From 6158f7243127ce89552f18549d7b9ef9ebeeeab3 Mon Sep 17 00:00:00 2001 From: Ken Raeburn Date: Fri, 21 Oct 2005 01:32:57 +0000 Subject: [PATCH] reindent to style in doc/coding-style, via gnu indent git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17447 dc483132-0cff-0310-8789-dd5450dbe970 --- src/appl/gss-sample/gss-client.c | 970 ++++++++++++++-------------- src/appl/gss-sample/gss-misc.c | 388 ++++++------ src/appl/gss-sample/gss-server.c | 1016 +++++++++++++++--------------- 3 files changed, 1196 insertions(+), 1178 deletions(-) diff --git a/src/appl/gss-sample/gss-client.c b/src/appl/gss-sample/gss-client.c index d05ab41d5..32cd1bd78 100644 --- a/src/appl/gss-sample/gss-client.c +++ b/src/appl/gss-sample/gss-client.c @@ -67,17 +67,18 @@ static int verbose = 1; -static void usage() +static void +usage() { - fprintf(stderr, "Usage: gss-client [-port port] [-mech mechanism] [-d]\n"); - fprintf(stderr, " [-seq] [-noreplay] [-nomutual]"); + fprintf(stderr, "Usage: gss-client [-port port] [-mech mechanism] [-d]\n"); + fprintf(stderr, " [-seq] [-noreplay] [-nomutual]"); #ifdef _WIN32 - fprintf(stderr, " [-threads num]"); -#endif - fprintf(stderr, "\n"); - fprintf(stderr, " [-f] [-q] [-ccount count] [-mcount count]\n"); - fprintf(stderr, " [-v1] [-na] [-nw] [-nx] [-nm] host service msg\n"); - exit(1); + fprintf(stderr, " [-threads num]"); +#endif + fprintf(stderr, "\n"); + fprintf(stderr, " [-f] [-q] [-ccount count] [-mcount count]\n"); + fprintf(stderr, " [-v1] [-na] [-nw] [-nx] [-nm] host service msg\n"); + exit(1); } /* @@ -98,33 +99,34 @@ static void usage() * opened and connected. If an error occurs, an error message is * displayed and -1 is returned. */ -static int connect_to_server(host, port) - char *host; - u_short port; +static int +connect_to_server(host, port) + char *host; + u_short port; { - struct sockaddr_in saddr; - struct hostent *hp; - int s; - - if ((hp = gethostbyname(host)) == NULL) { - fprintf(stderr, "Unknown host: %s\n", host); - return -1; - } - - saddr.sin_family = hp->h_addrtype; - memcpy((char *)&saddr.sin_addr, hp->h_addr, sizeof(saddr.sin_addr)); - saddr.sin_port = htons(port); - - if ((s = socket(AF_INET, SOCK_STREAM, 0)) < 0) { - perror("creating socket"); - return -1; - } - if (connect(s, (struct sockaddr *)&saddr, sizeof(saddr)) < 0) { - perror("connecting to server"); - (void) close(s); - return -1; - } - return s; + struct sockaddr_in saddr; + struct hostent *hp; + int s; + + if ((hp = gethostbyname(host)) == NULL) { + fprintf(stderr, "Unknown host: %s\n", host); + return -1; + } + + saddr.sin_family = hp->h_addrtype; + memcpy((char *) &saddr.sin_addr, hp->h_addr, sizeof(saddr.sin_addr)); + saddr.sin_port = htons(port); + + if ((s = socket(AF_INET, SOCK_STREAM, 0)) < 0) { + perror("creating socket"); + return -1; + } + if (connect(s, (struct sockaddr *) &saddr, sizeof(saddr)) < 0) { + perror("connecting to server"); + (void) close(s); + return -1; + } + return s; } /* @@ -158,133 +160,127 @@ static int connect_to_server(host, port) * unsuccessful, the GSS-API error messages are displayed on stderr * and -1 is returned. */ -static int client_establish_context(s, service_name, gss_flags, auth_flag, - v1_format, oid, gss_context, ret_flags) - int s; - char *service_name; - gss_OID oid; - OM_uint32 gss_flags; - int auth_flag; - int v1_format; - gss_ctx_id_t *gss_context; - OM_uint32 *ret_flags; +static int +client_establish_context(s, service_name, gss_flags, auth_flag, + v1_format, oid, gss_context, ret_flags) + int s; + char *service_name; + gss_OID oid; + OM_uint32 gss_flags; + int auth_flag; + int v1_format; + gss_ctx_id_t *gss_context; + OM_uint32 *ret_flags; { - if (auth_flag) { - gss_buffer_desc send_tok, recv_tok, *token_ptr; - gss_name_t target_name; - OM_uint32 maj_stat, min_stat, init_sec_min_stat; - int token_flags; - - /* - * Import the name into target_name. Use send_tok to save - * local variable space. - */ - send_tok.value = service_name; - send_tok.length = strlen(service_name) ; - maj_stat = gss_import_name(&min_stat, &send_tok, - (gss_OID) gss_nt_service_name, &target_name); - if (maj_stat != GSS_S_COMPLETE) { - display_status("parsing name", maj_stat, min_stat); - return -1; - } - - if (!v1_format) { - if (send_token(s, TOKEN_NOOP|TOKEN_CONTEXT_NEXT, empty_token) < 0) { - (void) gss_release_name(&min_stat, &target_name); - return -1; - } - } - - /* - * Perform the context-establishement loop. - * - * On each pass through the loop, token_ptr points to the token - * to send to the server (or GSS_C_NO_BUFFER on the first pass). - * Every generated token is stored in send_tok which is then - * transmitted to the server; every received token is stored in - * recv_tok, which token_ptr is then set to, to be processed by - * the next call to gss_init_sec_context. - * - * GSS-API guarantees that send_tok's length will be non-zero - * if and only if the server is expecting another token from us, - * and that gss_init_sec_context returns GSS_S_CONTINUE_NEEDED if - * and only if the server has another token to send us. - */ - - token_ptr = GSS_C_NO_BUFFER; - *gss_context = GSS_C_NO_CONTEXT; - - do { - maj_stat = - gss_init_sec_context(&init_sec_min_stat, - GSS_C_NO_CREDENTIAL, - gss_context, - target_name, - oid, - gss_flags, - 0, - NULL, /* no channel bindings */ - token_ptr, - NULL, /* ignore mech type */ - &send_tok, - ret_flags, - NULL); /* ignore time_rec */ - - if (token_ptr != GSS_C_NO_BUFFER) - free (recv_tok.value); - - if (send_tok.length != 0) { - if (verbose) - printf("Sending init_sec_context token (size=%d)...", - (int) send_tok.length); - if (send_token(s, v1_format?0:TOKEN_CONTEXT, &send_tok) < 0) { - (void) gss_release_buffer(&min_stat, &send_tok); - (void) gss_release_name(&min_stat, &target_name); - return -1; - } - } - (void) gss_release_buffer(&min_stat, &send_tok); - - if (maj_stat!=GSS_S_COMPLETE && maj_stat!=GSS_S_CONTINUE_NEEDED) { - display_status("initializing context", maj_stat, - init_sec_min_stat); - (void) gss_release_name(&min_stat, &target_name); - if (*gss_context != GSS_C_NO_CONTEXT) - gss_delete_sec_context(&min_stat, gss_context, - GSS_C_NO_BUFFER); - return -1; - } - - if (maj_stat == GSS_S_CONTINUE_NEEDED) { - if (verbose) - printf("continue needed..."); - if (recv_token(s, &token_flags, &recv_tok) < 0) { - (void) gss_release_name(&min_stat, &target_name); - return -1; - } - token_ptr = &recv_tok; - } - if (verbose) - printf("\n"); - } while (maj_stat == GSS_S_CONTINUE_NEEDED); - - (void) gss_release_name(&min_stat, &target_name); - } - else { - if (send_token(s, TOKEN_NOOP, empty_token) < 0) - return -1; - } - - return 0; + if (auth_flag) { + gss_buffer_desc send_tok, recv_tok, *token_ptr; + gss_name_t target_name; + OM_uint32 maj_stat, min_stat, init_sec_min_stat; + int token_flags; + + /* + * Import the name into target_name. Use send_tok to save + * local variable space. + */ + send_tok.value = service_name; + send_tok.length = strlen(service_name); + maj_stat = gss_import_name(&min_stat, &send_tok, + (gss_OID) gss_nt_service_name, + &target_name); + if (maj_stat != GSS_S_COMPLETE) { + display_status("parsing name", maj_stat, min_stat); + return -1; + } + + if (!v1_format) { + if (send_token(s, TOKEN_NOOP | TOKEN_CONTEXT_NEXT, empty_token) < + 0) { + (void) gss_release_name(&min_stat, &target_name); + return -1; + } + } + + /* + * Perform the context-establishement loop. + * + * On each pass through the loop, token_ptr points to the token + * to send to the server (or GSS_C_NO_BUFFER on the first pass). + * Every generated token is stored in send_tok which is then + * transmitted to the server; every received token is stored in + * recv_tok, which token_ptr is then set to, to be processed by + * the next call to gss_init_sec_context. + * + * GSS-API guarantees that send_tok's length will be non-zero + * if and only if the server is expecting another token from us, + * and that gss_init_sec_context returns GSS_S_CONTINUE_NEEDED if + * and only if the server has another token to send us. + */ + + token_ptr = GSS_C_NO_BUFFER; + *gss_context = GSS_C_NO_CONTEXT; + + do { + maj_stat = gss_init_sec_context(&init_sec_min_stat, GSS_C_NO_CREDENTIAL, gss_context, target_name, oid, gss_flags, 0, NULL, /* no channel bindings */ + token_ptr, NULL, /* ignore mech type */ + &send_tok, ret_flags, NULL); /* ignore time_rec */ + + if (token_ptr != GSS_C_NO_BUFFER) + free(recv_tok.value); + + if (send_tok.length != 0) { + if (verbose) + printf("Sending init_sec_context token (size=%d)...", + (int) send_tok.length); + if (send_token(s, v1_format ? 0 : TOKEN_CONTEXT, &send_tok) < + 0) { + (void) gss_release_buffer(&min_stat, &send_tok); + (void) gss_release_name(&min_stat, &target_name); + return -1; + } + } + (void) gss_release_buffer(&min_stat, &send_tok); + + if (maj_stat != GSS_S_COMPLETE + && maj_stat != GSS_S_CONTINUE_NEEDED) { + display_status("initializing context", maj_stat, + init_sec_min_stat); + (void) gss_release_name(&min_stat, &target_name); + if (*gss_context != GSS_C_NO_CONTEXT) + gss_delete_sec_context(&min_stat, gss_context, + GSS_C_NO_BUFFER); + return -1; + } + + if (maj_stat == GSS_S_CONTINUE_NEEDED) { + if (verbose) + printf("continue needed..."); + if (recv_token(s, &token_flags, &recv_tok) < 0) { + (void) gss_release_name(&min_stat, &target_name); + return -1; + } + token_ptr = &recv_tok; + } + if (verbose) + printf("\n"); + } while (maj_stat == GSS_S_CONTINUE_NEEDED); + + (void) gss_release_name(&min_stat, &target_name); + } else { + if (send_token(s, TOKEN_NOOP, empty_token) < 0) + return -1; + } + + return 0; } -static void read_file(file_name, in_buf) - char *file_name; - gss_buffer_t in_buf; +static void +read_file(file_name, in_buf) + char *file_name; + gss_buffer_t in_buf; { - int fd, count; + int fd, count; struct stat stat_buf; - + if ((fd = open(file_name, O_RDONLY, 0)) < 0) { perror("open"); fprintf(stderr, "Couldn't open file %s\n", file_name); @@ -308,7 +304,7 @@ static void read_file(file_name, in_buf) } /* this code used to check for incomplete reads, but you can't get - an incomplete read on any file for which fstat() is meaningful */ + * an incomplete read on any file for which fstat() is meaningful */ count = read(fd, in_buf->value, in_buf->length); if (count < 0) { @@ -349,236 +345,234 @@ static void read_file(file_name, in_buf) * reads back a GSS-API signature block for msg from the server, and * verifies it with gss_verify. -1 is returned if any step fails, * otherwise 0 is returned. */ -static int call_server(host, port, oid, service_name, gss_flags, auth_flag, - wrap_flag, encrypt_flag, mic_flag, v1_format, msg, use_file, - mcount) - char *host; - u_short port; - gss_OID oid; - char *service_name; - OM_uint32 gss_flags; - int auth_flag, wrap_flag, encrypt_flag, mic_flag; - int v1_format; - char *msg; - int use_file; - int mcount; +static int +call_server(host, port, oid, service_name, gss_flags, auth_flag, + wrap_flag, encrypt_flag, mic_flag, v1_format, msg, use_file, + mcount) + char *host; + u_short port; + gss_OID oid; + char *service_name; + OM_uint32 gss_flags; + int auth_flag, wrap_flag, encrypt_flag, mic_flag; + int v1_format; + char *msg; + int use_file; + int mcount; { - gss_ctx_id_t context; - gss_buffer_desc in_buf, out_buf; - int s, state; - OM_uint32 ret_flags; - OM_uint32 maj_stat, min_stat; - gss_name_t src_name, targ_name; - gss_buffer_desc sname, tname; - OM_uint32 lifetime; - gss_OID mechanism, name_type; - int is_local; - OM_uint32 context_flags; - int is_open; - gss_qop_t qop_state; - gss_OID_set mech_names; - gss_buffer_desc oid_name; - size_t i; - int token_flags; - - /* Open connection */ - if ((s = connect_to_server(host, port)) < 0) - return -1; - - /* Establish context */ - if (client_establish_context(s, service_name, gss_flags, auth_flag, - v1_format, oid, &context, - &ret_flags) < 0) { - (void) close(s); - return -1; - } - - if (auth_flag && verbose) { - /* display the flags */ - display_ctx_flags(ret_flags); - - /* Get context information */ - maj_stat = gss_inquire_context( &min_stat, context, - &src_name, &targ_name, &lifetime, - &mechanism, &context_flags, - &is_local, - &is_open); - if (maj_stat != GSS_S_COMPLETE) { - display_status("inquiring context", maj_stat, min_stat); - return -1; - } - - maj_stat = gss_display_name(&min_stat, src_name, &sname, - &name_type); - if (maj_stat != GSS_S_COMPLETE) { - display_status("displaying source name", maj_stat, min_stat); - return -1; - } - maj_stat = gss_display_name(&min_stat, targ_name, &tname, - (gss_OID *) NULL); - if (maj_stat != GSS_S_COMPLETE) { - display_status("displaying target name", maj_stat, min_stat); - return -1; - } - printf("\"%.*s\" to \"%.*s\", lifetime %d, flags %x, %s, %s\n", - (int) sname.length, (char *) sname.value, - (int) tname.length, (char *) tname.value, lifetime, - context_flags, - (is_local) ? "locally initiated" : "remotely initiated", - (is_open) ? "open" : "closed"); - - (void) gss_release_name(&min_stat, &src_name); - (void) gss_release_name(&min_stat, &targ_name); - (void) gss_release_buffer(&min_stat, &sname); - (void) gss_release_buffer(&min_stat, &tname); - - maj_stat = gss_oid_to_str(&min_stat, - name_type, - &oid_name); - if (maj_stat != GSS_S_COMPLETE) { - display_status("converting oid->string", maj_stat, min_stat); - return -1; - } - printf("Name type of source name is %.*s.\n", - (int) oid_name.length, (char *) oid_name.value); - (void) gss_release_buffer(&min_stat, &oid_name); - - /* Now get the names supported by the mechanism */ - maj_stat = gss_inquire_names_for_mech(&min_stat, - mechanism, - &mech_names); - if (maj_stat != GSS_S_COMPLETE) { - display_status("inquiring mech names", maj_stat, min_stat); - return -1; - } - - maj_stat = gss_oid_to_str(&min_stat, - mechanism, - &oid_name); - if (maj_stat != GSS_S_COMPLETE) { - display_status("converting oid->string", maj_stat, min_stat); - return -1; - } - printf("Mechanism %.*s supports %d names\n", - (int) oid_name.length, (char *) oid_name.value, - (int) mech_names->count); - (void) gss_release_buffer(&min_stat, &oid_name); - - for (i=0; icount; i++) { - maj_stat = gss_oid_to_str(&min_stat, - &mech_names->elements[i], - &oid_name); - if (maj_stat != GSS_S_COMPLETE) { - display_status("converting oid->string", maj_stat, min_stat); - return -1; - } - printf(" %d: %.*s\n", (int) i, - (int) oid_name.length, (char *) oid_name.value); - - (void) gss_release_buffer(&min_stat, &oid_name); - } - (void) gss_release_oid_set(&min_stat, &mech_names); - } + gss_ctx_id_t context; + gss_buffer_desc in_buf, out_buf; + int s, state; + OM_uint32 ret_flags; + OM_uint32 maj_stat, min_stat; + gss_name_t src_name, targ_name; + gss_buffer_desc sname, tname; + OM_uint32 lifetime; + gss_OID mechanism, name_type; + int is_local; + OM_uint32 context_flags; + int is_open; + gss_qop_t qop_state; + gss_OID_set mech_names; + gss_buffer_desc oid_name; + size_t i; + int token_flags; + + /* Open connection */ + if ((s = connect_to_server(host, port)) < 0) + return -1; + + /* Establish context */ + if (client_establish_context(s, service_name, gss_flags, auth_flag, + v1_format, oid, &context, &ret_flags) < 0) { + (void) close(s); + return -1; + } + + if (auth_flag && verbose) { + /* display the flags */ + display_ctx_flags(ret_flags); + + /* Get context information */ + maj_stat = gss_inquire_context(&min_stat, context, + &src_name, &targ_name, &lifetime, + &mechanism, &context_flags, + &is_local, &is_open); + if (maj_stat != GSS_S_COMPLETE) { + display_status("inquiring context", maj_stat, min_stat); + return -1; + } + + maj_stat = gss_display_name(&min_stat, src_name, &sname, &name_type); + if (maj_stat != GSS_S_COMPLETE) { + display_status("displaying source name", maj_stat, min_stat); + return -1; + } + maj_stat = gss_display_name(&min_stat, targ_name, &tname, + (gss_OID *) NULL); + if (maj_stat != GSS_S_COMPLETE) { + display_status("displaying target name", maj_stat, min_stat); + return -1; + } + printf("\"%.*s\" to \"%.*s\", lifetime %d, flags %x, %s, %s\n", + (int) sname.length, (char *) sname.value, + (int) tname.length, (char *) tname.value, lifetime, + context_flags, + (is_local) ? "locally initiated" : "remotely initiated", + (is_open) ? "open" : "closed"); + + (void) gss_release_name(&min_stat, &src_name); + (void) gss_release_name(&min_stat, &targ_name); + (void) gss_release_buffer(&min_stat, &sname); + (void) gss_release_buffer(&min_stat, &tname); + + maj_stat = gss_oid_to_str(&min_stat, name_type, &oid_name); + if (maj_stat != GSS_S_COMPLETE) { + display_status("converting oid->string", maj_stat, min_stat); + return -1; + } + printf("Name type of source name is %.*s.\n", + (int) oid_name.length, (char *) oid_name.value); + (void) gss_release_buffer(&min_stat, &oid_name); + + /* Now get the names supported by the mechanism */ + maj_stat = gss_inquire_names_for_mech(&min_stat, + mechanism, &mech_names); + if (maj_stat != GSS_S_COMPLETE) { + display_status("inquiring mech names", maj_stat, min_stat); + return -1; + } + + maj_stat = gss_oid_to_str(&min_stat, mechanism, &oid_name); + if (maj_stat != GSS_S_COMPLETE) { + display_status("converting oid->string", maj_stat, min_stat); + return -1; + } + printf("Mechanism %.*s supports %d names\n", + (int) oid_name.length, (char *) oid_name.value, + (int) mech_names->count); + (void) gss_release_buffer(&min_stat, &oid_name); + + for (i = 0; i < mech_names->count; i++) { + maj_stat = gss_oid_to_str(&min_stat, + &mech_names->elements[i], &oid_name); + if (maj_stat != GSS_S_COMPLETE) { + display_status("converting oid->string", maj_stat, min_stat); + return -1; + } + printf(" %d: %.*s\n", (int) i, + (int) oid_name.length, (char *) oid_name.value); + + (void) gss_release_buffer(&min_stat, &oid_name); + } + (void) gss_release_oid_set(&min_stat, &mech_names); + } if (use_file) { - read_file(msg, &in_buf); + read_file(msg, &in_buf); } else { - /* Seal the message */ - in_buf.value = msg; - in_buf.length = strlen(msg); + /* Seal the message */ + in_buf.value = msg; + in_buf.length = strlen(msg); } for (i = 0; i < mcount; i++) { - if (wrap_flag) { - maj_stat = gss_wrap(&min_stat, context, encrypt_flag, GSS_C_QOP_DEFAULT, - &in_buf, &state, &out_buf); - if (maj_stat != GSS_S_COMPLETE) { - display_status("wrapping message", maj_stat, min_stat); - (void) close(s); - (void) gss_delete_sec_context(&min_stat, &context, GSS_C_NO_BUFFER); - return -1; - } else if (encrypt_flag && ! state) { - fprintf(stderr, "Warning! Message not encrypted.\n"); - } - } - else { - out_buf = in_buf; - } - - /* Send to server */ - if (send_token(s, (v1_format?0 - :(TOKEN_DATA | - (wrap_flag ? TOKEN_WRAPPED : 0) | - (encrypt_flag ? TOKEN_ENCRYPTED : 0) | - (mic_flag ? TOKEN_SEND_MIC : 0))), &out_buf) < 0) { - (void) close(s); - (void) gss_delete_sec_context(&min_stat, &context, GSS_C_NO_BUFFER); - return -1; - } - if (out_buf.value != in_buf.value) - (void) gss_release_buffer(&min_stat, &out_buf); - - /* Read signature block into out_buf */ - if (recv_token(s, &token_flags, &out_buf) < 0) { - (void) close(s); - (void) gss_delete_sec_context(&min_stat, &context, GSS_C_NO_BUFFER); - return -1; - } - - if (mic_flag) { - /* Verify signature block */ - maj_stat = gss_verify_mic(&min_stat, context, &in_buf, - &out_buf, &qop_state); - if (maj_stat != GSS_S_COMPLETE) { - display_status("verifying signature", maj_stat, min_stat); - (void) close(s); - (void) gss_delete_sec_context(&min_stat, &context, GSS_C_NO_BUFFER); - return -1; - } - - if (verbose) - printf("Signature verified.\n"); - } - else { - if (verbose) - printf("Response received.\n"); - } - - free (out_buf.value); + if (wrap_flag) { + maj_stat = + gss_wrap(&min_stat, context, encrypt_flag, GSS_C_QOP_DEFAULT, + &in_buf, &state, &out_buf); + if (maj_stat != GSS_S_COMPLETE) { + display_status("wrapping message", maj_stat, min_stat); + (void) close(s); + (void) gss_delete_sec_context(&min_stat, &context, + GSS_C_NO_BUFFER); + return -1; + } else if (encrypt_flag && !state) { + fprintf(stderr, "Warning! Message not encrypted.\n"); + } + } else { + out_buf = in_buf; + } + + /* Send to server */ + if (send_token(s, (v1_format ? 0 + : (TOKEN_DATA | + (wrap_flag ? TOKEN_WRAPPED : 0) | + (encrypt_flag ? TOKEN_ENCRYPTED : 0) | + (mic_flag ? TOKEN_SEND_MIC : 0))), + &out_buf) < 0) { + (void) close(s); + (void) gss_delete_sec_context(&min_stat, &context, + GSS_C_NO_BUFFER); + return -1; + } + if (out_buf.value != in_buf.value) + (void) gss_release_buffer(&min_stat, &out_buf); + + /* Read signature block into out_buf */ + if (recv_token(s, &token_flags, &out_buf) < 0) { + (void) close(s); + (void) gss_delete_sec_context(&min_stat, &context, + GSS_C_NO_BUFFER); + return -1; + } + + if (mic_flag) { + /* Verify signature block */ + maj_stat = gss_verify_mic(&min_stat, context, &in_buf, + &out_buf, &qop_state); + if (maj_stat != GSS_S_COMPLETE) { + display_status("verifying signature", maj_stat, min_stat); + (void) close(s); + (void) gss_delete_sec_context(&min_stat, &context, + GSS_C_NO_BUFFER); + return -1; + } + + if (verbose) + printf("Signature verified.\n"); + } else { + if (verbose) + printf("Response received.\n"); + } + + free(out_buf.value); } if (use_file) - free(in_buf.value); + free(in_buf.value); /* Send NOOP */ if (!v1_format) - (void) send_token(s, TOKEN_NOOP, empty_token); + (void) send_token(s, TOKEN_NOOP, empty_token); if (auth_flag) { - /* Delete context */ - maj_stat = gss_delete_sec_context(&min_stat, &context, &out_buf); - if (maj_stat != GSS_S_COMPLETE) { - display_status("deleting context", maj_stat, min_stat); - (void) close(s); - (void) gss_delete_sec_context(&min_stat, &context, GSS_C_NO_BUFFER); - return -1; - } - - (void) gss_release_buffer(&min_stat, &out_buf); + /* Delete context */ + maj_stat = gss_delete_sec_context(&min_stat, &context, &out_buf); + if (maj_stat != GSS_S_COMPLETE) { + display_status("deleting context", maj_stat, min_stat); + (void) close(s); + (void) gss_delete_sec_context(&min_stat, &context, + GSS_C_NO_BUFFER); + return -1; + } + + (void) gss_release_buffer(&min_stat, &out_buf); } (void) close(s); return 0; } -static void parse_oid(char *mechanism, gss_OID *oid) +static void +parse_oid(char *mechanism, gss_OID * oid) { - char *mechstr = 0, *cp; + char *mechstr = 0, *cp; gss_buffer_desc tok; OM_uint32 maj_stat, min_stat; - + if (isdigit((int) mechanism[0])) { - mechstr = malloc(strlen(mechanism)+5); + mechstr = malloc(strlen(mechanism) + 5); if (!mechstr) { fprintf(stderr, "Couldn't allocate mechanism scratch!\n"); return; @@ -603,7 +597,7 @@ static void parse_oid(char *mechanism, gss_OID *oid) static int max_threads = 1; #ifdef _WIN32 -static thread_count = 0; +static thread_count = 0; static HANDLE hMutex = NULL; static HANDLE hEvent = NULL; @@ -625,23 +619,23 @@ BOOL WaitAndIncrementThreadCounter(void) { for (;;) { - if (WaitForSingleObject(hMutex, INFINITE) == WAIT_OBJECT_0) { - if ( thread_count < max_threads ) { - thread_count++; - ReleaseMutex(hMutex); - return TRUE; - } else { - ReleaseMutex(hMutex); - - if (WaitForSingleObject(hEvent, INFINITE) == WAIT_OBJECT_0) { - continue; - } else { - return FALSE; - } - } - } else { - return FALSE; - } + if (WaitForSingleObject(hMutex, INFINITE) == WAIT_OBJECT_0) { + if (thread_count < max_threads) { + thread_count++; + ReleaseMutex(hMutex); + return TRUE; + } else { + ReleaseMutex(hMutex); + + if (WaitForSingleObject(hEvent, INFINITE) == WAIT_OBJECT_0) { + continue; + } else { + return FALSE; + } + } + } else { + return FALSE; + } } } @@ -649,13 +643,13 @@ BOOL DecrementAndSignalThreadCounter(void) { if (WaitForSingleObject(hMutex, INFINITE) == WAIT_OBJECT_0) { - if ( thread_count == max_threads ) - ResetEvent(hEvent); - thread_count--; - ReleaseMutex(hMutex); - return TRUE; + if (thread_count == max_threads) + ResetEvent(hEvent); + thread_count--; + ReleaseMutex(hMutex); + return TRUE; } else { - return FALSE; + return FALSE; } } #endif @@ -670,129 +664,145 @@ static gss_OID oid = GSS_C_NULL_OID; static int mcount = 1, ccount = 1; static int auth_flag, wrap_flag, encrypt_flag, mic_flag, v1_format; -void worker_bee(void * unused) +void +worker_bee(void *unused) { if (call_server(server_host, port, oid, service_name, - gss_flags, auth_flag, wrap_flag, encrypt_flag, mic_flag, - v1_format, msg, use_file, mcount) < 0) - exit(1); + gss_flags, auth_flag, wrap_flag, encrypt_flag, mic_flag, + v1_format, msg, use_file, mcount) < 0) + exit(1); #ifdef _WIN32 - if ( max_threads > 1 ) - DecrementAndSignalThreadCounter(); + if (max_threads > 1) + DecrementAndSignalThreadCounter(); #endif } -int main(argc, argv) - int argc; - char **argv; +int +main(argc, argv) + int argc; + char **argv; { - int i; - - display_file = stdout; - auth_flag = wrap_flag = encrypt_flag = mic_flag = 1; - v1_format = 0; - - /* Parse arguments. */ - argc--; argv++; - while (argc) { - if (strcmp(*argv, "-port") == 0) { - argc--; argv++; - if (!argc) usage(); - port = atoi(*argv); - } else if (strcmp(*argv, "-mech") == 0) { - argc--; argv++; - if (!argc) usage(); - mechanism = *argv; - } + int i; + + display_file = stdout; + auth_flag = wrap_flag = encrypt_flag = mic_flag = 1; + v1_format = 0; + + /* Parse arguments. */ + argc--; + argv++; + while (argc) { + if (strcmp(*argv, "-port") == 0) { + argc--; + argv++; + if (!argc) + usage(); + port = atoi(*argv); + } else if (strcmp(*argv, "-mech") == 0) { + argc--; + argv++; + if (!argc) + usage(); + mechanism = *argv; + } #ifdef _WIN32 - else if (strcmp(*argv, "-threads") == 0) { - argc--; argv++; - if (!argc) usage(); - max_threads = atoi(*argv); - } + else if (strcmp(*argv, "-threads") == 0) { + argc--; + argv++; + if (!argc) + usage(); + max_threads = atoi(*argv); + } #endif - else if (strcmp(*argv, "-d") == 0) { - gss_flags |= GSS_C_DELEG_FLAG; - } else if (strcmp(*argv, "-seq") == 0) { - gss_flags |= GSS_C_SEQUENCE_FLAG; - } else if (strcmp(*argv, "-noreplay") == 0) { - gss_flags &= ~GSS_C_REPLAY_FLAG; - } else if (strcmp(*argv, "-nomutual") == 0) { - gss_flags &= ~GSS_C_MUTUAL_FLAG; - } else if (strcmp(*argv, "-f") == 0) { - use_file = 1; - } else if (strcmp(*argv, "-q") == 0) { - verbose = 0; - } else if (strcmp(*argv, "-ccount") == 0) { - argc--; argv++; - if (!argc) usage(); + else if (strcmp(*argv, "-d") == 0) { + gss_flags |= GSS_C_DELEG_FLAG; + } else if (strcmp(*argv, "-seq") == 0) { + gss_flags |= GSS_C_SEQUENCE_FLAG; + } else if (strcmp(*argv, "-noreplay") == 0) { + gss_flags &= ~GSS_C_REPLAY_FLAG; + } else if (strcmp(*argv, "-nomutual") == 0) { + gss_flags &= ~GSS_C_MUTUAL_FLAG; + } else if (strcmp(*argv, "-f") == 0) { + use_file = 1; + } else if (strcmp(*argv, "-q") == 0) { + verbose = 0; + } else if (strcmp(*argv, "-ccount") == 0) { + argc--; + argv++; + if (!argc) + usage(); ccount = atoi(*argv); - if (ccount <= 0) usage(); - } else if (strcmp(*argv, "-mcount") == 0) { - argc--; argv++; - if (!argc) usage(); + if (ccount <= 0) + usage(); + } else if (strcmp(*argv, "-mcount") == 0) { + argc--; + argv++; + if (!argc) + usage(); mcount = atoi(*argv); - if (mcount < 0) usage(); - } else if (strcmp(*argv, "-na") == 0) { + if (mcount < 0) + usage(); + } else if (strcmp(*argv, "-na") == 0) { auth_flag = wrap_flag = encrypt_flag = mic_flag = 0; - } else if (strcmp(*argv, "-nw") == 0) { + } else if (strcmp(*argv, "-nw") == 0) { wrap_flag = 0; - } else if (strcmp(*argv, "-nx") == 0) { + } else if (strcmp(*argv, "-nx") == 0) { encrypt_flag = 0; - } else if (strcmp(*argv, "-nm") == 0) { + } else if (strcmp(*argv, "-nm") == 0) { mic_flag = 0; - } else if (strcmp(*argv, "-v1") == 0) { + } else if (strcmp(*argv, "-v1") == 0) { v1_format = 1; - } else + } else break; - argc--; argv++; - } - if (argc != 3) - usage(); + argc--; + argv++; + } + if (argc != 3) + usage(); #ifdef _WIN32 - if (max_threads < 1) { - fprintf(stderr, "warning: there must be at least one thread\n"); - max_threads = 1; - } + if (max_threads < 1) { + fprintf(stderr, "warning: there must be at least one thread\n"); + max_threads = 1; + } #endif - server_host = *argv++; - service_name = *argv++; - msg = *argv++; + server_host = *argv++; + service_name = *argv++; + msg = *argv++; - if (mechanism) - parse_oid(mechanism, &oid); + if (mechanism) + parse_oid(mechanism, &oid); - if (max_threads == 1) { - for (i = 0; i < ccount; i++) { - worker_bee(0); - } - } else { + if (max_threads == 1) { + for (i = 0; i < ccount; i++) { + worker_bee(0); + } + } else { #ifdef _WIN32 - for (i = 0; i < ccount; i++) { - if ( WaitAndIncrementThreadCounter() ) { - uintptr_t handle = _beginthread(worker_bee, 0, (void *)0); - if (handle == (uintptr_t)-1) { - exit(1); - } - } else { + for (i = 0; i < ccount; i++) { + if (WaitAndIncrementThreadCounter()) { + uintptr_t handle = _beginthread(worker_bee, 0, (void *) 0); + if (handle == (uintptr_t) - 1) { exit(1); - } - } + } + } else { + exit(1); + } + } #else - /* boom */ - assert(max_threads == 1); + /* boom */ + assert(max_threads == 1); #endif - } + } + + if (oid != GSS_C_NULL_OID) + (void) gss_release_oid(&min_stat, &oid); - if (oid != GSS_C_NULL_OID) - (void) gss_release_oid(&min_stat, &oid); - #ifdef _WIN32 - CleanupHandles(); + CleanupHandles(); #endif - return 0; + return 0; } diff --git a/src/appl/gss-sample/gss-misc.c b/src/appl/gss-sample/gss-misc.c index c912792e0..fe578d1ab 100644 --- a/src/appl/gss-sample/gss-misc.c +++ b/src/appl/gss-sample/gss-misc.c @@ -78,38 +78,39 @@ static char *rcsid = "$Header$"; extern char *malloc(); #endif -FILE *display_file; +FILE *display_file; gss_buffer_desc empty_token_buf = { 0, (void *) "" }; gss_buffer_t empty_token = &empty_token_buf; -static void display_status_1 - (char *m, OM_uint32 code, int type); +static void display_status_1(char *m, OM_uint32 code, int type); -static int write_all(int fildes, char *buf, unsigned int nbyte) +static int +write_all(int fildes, char *buf, unsigned int nbyte) { - int ret; - char *ptr; - - for (ptr = buf; nbyte; ptr += ret, nbyte -= ret) { - ret = send(fildes, ptr, nbyte, 0); - if (ret < 0) { - if (errno == EINTR) - continue; - return(ret); - } else if (ret == 0) { - return(ptr-buf); - } - } - - return(ptr-buf); + int ret; + char *ptr; + + for (ptr = buf; nbyte; ptr += ret, nbyte -= ret) { + ret = send(fildes, ptr, nbyte, 0); + if (ret < 0) { + if (errno == EINTR) + continue; + return (ret); + } else if (ret == 0) { + return (ptr - buf); + } + } + + return (ptr - buf); } -static int read_all(int fildes, char *buf, unsigned int nbyte) +static int +read_all(int fildes, char *buf, unsigned int nbyte) { - int ret; - char *ptr; - fd_set rfds; + int ret; + char *ptr; + fd_set rfds; struct timeval tv; FD_ZERO(&rfds); @@ -120,18 +121,18 @@ static int read_all(int fildes, char *buf, unsigned int nbyte) for (ptr = buf; nbyte; ptr += ret, nbyte -= ret) { if (select(FD_SETSIZE, &rfds, NULL, NULL, &tv) <= 0 || !FD_ISSET(fildes, &rfds)) - return(ptr-buf); + return (ptr - buf); ret = recv(fildes, ptr, nbyte, 0); if (ret < 0) { if (errno == EINTR) continue; - return(ret); + return (ret); } else if (ret == 0) { - return(ptr-buf); + return (ptr - buf); } } - return(ptr-buf); + return (ptr - buf); } /* @@ -155,54 +156,54 @@ static int read_all(int fildes, char *buf, unsigned int nbyte) * written to the file descriptor s. It returns 0 on success, and -1 * if an error occurs or if it could not write all the data. */ -int send_token(s, flags, tok) - int s; - int flags; - gss_buffer_t tok; +int +send_token(s, flags, tok) + int s; + int flags; + gss_buffer_t tok; { - int ret; - unsigned char char_flags = (unsigned char) flags; - unsigned char lenbuf[4]; - - if (char_flags) { - ret = write_all(s, (char *)&char_flags, 1); - if (ret != 1) { - perror("sending token flags"); - return -1; - } - } - if (tok->length > 0xffffffffUL) - abort(); - lenbuf[0] = (tok->length >> 24) & 0xff; - lenbuf[1] = (tok->length >> 16) & 0xff; - lenbuf[2] = (tok->length >> 8) & 0xff; - lenbuf[3] = tok->length & 0xff; - - ret = write_all(s, lenbuf, 4); - if (ret < 0) { - perror("sending token length"); - return -1; - } else if (ret != 4) { - if (display_file) - fprintf(display_file, - "sending token length: %d of %d bytes written\n", - ret, 4); - return -1; - } - - ret = write_all(s, tok->value, tok->length); - if (ret < 0) { - perror("sending token data"); - return -1; - } else if (ret != tok->length) { - if (display_file) - fprintf(display_file, - "sending token data: %d of %d bytes written\n", - ret, (int) tok->length); - return -1; - } - - return 0; + int ret; + unsigned char char_flags = (unsigned char) flags; + unsigned char lenbuf[4]; + + if (char_flags) { + ret = write_all(s, (char *) &char_flags, 1); + if (ret != 1) { + perror("sending token flags"); + return -1; + } + } + if (tok->length > 0xffffffffUL) + abort(); + lenbuf[0] = (tok->length >> 24) & 0xff; + lenbuf[1] = (tok->length >> 16) & 0xff; + lenbuf[2] = (tok->length >> 8) & 0xff; + lenbuf[3] = tok->length & 0xff; + + ret = write_all(s, lenbuf, 4); + if (ret < 0) { + perror("sending token length"); + return -1; + } else if (ret != 4) { + if (display_file) + fprintf(display_file, + "sending token length: %d of %d bytes written\n", ret, 4); + return -1; + } + + ret = write_all(s, tok->value, tok->length); + if (ret < 0) { + perror("sending token data"); + return -1; + } else if (ret != tok->length) { + if (display_file) + fprintf(display_file, + "sending token data: %d of %d bytes written\n", + ret, (int) tok->length); + return -1; + } + + return 0; } /* @@ -228,104 +229,101 @@ int send_token(s, flags, tok) * should be freed with gss_release_buffer. It returns 0 on success, * and -1 if an error occurs or if it could not read all the data. */ -int recv_token(s, flags, tok) - int s; - int *flags; - gss_buffer_t tok; +int +recv_token(s, flags, tok) + int s; + int *flags; + gss_buffer_t tok; { - int ret; - unsigned char char_flags; - unsigned char lenbuf[4]; - - ret = read_all(s, (char *) &char_flags, 1); - if (ret < 0) { - perror("reading token flags"); - return -1; - } else if (! ret) { - if (display_file) - fputs("reading token flags: 0 bytes read\n", display_file); - return -1; - } else { - *flags = (int) char_flags; - } - - if (char_flags == 0 ) { - lenbuf[0] = 0; - ret = read_all(s, &lenbuf[1], 3); - if (ret < 0) { - perror("reading token length"); - return -1; - } else if (ret != 3) { - if (display_file) - fprintf(display_file, - "reading token length: %d of %d bytes read\n", - ret, 3); - return -1; - } - } - else { - ret = read_all(s, lenbuf, 4); - if (ret < 0) { - perror("reading token length"); - return -1; - } else if (ret != 4) { - if (display_file) - fprintf(display_file, - "reading token length: %d of %d bytes read\n", - ret, 4); - return -1; - } - } - - tok->length = ((lenbuf[0] << 24) - | (lenbuf[1] << 16) - | (lenbuf[2] << 8) - | lenbuf[3]); - tok->value = (char *) malloc(tok->length ? tok->length : 1); - if (tok->length && tok->value == NULL) { - if (display_file) - fprintf(display_file, - "Out of memory allocating token data\n"); - return -1; - } - - ret = read_all(s, (char *) tok->value, tok->length); - if (ret < 0) { - perror("reading token data"); - free(tok->value); - return -1; - } else if (ret != tok->length) { - fprintf(stderr, "sending token data: %d of %d bytes written\n", - ret, (int) tok->length); - free(tok->value); - return -1; - } - - return 0; + int ret; + unsigned char char_flags; + unsigned char lenbuf[4]; + + ret = read_all(s, (char *) &char_flags, 1); + if (ret < 0) { + perror("reading token flags"); + return -1; + } else if (!ret) { + if (display_file) + fputs("reading token flags: 0 bytes read\n", display_file); + return -1; + } else { + *flags = (int) char_flags; + } + + if (char_flags == 0) { + lenbuf[0] = 0; + ret = read_all(s, &lenbuf[1], 3); + if (ret < 0) { + perror("reading token length"); + return -1; + } else if (ret != 3) { + if (display_file) + fprintf(display_file, + "reading token length: %d of %d bytes read\n", ret, 3); + return -1; + } + } else { + ret = read_all(s, lenbuf, 4); + if (ret < 0) { + perror("reading token length"); + return -1; + } else if (ret != 4) { + if (display_file) + fprintf(display_file, + "reading token length: %d of %d bytes read\n", ret, 4); + return -1; + } + } + + tok->length = ((lenbuf[0] << 24) + | (lenbuf[1] << 16) + | (lenbuf[2] << 8) + | lenbuf[3]); + tok->value = (char *) malloc(tok->length ? tok->length : 1); + if (tok->length && tok->value == NULL) { + if (display_file) + fprintf(display_file, "Out of memory allocating token data\n"); + return -1; + } + + ret = read_all(s, (char *) tok->value, tok->length); + if (ret < 0) { + perror("reading token data"); + free(tok->value); + return -1; + } else if (ret != tok->length) { + fprintf(stderr, "sending token data: %d of %d bytes written\n", + ret, (int) tok->length); + free(tok->value); + return -1; + } + + return 0; } -static void display_status_1(m, code, type) - char *m; - OM_uint32 code; - int type; +static void +display_status_1(m, code, type) + char *m; + OM_uint32 code; + int type; { - OM_uint32 maj_stat, min_stat; - gss_buffer_desc msg; - OM_uint32 msg_ctx; - - msg_ctx = 0; - while (1) { - maj_stat = gss_display_status(&min_stat, code, - type, GSS_C_NULL_OID, - &msg_ctx, &msg); - if (display_file) - fprintf(display_file, "GSS-API error %s: %s\n", m, - (char *)msg.value); - (void) gss_release_buffer(&min_stat, &msg); - - if (!msg_ctx) - break; - } + OM_uint32 maj_stat, min_stat; + gss_buffer_desc msg; + OM_uint32 msg_ctx; + + msg_ctx = 0; + while (1) { + maj_stat = gss_display_status(&min_stat, code, + type, GSS_C_NULL_OID, &msg_ctx, &msg); + if (display_file) + fprintf(display_file, "GSS-API error %s: %s\n", m, + (char *) msg.value); + (void) gss_release_buffer(&min_stat, &msg); + + if (!msg_ctx) + break; + } } /* @@ -345,13 +343,14 @@ static void display_status_1(m, code, type) * displayed on stderr, each preceeded by "GSS-API error : " and * followed by a newline. */ -void display_status(msg, maj_stat, min_stat) - char *msg; - OM_uint32 maj_stat; - OM_uint32 min_stat; +void +display_status(msg, maj_stat, min_stat) + char *msg; + OM_uint32 maj_stat; + OM_uint32 min_stat; { - display_status_1(msg, maj_stat, GSS_C_GSS_CODE); - display_status_1(msg, min_stat, GSS_C_MECH_CODE); + display_status_1(msg, maj_stat, GSS_C_GSS_CODE); + display_status_1(msg, min_stat, GSS_C_MECH_CODE); } /* @@ -370,32 +369,34 @@ void display_status(msg, maj_stat, min_stat) * stdout, preceded by "context flag: " and followed by a newline */ -void display_ctx_flags(flags) - OM_uint32 flags; +void +display_ctx_flags(flags) + OM_uint32 flags; { - if (flags & GSS_C_DELEG_FLAG) - fprintf(display_file, "context flag: GSS_C_DELEG_FLAG\n"); - if (flags & GSS_C_MUTUAL_FLAG) - fprintf(display_file, "context flag: GSS_C_MUTUAL_FLAG\n"); - if (flags & GSS_C_REPLAY_FLAG) - fprintf(display_file, "context flag: GSS_C_REPLAY_FLAG\n"); - if (flags & GSS_C_SEQUENCE_FLAG) - fprintf(display_file, "context flag: GSS_C_SEQUENCE_FLAG\n"); - if (flags & GSS_C_CONF_FLAG ) - fprintf(display_file, "context flag: GSS_C_CONF_FLAG \n"); - if (flags & GSS_C_INTEG_FLAG ) - fprintf(display_file, "context flag: GSS_C_INTEG_FLAG \n"); + if (flags & GSS_C_DELEG_FLAG) + fprintf(display_file, "context flag: GSS_C_DELEG_FLAG\n"); + if (flags & GSS_C_MUTUAL_FLAG) + fprintf(display_file, "context flag: GSS_C_MUTUAL_FLAG\n"); + if (flags & GSS_C_REPLAY_FLAG) + fprintf(display_file, "context flag: GSS_C_REPLAY_FLAG\n"); + if (flags & GSS_C_SEQUENCE_FLAG) + fprintf(display_file, "context flag: GSS_C_SEQUENCE_FLAG\n"); + if (flags & GSS_C_CONF_FLAG) + fprintf(display_file, "context flag: GSS_C_CONF_FLAG \n"); + if (flags & GSS_C_INTEG_FLAG) + fprintf(display_file, "context flag: GSS_C_INTEG_FLAG \n"); } -void print_token(tok) - gss_buffer_t tok; +void +print_token(tok) + gss_buffer_t tok; { - int i; + int i; unsigned char *p = tok->value; if (!display_file) return; - for (i=0; i < tok->length; i++, p++) { + for (i = 0; i < tok->length; i++, p++) { fprintf(display_file, "%02x ", *p); if ((i % 16) == 15) { fprintf(display_file, "\n"); @@ -409,7 +410,8 @@ void print_token(tok) #include #include -int gettimeofday (struct timeval *tv, void *ignore_tz) +int +gettimeofday(struct timeval *tv, void *ignore_tz) { struct _timeb tb; _tzset(); diff --git a/src/appl/gss-sample/gss-server.c b/src/appl/gss-sample/gss-server.c index dae67afa2..4297ca243 100644 --- a/src/appl/gss-sample/gss-server.c +++ b/src/appl/gss-sample/gss-server.c @@ -65,20 +65,22 @@ #include #endif -static void usage() +static void +usage() { - fprintf(stderr, "Usage: gss-server [-port port] [-verbose] [-once]"); + fprintf(stderr, "Usage: gss-server [-port port] [-verbose] [-once]"); #ifdef _WIN32 - fprintf(stderr, " [-threads num]"); + fprintf(stderr, " [-threads num]"); #endif - fprintf(stderr, "\n"); - fprintf(stderr, " [-inetd] [-export] [-logfile file] service_name\n"); - exit(1); + fprintf(stderr, "\n"); + fprintf(stderr, + " [-inetd] [-export] [-logfile file] service_name\n"); + exit(1); } -FILE *log; +FILE *log; -int verbose = 0; +int verbose = 0; /* * Function: server_acquire_creds @@ -99,34 +101,35 @@ int verbose = 0; * fails, an error message is displayed and -1 is returned; otherwise, * 0 is returned. */ -static int server_acquire_creds(service_name, server_creds) - char *service_name; - gss_cred_id_t *server_creds; +static int +server_acquire_creds(service_name, server_creds) + char *service_name; + gss_cred_id_t *server_creds; { - gss_buffer_desc name_buf; - gss_name_t server_name; - OM_uint32 maj_stat, min_stat; - - name_buf.value = service_name; - name_buf.length = strlen(name_buf.value) + 1; - maj_stat = gss_import_name(&min_stat, &name_buf, - (gss_OID) gss_nt_service_name, &server_name); - if (maj_stat != GSS_S_COMPLETE) { - display_status("importing name", maj_stat, min_stat); - return -1; - } - - maj_stat = gss_acquire_cred(&min_stat, server_name, 0, - GSS_C_NULL_OID_SET, GSS_C_ACCEPT, - server_creds, NULL, NULL); - if (maj_stat != GSS_S_COMPLETE) { - display_status("acquiring credentials", maj_stat, min_stat); - return -1; - } - - (void) gss_release_name(&min_stat, &server_name); - - return 0; + gss_buffer_desc name_buf; + gss_name_t server_name; + OM_uint32 maj_stat, min_stat; + + name_buf.value = service_name; + name_buf.length = strlen(name_buf.value) + 1; + maj_stat = gss_import_name(&min_stat, &name_buf, + (gss_OID) gss_nt_service_name, &server_name); + if (maj_stat != GSS_S_COMPLETE) { + display_status("importing name", maj_stat, min_stat); + return -1; + } + + maj_stat = gss_acquire_cred(&min_stat, server_name, 0, + GSS_C_NULL_OID_SET, GSS_C_ACCEPT, + server_creds, NULL, NULL); + if (maj_stat != GSS_S_COMPLETE) { + display_status("acquiring credentials", maj_stat, min_stat); + return -1; + } + + (void) gss_release_name(&min_stat, &server_name); + + return 0; } /* @@ -152,132 +155,123 @@ static int server_acquire_creds(service_name, server_creds) * in client_name and 0 is returned. If unsuccessful, an error * message is displayed and -1 is returned. */ -static int server_establish_context(s, server_creds, context, client_name, - ret_flags) - int s; - gss_cred_id_t server_creds; - gss_ctx_id_t *context; - gss_buffer_t client_name; - OM_uint32 *ret_flags; +static int +server_establish_context(s, server_creds, context, client_name, ret_flags) + int s; + gss_cred_id_t server_creds; + gss_ctx_id_t *context; + gss_buffer_t client_name; + OM_uint32 *ret_flags; { - gss_buffer_desc send_tok, recv_tok; - gss_name_t client; - gss_OID doid; - OM_uint32 maj_stat, min_stat, acc_sec_min_stat; - gss_buffer_desc oid_name; - int token_flags; - - if (recv_token(s, &token_flags, &recv_tok) < 0) - return -1; - - if (recv_tok.value) { - free (recv_tok.value); - recv_tok.value = NULL; - } - - if (! (token_flags & TOKEN_NOOP)) { - if (log) - fprintf(log, "Expected NOOP token, got %d token instead\n", - token_flags); - return -1; - } - - *context = GSS_C_NO_CONTEXT; - - if (token_flags & TOKEN_CONTEXT_NEXT) { - do { - if (recv_token(s, &token_flags, &recv_tok) < 0) - return -1; - - if (verbose && log) { - fprintf(log, "Received token (size=%d): \n", (int) recv_tok.length); - print_token(&recv_tok); - } - - maj_stat = - gss_accept_sec_context(&acc_sec_min_stat, - context, - server_creds, - &recv_tok, - GSS_C_NO_CHANNEL_BINDINGS, - &client, - &doid, - &send_tok, - ret_flags, - NULL, /* ignore time_rec */ - NULL); /* ignore del_cred_handle */ - - if(recv_tok.value) { - free(recv_tok.value); - recv_tok.value = NULL; - } - - if (send_tok.length != 0) { - if (verbose && log) { - fprintf(log, - "Sending accept_sec_context token (size=%d):\n", - (int) send_tok.length); - print_token(&send_tok); - } - if (send_token(s, TOKEN_CONTEXT, &send_tok) < 0) { - if (log) - fprintf(log, "failure sending token\n"); - return -1; - } - - (void) gss_release_buffer(&min_stat, &send_tok); - } - if (maj_stat!=GSS_S_COMPLETE && maj_stat!=GSS_S_CONTINUE_NEEDED) { - display_status("accepting context", maj_stat, - acc_sec_min_stat); - if (*context != GSS_C_NO_CONTEXT) - gss_delete_sec_context(&min_stat, context, - GSS_C_NO_BUFFER); - return -1; - } - - if (verbose && log) { - if (maj_stat == GSS_S_CONTINUE_NEEDED) - fprintf(log, "continue needed...\n"); - else - fprintf(log, "\n"); - fflush(log); - } - } while (maj_stat == GSS_S_CONTINUE_NEEDED); - - /* display the flags */ - display_ctx_flags(*ret_flags); - - if (verbose && log) { - maj_stat = gss_oid_to_str(&min_stat, doid, &oid_name); - if (maj_stat != GSS_S_COMPLETE) { - display_status("converting oid->string", maj_stat, min_stat); - return -1; - } - fprintf(log, "Accepted connection using mechanism OID %.*s.\n", - (int) oid_name.length, (char *) oid_name.value); - (void) gss_release_buffer(&min_stat, &oid_name); - } - - maj_stat = gss_display_name(&min_stat, client, client_name, &doid); - if (maj_stat != GSS_S_COMPLETE) { - display_status("displaying name", maj_stat, min_stat); - return -1; - } - maj_stat = gss_release_name(&min_stat, &client); - if (maj_stat != GSS_S_COMPLETE) { - display_status("releasing name", maj_stat, min_stat); - return -1; - } - } - else { - client_name->length = *ret_flags = 0; - - if (log) - fprintf(log, "Accepted unauthenticated connection.\n"); - } - - return 0; + gss_buffer_desc send_tok, recv_tok; + gss_name_t client; + gss_OID doid; + OM_uint32 maj_stat, min_stat, acc_sec_min_stat; + gss_buffer_desc oid_name; + int token_flags; + + if (recv_token(s, &token_flags, &recv_tok) < 0) + return -1; + + if (recv_tok.value) { + free(recv_tok.value); + recv_tok.value = NULL; + } + + if (!(token_flags & TOKEN_NOOP)) { + if (log) + fprintf(log, "Expected NOOP token, got %d token instead\n", + token_flags); + return -1; + } + + *context = GSS_C_NO_CONTEXT; + + if (token_flags & TOKEN_CONTEXT_NEXT) { + do { + if (recv_token(s, &token_flags, &recv_tok) < 0) + return -1; + + if (verbose && log) { + fprintf(log, "Received token (size=%d): \n", + (int) recv_tok.length); + print_token(&recv_tok); + } + + maj_stat = gss_accept_sec_context(&acc_sec_min_stat, context, server_creds, &recv_tok, GSS_C_NO_CHANNEL_BINDINGS, &client, &doid, &send_tok, ret_flags, NULL, /* ignore time_rec */ + NULL); /* ignore del_cred_handle */ + + if (recv_tok.value) { + free(recv_tok.value); + recv_tok.value = NULL; + } + + if (send_tok.length != 0) { + if (verbose && log) { + fprintf(log, + "Sending accept_sec_context token (size=%d):\n", + (int) send_tok.length); + print_token(&send_tok); + } + if (send_token(s, TOKEN_CONTEXT, &send_tok) < 0) { + if (log) + fprintf(log, "failure sending token\n"); + return -1; + } + + (void) gss_release_buffer(&min_stat, &send_tok); + } + if (maj_stat != GSS_S_COMPLETE + && maj_stat != GSS_S_CONTINUE_NEEDED) { + display_status("accepting context", maj_stat, + acc_sec_min_stat); + if (*context != GSS_C_NO_CONTEXT) + gss_delete_sec_context(&min_stat, context, + GSS_C_NO_BUFFER); + return -1; + } + + if (verbose && log) { + if (maj_stat == GSS_S_CONTINUE_NEEDED) + fprintf(log, "continue needed...\n"); + else + fprintf(log, "\n"); + fflush(log); + } + } while (maj_stat == GSS_S_CONTINUE_NEEDED); + + /* display the flags */ + display_ctx_flags(*ret_flags); + + if (verbose && log) { + maj_stat = gss_oid_to_str(&min_stat, doid, &oid_name); + if (maj_stat != GSS_S_COMPLETE) { + display_status("converting oid->string", maj_stat, min_stat); + return -1; + } + fprintf(log, "Accepted connection using mechanism OID %.*s.\n", + (int) oid_name.length, (char *) oid_name.value); + (void) gss_release_buffer(&min_stat, &oid_name); + } + + maj_stat = gss_display_name(&min_stat, client, client_name, &doid); + if (maj_stat != GSS_S_COMPLETE) { + display_status("displaying name", maj_stat, min_stat); + return -1; + } + maj_stat = gss_release_name(&min_stat, &client); + if (maj_stat != GSS_S_COMPLETE) { + display_status("releasing name", maj_stat, min_stat); + return -1; + } + } else { + client_name->length = *ret_flags = 0; + + if (log) + fprintf(log, "Accepted unauthenticated connection.\n"); + } + + return 0; } /* @@ -296,41 +290,43 @@ static int server_establish_context(s, server_creds, context, client_name, * A listening socket on the specified port and created and returned. * On error, an error message is displayed and -1 is returned. */ -static int create_socket(port) - u_short port; +static int +create_socket(port) + u_short port; { - struct sockaddr_in saddr; - int s; - int on = 1; - - saddr.sin_family = AF_INET; - saddr.sin_port = htons(port); - saddr.sin_addr.s_addr = INADDR_ANY; - - if ((s = socket(AF_INET, SOCK_STREAM, 0)) < 0) { - perror("creating socket"); - return -1; - } - /* Let the socket be reused right away */ - (void) setsockopt(s, SOL_SOCKET, SO_REUSEADDR, (char *)&on, sizeof(on)); - if (bind(s, (struct sockaddr *) &saddr, sizeof(saddr)) < 0) { - perror("binding socket"); - (void) close(s); - return -1; - } - if (listen(s, 5) < 0) { - perror("listening on socket"); - (void) close(s); - return -1; - } - return s; + struct sockaddr_in saddr; + int s; + int on = 1; + + saddr.sin_family = AF_INET; + saddr.sin_port = htons(port); + saddr.sin_addr.s_addr = INADDR_ANY; + + if ((s = socket(AF_INET, SOCK_STREAM, 0)) < 0) { + perror("creating socket"); + return -1; + } + /* Let the socket be reused right away */ + (void) setsockopt(s, SOL_SOCKET, SO_REUSEADDR, (char *) &on, sizeof(on)); + if (bind(s, (struct sockaddr *) &saddr, sizeof(saddr)) < 0) { + perror("binding socket"); + (void) close(s); + return -1; + } + if (listen(s, 5) < 0) { + perror("listening on socket"); + (void) close(s); + return -1; + } + return s; } -static float timeval_subtract(tv1, tv2) - struct timeval *tv1, *tv2; +static float +timeval_subtract(tv1, tv2) + struct timeval *tv1, *tv2; { - return ((tv1->tv_sec - tv2->tv_sec) + - ((float) (tv1->tv_usec - tv2->tv_usec)) / 1000000); + return ((tv1->tv_sec - tv2->tv_sec) + + ((float) (tv1->tv_usec - tv2->tv_usec)) / 1000000); } /* @@ -338,47 +334,47 @@ static float timeval_subtract(tv1, tv2) * DO NOT REMOVE THIS UNTIL A BETTER TEST HAS BEEN WRITTEN, THOUGH. * -TYT */ -static int test_import_export_context(context) - gss_ctx_id_t *context; +static int +test_import_export_context(context) + gss_ctx_id_t *context; { - OM_uint32 min_stat, maj_stat; - gss_buffer_desc context_token, copied_token; - struct timeval tm1, tm2; - - /* - * Attempt to save and then restore the context. - */ - gettimeofday(&tm1, (struct timezone *)0); - maj_stat = gss_export_sec_context(&min_stat, context, &context_token); - if (maj_stat != GSS_S_COMPLETE) { - display_status("exporting context", maj_stat, min_stat); - return 1; - } - gettimeofday(&tm2, (struct timezone *)0); - if (verbose && log) - fprintf(log, "Exported context: %d bytes, %7.4f seconds\n", - (int) context_token.length, - timeval_subtract(&tm2, &tm1)); - copied_token.length = context_token.length; - copied_token.value = malloc(context_token.length); - if (copied_token.value == 0) { - if (log) + OM_uint32 min_stat, maj_stat; + gss_buffer_desc context_token, copied_token; + struct timeval tm1, tm2; + + /* + * Attempt to save and then restore the context. + */ + gettimeofday(&tm1, (struct timezone *) 0); + maj_stat = gss_export_sec_context(&min_stat, context, &context_token); + if (maj_stat != GSS_S_COMPLETE) { + display_status("exporting context", maj_stat, min_stat); + return 1; + } + gettimeofday(&tm2, (struct timezone *) 0); + if (verbose && log) + fprintf(log, "Exported context: %d bytes, %7.4f seconds\n", + (int) context_token.length, timeval_subtract(&tm2, &tm1)); + copied_token.length = context_token.length; + copied_token.value = malloc(context_token.length); + if (copied_token.value == 0) { + if (log) fprintf(log, "Couldn't allocate memory to copy context token.\n"); - return 1; - } - memcpy(copied_token.value, context_token.value, copied_token.length); - maj_stat = gss_import_sec_context(&min_stat, &copied_token, context); - if (maj_stat != GSS_S_COMPLETE) { - display_status("importing context", maj_stat, min_stat); - return 1; - } - free(copied_token.value); - gettimeofday(&tm1, (struct timezone *)0); - if (verbose && log) - fprintf(log, "Importing context: %7.4f seconds\n", - timeval_subtract(&tm1, &tm2)); - (void) gss_release_buffer(&min_stat, &context_token); - return 0; + return 1; + } + memcpy(copied_token.value, context_token.value, copied_token.length); + maj_stat = gss_import_sec_context(&min_stat, &copied_token, context); + if (maj_stat != GSS_S_COMPLETE) { + display_status("importing context", maj_stat, min_stat); + return 1; + } + free(copied_token.value); + gettimeofday(&tm1, (struct timezone *) 0); + if (verbose && log) + fprintf(log, "Importing context: %7.4f seconds\n", + timeval_subtract(&tm1, &tm2)); + (void) gss_release_buffer(&min_stat, &context_token); + return 0; } /* @@ -407,158 +403,157 @@ static int test_import_export_context(context) * * If any error occurs, -1 is returned. */ -static int sign_server(s, server_creds, export) - int s; - gss_cred_id_t server_creds; - int export; +static int +sign_server(s, server_creds, export) + int s; + gss_cred_id_t server_creds; + int export; { gss_buffer_desc client_name, xmit_buf, msg_buf; gss_ctx_id_t context; OM_uint32 maj_stat, min_stat; - int i, conf_state, ret_flags; - char *cp; - int token_flags; + int i, conf_state, ret_flags; + char *cp; + int token_flags; /* Establish a context with the client */ if (server_establish_context(s, server_creds, &context, - &client_name, &ret_flags) < 0) - return(-1); + &client_name, &ret_flags) < 0) + return (-1); if (context == GSS_C_NO_CONTEXT) { - printf("Accepted unauthenticated connection.\n"); - } - else { - printf("Accepted connection: \"%.*s\"\n", - (int) client_name.length, (char *) client_name.value); - (void) gss_release_buffer(&min_stat, &client_name); - - if (export) { - for (i=0; i < 3; i++) - if (test_import_export_context(&context)) - return -1; - } + printf("Accepted unauthenticated connection.\n"); + } else { + printf("Accepted connection: \"%.*s\"\n", + (int) client_name.length, (char *) client_name.value); + (void) gss_release_buffer(&min_stat, &client_name); + + if (export) { + for (i = 0; i < 3; i++) + if (test_import_export_context(&context)) + return -1; + } } do { - /* Receive the message token */ - if (recv_token(s, &token_flags, &xmit_buf) < 0) - return(-1); - - if (token_flags & TOKEN_NOOP) { - if (log) - fprintf(log, "NOOP token\n"); - if(xmit_buf.value) { - free(xmit_buf.value); - xmit_buf.value = 0; - } - break; - } - - if (verbose && log) { - fprintf(log, "Message token (flags=%d):\n", token_flags); - print_token(&xmit_buf); - } - - if ((context == GSS_C_NO_CONTEXT) && - ( token_flags & (TOKEN_WRAPPED|TOKEN_ENCRYPTED|TOKEN_SEND_MIC))) { - if (log) - fprintf(log, - "Unauthenticated client requested authenticated services!\n"); - if(xmit_buf.value) { - free (xmit_buf.value); - xmit_buf.value = 0; - } - return(-1); - } - - if (token_flags & TOKEN_WRAPPED) { - maj_stat = gss_unwrap(&min_stat, context, &xmit_buf, &msg_buf, - &conf_state, (gss_qop_t *) NULL); - if (maj_stat != GSS_S_COMPLETE) { - display_status("unsealing message", maj_stat, min_stat); - if(xmit_buf.value) { - free (xmit_buf.value); - xmit_buf.value = 0; - } - return(-1); - } else if (! conf_state && (token_flags & TOKEN_ENCRYPTED)) { - fprintf(stderr, "Warning! Message not encrypted.\n"); - } - - if(xmit_buf.value) { - free (xmit_buf.value); - xmit_buf.value = 0; - } - } - else { - msg_buf = xmit_buf; - } - - if (log) { - fprintf(log, "Received message: "); - cp = msg_buf.value; - if ((isprint((int) cp[0]) || isspace((int) cp[0])) && - (isprint((int) cp[1]) || isspace((int) cp[1]))) { - fprintf(log, "\"%.*s\"\n", (int) msg_buf.length, - (char *) msg_buf.value); - } else { - fprintf(log, "\n"); - print_token(&msg_buf); - } - } - - if (token_flags & TOKEN_SEND_MIC) { - /* Produce a signature block for the message */ - maj_stat = gss_get_mic(&min_stat, context, GSS_C_QOP_DEFAULT, - &msg_buf, &xmit_buf); - if (maj_stat != GSS_S_COMPLETE) { - display_status("signing message", maj_stat, min_stat); - return(-1); - } - - if(msg_buf.value) { - free (msg_buf.value); - msg_buf.value = 0; - } - - /* Send the signature block to the client */ - if (send_token(s, TOKEN_MIC, &xmit_buf) < 0) - return(-1); - - if(xmit_buf.value) { - free (xmit_buf.value); - xmit_buf.value = 0; - } - } - else { - if(msg_buf.value) { - free (msg_buf.value); - msg_buf.value = 0; - } - if (send_token(s, TOKEN_NOOP, empty_token) < 0) - return(-1); - } - } while (1 /* loop will break if NOOP received */); + /* Receive the message token */ + if (recv_token(s, &token_flags, &xmit_buf) < 0) + return (-1); + + if (token_flags & TOKEN_NOOP) { + if (log) + fprintf(log, "NOOP token\n"); + if (xmit_buf.value) { + free(xmit_buf.value); + xmit_buf.value = 0; + } + break; + } + + if (verbose && log) { + fprintf(log, "Message token (flags=%d):\n", token_flags); + print_token(&xmit_buf); + } + + if ((context == GSS_C_NO_CONTEXT) && + (token_flags & (TOKEN_WRAPPED | TOKEN_ENCRYPTED | TOKEN_SEND_MIC))) + { + if (log) + fprintf(log, + "Unauthenticated client requested authenticated services!\n"); + if (xmit_buf.value) { + free(xmit_buf.value); + xmit_buf.value = 0; + } + return (-1); + } + + if (token_flags & TOKEN_WRAPPED) { + maj_stat = gss_unwrap(&min_stat, context, &xmit_buf, &msg_buf, + &conf_state, (gss_qop_t *) NULL); + if (maj_stat != GSS_S_COMPLETE) { + display_status("unsealing message", maj_stat, min_stat); + if (xmit_buf.value) { + free(xmit_buf.value); + xmit_buf.value = 0; + } + return (-1); + } else if (!conf_state && (token_flags & TOKEN_ENCRYPTED)) { + fprintf(stderr, "Warning! Message not encrypted.\n"); + } + + if (xmit_buf.value) { + free(xmit_buf.value); + xmit_buf.value = 0; + } + } else { + msg_buf = xmit_buf; + } + + if (log) { + fprintf(log, "Received message: "); + cp = msg_buf.value; + if ((isprint((int) cp[0]) || isspace((int) cp[0])) && + (isprint((int) cp[1]) || isspace((int) cp[1]))) { + fprintf(log, "\"%.*s\"\n", (int) msg_buf.length, + (char *) msg_buf.value); + } else { + fprintf(log, "\n"); + print_token(&msg_buf); + } + } + + if (token_flags & TOKEN_SEND_MIC) { + /* Produce a signature block for the message */ + maj_stat = gss_get_mic(&min_stat, context, GSS_C_QOP_DEFAULT, + &msg_buf, &xmit_buf); + if (maj_stat != GSS_S_COMPLETE) { + display_status("signing message", maj_stat, min_stat); + return (-1); + } + + if (msg_buf.value) { + free(msg_buf.value); + msg_buf.value = 0; + } + + /* Send the signature block to the client */ + if (send_token(s, TOKEN_MIC, &xmit_buf) < 0) + return (-1); + + if (xmit_buf.value) { + free(xmit_buf.value); + xmit_buf.value = 0; + } + } else { + if (msg_buf.value) { + free(msg_buf.value); + msg_buf.value = 0; + } + if (send_token(s, TOKEN_NOOP, empty_token) < 0) + return (-1); + } + } while (1 /* loop will break if NOOP received */ ); if (context != GSS_C_NO_CONTEXT) { - /* Delete context */ - maj_stat = gss_delete_sec_context(&min_stat, &context, NULL); - if (maj_stat != GSS_S_COMPLETE) { - display_status("deleting context", maj_stat, min_stat); - return(-1); - } + /* Delete context */ + maj_stat = gss_delete_sec_context(&min_stat, &context, NULL); + if (maj_stat != GSS_S_COMPLETE) { + display_status("deleting context", maj_stat, min_stat); + return (-1); + } } if (log) - fflush(log); + fflush(log); - return(0); + return (0); } static int max_threads = 1; #ifdef _WIN32 -static thread_count = 0; +static thread_count = 0; static HANDLE hMutex = NULL; static HANDLE hEvent = NULL; @@ -580,23 +575,23 @@ BOOL WaitAndIncrementThreadCounter(void) { for (;;) { - if (WaitForSingleObject(hMutex, INFINITE) == WAIT_OBJECT_0) { - if ( thread_count < max_threads ) { - thread_count++; - ReleaseMutex(hMutex); - return TRUE; - } else { - ReleaseMutex(hMutex); - - if (WaitForSingleObject(hEvent, INFINITE) == WAIT_OBJECT_0) { - continue; - } else { - return FALSE; - } - } - } else { - return FALSE; - } + if (WaitForSingleObject(hMutex, INFINITE) == WAIT_OBJECT_0) { + if (thread_count < max_threads) { + thread_count++; + ReleaseMutex(hMutex); + return TRUE; + } else { + ReleaseMutex(hMutex); + + if (WaitForSingleObject(hEvent, INFINITE) == WAIT_OBJECT_0) { + continue; + } else { + return FALSE; + } + } + } else { + return FALSE; + } } } @@ -604,25 +599,26 @@ BOOL DecrementAndSignalThreadCounter(void) { if (WaitForSingleObject(hMutex, INFINITE) == WAIT_OBJECT_0) { - if ( thread_count == max_threads ) - ResetEvent(hEvent); - thread_count--; - ReleaseMutex(hMutex); - return TRUE; + if (thread_count == max_threads) + ResetEvent(hEvent); + thread_count--; + ReleaseMutex(hMutex); + return TRUE; } else { - return FALSE; + return FALSE; } } #endif -struct _work_plan { - int s; - gss_cred_id_t server_creds; - int export; +struct _work_plan +{ + int s; + gss_cred_id_t server_creds; + int export; }; -void -worker_bee(void * param) +void +worker_bee(void *param) { struct _work_plan *work = (struct _work_plan *) param; @@ -634,153 +630,163 @@ worker_bee(void * param) free(work); #ifdef _WIN32 - if ( max_threads > 1 ) - DecrementAndSignalThreadCounter(); + if (max_threads > 1) + DecrementAndSignalThreadCounter(); #endif } int main(argc, argv) - int argc; - char **argv; + int argc; + char **argv; { - char *service_name; - gss_cred_id_t server_creds; - OM_uint32 min_stat; - u_short port = 4444; - int once = 0; - int do_inetd = 0; - int export = 0; - - log = stdout; - display_file = stdout; - argc--; argv++; - while (argc) { - if (strcmp(*argv, "-port") == 0) { - argc--; argv++; - if (!argc) usage(); - port = atoi(*argv); - } + char *service_name; + gss_cred_id_t server_creds; + OM_uint32 min_stat; + u_short port = 4444; + int once = 0; + int do_inetd = 0; + int export = 0; + + log = stdout; + display_file = stdout; + argc--; + argv++; + while (argc) { + if (strcmp(*argv, "-port") == 0) { + argc--; + argv++; + if (!argc) + usage(); + port = atoi(*argv); + } #ifdef _WIN32 - else if (strcmp(*argv, "-threads") == 0) { - argc--; argv++; - if (!argc) usage(); - max_threads = atoi(*argv); - } + else if (strcmp(*argv, "-threads") == 0) { + argc--; + argv++; + if (!argc) + usage(); + max_threads = atoi(*argv); + } #endif - else if (strcmp(*argv, "-verbose") == 0) { - verbose = 1; - } else if (strcmp(*argv, "-once") == 0) { - once = 1; - } else if (strcmp(*argv, "-inetd") == 0) { - do_inetd = 1; - } else if (strcmp(*argv, "-export") == 0) { - export = 1; - } else if (strcmp(*argv, "-logfile") == 0) { - argc--; argv++; - if (!argc) usage(); - /* Gross hack, but it makes it unnecessary to add an - extra argument to disable logging, and makes the code - more efficient because it doesn't actually write data - to /dev/null. */ - if (! strcmp(*argv, "/dev/null")) { + else if (strcmp(*argv, "-verbose") == 0) { + verbose = 1; + } else if (strcmp(*argv, "-once") == 0) { + once = 1; + } else if (strcmp(*argv, "-inetd") == 0) { + do_inetd = 1; + } else if (strcmp(*argv, "-export") == 0) { + export = 1; + } else if (strcmp(*argv, "-logfile") == 0) { + argc--; + argv++; + if (!argc) + usage(); + /* Gross hack, but it makes it unnecessary to add an + * extra argument to disable logging, and makes the code + * more efficient because it doesn't actually write data + * to /dev/null. */ + if (!strcmp(*argv, "/dev/null")) { log = display_file = NULL; - } - else { + } else { log = fopen(*argv, "a"); display_file = log; if (!log) { - perror(*argv); - exit(1); + perror(*argv); + exit(1); } - } - } else - break; - argc--; argv++; - } - if (argc != 1) - usage(); + } + } else + break; + argc--; + argv++; + } + if (argc != 1) + usage(); - if ((*argv)[0] == '-') - usage(); + if ((*argv)[0] == '-') + usage(); #ifdef _WIN32 if (max_threads < 1) { - fprintf(stderr, "warning: there must be at least one thread\n"); - max_threads = 1; + fprintf(stderr, "warning: there must be at least one thread\n"); + max_threads = 1; } if (max_threads > 1 && do_inetd) - fprintf(stderr, "warning: one thread may be used in conjunction with inetd\n"); + fprintf(stderr, + "warning: one thread may be used in conjunction with inetd\n"); InitHandles(); #endif - service_name = *argv; - - if (server_acquire_creds(service_name, &server_creds) < 0) - return -1; - - if (do_inetd) { - close(1); - close(2); - - sign_server(0, server_creds, export); - close(0); - } else { - int stmp; - - if ((stmp = create_socket(port)) >= 0) { - if (listen(stmp, max_threads == 1 ? 0 : max_threads) < 0) - perror("listening on socket"); - - do { - struct _work_plan * work = malloc(sizeof(struct _work_plan)); - - if ( work == NULL ) { - fprintf(stderr, "fatal error: out of memory"); - break; - } - - /* Accept a TCP connection */ - if ((work->s = accept(stmp, NULL, 0)) < 0) { - perror("accepting connection"); - continue; - } - - work->server_creds = server_creds; - work->export = export; - - if (max_threads == 1) { - worker_bee((void *)work); - } + service_name = *argv; + + if (server_acquire_creds(service_name, &server_creds) < 0) + return -1; + + if (do_inetd) { + close(1); + close(2); + + sign_server(0, server_creds, export); + close(0); + } else { + int stmp; + + if ((stmp = create_socket(port)) >= 0) { + if (listen(stmp, max_threads == 1 ? 0 : max_threads) < 0) + perror("listening on socket"); + + do { + struct _work_plan *work = malloc(sizeof(struct _work_plan)); + + if (work == NULL) { + fprintf(stderr, "fatal error: out of memory"); + break; + } + + /* Accept a TCP connection */ + if ((work->s = accept(stmp, NULL, 0)) < 0) { + perror("accepting connection"); + continue; + } + + work->server_creds = server_creds; + work->export = export; + + if (max_threads == 1) { + worker_bee((void *) work); + } #ifdef _WIN32 - else { - if ( WaitAndIncrementThreadCounter() ) { - uintptr_t handle = _beginthread(worker_bee, 0, (void *)work); - if (handle == (uintptr_t)-1) { - closesocket(work->s); - free(work); - } - } else { - fprintf(stderr, "fatal error incrementing thread counter"); - closesocket(work->s); - free(work); - break; - } - } + else { + if (WaitAndIncrementThreadCounter()) { + uintptr_t handle = + _beginthread(worker_bee, 0, (void *) work); + if (handle == (uintptr_t) - 1) { + closesocket(work->s); + free(work); + } + } else { + fprintf(stderr, + "fatal error incrementing thread counter"); + closesocket(work->s); + free(work); + break; + } + } #endif - } while (!once); - - closesocket(stmp); - } - } + } while (!once); + + closesocket(stmp); + } + } - (void) gss_release_cred(&min_stat, &server_creds); + (void) gss_release_cred(&min_stat, &server_creds); #ifdef _WIN32 CleanupHandles(); #endif - return 0; + return 0; } -- 2.26.2