24
* $Id: krb5_gss_glue.c 16268 2004-04-24 21:09:44Z raeburn $
24
* $Id: krb5_gss_glue.c 18262 2006-06-29 04:38:48Z tlyu $
27
27
#include "gssapiP_krb5.h"
29
OM_uint32 KRB5_CALLCONV
30
gss_accept_sec_context(minor_status, context_handle, verifier_cred_handle,
30
/** mechglue wrappers **/
32
static OM_uint32 k5glue_acquire_cred
33
(void *, OM_uint32*, /* minor_status */
34
gss_name_t, /* desired_name */
35
OM_uint32, /* time_req */
36
gss_OID_set, /* desired_mechs */
37
gss_cred_usage_t, /* cred_usage */
38
gss_cred_id_t*, /* output_cred_handle */
39
gss_OID_set*, /* actual_mechs */
40
OM_uint32* /* time_rec */
43
static OM_uint32 k5glue_release_cred
44
(void *, OM_uint32*, /* minor_status */
45
gss_cred_id_t* /* cred_handle */
48
static OM_uint32 k5glue_init_sec_context
49
(void *, OM_uint32*, /* minor_status */
50
gss_cred_id_t, /* claimant_cred_handle */
51
gss_ctx_id_t*, /* context_handle */
52
gss_name_t, /* target_name */
53
gss_OID, /* mech_type */
54
OM_uint32, /* req_flags */
55
OM_uint32, /* time_req */
56
gss_channel_bindings_t,
57
/* input_chan_bindings */
58
gss_buffer_t, /* input_token */
59
gss_OID*, /* actual_mech_type */
60
gss_buffer_t, /* output_token */
61
OM_uint32*, /* ret_flags */
62
OM_uint32* /* time_rec */
65
static OM_uint32 k5glue_accept_sec_context
66
(void *, OM_uint32*, /* minor_status */
67
gss_ctx_id_t*, /* context_handle */
68
gss_cred_id_t, /* verifier_cred_handle */
69
gss_buffer_t, /* input_token_buffer */
70
gss_channel_bindings_t,
71
/* input_chan_bindings */
72
gss_name_t*, /* src_name */
73
gss_OID*, /* mech_type */
74
gss_buffer_t, /* output_token */
75
OM_uint32*, /* ret_flags */
76
OM_uint32*, /* time_rec */
77
gss_cred_id_t* /* delegated_cred_handle */
80
static OM_uint32 k5glue_process_context_token
81
(void *, OM_uint32*, /* minor_status */
82
gss_ctx_id_t, /* context_handle */
83
gss_buffer_t /* token_buffer */
86
static OM_uint32 k5glue_delete_sec_context
87
(void *, OM_uint32*, /* minor_status */
88
gss_ctx_id_t*, /* context_handle */
89
gss_buffer_t /* output_token */
92
static OM_uint32 k5glue_context_time
93
(void *, OM_uint32*, /* minor_status */
94
gss_ctx_id_t, /* context_handle */
95
OM_uint32* /* time_rec */
98
static OM_uint32 k5glue_sign
99
(void *, OM_uint32*, /* minor_status */
100
gss_ctx_id_t, /* context_handle */
102
gss_buffer_t, /* message_buffer */
103
gss_buffer_t /* message_token */
106
static OM_uint32 k5glue_verify
107
(void *, OM_uint32*, /* minor_status */
108
gss_ctx_id_t, /* context_handle */
109
gss_buffer_t, /* message_buffer */
110
gss_buffer_t, /* token_buffer */
114
static OM_uint32 k5glue_seal
115
(void *, OM_uint32*, /* minor_status */
116
gss_ctx_id_t, /* context_handle */
117
int, /* conf_req_flag */
119
gss_buffer_t, /* input_message_buffer */
120
int*, /* conf_state */
121
gss_buffer_t /* output_message_buffer */
124
static OM_uint32 k5glue_unseal
125
(void *, OM_uint32*, /* minor_status */
126
gss_ctx_id_t, /* context_handle */
127
gss_buffer_t, /* input_message_buffer */
128
gss_buffer_t, /* output_message_buffer */
129
int*, /* conf_state */
133
static OM_uint32 k5glue_display_status
134
(void *, OM_uint32*, /* minor_status */
135
OM_uint32, /* status_value */
136
int, /* status_type */
137
gss_OID, /* mech_type */
138
OM_uint32*, /* message_context */
139
gss_buffer_t /* status_string */
142
static OM_uint32 k5glue_indicate_mechs
143
(void *, OM_uint32*, /* minor_status */
144
gss_OID_set* /* mech_set */
147
static OM_uint32 k5glue_compare_name
148
(void *, OM_uint32*, /* minor_status */
149
gss_name_t, /* name1 */
150
gss_name_t, /* name2 */
151
int* /* name_equal */
154
static OM_uint32 k5glue_display_name
155
(void *, OM_uint32*, /* minor_status */
156
gss_name_t, /* input_name */
157
gss_buffer_t, /* output_name_buffer */
158
gss_OID* /* output_name_type */
161
static OM_uint32 k5glue_import_name
162
(void *, OM_uint32*, /* minor_status */
163
gss_buffer_t, /* input_name_buffer */
164
gss_OID, /* input_name_type */
165
gss_name_t* /* output_name */
168
static OM_uint32 k5glue_release_name
169
(void *, OM_uint32*, /* minor_status */
170
gss_name_t* /* input_name */
173
static OM_uint32 k5glue_inquire_cred
174
(void *, OM_uint32 *, /* minor_status */
175
gss_cred_id_t, /* cred_handle */
176
gss_name_t *, /* name */
177
OM_uint32 *, /* lifetime */
178
gss_cred_usage_t*,/* cred_usage */
179
gss_OID_set * /* mechanisms */
182
static OM_uint32 k5glue_inquire_context
183
(void *, OM_uint32*, /* minor_status */
184
gss_ctx_id_t, /* context_handle */
185
gss_name_t*, /* initiator_name */
186
gss_name_t*, /* acceptor_name */
187
OM_uint32*, /* lifetime_rec */
188
gss_OID*, /* mech_type */
189
OM_uint32*, /* ret_flags */
190
int*, /* locally_initiated */
195
/* New V2 entry points */
196
static OM_uint32 k5glue_get_mic
197
(void *, OM_uint32 *, /* minor_status */
198
gss_ctx_id_t, /* context_handle */
199
gss_qop_t, /* qop_req */
200
gss_buffer_t, /* message_buffer */
201
gss_buffer_t /* message_token */
204
static OM_uint32 k5glue_verify_mic
205
(void *, OM_uint32 *, /* minor_status */
206
gss_ctx_id_t, /* context_handle */
207
gss_buffer_t, /* message_buffer */
208
gss_buffer_t, /* message_token */
209
gss_qop_t * /* qop_state */
212
static OM_uint32 k5glue_wrap
213
(void *, OM_uint32 *, /* minor_status */
214
gss_ctx_id_t, /* context_handle */
215
int, /* conf_req_flag */
216
gss_qop_t, /* qop_req */
217
gss_buffer_t, /* input_message_buffer */
218
int *, /* conf_state */
219
gss_buffer_t /* output_message_buffer */
222
static OM_uint32 k5glue_unwrap
223
(void *, OM_uint32 *, /* minor_status */
224
gss_ctx_id_t, /* context_handle */
225
gss_buffer_t, /* input_message_buffer */
226
gss_buffer_t, /* output_message_buffer */
227
int *, /* conf_state */
228
gss_qop_t * /* qop_state */
232
static OM_uint32 k5glue_wrap_size_limit
233
(void *, OM_uint32 *, /* minor_status */
234
gss_ctx_id_t, /* context_handle */
235
int, /* conf_req_flag */
236
gss_qop_t, /* qop_req */
237
OM_uint32, /* req_output_size */
238
OM_uint32 * /* max_input_size */
242
static OM_uint32 k5glue_import_name_object
243
(void *, OM_uint32 *, /* minor_status */
244
void *, /* input_name */
245
gss_OID, /* input_name_type */
246
gss_name_t * /* output_name */
249
static OM_uint32 k5glue_export_name_object
250
(void *, OM_uint32 *, /* minor_status */
251
gss_name_t, /* input_name */
252
gss_OID, /* desired_name_type */
253
void * * /* output_name */
257
static OM_uint32 k5glue_add_cred
258
(void *, OM_uint32 *, /* minor_status */
259
gss_cred_id_t, /* input_cred_handle */
260
gss_name_t, /* desired_name */
261
gss_OID, /* desired_mech */
262
gss_cred_usage_t, /* cred_usage */
263
OM_uint32, /* initiator_time_req */
264
OM_uint32, /* acceptor_time_req */
265
gss_cred_id_t *, /* output_cred_handle */
266
gss_OID_set *, /* actual_mechs */
267
OM_uint32 *, /* initiator_time_rec */
268
OM_uint32 * /* acceptor_time_rec */
271
static OM_uint32 k5glue_inquire_cred_by_mech
272
(void *, OM_uint32 *, /* minor_status */
273
gss_cred_id_t, /* cred_handle */
274
gss_OID, /* mech_type */
275
gss_name_t *, /* name */
276
OM_uint32 *, /* initiator_lifetime */
277
OM_uint32 *, /* acceptor_lifetime */
278
gss_cred_usage_t * /* cred_usage */
281
static OM_uint32 k5glue_export_sec_context
282
(void *, OM_uint32 *, /* minor_status */
283
gss_ctx_id_t *, /* context_handle */
284
gss_buffer_t /* interprocess_token */
287
static OM_uint32 k5glue_import_sec_context
288
(void *, OM_uint32 *, /* minor_status */
289
gss_buffer_t, /* interprocess_token */
290
gss_ctx_id_t * /* context_handle */
293
krb5_error_code k5glue_ser_init(krb5_context);
295
static OM_uint32 k5glue_internal_release_oid
296
(void *, OM_uint32 *, /* minor_status */
300
static OM_uint32 k5glue_inquire_names_for_mech
301
(void *, OM_uint32 *, /* minor_status */
302
gss_OID, /* mechanism */
303
gss_OID_set * /* name_types */
307
static OM_uint32 k5glue_canonicalize_name
308
(void *, OM_uint32 *, /* minor_status */
309
const gss_name_t, /* input_name */
310
const gss_OID, /* mech_type */
311
gss_name_t * /* output_name */
315
static OM_uint32 k5glue_export_name
316
(void *, OM_uint32 *, /* minor_status */
317
const gss_name_t, /* input_name */
318
gss_buffer_t /* exported_name */
322
static OM_uint32 k5glue_duplicate_name
323
(void *, OM_uint32 *, /* minor_status */
324
const gss_name_t, /* input_name */
325
gss_name_t * /* dest_name */
330
static OM_uint32 k5glue_validate_cred
331
(void *, OM_uint32 *, /* minor_status */
332
gss_cred_id_t /* cred */
337
* The krb5 mechanism provides two mech OIDs; use this initializer to
338
* ensure that both dispatch tables contain identical function
341
#define KRB5_GSS_CONFIG_INIT \
343
k5glue_acquire_cred, \
344
k5glue_release_cred, \
345
k5glue_init_sec_context, \
346
k5glue_accept_sec_context, \
347
k5glue_process_context_token, \
348
k5glue_delete_sec_context, \
349
k5glue_context_time, \
354
k5glue_display_status, \
355
k5glue_indicate_mechs, \
356
k5glue_compare_name, \
357
k5glue_display_name, \
358
k5glue_import_name, \
359
k5glue_release_name, \
360
k5glue_inquire_cred, \
362
k5glue_export_sec_context, \
363
k5glue_import_sec_context, \
364
k5glue_inquire_cred_by_mech, \
365
k5glue_inquire_names_for_mech, \
366
k5glue_inquire_context, \
367
k5glue_internal_release_oid, \
368
k5glue_wrap_size_limit, \
369
k5glue_export_name, \
370
NULL /* store_cred */
372
static struct gss_config krb5_mechanism = {
374
{ GSS_MECH_KRB5_OID_LENGTH, GSS_MECH_KRB5_OID },
378
static struct gss_config krb5_mechanism_old = {
379
200, "kerberos_v5 (pre-RFC OID)",
380
{ GSS_MECH_KRB5_OLD_OID_LENGTH, GSS_MECH_KRB5_OLD_OID },
384
static struct gss_config krb5_mechanism_wrong = {
385
300, "kerberos_v5 (wrong OID)",
386
{ GSS_MECH_KRB5_WRONG_OID_LENGTH, GSS_MECH_KRB5_WRONG_OID },
390
static gss_mechanism krb5_mech_configs[] = {
391
&krb5_mechanism, &krb5_mechanism_old, &krb5_mechanism_wrong, NULL
395
static gss_mechanism krb5_mech_configs_hack[] = {
396
&krb5_mechanism, &krb5_mechanism_old, NULL
401
#define gssint_get_mech_configs krb5_gss_get_mech_configs
405
gssint_get_mech_configs(void)
408
char *envstr = getenv("MS_FORCE_NO_MSOID");
410
if (envstr != NULL && strcmp(envstr, "1") == 0) {
411
return krb5_mech_configs_hack;
414
return krb5_mech_configs;
418
k5glue_accept_sec_context(ctx, minor_status, context_handle, verifier_cred_handle,
31
419
input_token, input_chan_bindings, src_name, mech_type,
32
420
output_token, ret_flags, time_rec, delegated_cred_handle)
33
422
OM_uint32 *minor_status;
34
423
gss_ctx_id_t *context_handle;
35
424
gss_cred_id_t verifier_cred_handle;
added
removed
src/lib/gssapi/krb5/krb5_gss_glue.c
