From 078693c52680be26ded33c7734cd1fdc47896480 Mon Sep 17 00:00:00 2001 From: Alexandra Ellwood Date: Tue, 25 Jul 2006 20:29:43 +0000 Subject: [PATCH] Changed GSSAPI opaque types (gss_name_t, gss_cred_id_t, gss_ctx_id_t) from void* to pointers to opaque structs. This change removed some casts and introduced or changed a bunch of other casts to suppress warnings. krb5_gss_accept_sec_context(): Fixed a bug found by the above changes where krb5_gss_release_cred() was being called with the wrong argument 2 (gss_cred_id_t instead of gss_cred_id_t*). ticket: 4057 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18396 dc483132-0cff-0310-8789-dd5450dbe970 --- src/lib/gssapi/generic/gssapi.hin | 11 ++++++++--- src/lib/gssapi/generic/gssapiP_generic.h | 18 +++++++++--------- src/lib/gssapi/generic/util_validate.c | 18 +++++++++--------- src/lib/gssapi/krb5/accept_sec_context.c | 4 ++-- src/lib/gssapi/krb5/add_cred.c | 5 +++-- src/lib/gssapi/krb5/delete_sec_context.c | 2 +- src/lib/gssapi/krb5/duplicate_name.c | 2 +- src/lib/gssapi/krb5/init_sec_context.c | 8 ++++---- src/lib/gssapi/krb5/inq_cred.c | 8 ++++---- src/lib/gssapi/krb5/process_context_token.c | 5 +++-- src/lib/gssapi/krb5/rel_cred.c | 2 +- src/lib/gssapi/mechglue/g_glue.c | 2 +- src/lib/gssapi/mechglue/mglueP.h | 6 +++--- 13 files changed, 49 insertions(+), 42 deletions(-) diff --git a/src/lib/gssapi/generic/gssapi.hin b/src/lib/gssapi/generic/gssapi.hin index 28b5b1123..71b365b0b 100644 --- a/src/lib/gssapi/generic/gssapi.hin +++ b/src/lib/gssapi/generic/gssapi.hin @@ -69,9 +69,14 @@ extern "C" { * First, define the three platform-dependent pointer types. */ -typedef void * gss_name_t; -typedef void * gss_cred_id_t; -typedef void * gss_ctx_id_t; +struct gss_name_struct; +typedef struct gss_name_struct * gss_name_t; + +struct gss_cred_id_struct; +typedef struct gss_cred_id_struct * gss_cred_id_t; + +struct gss_ctx_id_struct; +typedef struct gss_ctx_id_struct * gss_ctx_id_t; /* * The following type must be defined as the smallest natural unsigned integer diff --git a/src/lib/gssapi/generic/gssapiP_generic.h b/src/lib/gssapi/generic/gssapiP_generic.h index 2752f1dfa..e34055b6c 100644 --- a/src/lib/gssapi/generic/gssapiP_generic.h +++ b/src/lib/gssapi/generic/gssapiP_generic.h @@ -150,19 +150,19 @@ int g_set_entry_add (g_set_elt *s, void *key, void *value); int g_set_entry_delete (g_set_elt *s, void *key); int g_set_entry_get (g_set_elt *s, void *key, void **value); -int g_save_name (g_set *vdb, gss_name_t *name); -int g_save_cred_id (g_set *vdb, gss_cred_id_t *cred); -int g_save_ctx_id (g_set *vdb, gss_ctx_id_t *ctx); +int g_save_name (g_set *vdb, gss_name_t name); +int g_save_cred_id (g_set *vdb, gss_cred_id_t cred); +int g_save_ctx_id (g_set *vdb, gss_ctx_id_t ctx); int g_save_lucidctx_id (g_set *vdb, void *lctx); -int g_validate_name (g_set *vdb, gss_name_t *name); -int g_validate_cred_id (g_set *vdb, gss_cred_id_t *cred); -int g_validate_ctx_id (g_set *vdb, gss_ctx_id_t *ctx); +int g_validate_name (g_set *vdb, gss_name_t name); +int g_validate_cred_id (g_set *vdb, gss_cred_id_t cred); +int g_validate_ctx_id (g_set *vdb, gss_ctx_id_t ctx); int g_validate_lucidctx_id (g_set *vdb, void *lctx); -int g_delete_name (g_set *vdb, gss_name_t *name); -int g_delete_cred_id (g_set *vdb, gss_cred_id_t *cred); -int g_delete_ctx_id (g_set *vdb, gss_ctx_id_t *ctx); +int g_delete_name (g_set *vdb, gss_name_t name); +int g_delete_cred_id (g_set *vdb, gss_cred_id_t cred); +int g_delete_ctx_id (g_set *vdb, gss_ctx_id_t ctx); int g_delete_lucidctx_id (g_set *vdb, void *lctx); int g_make_string_buffer (const char *str, gss_buffer_t buffer); diff --git a/src/lib/gssapi/generic/util_validate.c b/src/lib/gssapi/generic/util_validate.c index fedbab158..aa91237d1 100644 --- a/src/lib/gssapi/generic/util_validate.c +++ b/src/lib/gssapi/generic/util_validate.c @@ -240,19 +240,19 @@ static int g_delete(db, type, ptr) int g_save_name(vdb, name) g_set *vdb; - gss_name_t *name; + gss_name_t name; { return(g_save(vdb, V_NAME, (void *) name)); } int g_save_cred_id(vdb, cred) g_set *vdb; - gss_cred_id_t *cred; + gss_cred_id_t cred; { return(g_save(vdb, V_CRED_ID, (void *) cred)); } int g_save_ctx_id(vdb, ctx) g_set *vdb; - gss_ctx_id_t *ctx; + gss_ctx_id_t ctx; { return(g_save(vdb, V_CTX_ID, (void *) ctx)); } @@ -268,19 +268,19 @@ int g_save_lucidctx_id(vdb, lctx) int g_validate_name(vdb, name) g_set *vdb; - gss_name_t *name; + gss_name_t name; { return(g_validate(vdb, V_NAME, (void *) name)); } int g_validate_cred_id(vdb, cred) g_set *vdb; - gss_cred_id_t *cred; + gss_cred_id_t cred; { return(g_validate(vdb, V_CRED_ID, (void *) cred)); } int g_validate_ctx_id(vdb, ctx) g_set *vdb; - gss_ctx_id_t *ctx; + gss_ctx_id_t ctx; { return(g_validate(vdb, V_CTX_ID, (void *) ctx)); } @@ -295,19 +295,19 @@ int g_validate_lucidctx_id(vdb, lctx) int g_delete_name(vdb, name) g_set *vdb; - gss_name_t *name; + gss_name_t name; { return(g_delete(vdb, V_NAME, (void *) name)); } int g_delete_cred_id(vdb, cred) g_set *vdb; - gss_cred_id_t *cred; + gss_cred_id_t cred; { return(g_delete(vdb, V_CRED_ID, (void *) cred)); } int g_delete_ctx_id(vdb, ctx) g_set *vdb; - gss_ctx_id_t *ctx; + gss_ctx_id_t ctx; { return(g_delete(vdb, V_CTX_ID, (void *) ctx)); } diff --git a/src/lib/gssapi/krb5/accept_sec_context.c b/src/lib/gssapi/krb5/accept_sec_context.c index f461e8d50..ed4c3e221 100644 --- a/src/lib/gssapi/krb5/accept_sec_context.c +++ b/src/lib/gssapi/krb5/accept_sec_context.c @@ -874,7 +874,7 @@ krb5_gss_accept_sec_context(minor_status, context_handle, if (ret_flags) *ret_flags = ctx->gss_flags; - *context_handle = ctx; + *context_handle = (gss_ctx_id_t)ctx; *output_token = token; if (src_name) @@ -1000,7 +1000,7 @@ krb5_gss_accept_sec_context(minor_status, context_handle, *output_token = token; } if (!verifier_cred_handle && cred_handle) { - krb5_gss_release_cred(minor_status, cred_handle); + krb5_gss_release_cred(minor_status, &cred_handle); } krb5_free_context(context); return (major_status); diff --git a/src/lib/gssapi/krb5/add_cred.c b/src/lib/gssapi/krb5/add_cred.c index 6bcc2d1c9..225f125d2 100644 --- a/src/lib/gssapi/krb5/add_cred.c +++ b/src/lib/gssapi/krb5/add_cred.c @@ -342,7 +342,8 @@ krb5_gss_add_cred(minor_status, input_cred_handle, /* set the outputs */ - if (GSS_ERROR(major_status = krb5_gss_inquire_cred(minor_status, cred, + if (GSS_ERROR(major_status = krb5_gss_inquire_cred(minor_status, + (gss_cred_id_t)cred, NULL, &lifetime, NULL, actual_mechs))) { OM_uint32 dummy; @@ -360,7 +361,7 @@ krb5_gss_add_cred(minor_status, input_cred_handle, *acceptor_time_rec = lifetime; if (output_cred_handle) - *output_cred_handle = cred; + *output_cred_handle = (gss_cred_id_t)cred; krb5_free_context(context); *minor_status = 0; diff --git a/src/lib/gssapi/krb5/delete_sec_context.c b/src/lib/gssapi/krb5/delete_sec_context.c index be91cd078..1bc6799e3 100644 --- a/src/lib/gssapi/krb5/delete_sec_context.c +++ b/src/lib/gssapi/krb5/delete_sec_context.c @@ -53,7 +53,7 @@ krb5_gss_delete_sec_context(minor_status, context_handle, output_token) return(GSS_S_NO_CONTEXT); } - ctx = (gss_ctx_id_t) *context_handle; + ctx = (krb5_gss_ctx_id_t) *context_handle; context = ctx->k5_context; /* construct a delete context token if necessary */ diff --git a/src/lib/gssapi/krb5/duplicate_name.c b/src/lib/gssapi/krb5/duplicate_name.c index a82771764..cb2ca71c7 100644 --- a/src/lib/gssapi/krb5/duplicate_name.c +++ b/src/lib/gssapi/krb5/duplicate_name.c @@ -52,7 +52,7 @@ OM_uint32 krb5_gss_duplicate_name(OM_uint32 *minor_status, return(GSS_S_CALL_BAD_STRUCTURE|GSS_S_BAD_NAME); } - princ = input_name; + princ = (krb5_principal)input_name; if ((code = krb5_copy_principal(context, princ, &outprinc))) { *minor_status = code; krb5_free_context(context); diff --git a/src/lib/gssapi/krb5/init_sec_context.c b/src/lib/gssapi/krb5/init_sec_context.c index 81b49f2c7..dff477470 100644 --- a/src/lib/gssapi/krb5/init_sec_context.c +++ b/src/lib/gssapi/krb5/init_sec_context.c @@ -688,7 +688,7 @@ mutual_auth( return(GSS_S_NO_CONTEXT); } - ctx = (gss_ctx_id_t) *context_handle; + ctx = (krb5_gss_ctx_id_t) *context_handle; /* make sure the context is non-established, and that certain arguments are unchanged */ @@ -878,7 +878,7 @@ krb5_gss_init_sec_context(minor_status, claimant_cred_handle, /* verify the credential, or use the default */ /*SUPPRESS 29*/ if (claimant_cred_handle == GSS_C_NO_CREDENTIAL) { - major_status = kg_get_defcred(minor_status, &cred); + major_status = kg_get_defcred(minor_status, (gss_cred_id_t *)&cred); if (major_status && GSS_ERROR(major_status)) { if (*context_handle == GSS_C_NO_CONTEXT) krb5_free_context(context); @@ -928,7 +928,7 @@ krb5_gss_init_sec_context(minor_status, claimant_cred_handle, if (err) { k5_mutex_unlock(&cred->lock); if (claimant_cred_handle == GSS_C_NO_CREDENTIAL) - krb5_gss_release_cred(minor_status, (gss_cred_id_t)&cred); + krb5_gss_release_cred(minor_status, (gss_cred_id_t *)&cred); *minor_status = 0; if (*context_handle == GSS_C_NO_CONTEXT) krb5_free_context(context); @@ -965,7 +965,7 @@ krb5_gss_init_sec_context(minor_status, claimant_cred_handle, } if (claimant_cred_handle == GSS_C_NO_CREDENTIAL) - krb5_gss_release_cred(&tmp_min_stat, (gss_cred_id_t)&cred); + krb5_gss_release_cred(&tmp_min_stat, (gss_cred_id_t *)&cred); return(major_status); } diff --git a/src/lib/gssapi/krb5/inq_cred.c b/src/lib/gssapi/krb5/inq_cred.c index 1f61384e9..58425d80d 100644 --- a/src/lib/gssapi/krb5/inq_cred.c +++ b/src/lib/gssapi/krb5/inq_cred.c @@ -108,7 +108,7 @@ krb5_gss_inquire_cred(minor_status, cred_handle, name, lifetime_ret, if (cred_handle == GSS_C_NO_CREDENTIAL) { OM_uint32 major; - if ((major = kg_get_defcred(minor_status, (gss_cred_id_t)&cred)) && + if ((major = kg_get_defcred(minor_status, (gss_cred_id_t *)&cred)) && GSS_ERROR(major)) { krb5_free_context(context); return(major); @@ -176,7 +176,7 @@ krb5_gss_inquire_cred(minor_status, cred_handle, name, lifetime_ret, if (ret_name != NULL && ! kg_save_name((gss_name_t) ret_name)) { k5_mutex_unlock(&cred->lock); if (cred_handle == GSS_C_NO_CREDENTIAL) - krb5_gss_release_cred(minor_status, (gss_cred_id_t)&cred); + krb5_gss_release_cred(minor_status, (gss_cred_id_t *)&cred); (void) gss_release_oid_set(minor_status, &mechs); krb5_free_principal(context, ret_name); @@ -201,7 +201,7 @@ krb5_gss_inquire_cred(minor_status, cred_handle, name, lifetime_ret, *mechanisms = mechs; if (cred_handle == GSS_C_NO_CREDENTIAL) - krb5_gss_release_cred(minor_status, (gss_cred_id_t)&cred); + krb5_gss_release_cred(minor_status, (gss_cred_id_t *)&cred); krb5_free_context(context); *minor_status = 0; @@ -210,7 +210,7 @@ fail: if (cred_handle == GSS_C_NO_CREDENTIAL) { OM_uint32 tmp_min_stat; - krb5_gss_release_cred(&tmp_min_stat, (gss_cred_id_t)&cred); + krb5_gss_release_cred(&tmp_min_stat, (gss_cred_id_t *)&cred); } krb5_free_context(context); return ret; diff --git a/src/lib/gssapi/krb5/process_context_token.c b/src/lib/gssapi/krb5/process_context_token.c index f1bf5c537..49d8ec3f9 100644 --- a/src/lib/gssapi/krb5/process_context_token.c +++ b/src/lib/gssapi/krb5/process_context_token.c @@ -42,7 +42,7 @@ krb5_gss_process_context_token(minor_status, context_handle, return(GSS_S_NO_CONTEXT); } - ctx = (krb5_gss_ctx_id_rec *) context_handle; + ctx = (krb5_gss_ctx_id_t) context_handle; if (! ctx->established) { *minor_status = KG_CTX_INCOMPLETE; @@ -51,7 +51,8 @@ krb5_gss_process_context_token(minor_status, context_handle, /* "unseal" the token */ - if (GSS_ERROR(majerr = kg_unseal(minor_status, ctx, token_buffer, + if (GSS_ERROR(majerr = kg_unseal(minor_status, context_handle, + token_buffer, GSS_C_NO_BUFFER, NULL, NULL, KG_TOK_DEL_CTX))) return(majerr); diff --git a/src/lib/gssapi/krb5/rel_cred.c b/src/lib/gssapi/krb5/rel_cred.c index e48656f9f..416d51a9e 100644 --- a/src/lib/gssapi/krb5/rel_cred.c +++ b/src/lib/gssapi/krb5/rel_cred.c @@ -49,7 +49,7 @@ krb5_gss_release_cred(minor_status, cred_handle) return(GSS_S_CALL_BAD_STRUCTURE|GSS_S_NO_CRED); } - cred = *cred_handle; + cred = (krb5_gss_cred_id_t)*cred_handle; k5_mutex_destroy(&cred->lock); /* ignore error destroying mutex */ diff --git a/src/lib/gssapi/mechglue/g_glue.c b/src/lib/gssapi/mechglue/g_glue.c index 030fbfdfa..c9c48dce0 100644 --- a/src/lib/gssapi/mechglue/g_glue.c +++ b/src/lib/gssapi/mechglue/g_glue.c @@ -492,7 +492,7 @@ OM_uint32 gssint_convert_name_to_union_name(minor_status, mech, if (major_status != GSS_S_COMPLETE) goto allocation_failure; - *external_name = union_name; + *external_name = /*(gss_name_t) CHECK */union_name; return (GSS_S_COMPLETE); allocation_failure: diff --git a/src/lib/gssapi/mechglue/mglueP.h b/src/lib/gssapi/mechglue/mglueP.h index 2becac960..07ef7109e 100644 --- a/src/lib/gssapi/mechglue/mglueP.h +++ b/src/lib/gssapi/mechglue/mglueP.h @@ -26,7 +26,7 @@ do { \ /* * Array of context IDs typed by mechanism OID */ -typedef struct gss_union_ctx_id_t { +typedef struct gss_ctx_id_struct { gss_OID mech_type; gss_ctx_id_t internal_ctx_id; } gss_union_ctx_id_desc, *gss_union_ctx_id_t; @@ -35,7 +35,7 @@ typedef struct gss_union_ctx_id_t { * Generic GSSAPI names. A name can either be a generic name, or a * mechanism specific name.... */ -typedef struct gss_union_name_t { +typedef struct gss_name_struct { gss_OID name_type; gss_buffer_t external_name; /* @@ -69,7 +69,7 @@ typedef struct gss_union_cred_auxinfo { /* * Set of Credentials typed on mechanism OID */ -typedef struct gss_union_cred_t { +typedef struct gss_cred_id_struct { int count; gss_OID mechs_array; gss_cred_id_t *cred_array; -- 2.26.2