{
fprintf(stderr, "Usage: gss-client [-port port] [-mech mechanism] [-d]\n");
fprintf(stderr, " [-f] [-q] [-ccount count] [-mcount count]\n");
- fprintf(stderr, " [-na] [-nw] [-nx] [-nm] host service msg\n");
+ fprintf(stderr, " [-v1] [-na] [-nw] [-nx] [-nm] host service msg\n");
exit(1);
}
* unsuccessful, the GSS-API error messages are displayed on stderr
* and -1 is returned.
*/
-static int client_establish_context(s, service_name, deleg_flag, auth_flag,
- oid, gss_context, ret_flags)
+static int client_establish_context(s, service_name, deleg_flag, auth_flag,
+ v1_format, oid, gss_context, ret_flags)
int s;
char *service_name;
gss_OID oid;
OM_uint32 deleg_flag;
int auth_flag;
+ int v1_format;
gss_ctx_id_t *gss_context;
OM_uint32 *ret_flags;
{
return -1;
}
- if (send_token(s, TOKEN_NOOP|TOKEN_CONTEXT_NEXT, empty_token) < 0) {
- (void) gss_release_name(&min_stat, &target_name);
- return -1;
+ if (!v1_format) {
+ if (send_token(s, TOKEN_NOOP|TOKEN_CONTEXT_NEXT, empty_token) < 0) {
+ (void) gss_release_name(&min_stat, &target_name);
+ return -1;
+ }
}
/*
if (verbose)
printf("Sending init_sec_context token (size=%d)...",
(int) send_tok.length);
- if (send_token(s, TOKEN_CONTEXT, &send_tok) < 0) {
+ if (send_token(s, v1_format?0:TOKEN_CONTEXT, &send_tok) < 0) {
(void) gss_release_buffer(&min_stat, &send_tok);
(void) gss_release_name(&min_stat, &target_name);
return -1;
* verifies it with gss_verify. -1 is returned if any step fails,
* otherwise 0 is returned. */
static int call_server(host, port, oid, service_name, deleg_flag, auth_flag,
- wrap_flag, encrypt_flag, mic_flag, msg, use_file,
+ wrap_flag, encrypt_flag, mic_flag, v1_format, msg, use_file,
mcount)
char *host;
u_short port;
char *service_name;
OM_uint32 deleg_flag;
int auth_flag, wrap_flag, encrypt_flag, mic_flag;
+ int v1_format;
char *msg;
int use_file;
int mcount;
/* Establish context */
if (client_establish_context(s, service_name, deleg_flag, auth_flag,
- oid, &context, &ret_flags) < 0) {
+ v1_format, oid, &context,
+ &ret_flags) < 0) {
(void) close(s);
return -1;
}
}
/* Send to server */
- if (send_token(s, (TOKEN_DATA |
+ if (send_token(s, (v1_format?0
+ :(TOKEN_DATA |
(wrap_flag ? TOKEN_WRAPPED : 0) |
(encrypt_flag ? TOKEN_ENCRYPTED : 0) |
- (mic_flag ? TOKEN_SEND_MIC : 0)), &out_buf) < 0) {
+ (mic_flag ? TOKEN_SEND_MIC : 0))), &out_buf) < 0) {
(void) close(s);
(void) gss_delete_sec_context(&min_stat, &context, GSS_C_NO_BUFFER);
return -1;
free(in_buf.value);
/* Send NOOP */
+ if (!v1_format)
(void) send_token(s, TOKEN_NOOP, empty_token);
if (auth_flag) {
gss_OID oid = GSS_C_NULL_OID;
int mcount = 1, ccount = 1;
int i;
- int auth_flag, wrap_flag, encrypt_flag, mic_flag;
+ int auth_flag, wrap_flag, encrypt_flag, mic_flag, v1_format;
display_file = stdout;
auth_flag = wrap_flag = encrypt_flag = mic_flag = 1;
+ v1_format = 0;
/* Parse arguments. */
argc--; argv++;
encrypt_flag = 0;
} else if (strcmp(*argv, "-nm") == 0) {
mic_flag = 0;
- } else
- break;
+ } else if (strcmp(*argv, "-v1") == 0) {
+ v1_format = 1;
+ } else
+ break;
argc--; argv++;
}
if (argc != 3)
for (i = 0; i < ccount; i++) {
if (call_server(server_host, port, oid, service_name,
deleg_flag, auth_flag, wrap_flag, encrypt_flag, mic_flag,
- msg, use_file, mcount) < 0)
+ v1_format, msg, use_file, mcount) < 0)
exit(1);
}
*
* Effects:
*
- * send_token writes the token flags (a single byte, even though
- * they're passed in in an integer), then the token length (as a
- * network long) and then the token data to the file descriptor s. It
- * returns 0 on success, and -1 if an error occurs or if it could not
- * write all the data.
+ * If the flags are non-null, send_token writes the token flags (a
+ * single byte, even though they're passed in in an integer). Next,
+ * the token length (as a network long) and then the token data are
+ * written to the file descriptor s. It returns 0 on success, and -1
+ * if an error occurs or if it could not write all the data.
*/
int send_token(s, flags, tok)
int s;
unsigned char char_flags = (unsigned char) flags;
unsigned char lenbuf[4];
- ret = write_all(s, (char *)&char_flags, 1);
- if (ret != 1) {
- perror("sending token flags");
- return -1;
+ if (char_flags) {
+ ret = write_all(s, (char *)&char_flags, 1);
+ if (ret != 1) {
+ perror("sending token flags");
+ return -1;
+ }
}
-
if (tok->length > 0xffffffffUL)
abort();
lenbuf[0] = (tok->length >> 24) & 0xff;
*flags = (int) char_flags;
}
- ret = read_all(s, lenbuf, 4);
+ if (char_flags == 0 ) {
+ lenbuf[0] = 0;
+ ret = read_all(s, &lenbuf[1], 3);
if (ret < 0) {
- perror("reading token length");
- return -1;
- } else if (ret != 4) {
+ perror("reading token length");
+ return -1;
+ } else if (ret != 3) {
if (display_file)
fprintf(display_file,
"reading token length: %d of %d bytes read\n",
- ret, 4);
+ ret, 3);
+ return -1;
+ }
+ }
+ else {
+ ret = read_all(s, lenbuf, 4);
+ if (ret < 0) {
+ perror("reading token length");
+ return -1;
+ } else if (ret != 4) {
+ if (display_file)
+ fprintf(display_file,
+ "reading token length: %d of %d bytes read\n",
+ ret, 4);
return -1;
+ }
}
tok->length = ((lenbuf[0] << 24)