* require a specific license from the United States Government.
* It is the responsibility of any person or organization contemplating
* export to obtain such a license before exporting.
- *
+ *
* WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
* distribute this software and its documentation for any purpose and
* without fee is hereby granted, provided that the above copyright
* M.I.T. makes no representations about the suitability of
* this software for any purpose. It is provided "as is" without express
* or implied warranty.
- *
+ *
*
* k5buf string buffer module interface
*/
/* real failure code follows */
if (ctx)
- (void) krb5_gss_delete_sec_context(minor_status,
+ (void) krb5_gss_delete_sec_context(minor_status,
(gss_ctx_id_t *) &ctx, NULL);
*context_handle = GSS_C_NO_CONTEXT;
*minor_status = code;
* DCE_STYLE implies that we will use a subkey.)
*/
if (ctx->proto == 0 &&
- (ctx->gss_flags & GSS_C_DCE_STYLE) == 0 &&
+ (ctx->gss_flags & GSS_C_DCE_STYLE) == 0 &&
(ap_req_options & AP_OPTS_USE_SUBKEY)) {
code = (*kaccess.krb5_auth_con_get_subkey_enctype) (context,
auth_context,
if (!err) {
err = kim_ccache_create_from_client_identity (&kimccache, identity);
}
-
+
if (!err) {
err = kim_ccache_get_state (kimccache, &state);
}
-
+
if (!err && state != kim_credentials_state_valid) {
if (state == kim_credentials_state_needs_validation) {
err = kim_ccache_validate (kimccache, KIM_OPTIONS_DEFAULT);
ccache = NULL;
}
}
-
+
if (!kimccache && kim_library_allow_automatic_prompting ()) {
/* ccache does not already exist, create a new one */
- err = kim_ccache_create_new (&kimccache, identity,
+ err = kim_ccache_create_new (&kimccache, identity,
KIM_OPTIONS_DEFAULT);
- }
-
+ }
+
if (!err) {
err = kim_ccache_get_krb5_ccache (kimccache, context, &ccache);
}
krb5_error_code code;
krb5_context context;
krb5_ccache out_ccache;
-
+
assert(value->length == sizeof(out_ccache));
if (value->length != sizeof(out_ccache))
*minor_status = EINVAL;
- return GSS_S_UNAVAILABLE;
+ return GSS_S_UNAVAILABLE;
}
/*
*minor_status = EINVAL;
- return GSS_S_UNAVAILABLE;
+ return GSS_S_UNAVAILABLE;
}
/*
static struct gss_config krb5_mechanism = {
{ GSS_MECH_KRB5_OID_LENGTH, GSS_MECH_KRB5_OID },
- NULL,
+ NULL,
krb5_gss_acquire_cred,
krb5_gss_release_cred,
krb5_gss_init_sec_context,
krb5_gss_set_sec_context_option,
krb5_gssspi_set_cred_option,
krb5_gssspi_mech_invoke,
- NULL, /* wrap_aead */
- NULL, /* unwrap_aead */
+ NULL, /* wrap_aead */
+ NULL, /* unwrap_aead */
krb5_gss_wrap_iov,
krb5_gss_unwrap_iov,
krb5_gss_wrap_iov_length,
return CALL_INIT_FUNCTION(gss_krb5int_lib_init);
#endif
}
-
*minor_status = code;
return GSS_S_FAILURE;
}
-
+
if (k5_padlen == 0 && dce_style) {
/* Windows rejects AEAD tokens with non-zero EC */
code = krb5_c_block_size(context, enctype, &ec);
return GSS_S_COMPLETE;
}
-
acceptor_flag = ctx->initiate ? FLAG_SENDER_IS_ACCEPTOR : 0;
key_usage = (toktype == KG_TOK_WRAP_MSG
- ? (!ctx->initiate
+ ? (!ctx->initiate
? KG_USAGE_INITIATOR_SEAL
: KG_USAGE_ACCEPTOR_SEAL)
: (!ctx->initiate
- ? KG_USAGE_INITIATOR_SIGN
+ ? KG_USAGE_INITIATOR_SIGN
: KG_USAGE_ACCEPTOR_SIGN));
kg_iov_msglen(iov, iov_count, &data_length, &assoc_data_length);
}
ptr = (unsigned char *)header->buffer.value + token_wrapper_len;
-
+
signalg = ptr[0];
signalg |= ptr[1] << 8;
return code;
}
-
OM_uint32 major_status;
struct krb5_gss_set_allowable_enctypes_req req;
gss_buffer_desc req_buffer;
-
+
req.num_ktypes = num_ktypes;
req.ktypes = ktypes;
(const gss_OID)&req_oid,
&req_buffer);
- return major_status;
+ return major_status;
}
OM_uint32 KRB5_CALLCONV
(const gss_OID)&req_oid,
&req_buffer);
- return major_status;
+ return major_status;
}
OM_uint32 KRB5_CALLCONV
(const gss_OID)&req_oid,
&req_buffer);
- return major_status;
+ return major_status;
}
krb5_error_code
GSS_KRB5_SET_CRED_RCACHE_OID };
OM_uint32 major_status;
gss_buffer_desc req_buffer;
-
+
req_buffer.length = sizeof(rcache);
req_buffer.value = rcache;
return GSS_S_COMPLETE;
}
-
ctx->signalg = -1;
ctx->sealalg = -1;
}
-
+
code = krb5int_accessor(&kaccess, KRB5INT_ACCESS_VERSION);
if (code != 0)
return code;
retval = asn1buf_remove_octet(buf, &bval);
if (retval) return retval;
-
+
*val = (bval != 0x00);
-
+
cleanup();
}
-
DEFFNLENTYPE(u_generalstring, unsigned char *, asn1_encode_generalstring);
DEFFNLENTYPE(opaque, char *, asn1_encode_opaque);
-DEFFIELDTYPE(gstring_data, krb5_data,
+DEFFIELDTYPE(gstring_data, krb5_data,
FIELDOF_STRING(krb5_data, generalstring, data, length, -1));
DEFPTRTYPE(gstring_data_ptr,gstring_data);
#endif
/* RFC 4537 */
-DEFFIELDTYPE(etype_list, krb5_etype_list,
+DEFFIELDTYPE(etype_list, krb5_etype_list,
FIELDOF_SEQOF_INT32(krb5_etype_list, int32_ptr, etypes, length, -1));
/* Exported complete encoders -- these produce a krb5_data with
* Hash extension records have the format:
* client = <empty string>
* server = HASH:<msghash> <clientlen>:<client> <serverlen>:<server>
- * Spaces in the client and server string are represented with
+ * Spaces in the client and server string are represented with
* with backslashes. Client and server lengths are represented in
* ASCII decimal (which is different from the 32-bit binary we use
* elsewhere in the replay cache).
* require a specific license from the United States Government.
* It is the responsibility of any person or organization contemplating
* export to obtain such a license before exporting.
- *
+ *
* WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
* distribute this software and its documentation for any purpose and
* without fee is hereby granted, provided that the above copyright
* M.I.T. makes no representations about the suitability of
* this software for any purpose. It is provided "as is" without express
* or implied warranty.
- *
+ *
*
* replay cache default operations vector.
*/
* require a specific license from the United States Government.
* It is the responsibility of any person or organization contemplating
* export to obtain such a license before exporting.
- *
+ *
* WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
* distribute this software and its documentation for any purpose and
* without fee is hereby granted, provided that the above copyright
* M.I.T. makes no representations about the suitability of
* this software for any purpose. It is provided "as is" without express
* or implied warranty.
- *
+ *
* t_replay.c: Command-line interfaces to aid testing of replay cache
*
*/
* require a specific license from the United States Government.
* It is the responsibility of any person or organization contemplating
* export to obtain such a license before exporting.
- *
+ *
* WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
* distribute this software and its documentation for any purpose and
* without fee is hereby granted, provided that the above copyright
* M.I.T. makes no representations about the suitability of
* this software for any purpose. It is provided "as is" without express
* or implied warranty.
- *
+ *
* Internal declarations for the k5buf string buffer module.
*/
* require a specific license from the United States Government.
* It is the responsibility of any person or organization contemplating
* export to obtain such a license before exporting.
- *
+ *
* WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
* distribute this software and its documentation for any purpose and
* without fee is hereby granted, provided that the above copyright
* M.I.T. makes no representations about the suitability of
* this software for any purpose. It is provided "as is" without express
* or implied warranty.
- *
+ *
* Implement the k5buf string buffer module.
*/
len < space
data[len] = '\0'
*/
-
+
/* Make sure there is room for LEN more characters in BUF, in addition
to the null terminator and what's already in there. Return true on
success. On failure, set the error flag and return false. */
* require a specific license from the United States Government.
* It is the responsibility of any person or organization contemplating
* export to obtain such a license before exporting.
- *
+ *
* WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
* distribute this software and its documentation for any purpose and
* without fee is hereby granted, provided that the above copyright
* M.I.T. makes no representations about the suitability of
* this software for any purpose. It is provided "as is" without express
* or implied warranty.
- *
+ *
* Test the k5buf string buffer module.
*/