#include "gssapiP_eap.h"
static gss_OID_desc gssEapNtPrincipalName = {
- /* 1.3.6.1.4.1.5322.21.2.1 */
- 10, "\x2B\x06\x01\x04\x01\xA9\x4A\x15\x02\x01"
+ /* 1.3.6.1.4.1.5322.22.2.1 */
+ 10, "\x2B\x06\x01\x04\x01\xA9\x4A\x16\x02\x01"
};
gss_OID GSS_EAP_NT_PRINCIPAL_NAME = &gssEapNtPrincipalName;
const gss_buffer_t nameBuffer,
gss_name_t *pName)
{
- OM_uint32 major, tmpMinor;
+ OM_uint32 major;
krb5_context krbContext;
krb5_principal krbPrinc;
char *service, *host;
if (host != NULL) {
*host = '\0';
host++;
- }
+ }
/* XXX this is probably NOT what we want to be doing */
*minor = krb5_sname_to_principal(krbContext, host, service,
const gss_buffer_t nameBuffer,
gss_name_t *pName)
{
- OM_uint32 major, tmpMinor;
+ OM_uint32 major;
krb5_context krbContext;
krb5_principal krbPrinc;
char *nameString;
GSSEAP_KRB_INIT(&krbContext);
- major = bufferToString(minor, nameBuffer, &nameString);
- if (GSS_ERROR(major))
- return major;
+ if (nameBuffer == GSS_C_NO_BUFFER) {
+ *minor = krb5_copy_principal(krbContext,
+ krb5_anonymous_principal(), &krbPrinc);
+ if (*minor != 0)
+ return GSS_S_FAILURE;
+ } else {
+ major = bufferToString(minor, nameBuffer, &nameString);
+ if (GSS_ERROR(major))
+ return major;
- *minor = krb5_parse_name(krbContext, nameString, &krbPrinc);
- if (*minor != 0) {
- GSSEAP_FREE(nameString);
- return GSS_S_FAILURE;
+ *minor = krb5_parse_name(krbContext, nameString, &krbPrinc);
+ if (*minor != 0) {
+ GSSEAP_FREE(nameString);
+ return GSS_S_FAILURE;
+ }
}
major = krbPrincipalToName(minor, &krbPrinc, pName);
if (remain < 6 + GSS_EAP_MECHANISM->length + 4)
return GSS_S_BAD_NAME;
- if (flags & EXPORT_NAME_FLAG_ATTRS)
+ if (flags & EXPORT_NAME_FLAG_COMPOSITE)
tokType = TOK_TYPE_EXPORT_NAME_COMPOSITE;
else
tokType = TOK_TYPE_EXPORT_NAME;
if (GSS_ERROR(major))
goto cleanup;
- if (flags & EXPORT_NAME_FLAG_ATTRS) {
+ if (flags & EXPORT_NAME_FLAG_COMPOSITE) {
gss_buffer_desc buf;
CHECK_REMAIN(4);
oidEqual(nameType, GSS_EAP_NT_PRINCIPAL_NAME))
major = importUserName(minor, nameBuffer, name);
else if (oidEqual(nameType, GSS_C_NT_HOSTBASED_SERVICE) ||
- oidEqual(nameType, GSS_C_NT_HOSTBASED_SERVICE_X))
+ oidEqual(nameType, GSS_C_NT_HOSTBASED_SERVICE_X))
major = importServiceName(minor, nameBuffer, name);
else if (oidEqual(nameType, GSS_C_NT_EXPORT_NAME))
major = gssEapImportNameInternal(minor, nameBuffer, name,
else if (oidEqual(nameType, GSS_C_NT_COMPOSITE_EXPORT))
major = gssEapImportNameInternal(minor, nameBuffer, name,
EXPORT_NAME_FLAG_OID |
- EXPORT_NAME_FLAG_ATTRS);
+ EXPORT_NAME_FLAG_COMPOSITE);
#endif
else
major = GSS_S_BAD_NAMETYPE;
OM_uint32 major = GSS_S_FAILURE, tmpMinor;
krb5_context krbContext;
char *krbName = NULL;
- size_t krbNameLen;
+ size_t krbNameLen, exportedNameLen;
unsigned char *p;
gss_buffer_desc attrs = GSS_C_EMPTY_BUFFER;
exportedName->value = NULL;
GSSEAP_KRB_INIT(&krbContext);
- GSSEAP_MUTEX_LOCK(&name->mutex);
*minor = krb5_unparse_name(krbContext, name->krbPrincipal, &krbName);
if (*minor != 0) {
}
krbNameLen = strlen(krbName);
- exportedName->length = 0;
+ exportedNameLen = 0;
if (flags & EXPORT_NAME_FLAG_OID) {
- exportedName->length += 6 + GSS_EAP_MECHANISM->length;
+ exportedNameLen += 6 + GSS_EAP_MECHANISM->length;
}
- exportedName->length += 4 + krbNameLen;
- if (flags & EXPORT_NAME_FLAG_ATTRS) {
+ exportedNameLen += 4 + krbNameLen;
+ if (flags & EXPORT_NAME_FLAG_COMPOSITE) {
major = gssEapExportAttrContext(minor, name, &attrs);
if (GSS_ERROR(major))
goto cleanup;
- exportedName->length += 4 + attrs.length;
+ exportedNameLen += 4 + attrs.length;
}
- exportedName->value = GSSEAP_MALLOC(exportedName->length);
+ exportedName->value = GSSEAP_MALLOC(exportedNameLen);
if (exportedName->value == NULL) {
major = GSS_S_FAILURE;
*minor = ENOMEM;
goto cleanup;
}
+ exportedName->length = exportedNameLen;
+
p = (unsigned char *)exportedName->value;
if (flags & EXPORT_NAME_FLAG_OID) {
/* TOK | MECH_OID_LEN */
- store_uint16_be((flags & EXPORT_NAME_FLAG_ATTRS)
+ store_uint16_be((flags & EXPORT_NAME_FLAG_COMPOSITE)
? TOK_TYPE_EXPORT_NAME_COMPOSITE
: TOK_TYPE_EXPORT_NAME,
p);
memcpy(p, krbName, krbNameLen);
p += krbNameLen;
- if (flags & EXPORT_NAME_FLAG_ATTRS) {
+ if (flags & EXPORT_NAME_FLAG_COMPOSITE) {
store_uint32_be(attrs.length, p);
memcpy(&p[4], attrs.value, attrs.length);
p += 4 + attrs.length;
major = GSS_S_COMPLETE;
cleanup:
- GSSEAP_MUTEX_UNLOCK(&name->mutex);
gss_release_buffer(&tmpMinor, &attrs);
if (GSS_ERROR(major))
gss_release_buffer(&tmpMinor, exportedName);
return major;
}
+
+OM_uint32
+gssEapDuplicateName(OM_uint32 *minor,
+ const gss_name_t input_name,
+ gss_name_t *dest_name)
+{
+ OM_uint32 major, tmpMinor;
+ krb5_context krbContext;
+ gss_name_t name;
+
+ if (input_name == GSS_C_NO_NAME) {
+ *minor = EINVAL;
+ return GSS_S_CALL_INACCESSIBLE_READ | GSS_S_BAD_NAME;
+ }
+
+ GSSEAP_KRB_INIT(&krbContext);
+
+ major = gssEapAllocName(minor, &name);
+ if (GSS_ERROR(major)) {
+ return major;
+ }
+
+ *minor = krb5_copy_principal(krbContext, input_name->krbPrincipal,
+ &name->krbPrincipal);
+ if (*minor != 0) {
+ major = GSS_S_FAILURE;
+ goto cleanup;
+ }
+
+ if (input_name->attrCtx != NULL) {
+ major = gssEapDuplicateAttrContext(minor, input_name, name);
+ if (GSS_ERROR(major))
+ goto cleanup;
+ }
+
+ *dest_name = name;
+
+cleanup:
+ if (GSS_ERROR(major)) {
+ gssEapReleaseName(&tmpMinor, &name);
+ }
+
+ return major;
+}
+
+OM_uint32
+gssEapDisplayName(OM_uint32 *minor,
+ gss_name_t name,
+ gss_buffer_t output_name_buffer,
+ gss_OID *output_name_type)
+{
+ OM_uint32 major;
+ krb5_context krbContext;
+ char *krbName;
+
+ GSSEAP_KRB_INIT(&krbContext);
+
+ output_name_buffer->length = 0;
+ output_name_buffer->value = NULL;
+
+ if (name == GSS_C_NO_NAME) {
+ *minor = EINVAL;
+ return GSS_S_CALL_INACCESSIBLE_READ | GSS_S_BAD_NAME;
+ }
+
+ *minor = krb5_unparse_name(krbContext, name->krbPrincipal, &krbName);
+ if (*minor != 0) {
+ return GSS_S_FAILURE;
+ }
+
+ major = makeStringBuffer(minor, krbName, output_name_buffer);
+ if (GSS_ERROR(major)) {
+ krb5_free_unparsed_name(krbContext, krbName);
+ return major;
+ }
+
+ krb5_free_unparsed_name(krbContext, krbName);
+
+ if (output_name_type != NULL)
+ *output_name_type = GSS_EAP_NT_PRINCIPAL_NAME;
+
+ return GSS_S_COMPLETE;
+}