite_oid_desc = { 7, rk_UNCONST("\x2b\x06\x01\x05\x05\x0d\x03") };
|
||||
|
||||
/* GSS_C_MA_MECH_NEGO - 1.3.6.1.5.5.13.4 */
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ma_mech_nego_oid_desc = { 7, "\x2b\x06\x01\x05\x05\x0d\x04" };
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ma_mech_nego_oid_desc = { 7, rk_UNCONST("\x2b\x06\x01\x05\x05\x0d\x04") };
|
||||
|
||||
/* GSS_C_MA_MECH_GLUE - 1.3.6.1.5.5.13.5 */
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ma_mech_glue_oid_desc = { 7, "\x2b\x06\x01\x05\x05\x0d\x05" };
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ma_mech_glue_oid_desc = { 7, rk_UNCONST("\x2b\x06\x01\x05\x05\x0d\x05") };
|
||||
|
||||
/* GSS_C_MA_NOT_MECH - 1.3.6.1.5.5.13.6 */
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ma_not_mech_oid_desc = { 7, "\x2b\x06\x01\x05\x05\x0d\x06" };
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ma_not_mech_oid_desc = { 7, rk_UNCONST("\x2b\x06\x01\x05\x05\x0d\x06") };
|
||||
|
||||
/* GSS_C_MA_DEPRECATED - 1.3.6.1.5.5.13.7 */
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ma_deprecated_oid_desc = { 7, "\x2b\x06\x01\x05\x05\x0d\x07" };
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ma_deprecated_oid_desc = { 7, rk_UNCONST("\x2b\x06\x01\x05\x05\x0d\x07") };
|
||||
|
||||
/* GSS_C_MA_NOT_DFLT_MECH - 1.3.6.1.5.5.13.8 */
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ma_not_dflt_mech_oid_desc = { 7, "\x2b\x06\x01\x05\x05\x0d\x08" };
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ma_not_dflt_mech_oid_desc = { 7, rk_UNCONST("\x2b\x06\x01\x05\x05\x0d\x08") };
|
||||
|
||||
/* GSS_C_MA_ITOK_FRAMED - 1.3.6.1.5.5.13.9 */
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ma_itok_framed_oid_desc = { 7, "\x2b\x06\x01\x05\x05\x0d\x09" };
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ma_itok_framed_oid_desc = { 7, rk_UNCONST("\x2b\x06\x01\x05\x05\x0d\x09") };
|
||||
|
||||
/* GSS_C_MA_AUTH_INIT - 1.3.6.1.5.5.13.10 */
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ma_auth_init_oid_desc = { 7, "\x2b\x06\x01\x05\x05\x0d\x0a" };
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ma_auth_init_oid_desc = { 7, rk_UNCONST("\x2b\x06\x01\x05\x05\x0d\x0a") };
|
||||
|
||||
/* GSS_C_MA_AUTH_TARG - 1.3.6.1.5.5.13.11 */
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ma_auth_targ_oid_desc = { 7, "\x2b\x06\x01\x05\x05\x0d\x0b" };
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ma_auth_targ_oid_desc = { 7, rk_UNCONST("\x2b\x06\x01\x05\x05\x0d\x0b") };
|
||||
|
||||
/* GSS_C_MA_AUTH_INIT_INIT - 1.3.6.1.5.5.13.12 */
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ma_auth_init_init_oid_desc = { 7, "\x2b\x06\x01\x05\x05\x0d\x0c" };
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ma_auth_init_init_oid_desc = { 7, rk_UNCONST("\x2b\x06\x01\x05\x05\x0d\x0c") };
|
||||
|
||||
/* GSS_C_MA_AUTH_TARG_INIT - 1.3.6.1.5.5.13.13 */
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ma_auth_targ_init_oid_desc = { 7, "\x2b\x06\x01\x05\x05\x0d\x0d" };
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ma_auth_targ_init_oid_desc = { 7, rk_UNCONST("\x2b\x06\x01\x05\x05\x0d\x0d") };
|
||||
|
||||
/* GSS_C_MA_AUTH_INIT_ANON - 1.3.6.1.5.5.13.14 */
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ma_auth_init_anon_oid_desc = { 7, "\x2b\x06\x01\x05\x05\x0d\x0e" };
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ma_auth_init_anon_oid_desc = { 7, rk_UNCONST("\x2b\x06\x01\x05\x05\x0d\x0e") };
|
||||
|
||||
/* GSS_C_MA_AUTH_TARG_ANON - 1.3.6.1.5.5.13.15 */
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ma_auth_targ_anon_oid_desc = { 7, "\x2b\x06\x01\x05\x05\x0d\x0f" };
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ma_auth_targ_anon_oid_desc = { 7, rk_UNCONST("\x2b\x06\x01\x05\x05\x0d\x0f") };
|
||||
|
||||
/* GSS_C_MA_DELEG_CRED - 1.3.6.1.5.5.13.16 */
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ma_deleg_cred_oid_desc = { 7, "\x2b\x06\x01\x05\x05\x0d\x10" };
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ma_deleg_cred_oid_desc = { 7, rk_UNCONST("\x2b\x06\x01\x05\x05\x0d\x10") };
|
||||
|
||||
/* GSS_C_MA_INTEG_PROT - 1.3.6.1.5.5.13.17 */
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ma_integ_prot_oid_desc = { 7, "\x2b\x06\x01\x05\x05\x0d\x11" };
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ma_integ_prot_oid_desc = { 7, rk_UNCONST("\x2b\x06\x01\x05\x05\x0d\x11") };
|
||||
|
||||
/* GSS_C_MA_CONF_PROT - 1.3.6.1.5.5.13.18 */
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ma_conf_prot_oid_desc = { 7, "\x2b\x06\x01\x05\x05\x0d\x12" };
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ma_conf_prot_oid_desc = { 7, rk_UNCONST("\x2b\x06\x01\x05\x05\x0d\x12") };
|
||||
|
||||
/* GSS_C_MA_MIC - 1.3.6.1.5.5.13.19 */
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ma_mic_oid_desc = { 7, "\x2b\x06\x01\x05\x05\x0d\x13" };
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ma_mic_oid_desc = { 7, rk_UNCONST("\x2b\x06\x01\x05\x05\x0d\x13") };
|
||||
|
||||
/* GSS_C_MA_WRAP - 1.3.6.1.5.5.13.20 */
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ma_wrap_oid_desc = { 7, "\x2b\x06\x01\x05\x05\x0d\x14" };
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ma_wrap_oid_desc = { 7, rk_UNCONST("\x2b\x06\x01\x05\x05\x0d\x14") };
|
||||
|
||||
/* GSS_C_MA_PROT_READY - 1.3.6.1.5.5.13.21 */
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ma_prot_ready_oid_desc = { 7, "\x2b\x06\x01\x05\x05\x0d\x15" };
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ma_prot_ready_oid_desc = { 7, rk_UNCONST("\x2b\x06\x01\x05\x05\x0d\x15") };
|
||||
|
||||
/* GSS_C_MA_REPLAY_DET - 1.3.6.1.5.5.13.22 */
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ma_replay_det_oid_desc = { 7, "\x2b\x06\x01\x05\x05\x0d\x16" };
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ma_replay_det_oid_desc = { 7, rk_UNCONST("\x2b\x06\x01\x05\x05\x0d\x16") };
|
||||
|
||||
/* GSS_C_MA_OOS_DET - 1.3.6.1.5.5.13.23 */
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ma_oos_det_oid_desc = { 7, "\x2b\x06\x01\x05\x05\x0d\x17" };
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ma_oos_det_oid_desc = { 7, rk_UNCONST("\x2b\x06\x01\x05\x05\x0d\x17") };
|
||||
|
||||
/* GSS_C_MA_CBINDINGS - 1.3.6.1.5.5.13.24 */
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ma_cbindings_oid_desc = { 7, "\x2b\x06\x01\x05\x05\x0d\x18" };
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ma_cbindings_oid_desc = { 7, rk_UNCONST("\x2b\x06\x01\x05\x05\x0d\x18") };
|
||||
|
||||
/* GSS_C_MA_PFS - 1.3.6.1.5.5.13.25 */
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ma_pfs_oid_desc = { 7, "\x2b\x06\x01\x05\x05\x0d\x19" };
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ma_pfs_oid_desc = { 7, rk_UNCONST("\x2b\x06\x01\x05\x05\x0d\x19") };
|
||||
|
||||
/* GSS_C_MA_COMPRESS - 1.3.6.1.5.5.13.26 */
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ma_compress_oid_desc = { 7, "\x2b\x06\x01\x05\x05\x0d\x1a" };
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ma_compress_oid_desc = { 7, rk_UNCONST("\x2b\x06\x01\x05\x05\x0d\x1a") };
|
||||
|
||||
/* GSS_C_MA_CTX_TRANS - 1.3.6.1.5.5.13.27 */
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ma_ctx_trans_oid_desc = { 7, "\x2b\x06\x01\x05\x05\x0d\x1b" };
|
||||
gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ma_ctx_trans_oid_desc = { 7, rk_UNCONST("\x2b\x06\x01\x05\x05\x0d\x1b") };
|
||||
|
||||
struct _gss_oid_name_table _gss_ont_ma[] = {
|
||||
{ GSS_C_MA_COMPRESS, "GSS_C_MA_COMPRESS", "compress", "" },
|
||||
|
||||
@@ -34,7 +34,7 @@ gss_test_oid_set_member(OM_uint32 *minor_status,
|
||||
const gss_OID_set set,
|
||||
int *present)
|
||||
{
|
||||
int i;
|
||||
size_t i;
|
||||
|
||||
*present = 0;
|
||||
for (i = 0; i < set->count; i++)
|
||||
|
||||
@@ -155,15 +155,15 @@ _gss_ntlm_accept_sec_context
|
||||
&out);
|
||||
heim_ntlm_free_type1(&type1);
|
||||
if (major_status != GSS_S_COMPLETE) {
|
||||
OM_uint32 junk;
|
||||
_gss_ntlm_delete_sec_context(&junk, context_handle, NULL);
|
||||
OM_uint32 gunk;
|
||||
_gss_ntlm_delete_sec_context(&gunk, context_handle, NULL);
|
||||
return major_status;
|
||||
}
|
||||
|
||||
output_token->value = malloc(out.length);
|
||||
if (output_token->value == NULL && out.length != 0) {
|
||||
OM_uint32 junk;
|
||||
_gss_ntlm_delete_sec_context(&junk, context_handle, NULL);
|
||||
OM_uint32 gunk;
|
||||
_gss_ntlm_delete_sec_context(&gunk, context_handle, NULL);
|
||||
*minor_status = ENOMEM;
|
||||
return GSS_S_FAILURE;
|
||||
}
|
||||
|
||||
@@ -38,7 +38,7 @@ static gss_mo_desc ntlm_mo[] = {
|
||||
GSS_C_MA_SASL_MECH_NAME,
|
||||
GSS_MO_MA,
|
||||
"SASL mech name",
|
||||
"NTLM",
|
||||
rk_UNCONST("NTLM"),
|
||||
_gss_mo_get_ctx_as_string,
|
||||
NULL
|
||||
},
|
||||
@@ -46,7 +46,7 @@ static gss_mo_desc ntlm_mo[] = {
|
||||
GSS_C_MA_MECH_NAME,
|
||||
GSS_MO_MA,
|
||||
"Mechanism name",
|
||||
"NTLMSPP",
|
||||
rk_UNCONST("NTLMSPP"),
|
||||
_gss_mo_get_ctx_as_string,
|
||||
NULL
|
||||
},
|
||||
@@ -54,7 +54,7 @@ static gss_mo_desc ntlm_mo[] = {
|
||||
GSS_C_MA_MECH_DESCRIPTION,
|
||||
GSS_MO_MA,
|
||||
"Mechanism description",
|
||||
"Heimdal NTLMSSP Mechanism",
|
||||
rk_UNCONST("Heimdal NTLMSSP Mechanism"),
|
||||
_gss_mo_get_ctx_as_string,
|
||||
NULL
|
||||
}
|
||||
@@ -113,7 +113,13 @@ static gssapi_mech_interface_desc ntlm_mech = {
|
||||
NULL,
|
||||
NULL,
|
||||
ntlm_mo,
|
||||
sizeof(ntlm_mo) / sizeof(ntlm_mo[0])
|
||||
sizeof(ntlm_mo) / sizeof(ntlm_mo[0]),
|
||||
NULL,
|
||||
NULL,
|
||||
NULL,
|
||||
NULL,
|
||||
NULL,
|
||||
NULL,
|
||||
};
|
||||
|
||||
gssapi_mech_interface
|
||||
|
||||
@@ -316,7 +316,7 @@ select_mech(OM_uint32 *minor_status, MechType *mechType, int verify_p,
|
||||
gss_OID_desc oid;
|
||||
gss_OID oidp;
|
||||
gss_OID_set mechs;
|
||||
int i;
|
||||
size_t i;
|
||||
OM_uint32 ret, junk;
|
||||
|
||||
ret = der_put_oid ((unsigned char *)mechbuf + sizeof(mechbuf) - 1,
|
||||
@@ -368,12 +368,13 @@ select_mech(OM_uint32 *minor_status, MechType *mechType, int verify_p,
|
||||
|
||||
host = getenv("GSSAPI_SPNEGO_NAME");
|
||||
if (host == NULL || issuid()) {
|
||||
int rv;
|
||||
if (gethostname(hostname, sizeof(hostname)) != 0) {
|
||||
*minor_status = errno;
|
||||
return GSS_S_FAILURE;
|
||||
}
|
||||
i = asprintf(&str, "host@%s", hostname);
|
||||
if (i < 0 || str == NULL) {
|
||||
rv = asprintf(&str, "host@%s", hostname);
|
||||
if (rv < 0 || str == NULL) {
|
||||
*minor_status = ENOMEM;
|
||||
return GSS_S_FAILURE;
|
||||
}
|
||||
@@ -491,7 +492,6 @@ acceptor_start
|
||||
NegotiationToken nt;
|
||||
size_t nt_len;
|
||||
NegTokenInit *ni;
|
||||
int i;
|
||||
gss_buffer_desc data;
|
||||
gss_buffer_t mech_input_token = GSS_C_NO_BUFFER;
|
||||
gss_buffer_desc mech_output_token;
|
||||
@@ -613,13 +613,14 @@ acceptor_start
|
||||
*/
|
||||
|
||||
if (!first_ok && ni->mechToken != NULL) {
|
||||
size_t j;
|
||||
|
||||
preferred_mech_type = GSS_C_NO_OID;
|
||||
|
||||
/* Call glue layer to find first mech we support */
|
||||
for (i = 1; i < ni->mechTypes.len; ++i) {
|
||||
for (j = 1; j < ni->mechTypes.len; ++j) {
|
||||
ret = select_mech(minor_status,
|
||||
&ni->mechTypes.val[i],
|
||||
&ni->mechTypes.val[j],
|
||||
1,
|
||||
&preferred_mech_type);
|
||||
if (ret == 0)
|
||||
|
||||
@@ -41,10 +41,10 @@
|
||||
* Kerberos mechanism.
|
||||
*/
|
||||
gss_OID_desc _gss_spnego_mskrb_mechanism_oid_desc =
|
||||
{9, (void *)"\x2a\x86\x48\x82\xf7\x12\x01\x02\x02"};
|
||||
{9, rk_UNCONST("\x2a\x86\x48\x82\xf7\x12\x01\x02\x02")};
|
||||
|
||||
gss_OID_desc _gss_spnego_krb5_mechanism_oid_desc =
|
||||
{9, (void *)"\x2a\x86\x48\x86\xf7\x12\x01\x02\x02"};
|
||||
{9, rk_UNCONST("\x2a\x86\x48\x86\xf7\x12\x01\x02\x02")};
|
||||
|
||||
/*
|
||||
* Allocate a SPNEGO context handle
|
||||
@@ -241,7 +241,7 @@ _gss_spnego_indicate_mechtypelist (OM_uint32 *minor_status,
|
||||
gss_OID_set supported_mechs = GSS_C_NO_OID_SET;
|
||||
gss_OID first_mech = GSS_C_NO_OID;
|
||||
OM_uint32 ret;
|
||||
int i;
|
||||
size_t i;
|
||||
|
||||
mechtypelist->len = 0;
|
||||
mechtypelist->val = NULL;
|
||||
|
||||
@@ -37,7 +37,7 @@ spnego_supported_mechs(OM_uint32 *minor_status, gss_OID_set *mechs)
|
||||
{
|
||||
OM_uint32 ret, junk;
|
||||
gss_OID_set m;
|
||||
int i;
|
||||
size_t i;
|
||||
|
||||
ret = gss_indicate_mechs(minor_status, &m);
|
||||
if (ret != GSS_S_COMPLETE)
|
||||
@@ -565,7 +565,7 @@ OM_uint32 GSSAPI_CALLCONV _gss_spnego_inquire_names_for_mech (
|
||||
{
|
||||
gss_OID_set mechs, names, n;
|
||||
OM_uint32 ret, junk;
|
||||
int i, j;
|
||||
size_t i, j;
|
||||
|
||||
*name_types = NULL;
|
||||
|
||||
|
||||
@@ -70,7 +70,7 @@ OM_uint32 GSSAPI_CALLCONV _gss_spnego_acquire_cred
|
||||
OM_uint32 ret, tmp;
|
||||
gss_OID_set_desc actual_desired_mechs;
|
||||
gss_OID_set mechs;
|
||||
int i, j;
|
||||
size_t i, j;
|
||||
|
||||
*output_cred_handle = GSS_C_NO_CREDENTIAL;
|
||||
|
||||
|
||||
@@ -39,13 +39,12 @@
|
||||
* negotiation token is identified by the Object Identifier
|
||||
* iso.org.dod.internet.security.mechanism.snego (1.3.6.1.5.5.2).
|
||||
*/
|
||||
|
||||
static gss_mo_desc spnego_mo[] = {
|
||||
{
|
||||
GSS_C_MA_SASL_MECH_NAME,
|
||||
GSS_MO_MA,
|
||||
"SASL mech name",
|
||||
"SPNEGO",
|
||||
rk_UNCONST("SPNEGO"),
|
||||
_gss_mo_get_ctx_as_string,
|
||||
NULL
|
||||
},
|
||||
@@ -53,7 +52,7 @@ static gss_mo_desc spnego_mo[] = {
|
||||
GSS_C_MA_MECH_NAME,
|
||||
GSS_MO_MA,
|
||||
"Mechanism name",
|
||||
"SPNEGO",
|
||||
rk_UNCONST("SPNEGO"),
|
||||
_gss_mo_get_ctx_as_string,
|
||||
NULL
|
||||
},
|
||||
@@ -61,7 +60,7 @@ static gss_mo_desc spnego_mo[] = {
|
||||
GSS_C_MA_MECH_DESCRIPTION,
|
||||
GSS_MO_MA,
|
||||
"Mechanism description",
|
||||
"Heimdal SPNEGO Mechanism",
|
||||
rk_UNCONST("Heimdal SPNEGO Mechanism"),
|
||||
_gss_mo_get_ctx_as_string,
|
||||
NULL
|
||||
},
|
||||
@@ -78,7 +77,7 @@ static gss_mo_desc spnego_mo[] = {
|
||||
static gssapi_mech_interface_desc spnego_mech = {
|
||||
GMI_VERSION,
|
||||
"spnego",
|
||||
{6, (void *)"\x2b\x06\x01\x05\x05\x02"},
|
||||
{6, rk_UNCONST("\x2b\x06\x01\x05\x05\x02") },
|
||||
0,
|
||||
_gss_spnego_acquire_cred,
|
||||
_gss_spnego_release_cred,
|
||||
@@ -128,7 +127,13 @@ static gssapi_mech_interface_desc spnego_mech = {
|
||||
NULL,
|
||||
NULL,
|
||||
spnego_mo,
|
||||
sizeof(spnego_mo) / sizeof(spnego_mo[0])
|
||||
sizeof(spnego_mo) / sizeof(spnego_mo[0]),
|
||||
NULL,
|
||||
NULL,
|
||||
NULL,
|
||||
NULL,
|
||||
NULL,
|
||||
NULL,
|
||||
};
|
||||
|
||||
gssapi_mech_interface
|
||||
|
||||
@@ -549,8 +549,12 @@ main(int argc, char **argv)
|
||||
else
|
||||
mechoid = string_to_oid(mech_string);
|
||||
|
||||
if (gsskrb5_acceptor_identity)
|
||||
gsskrb5_register_acceptor_identity(gsskrb5_acceptor_identity);
|
||||
if (gsskrb5_acceptor_identity) {
|
||||
maj_stat = gsskrb5_register_acceptor_identity(gsskrb5_acceptor_identity);
|
||||
if (maj_stat)
|
||||
errx(1, "gsskrb5_acceptor_identity: %s",
|
||||
gssapi_err(maj_stat, 0, GSS_C_NO_OID));
|
||||
}
|
||||
|
||||
if (client_name) {
|
||||
gss_buffer_desc cn;
|
||||
|
||||
Reference in New Issue
Block a user