From 1c2b0222833384b4b865f543ab0dcf8328c97a38 Mon Sep 17 00:00:00 2001 From: Theodore Tso Date: Sat, 24 Feb 1996 05:10:47 +0000 Subject: [PATCH] gssapiP_krb5.h: Changed most krb5 gssapi functions to take a void * as their first argument, instead of a krb5_context. Makes for a cleaner interface to the mechanism glue layer. k5mech.c (krb5_gss_initialize): Call name-type/mechanism registration function so that mechanism glue layer knows whether or not a name needs to be lazy evaluated or not. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7514 dc483132-0cff-0310-8789-dd5450dbe970 --- src/lib/gssapi/krb5/ChangeLog | 10 + src/lib/gssapi/krb5/accept_sec_context.c | 5 +- src/lib/gssapi/krb5/acquire_cred.c | 15 +- src/lib/gssapi/krb5/compare_name.c | 5 +- src/lib/gssapi/krb5/context_time.c | 5 +- src/lib/gssapi/krb5/delete_sec_context.c | 5 +- src/lib/gssapi/krb5/disp_name.c | 5 +- src/lib/gssapi/krb5/disp_status.c | 5 +- src/lib/gssapi/krb5/export_sec_context.c | 5 +- src/lib/gssapi/krb5/gssapiP_krb5.h | 58 ++--- src/lib/gssapi/krb5/gssapi_krb5.c | 2 + src/lib/gssapi/krb5/import_name.c | 5 +- src/lib/gssapi/krb5/import_sec_context.c | 5 +- src/lib/gssapi/krb5/indicate_mechs.c | 4 +- src/lib/gssapi/krb5/init_sec_context.c | 10 +- src/lib/gssapi/krb5/inq_context.c | 5 +- src/lib/gssapi/krb5/inq_cred.c | 10 +- src/lib/gssapi/krb5/k5mech.c | 256 ++--------------------- src/lib/gssapi/krb5/rel_cred.c | 5 +- src/lib/gssapi/krb5/rel_name.c | 6 +- src/lib/gssapi/krb5/seal.c | 17 +- src/lib/gssapi/krb5/sign.c | 12 +- src/lib/gssapi/krb5/unseal.c | 10 +- src/lib/gssapi/krb5/verify.c | 10 +- 24 files changed, 145 insertions(+), 330 deletions(-) diff --git a/src/lib/gssapi/krb5/ChangeLog b/src/lib/gssapi/krb5/ChangeLog index ef151295a..befe20387 100644 --- a/src/lib/gssapi/krb5/ChangeLog +++ b/src/lib/gssapi/krb5/ChangeLog @@ -1,3 +1,13 @@ +Sat Feb 24 00:06:37 1996 Theodore Y. Ts'o + + * gssapiP_krb5.h: Changed most krb5 gssapi functions to take a + void * as their first argument, instead of a krb5_context. + Makes for a cleaner interface to the mechanism glue layer. + + * k5mech.c (krb5_gss_initialize): Call name-type/mechanism + registration function so that mechanism glue layer knows + whether or not a name needs to be lazy evaluated or not. + Tue Feb 6 23:55:45 1996 Theodore Y. Ts'o * pname_to_uid.c (krb5_pname_to_uid): Instead of using specialized diff --git a/src/lib/gssapi/krb5/accept_sec_context.c b/src/lib/gssapi/krb5/accept_sec_context.c index 204bd5d69..b083a74f7 100644 --- a/src/lib/gssapi/krb5/accept_sec_context.c +++ b/src/lib/gssapi/krb5/accept_sec_context.c @@ -57,12 +57,12 @@ cleanup: } OM_uint32 -krb5_gss_accept_sec_context(context, minor_status, context_handle, +krb5_gss_accept_sec_context(ct, minor_status, context_handle, verifier_cred_handle, input_token, input_chan_bindings, src_name, mech_type, output_token, ret_flags, time_rec, delegated_cred_handle) - krb5_context context; + void *ct; OM_uint32 *minor_status; gss_ctx_id_t *context_handle; gss_cred_id_t verifier_cred_handle; @@ -75,6 +75,7 @@ krb5_gss_accept_sec_context(context, minor_status, context_handle, OM_uint32 *time_rec; gss_cred_id_t *delegated_cred_handle; { + krb5_context context = ct; unsigned char *ptr, *ptr2; char *sptr; long tmp; diff --git a/src/lib/gssapi/krb5/acquire_cred.c b/src/lib/gssapi/krb5/acquire_cred.c index bdc8964cb..5c1082b5e 100644 --- a/src/lib/gssapi/krb5/acquire_cred.c +++ b/src/lib/gssapi/krb5/acquire_cred.c @@ -35,13 +35,14 @@ */ static OM_uint32 -acquire_accept_cred(context, minor_status, desired_name, output_princ, cred) - krb5_context context; +acquire_accept_cred(ctx, minor_status, desired_name, output_princ, cred) + void *ctx; OM_uint32 *minor_status; gss_name_t desired_name; krb5_principal *output_princ; krb5_gss_cred_id_rec *cred; { + krb5_context context = ctx; krb5_error_code code; krb5_principal princ; krb5_keytab kt; @@ -238,10 +239,10 @@ acquire_init_cred(context, minor_status, desired_name, output_princ, cred) /*ARGSUSED*/ OM_uint32 -krb5_gss_acquire_cred(context, minor_status, desired_name, time_req, +krb5_gss_acquire_cred(ctx, minor_status, desired_name, time_req, desired_mechs, cred_usage, output_cred_handle, actual_mechs, time_rec) - krb5_context context; + void *ctx; OM_uint32 *minor_status; gss_name_t desired_name; OM_uint32 time_req; @@ -251,6 +252,7 @@ krb5_gss_acquire_cred(context, minor_status, desired_name, time_req, gss_OID_set *actual_mechs; OM_uint32 *time_rec; { + krb5_context context = ctx; size_t i; krb5_gss_cred_id_t cred; gss_OID_set mechs; @@ -429,12 +431,12 @@ krb5_gss_acquire_cred(context, minor_status, desired_name, time_req, /* V2 interface */ OM_uint32 -krb5_gss_add_cred(context, minor_status, input_cred_handle, +krb5_gss_add_cred(ctx, minor_status, input_cred_handle, desired_name, desired_mech, cred_usage, initiator_time_req, acceptor_time_req, output_cred_handle, actual_mechs, initiator_time_rec, acceptor_time_rec) - krb5_context context; + void *ctx; OM_uint32 *minor_status; gss_cred_id_t input_cred_handle; gss_name_t desired_name; @@ -447,6 +449,7 @@ krb5_gss_add_cred(context, minor_status, input_cred_handle, OM_uint32 *initiator_time_rec; OM_uint32 *acceptor_time_rec; { + krb5_context context = ctx; /* * This does not apply to our single-mechanism implementation. Until we * come up with a better error code, return failure. diff --git a/src/lib/gssapi/krb5/compare_name.c b/src/lib/gssapi/krb5/compare_name.c index c18eace1b..19b94f452 100644 --- a/src/lib/gssapi/krb5/compare_name.c +++ b/src/lib/gssapi/krb5/compare_name.c @@ -23,13 +23,14 @@ #include "gssapiP_krb5.h" OM_uint32 -krb5_gss_compare_name(context, minor_status, name1, name2, name_equal) - krb5_context context; +krb5_gss_compare_name(ctx, minor_status, name1, name2, name_equal) + void *ctx; OM_uint32 *minor_status; gss_name_t name1; gss_name_t name2; int *name_equal; { + krb5_context context = ctx; if (! kg_validate_name(name1)) { *minor_status = (OM_uint32) G_VALIDATE_FAILED; return(GSS_S_CALL_BAD_STRUCTURE|GSS_S_BAD_NAME); diff --git a/src/lib/gssapi/krb5/context_time.c b/src/lib/gssapi/krb5/context_time.c index 8b849ea5a..3bc42e603 100644 --- a/src/lib/gssapi/krb5/context_time.c +++ b/src/lib/gssapi/krb5/context_time.c @@ -23,12 +23,13 @@ #include "gssapiP_krb5.h" OM_uint32 -krb5_gss_context_time(context, minor_status, context_handle, time_rec) - krb5_context context; +krb5_gss_context_time(ct, minor_status, context_handle, time_rec) + void *ct; OM_uint32 *minor_status; gss_ctx_id_t context_handle; OM_uint32 *time_rec; { + krb5_context context = ct; krb5_error_code code; krb5_gss_ctx_id_rec *ctx; krb5_timestamp now; diff --git a/src/lib/gssapi/krb5/delete_sec_context.c b/src/lib/gssapi/krb5/delete_sec_context.c index 4e0766fa8..fded9afa8 100644 --- a/src/lib/gssapi/krb5/delete_sec_context.c +++ b/src/lib/gssapi/krb5/delete_sec_context.c @@ -23,12 +23,13 @@ #include "gssapiP_krb5.h" OM_uint32 -krb5_gss_delete_sec_context(context, minor_status, context_handle, output_token) - krb5_context context; +krb5_gss_delete_sec_context(ct, minor_status, context_handle, output_token) + void *ct; OM_uint32 *minor_status; gss_ctx_id_t *context_handle; gss_buffer_t output_token; { + krb5_context context = ct; krb5_gss_ctx_id_rec *ctx; if (output_token) { diff --git a/src/lib/gssapi/krb5/disp_name.c b/src/lib/gssapi/krb5/disp_name.c index 3ce5ac25b..a9cbcae06 100644 --- a/src/lib/gssapi/krb5/disp_name.c +++ b/src/lib/gssapi/krb5/disp_name.c @@ -23,14 +23,15 @@ #include "gssapiP_krb5.h" OM_uint32 -krb5_gss_display_name(context, minor_status, input_name, output_name_buffer, +krb5_gss_display_name(ctx, minor_status, input_name, output_name_buffer, output_name_type) - krb5_context context; + void *ctx; OM_uint32 *minor_status; gss_name_t input_name; gss_buffer_t output_name_buffer; gss_OID *output_name_type; { + krb5_context context = ctx; krb5_error_code code; char *str; diff --git a/src/lib/gssapi/krb5/disp_status.c b/src/lib/gssapi/krb5/disp_status.c index 97775147c..326d3fc7c 100644 --- a/src/lib/gssapi/krb5/disp_status.c +++ b/src/lib/gssapi/krb5/disp_status.c @@ -32,9 +32,9 @@ static int init_et = 0; /**/ OM_uint32 -krb5_gss_display_status(context, minor_status, status_value, status_type, +krb5_gss_display_status(ctx, minor_status, status_value, status_type, mech_type, message_context, status_string) - krb5_context context; + void *ctx; OM_uint32 *minor_status; OM_uint32 status_value; int status_type; @@ -42,6 +42,7 @@ krb5_gss_display_status(context, minor_status, status_value, status_type, OM_uint32 *message_context; gss_buffer_t status_string; { + krb5_context context = ctx; status_string->length = 0; status_string->value = NULL; diff --git a/src/lib/gssapi/krb5/export_sec_context.c b/src/lib/gssapi/krb5/export_sec_context.c index 61856a364..6ebb1f9ce 100644 --- a/src/lib/gssapi/krb5/export_sec_context.c +++ b/src/lib/gssapi/krb5/export_sec_context.c @@ -28,13 +28,14 @@ #include "gssapiP_krb5.h" OM_uint32 -krb5_gss_export_sec_context(context, +krb5_gss_export_sec_context(ct, minor_status, context_handle, interprocess_token) - krb5_context context; + void *ct; OM_uint32 *minor_status; gss_ctx_id_t *context_handle; gss_buffer_t interprocess_token; { + krb5_context context = ct; krb5_error_code kret; OM_uint32 retval; krb5_context ser_ctx; diff --git a/src/lib/gssapi/krb5/gssapiP_krb5.h b/src/lib/gssapi/krb5/gssapiP_krb5.h index 0ab945311..a7aebbef7 100644 --- a/src/lib/gssapi/krb5/gssapiP_krb5.h +++ b/src/lib/gssapi/krb5/gssapiP_krb5.h @@ -184,7 +184,7 @@ kg_ser_context_init PROTOTYPE((krb5_context)); /** declarations of internal name mechanism functions **/ OM_uint32 krb5_gss_acquire_cred -PROTOTYPE( (krb5_context, +PROTOTYPE( (void *, OM_uint32*, /* minor_status */ gss_name_t, /* desired_name */ OM_uint32, /* time_req */ @@ -196,13 +196,13 @@ PROTOTYPE( (krb5_context, )); OM_uint32 krb5_gss_release_cred -PROTOTYPE( (krb5_context, +PROTOTYPE( (void *, OM_uint32*, /* minor_status */ gss_cred_id_t* /* cred_handle */ )); OM_uint32 krb5_gss_init_sec_context -PROTOTYPE( (krb5_context, +PROTOTYPE( (void *, OM_uint32*, /* minor_status */ gss_cred_id_t, /* claimant_cred_handle */ gss_ctx_id_t*, /* context_handle */ @@ -220,7 +220,7 @@ PROTOTYPE( (krb5_context, )); OM_uint32 krb5_gss_accept_sec_context -PROTOTYPE( (krb5_context, +PROTOTYPE( (void *, OM_uint32*, /* minor_status */ gss_ctx_id_t*, /* context_handle */ gss_cred_id_t, /* verifier_cred_handle */ @@ -236,28 +236,28 @@ PROTOTYPE( (krb5_context, )); OM_uint32 krb5_gss_process_context_token -PROTOTYPE( (krb5_context, +PROTOTYPE( (void *, OM_uint32*, /* minor_status */ gss_ctx_id_t, /* context_handle */ gss_buffer_t /* token_buffer */ )); OM_uint32 krb5_gss_delete_sec_context -PROTOTYPE( (krb5_context, +PROTOTYPE( (void *, OM_uint32*, /* minor_status */ gss_ctx_id_t*, /* context_handle */ gss_buffer_t /* output_token */ )); OM_uint32 krb5_gss_context_time -PROTOTYPE( (krb5_context, +PROTOTYPE( (void *, OM_uint32*, /* minor_status */ gss_ctx_id_t, /* context_handle */ OM_uint32* /* time_rec */ )); OM_uint32 krb5_gss_sign -PROTOTYPE( (krb5_context, +PROTOTYPE( (void *, OM_uint32*, /* minor_status */ gss_ctx_id_t, /* context_handle */ int, /* qop_req */ @@ -266,7 +266,7 @@ PROTOTYPE( (krb5_context, )); OM_uint32 krb5_gss_verify -PROTOTYPE( (krb5_context, +PROTOTYPE( (void *, OM_uint32*, /* minor_status */ gss_ctx_id_t, /* context_handle */ gss_buffer_t, /* message_buffer */ @@ -275,7 +275,7 @@ PROTOTYPE( (krb5_context, )); OM_uint32 krb5_gss_seal -PROTOTYPE( (krb5_context, +PROTOTYPE( (void *, OM_uint32*, /* minor_status */ gss_ctx_id_t, /* context_handle */ int, /* conf_req_flag */ @@ -286,7 +286,7 @@ PROTOTYPE( (krb5_context, )); OM_uint32 krb5_gss_unseal -PROTOTYPE( (krb5_context, +PROTOTYPE( (void *, OM_uint32*, /* minor_status */ gss_ctx_id_t, /* context_handle */ gss_buffer_t, /* input_message_buffer */ @@ -296,7 +296,7 @@ PROTOTYPE( (krb5_context, )); OM_uint32 krb5_gss_display_status -PROTOTYPE( (krb5_context, +PROTOTYPE( (void *, OM_uint32*, /* minor_status */ OM_uint32, /* status_value */ int, /* status_type */ @@ -306,13 +306,13 @@ PROTOTYPE( (krb5_context, )); OM_uint32 krb5_gss_indicate_mechs -PROTOTYPE( (krb5_context, +PROTOTYPE( (void *, OM_uint32*, /* minor_status */ gss_OID_set* /* mech_set */ )); OM_uint32 krb5_gss_compare_name -PROTOTYPE( (krb5_context, +PROTOTYPE( (void *, OM_uint32*, /* minor_status */ gss_name_t, /* name1 */ gss_name_t, /* name2 */ @@ -320,7 +320,7 @@ PROTOTYPE( (krb5_context, )); OM_uint32 krb5_gss_display_name -PROTOTYPE( (krb5_context, +PROTOTYPE( (void *, OM_uint32*, /* minor_status */ gss_name_t, /* input_name */ gss_buffer_t, /* output_name_buffer */ @@ -328,7 +328,7 @@ PROTOTYPE( (krb5_context, )); OM_uint32 krb5_gss_import_name -PROTOTYPE( (krb5_context, +PROTOTYPE( (void *, OM_uint32*, /* minor_status */ gss_buffer_t, /* input_name_buffer */ gss_OID, /* input_name_type */ @@ -336,13 +336,13 @@ PROTOTYPE( (krb5_context, )); OM_uint32 krb5_gss_release_name -PROTOTYPE( (krb5_context, +PROTOTYPE( (void *, OM_uint32*, /* minor_status */ gss_name_t* /* input_name */ )); OM_uint32 krb5_gss_inquire_cred -PROTOTYPE( (krb5_context, +PROTOTYPE( (void *, OM_uint32 *, /* minor_status */ gss_cred_id_t, /* cred_handle */ gss_name_t *, /* name */ @@ -352,7 +352,7 @@ PROTOTYPE( (krb5_context, )); OM_uint32 krb5_gss_inquire_context -PROTOTYPE( (krb5_context, +PROTOTYPE( (void *, OM_uint32*, /* minor_status */ gss_ctx_id_t, /* context_handle */ gss_name_t*, /* initiator_name */ @@ -366,7 +366,7 @@ PROTOTYPE( (krb5_context, /* New V2 entry points */ OM_uint32 krb5_gss_get_mic -PROTOTYPE( (krb5_context, +PROTOTYPE( (void *, OM_uint32 *, /* minor_status */ gss_ctx_id_t, /* context_handle */ gss_qop_t, /* qop_req */ @@ -375,7 +375,7 @@ PROTOTYPE( (krb5_context, )); OM_uint32 krb5_gss_verify_mic -PROTOTYPE( (krb5_context, +PROTOTYPE( (void *, OM_uint32 *, /* minor_status */ gss_ctx_id_t, /* context_handle */ gss_buffer_t, /* message_buffer */ @@ -384,7 +384,7 @@ PROTOTYPE( (krb5_context, )); OM_uint32 krb5_gss_wrap -PROTOTYPE( (krb5_context, +PROTOTYPE( (void *, OM_uint32 *, /* minor_status */ gss_ctx_id_t, /* context_handle */ int, /* conf_req_flag */ @@ -395,7 +395,7 @@ PROTOTYPE( (krb5_context, )); OM_uint32 krb5_gss_unwrap -PROTOTYPE( (krb5_context, +PROTOTYPE( (void *, OM_uint32 *, /* minor_status */ gss_ctx_id_t, /* context_handle */ gss_buffer_t, /* input_message_buffer */ @@ -405,7 +405,7 @@ PROTOTYPE( (krb5_context, )); OM_uint32 krb5_gss_wrap_size_limit -PROTOTYPE( (krb5_context, +PROTOTYPE( (void *, OM_uint32 *, /* minor_status */ gss_ctx_id_t, /* context_handle */ int, /* conf_req_flag */ @@ -431,7 +431,7 @@ PROTOTYPE( (krb5_context, )); OM_uint32 krb5_gss_add_cred -PROTOTYPE( (krb5_context, +PROTOTYPE( (void *, OM_uint32 *, /* minor_status */ gss_cred_id_t, /* input_cred_handle */ gss_name_t, /* desired_name */ @@ -446,7 +446,7 @@ PROTOTYPE( (krb5_context, )); OM_uint32 krb5_gss_inquire_cred_by_mech -PROTOTYPE( (krb5_context, +PROTOTYPE( (void *, OM_uint32 *, /* minor_status */ gss_cred_id_t, /* cred_handle */ gss_OID, /* mech_type */ @@ -457,14 +457,14 @@ PROTOTYPE( (krb5_context, )); OM_uint32 krb5_gss_export_sec_context -PROTOTYPE( (krb5_context, +PROTOTYPE( (void *, OM_uint32 *, /* minor_status */ gss_ctx_id_t *, /* context_handle */ gss_buffer_t /* interprocess_token */ )); OM_uint32 krb5_gss_import_sec_context -PROTOTYPE( (krb5_context, +PROTOTYPE( (void *, OM_uint32 *, /* minor_status */ gss_buffer_t, /* interprocess_token */ gss_ctx_id_t * /* context_handle */ @@ -477,7 +477,7 @@ PROTOTYPE( (OM_uint32 *, /* minor_status */ OM_uint32 krb5_gss_internal_release_oid -PROTOTYPE( (krb5_context, +PROTOTYPE( (void *, OM_uint32 *, /* minor_status */ gss_OID * /* oid */ )); diff --git a/src/lib/gssapi/krb5/gssapi_krb5.c b/src/lib/gssapi/krb5/gssapi_krb5.c index be08f9139..e18455755 100644 --- a/src/lib/gssapi/krb5/gssapi_krb5.c +++ b/src/lib/gssapi/krb5/gssapi_krb5.c @@ -49,11 +49,13 @@ static const gss_OID_desc oids[] = { {5, "\053\005\001\005\002"}, {10, "\052\206\110\206\367\022\001\002\002\001"}, {10, "\052\206\110\206\367\022\001\002\002\002"}, + {9, "\052\206\110\206\367\022\001\002\002"}, }; const gss_OID_desc * const gss_mech_krb5 = oids+0; const gss_OID_desc * const gss_nt_krb5_name = oids+1; const gss_OID_desc * const gss_nt_krb5_principal = oids+2; +const gss_OID_desc * const gss_new_mech_krb5 = oids+3; static const gss_OID_set_desc oidsets[] = { {1, (gss_OID) oids}, diff --git a/src/lib/gssapi/krb5/import_name.c b/src/lib/gssapi/krb5/import_name.c index 7e00e746b..ee44132ae 100644 --- a/src/lib/gssapi/krb5/import_name.c +++ b/src/lib/gssapi/krb5/import_name.c @@ -39,14 +39,15 @@ */ OM_uint32 -krb5_gss_import_name(context, minor_status, input_name_buffer, +krb5_gss_import_name(ctx, minor_status, input_name_buffer, input_name_type, output_name) - krb5_context context; + void *ctx; OM_uint32 *minor_status; gss_buffer_t input_name_buffer; gss_OID input_name_type; gss_name_t *output_name; { + krb5_context context = ctx; krb5_principal princ; krb5_error_code code; char *stringrep, *tmp; diff --git a/src/lib/gssapi/krb5/import_sec_context.c b/src/lib/gssapi/krb5/import_sec_context.c index cc20ec8f6..8727fda7e 100644 --- a/src/lib/gssapi/krb5/import_sec_context.c +++ b/src/lib/gssapi/krb5/import_sec_context.c @@ -28,13 +28,14 @@ #include "gssapiP_krb5.h" OM_uint32 -krb5_gss_import_sec_context(context, +krb5_gss_import_sec_context(ctx, minor_status, interprocess_token, context_handle) - krb5_context context; + void *ctx; OM_uint32 *minor_status; gss_buffer_t interprocess_token; gss_ctx_id_t *context_handle; { + krb5_context context = ctx; krb5_error_code kret; OM_uint32 retval; krb5_context ser_ctx; diff --git a/src/lib/gssapi/krb5/indicate_mechs.c b/src/lib/gssapi/krb5/indicate_mechs.c index f10087345..0f78de219 100644 --- a/src/lib/gssapi/krb5/indicate_mechs.c +++ b/src/lib/gssapi/krb5/indicate_mechs.c @@ -23,8 +23,8 @@ #include "gssapiP_krb5.h" OM_uint32 -krb5_gss_indicate_mechs(context, minor_status, mech_set) - krb5_context context; +krb5_gss_indicate_mechs(ctx, minor_status, mech_set) + void *ctx; OM_uint32 *minor_status; gss_OID_set *mech_set; { diff --git a/src/lib/gssapi/krb5/init_sec_context.c b/src/lib/gssapi/krb5/init_sec_context.c index 504086500..2f9d79586 100644 --- a/src/lib/gssapi/krb5/init_sec_context.c +++ b/src/lib/gssapi/krb5/init_sec_context.c @@ -25,9 +25,9 @@ #include "k5-int.h" static krb5_error_code -make_ap_req(context, auth_context, cred, server, endtime, chan_bindings, +make_ap_req(ctx, auth_context, cred, server, endtime, chan_bindings, do_mutual, flags, token) - krb5_context context; + void *ctx; krb5_auth_context * auth_context; krb5_gss_cred_id_t cred; krb5_principal server; @@ -37,6 +37,7 @@ make_ap_req(context, auth_context, cred, server, endtime, chan_bindings, krb5_flags *flags; gss_buffer_t token; { + krb5_context context = ctx; krb5_flags mk_req_flags = 0; krb5_error_code code; krb5_data checksum_data; @@ -205,12 +206,12 @@ cleanup: } OM_uint32 -krb5_gss_init_sec_context(context, minor_status, claimant_cred_handle, +krb5_gss_init_sec_context(ct, minor_status, claimant_cred_handle, context_handle, target_name, mech_type, req_flags, time_req, input_chan_bindings, input_token, actual_mech_type, output_token, ret_flags, time_rec) - krb5_context context; + void *ct; OM_uint32 *minor_status; gss_cred_id_t claimant_cred_handle; gss_ctx_id_t *context_handle; @@ -225,6 +226,7 @@ krb5_gss_init_sec_context(context, minor_status, claimant_cred_handle, OM_uint32 *ret_flags; OM_uint32 *time_rec; { + krb5_context context = ct; krb5_gss_cred_id_t cred; krb5_error_code code; krb5_gss_ctx_id_rec *ctx; diff --git a/src/lib/gssapi/krb5/inq_context.c b/src/lib/gssapi/krb5/inq_context.c index ac54a423b..bd1ef7ee2 100644 --- a/src/lib/gssapi/krb5/inq_context.c +++ b/src/lib/gssapi/krb5/inq_context.c @@ -23,10 +23,10 @@ #include "gssapiP_krb5.h" OM_uint32 -krb5_gss_inquire_context(context, minor_status, context_handle, initiator_name, +krb5_gss_inquire_context(ctx, minor_status, context_handle, initiator_name, acceptor_name, lifetime_rec, mech_type, ret_flags, locally_initiated, open) - krb5_context context; + void *ctx; OM_uint32 *minor_status; gss_ctx_id_t context_handle; gss_name_t *initiator_name; @@ -37,6 +37,7 @@ krb5_gss_inquire_context(context, minor_status, context_handle, initiator_name, int *locally_initiated; int *open; { + krb5_context context = ctx; krb5_error_code code; krb5_gss_ctx_id_rec *ctx; krb5_principal init, accept; diff --git a/src/lib/gssapi/krb5/inq_cred.c b/src/lib/gssapi/krb5/inq_cred.c index 444870efe..e3e01bf4e 100644 --- a/src/lib/gssapi/krb5/inq_cred.c +++ b/src/lib/gssapi/krb5/inq_cred.c @@ -23,9 +23,9 @@ #include "gssapiP_krb5.h" OM_uint32 -krb5_gss_inquire_cred(context, minor_status, cred_handle, name, lifetime_ret, +krb5_gss_inquire_cred(ctx, minor_status, cred_handle, name, lifetime_ret, cred_usage, mechanisms) - krb5_context context; + void *ctx; OM_uint32 *minor_status; gss_cred_id_t cred_handle; gss_name_t *name; @@ -33,6 +33,7 @@ krb5_gss_inquire_cred(context, minor_status, cred_handle, name, lifetime_ret, gss_cred_usage_t *cred_usage; gss_OID_set *mechanisms; { + krb5_context context = ctx; krb5_gss_cred_id_t cred; krb5_error_code code; krb5_timestamp now; @@ -112,10 +113,10 @@ krb5_gss_inquire_cred(context, minor_status, cred_handle, name, lifetime_ret, /* V2 interface */ OM_uint32 -krb5_gss_inquire_cred_by_mech(context, minor_status, cred_handle, +krb5_gss_inquire_cred_by_mech(ctx, minor_status, cred_handle, mech_type, name, initiator_lifetime, acceptor_lifetime, cred_usage) - krb5_context context; + void *ctx; OM_uint32 *minor_status; gss_cred_id_t cred_handle; gss_OID mech_type; @@ -124,6 +125,7 @@ krb5_gss_inquire_cred_by_mech(context, minor_status, cred_handle, OM_uint32 *acceptor_lifetime; gss_cred_usage_t *cred_usage; { + krb5_context context = ctx; krb5_gss_cred_id_t cred; OM_uint32 lifetime; OM_uint32 mstat; diff --git a/src/lib/gssapi/krb5/k5mech.c b/src/lib/gssapi/krb5/k5mech.c index 1efee7b56..12e698f7e 100644 --- a/src/lib/gssapi/krb5/k5mech.c +++ b/src/lib/gssapi/krb5/k5mech.c @@ -10,6 +10,8 @@ */ #include "../mechglue/mglueP.h" +#include "gssapiP_krb5.h" + /* * These are the extern declarations, one group per mechanism. They are * contained in the files named _gssd_extern_srvr.conf. @@ -17,253 +19,12 @@ /* ident "@(#)krb5_gssd_extern_srvr.conf 1.10 95/08/01 SMI" */ -/** declarations of internal name mechanism functions **/ - -/* This should somehow be generated by the internal mechanism - * routine library... But for now I've hand-copied over from - * gssapiP_krb5.h - */ - -/* XXX: Should replace these with #include "gssapiP_krb5.h" , once - * the function prototypes are fixed (e.g., need a void*, not a - * krb5_context. - */ - -OM_uint32 krb5_gss_acquire_cred - (void *, - OM_uint32*, /* minor_status */ - gss_name_t, /* desired_name */ - OM_uint32, /* time_req */ - gss_OID_set, /* desired_mechs */ - int, /* cred_usage */ - gss_cred_id_t*, /* output_cred_handle */ - gss_OID_set*, /* actual_mechs */ - OM_uint32* /* time_rec */ - ); - -OM_uint32 krb5_gss_release_cred - (void *, - OM_uint32*, /* minor_status */ - gss_cred_id_t* /* cred_handle */ - ); - -OM_uint32 krb5_gss_init_sec_context - (void *, - OM_uint32*, /* minor_status */ - gss_cred_id_t, /* claimant_cred_handle */ - gss_ctx_id_t*, /* context_handle */ - gss_name_t, /* target_name */ - gss_OID, /* mech_type */ - int, /* req_flags */ - OM_uint32, /* time_req */ - gss_channel_bindings_t, - /* input_chan_bindings */ - gss_buffer_t, /* input_token */ - gss_OID*, /* actual_mech_type */ - gss_buffer_t, /* output_token */ - int*, /* ret_flags */ - OM_uint32* /* time_rec */ - ); - -OM_uint32 krb5_gss_accept_sec_context - (void *, - OM_uint32*, /* minor_status */ - gss_ctx_id_t*, /* context_handle */ - gss_cred_id_t, /* verifier_cred_handle */ - gss_buffer_t, /* input_token_buffer */ - gss_channel_bindings_t, - /* input_chan_bindings */ - gss_name_t*, /* src_name */ - gss_OID*, /* mech_type */ - gss_buffer_t, /* output_token */ - int*, /* ret_flags */ - OM_uint32*, /* time_rec */ - gss_cred_id_t* /* delegated_cred_handle */ - ); - -OM_uint32 krb5_gss_process_context_token - (void *, - OM_uint32*, /* minor_status */ - gss_ctx_id_t, /* context_handle */ - gss_buffer_t /* token_buffer */ - ); - -OM_uint32 krb5_gss_delete_sec_context - (void *, - OM_uint32*, /* minor_status */ - gss_ctx_id_t*, /* context_handle */ - gss_buffer_t /* output_token */ - ); - -OM_uint32 krb5_gss_context_time - (void *, - OM_uint32*, /* minor_status */ - gss_ctx_id_t, /* context_handle */ - OM_uint32* /* time_rec */ - ); - -OM_uint32 krb5_gss_sign - (void *, - OM_uint32*, /* minor_status */ - gss_ctx_id_t, /* context_handle */ - int, /* qop_req */ - gss_buffer_t, /* message_buffer */ - gss_buffer_t /* message_token */ - ); - -OM_uint32 krb5_gss_verify - (void *, - OM_uint32*, /* minor_status */ - gss_ctx_id_t, /* context_handle */ - gss_buffer_t, /* message_buffer */ - gss_buffer_t, /* token_buffer */ - int* /* qop_state */ - ); - -OM_uint32 krb5_gss_seal - (void *, - OM_uint32*, /* minor_status */ - gss_ctx_id_t, /* context_handle */ - int, /* conf_req_flag */ - int, /* qop_req */ - gss_buffer_t, /* input_message_buffer */ - int*, /* conf_state */ - gss_buffer_t /* output_message_buffer */ - ); - -OM_uint32 krb5_gss_unseal - (void *, - OM_uint32*, /* minor_status */ - gss_ctx_id_t, /* context_handle */ - gss_buffer_t, /* input_message_buffer */ - gss_buffer_t, /* output_message_buffer */ - int*, /* conf_state */ - int* /* qop_state */ - ); - -OM_uint32 krb5_gss_display_status - (void *, - OM_uint32*, /* minor_status */ - OM_uint32, /* status_value */ - int, /* status_type */ - gss_OID, /* mech_type */ - int*, /* message_context */ - gss_buffer_t /* status_string */ - ); - -OM_uint32 krb5_gss_indicate_mechs - (void *, - OM_uint32*, /* minor_status */ - gss_OID_set* /* mech_set */ - ); - -OM_uint32 krb5_gss_compare_name - (void *, - OM_uint32*, /* minor_status */ - gss_name_t, /* name1 */ - gss_name_t, /* name2 */ - int* /* name_equal */ - ); - -OM_uint32 krb5_gss_display_name - (void *, - OM_uint32*, /* minor_status */ - gss_name_t, /* input_name */ - gss_buffer_t, /* output_name_buffer */ - gss_OID* /* output_name_type */ - ); - -OM_uint32 krb5_gss_import_name - (void *, - OM_uint32*, /* minor_status */ - gss_buffer_t, /* input_name_buffer */ - gss_OID, /* input_name_type */ - gss_name_t* /* output_name */ - ); - -OM_uint32 krb5_gss_release_name - (void *, - OM_uint32*, /* minor_status */ - gss_name_t* /* input_name */ - ); - -OM_uint32 krb5_gss_inquire_cred - (void *, - OM_uint32 *, /* minor_status */ - gss_cred_id_t, /* cred_handle */ - gss_name_t *, /* name */ - OM_uint32 *, /* lifetime */ - int *, /* cred_usage */ - gss_OID_set * /* mechanisms */ - ); - -OM_uint32 krb5_gss_inquire_context - (void *, - OM_uint32*, /* minor_status */ - gss_ctx_id_t, /* context_handle */ - gss_name_t*, /* initiator_name */ - gss_name_t*, /* acceptor_name */ - OM_uint32*, /* lifetime_rec */ - gss_OID*, /* mech_type */ - OM_uint32*, /* ctx_flags */ - int*, /* ret_flags */ - int* /* locally_initiated */ - ); - OM_uint32 krb5_gss_internal_release_oid (void *, /* context */ OM_uint32 *, /* minor_status */ gss_OID * /* OID */ ); -OM_uint32 krb5_gss_add_cred - (void *, - OM_uint32 *, /* minor_status */ - gss_cred_id_t, /* input_cred_handle */ - gss_name_t, /* desired_name */ - gss_OID, /* desired_mech */ - gss_cred_usage_t, /* cred_usage */ - OM_uint32, /* initiator_time_req */ - OM_uint32, /* acceptor_time_req */ - gss_cred_id_t *, /* output_cred_handle */ - gss_OID_set *, /* actual_mechs */ - OM_uint32 *, /* initiator_time_rec */ - OM_uint32 * /* acceptor_time_rec */ - ); - - -OM_uint32 krb5_gss_export_sec_context - (void *, - OM_uint32 *, /* minor_status */ - gss_ctx_id_t *, /* context_handle */ - gss_buffer_t /* interprocess_token */ - ); - -OM_uint32 krb5_gss_import_sec_context - (void *, - OM_uint32 *, /* minor_status */ - gss_buffer_t, /* interprocess_token */ - gss_ctx_id_t * /* context_handle */ - ); - -OM_uint32 krb5_gss_inquire_cred_by_mech - (void *, - OM_uint32 *, /* minor_status */ - gss_cred_id_t, /* cred_handle */ - gss_OID, /* mech_type */ - gss_name_t *, /* name */ - OM_uint32 *, /* initiator_lifetime */ - OM_uint32 *, /* acceptor_lifetime */ - gss_cred_usage_t * /* cred_usage */ - ); - -OM_uint32 krb5_gss_inquire_names_for_mech - (void *, - OM_uint32 *, /* minor_status */ - gss_OID, /* mechanism */ - gss_OID_set * /* name_types */ - ); - extern OM_uint32 krb5_gss_get_context (void** ); @@ -344,6 +105,15 @@ void ** context; gss_mechanism krb5_gss_initialize() { - krb5_gss_get_context(&(krb5_mechanism.context)); - return (&krb5_mechanism); + OM_uint32 min_stat; + + gss_add_mech_name_type(&min_stat, gss_nt_krb5_name, gss_mech_krb5); + gss_add_mech_name_type(&min_stat, gss_nt_krb5_principal, gss_mech_krb5); + gss_add_mech_name_type(&min_stat, gss_nt_service_name, gss_mech_krb5); + gss_add_mech_name_type(&min_stat, gss_nt_user_name, gss_mech_krb5); + gss_add_mech_name_type(&min_stat, gss_nt_machine_uid_name, gss_mech_krb5); + gss_add_mech_name_type(&min_stat, gss_nt_string_uid_name, gss_mech_krb5); + + krb5_gss_get_context(&(krb5_mechanism.context)); + return (&krb5_mechanism); } diff --git a/src/lib/gssapi/krb5/rel_cred.c b/src/lib/gssapi/krb5/rel_cred.c index cb5ac0bb4..297699fe1 100644 --- a/src/lib/gssapi/krb5/rel_cred.c +++ b/src/lib/gssapi/krb5/rel_cred.c @@ -23,11 +23,12 @@ #include "gssapiP_krb5.h" OM_uint32 -krb5_gss_release_cred(context, minor_status, cred_handle) - krb5_context context; +krb5_gss_release_cred(ctx, minor_status, cred_handle) + void *ctx; OM_uint32 *minor_status; gss_cred_id_t *cred_handle; { + krb5_context context = ctx; krb5_gss_cred_id_t cred; krb5_error_code code1, code2; diff --git a/src/lib/gssapi/krb5/rel_name.c b/src/lib/gssapi/krb5/rel_name.c index 11e62355f..40ff0d2d3 100644 --- a/src/lib/gssapi/krb5/rel_name.c +++ b/src/lib/gssapi/krb5/rel_name.c @@ -23,11 +23,13 @@ #include "gssapiP_krb5.h" OM_uint32 -krb5_gss_release_name(context, minor_status, input_name) - krb5_context context; +krb5_gss_release_name(ctx, minor_status, input_name) + void *ctx; OM_uint32 *minor_status; gss_name_t *input_name; { + krb5_context context = ctx; + if (! kg_validate_name(*input_name)) { *minor_status = (OM_uint32) G_VALIDATE_FAILED; return(GSS_S_CALL_BAD_STRUCTURE|GSS_S_BAD_NAME); diff --git a/src/lib/gssapi/krb5/seal.c b/src/lib/gssapi/krb5/seal.c index 14f203ae2..ca52a60af 100644 --- a/src/lib/gssapi/krb5/seal.c +++ b/src/lib/gssapi/krb5/seal.c @@ -23,10 +23,10 @@ #include "gssapiP_krb5.h" OM_uint32 -krb5_gss_seal(context, minor_status, context_handle, conf_req_flag, +krb5_gss_seal(ctx, minor_status, context_handle, conf_req_flag, qop_req, input_message_buffer, conf_state, output_message_buffer) - krb5_context context; + void *ctx; OM_uint32 *minor_status; gss_ctx_id_t context_handle; int conf_req_flag; @@ -35,6 +35,7 @@ krb5_gss_seal(context, minor_status, context_handle, conf_req_flag, int *conf_state; gss_buffer_t output_message_buffer; { + krb5_context context = ctx; return(kg_seal(context, minor_status, context_handle, conf_req_flag, qop_req, input_message_buffer, conf_state, output_message_buffer, KG_TOK_SEAL_MSG)); @@ -42,10 +43,10 @@ krb5_gss_seal(context, minor_status, context_handle, conf_req_flag, /* V2 interface */ OM_uint32 -krb5_gss_wrap(context, minor_status, context_handle, conf_req_flag, +krb5_gss_wrap(ctx, minor_status, context_handle, conf_req_flag, qop_req, input_message_buffer, conf_state, output_message_buffer) - krb5_context context; + void *ctx; OM_uint32 *minor_status; gss_ctx_id_t context_handle; int conf_req_flag; @@ -54,6 +55,8 @@ krb5_gss_wrap(context, minor_status, context_handle, conf_req_flag, int *conf_state; gss_buffer_t output_message_buffer; { + krb5_context context = ctx; + return(kg_seal(context, minor_status, context_handle, conf_req_flag, (int) qop_req, input_message_buffer, conf_state, output_message_buffer, KG_TOK_WRAP_MSG)); @@ -61,9 +64,9 @@ krb5_gss_wrap(context, minor_status, context_handle, conf_req_flag, /* V2 interface */ OM_uint32 -krb5_gss_wrap_size_limit(context, minor_status, context_handle, conf_req_flag, +krb5_gss_wrap_size_limit(ctx, minor_status, context_handle, conf_req_flag, qop_req, req_output_size, max_input_size) - krb5_context context; + void *ctx; OM_uint32 *minor_status; gss_ctx_id_t context_handle; int conf_req_flag; @@ -71,6 +74,8 @@ krb5_gss_wrap_size_limit(context, minor_status, context_handle, conf_req_flag, OM_uint32 req_output_size; OM_uint32 *max_input_size; { + krb5_context context = ctx; + /* XXX - should just put this in k5seal.c */ return(kg_seal_size(context, minor_status, context_handle, conf_req_flag, qop_req, req_output_size, max_input_size)); diff --git a/src/lib/gssapi/krb5/sign.c b/src/lib/gssapi/krb5/sign.c index 109213771..c3b6ebf4b 100644 --- a/src/lib/gssapi/krb5/sign.c +++ b/src/lib/gssapi/krb5/sign.c @@ -23,16 +23,18 @@ #include "gssapiP_krb5.h" OM_uint32 -krb5_gss_sign(context, minor_status, context_handle, +krb5_gss_sign(ctx, minor_status, context_handle, qop_req, message_buffer, message_token) - krb5_context context; + void *ctx; OM_uint32 *minor_status; gss_ctx_id_t context_handle; int qop_req; gss_buffer_t message_buffer; gss_buffer_t message_token; { + krb5_context context = ctx; + return(kg_seal(context, minor_status, context_handle, 0, qop_req, message_buffer, NULL, message_token, KG_TOK_SIGN_MSG)); @@ -40,15 +42,17 @@ krb5_gss_sign(context, minor_status, context_handle, /* V2 interface */ OM_uint32 -krb5_gss_get_mic(context, minor_status, context_handle, qop_req, +krb5_gss_get_mic(ctx, minor_status, context_handle, qop_req, message_buffer, message_token) - krb5_context context; + void *ctx; OM_uint32 *minor_status; gss_ctx_id_t context_handle; gss_qop_t qop_req; gss_buffer_t message_buffer; gss_buffer_t message_token; { + krb5_context context = ctx; + return(kg_seal(context, minor_status, context_handle, 0, (int) qop_req, message_buffer, NULL, message_token, KG_TOK_MIC_MSG)); diff --git a/src/lib/gssapi/krb5/unseal.c b/src/lib/gssapi/krb5/unseal.c index 294e37cc2..da71fa4f4 100644 --- a/src/lib/gssapi/krb5/unseal.c +++ b/src/lib/gssapi/krb5/unseal.c @@ -23,10 +23,10 @@ #include "gssapiP_krb5.h" OM_uint32 -krb5_gss_unseal(context, minor_status, context_handle, +krb5_gss_unseal(ctx, minor_status, context_handle, input_message_buffer, output_message_buffer, conf_state, qop_state) - krb5_context context; + void *ctx; OM_uint32 *minor_status; gss_ctx_id_t context_handle; gss_buffer_t input_message_buffer; @@ -34,6 +34,7 @@ krb5_gss_unseal(context, minor_status, context_handle, int *conf_state; int *qop_state; { + krb5_context context = ctx; return(kg_unseal(context, minor_status, context_handle, input_message_buffer, output_message_buffer, conf_state, qop_state, KG_TOK_SEAL_MSG)); @@ -41,10 +42,10 @@ krb5_gss_unseal(context, minor_status, context_handle, /* V2 interface */ OM_uint32 -krb5_gss_unwrap(context, minor_status, context_handle, +krb5_gss_unwrap(ctx, minor_status, context_handle, input_message_buffer, output_message_buffer, conf_state, qop_state) - krb5_context context; + void *ctx; OM_uint32 *minor_status; gss_ctx_id_t context_handle; gss_buffer_t input_message_buffer; @@ -52,6 +53,7 @@ krb5_gss_unwrap(context, minor_status, context_handle, int *conf_state; gss_qop_t *qop_state; { + krb5_context context = ctx; OM_uint32 rstat; int qstate; diff --git a/src/lib/gssapi/krb5/verify.c b/src/lib/gssapi/krb5/verify.c index f2d5d4a0c..33ee8fb8c 100644 --- a/src/lib/gssapi/krb5/verify.c +++ b/src/lib/gssapi/krb5/verify.c @@ -23,16 +23,17 @@ #include "gssapiP_krb5.h" OM_uint32 -krb5_gss_verify(context, minor_status, context_handle, +krb5_gss_verify(ctx, minor_status, context_handle, message_buffer, token_buffer, qop_state) - krb5_context context; + void *ctx; OM_uint32 *minor_status; gss_ctx_id_t context_handle; gss_buffer_t message_buffer; gss_buffer_t token_buffer; int *qop_state; { + krb5_context context = ctx; return(kg_unseal(context, minor_status, context_handle, token_buffer, message_buffer, NULL, qop_state, KG_TOK_SIGN_MSG)); @@ -40,16 +41,17 @@ krb5_gss_verify(context, minor_status, context_handle, /* V2 interface */ OM_uint32 -krb5_gss_verify_mic(context, minor_status, context_handle, +krb5_gss_verify_mic(ctx, minor_status, context_handle, message_buffer, token_buffer, qop_state) - krb5_context context; + void *ctx; OM_uint32 *minor_status; gss_ctx_id_t context_handle; gss_buffer_t message_buffer; gss_buffer_t token_buffer; gss_qop_t *qop_state; { + krb5_context context = ctx; OM_uint32 rstat; int qstate; -- 2.26.2