From a1264eff395d75645a8ce869839120ea0be8cd58 Mon Sep 17 00:00:00 2001 From: Luke Howard Date: Tue, 2 Feb 2016 15:12:58 +1100 Subject: [PATCH] Heimdal build fixes Heimdal's GSS-API uses constant context, credential and name handles in various places (including some where the handle is actually mutable, such as a context that is having its sequence state updated by a message protection operation). Conditionally define the exported API to match this. We use gss_const_XXX internally now which should not regress with MIT. Note: we really need to look at how locking is done, I think in my initial implementation I was probably a bit overzealous with the mutexes. --- build-aux/compile | 6 ++--- mech_eap/accept_sec_context.c | 28 +++++++++++++---------- mech_eap/acquire_cred.c | 4 ++++ mech_eap/add_cred.c | 5 +++++ mech_eap/add_cred_with_password.c | 5 +++++ mech_eap/canonicalize_name.c | 8 +++++-- mech_eap/compare_name.c | 5 +++++ mech_eap/context_time.c | 8 +++++-- mech_eap/display_name.c | 4 ++++ mech_eap/duplicate_name.c | 8 +++++-- mech_eap/export_name.c | 8 +++++-- mech_eap/get_mic.c | 10 ++++++++- mech_eap/gssapiP_eap.h | 8 +++---- mech_eap/init_sec_context.c | 42 +++++++++++++++++++++-------------- mech_eap/inquire_context.c | 8 +++++-- mech_eap/inquire_cred.c | 11 ++++++--- mech_eap/inquire_cred_by_mech.c | 11 ++++++--- mech_eap/inquire_cred_by_oid.c | 8 +++++-- mech_eap/inquire_mechs_for_name.c | 4 ++++ mech_eap/inquire_sec_context_by_oid.c | 14 +++++++----- mech_eap/process_context_token.c | 16 ++++++++----- mech_eap/pseudo_random.c | 2 +- mech_eap/unwrap.c | 11 ++++++--- mech_eap/util.h | 38 +++++++++++++++---------------- mech_eap/util_attr.cpp | 4 ++-- mech_eap/util_attr.h | 4 ++-- mech_eap/util_context.c | 2 +- mech_eap/util_cred.c | 14 ++++++------ mech_eap/util_krb.c | 6 ++--- mech_eap/util_lucid.c | 2 +- mech_eap/util_moonshot.c | 2 +- mech_eap/util_name.c | 16 ++++++------- mech_eap/util_sm.c | 2 +- mech_eap/verify_mic.c | 12 ++++++---- mech_eap/wrap.c | 12 ++++++---- mech_eap/wrap_iov.c | 8 +++---- mech_eap/wrap_iov_length.c | 2 +- mech_eap/wrap_size_limit.c | 8 +++++-- 38 files changed, 236 insertions(+), 130 deletions(-) diff --git a/build-aux/compile b/build-aux/compile index c0096a7..ec64c62 100755 --- a/build-aux/compile +++ b/build-aux/compile @@ -1,7 +1,7 @@ #! /bin/sh # Wrapper for compilers which do not understand `-c -o'. -scriptversion=2009-10-06.20; # UTC +scriptversion=2009-04-28.21; # UTC # Copyright (C) 1999, 2000, 2003, 2004, 2005, 2009 Free Software # Foundation, Inc. @@ -124,9 +124,9 @@ trap "rmdir '$lockdir'; exit 1" 1 2 15 ret=$? if test -f "$cofile"; then - test "$cofile" = "$ofile" || mv "$cofile" "$ofile" + mv "$cofile" "$ofile" elif test -f "${cofile}bj"; then - test "${cofile}bj" = "$ofile" || mv "${cofile}bj" "$ofile" + mv "${cofile}bj" "$ofile" fi rmdir "$lockdir" diff --git a/mech_eap/accept_sec_context.c b/mech_eap/accept_sec_context.c index 2a99732..c284e8b 100644 --- a/mech_eap/accept_sec_context.c +++ b/mech_eap/accept_sec_context.c @@ -42,7 +42,7 @@ static OM_uint32 eapGssSmAcceptGssReauth(OM_uint32 *minor, gss_cred_id_t cred, gss_ctx_id_t ctx, - gss_name_t target, + gss_const_name_t target, gss_OID mech, OM_uint32 reqFlags, OM_uint32 timeReq, @@ -135,7 +135,7 @@ static OM_uint32 eapGssSmAcceptAcceptorName(OM_uint32 *minor, gss_cred_id_t cred GSSEAP_UNUSED, gss_ctx_id_t ctx, - gss_name_t target GSSEAP_UNUSED, + gss_const_name_t target GSSEAP_UNUSED, gss_OID mech GSSEAP_UNUSED, OM_uint32 reqFlags GSSEAP_UNUSED, OM_uint32 timeReq GSSEAP_UNUSED, @@ -164,7 +164,7 @@ static OM_uint32 eapGssSmAcceptVendorInfo(OM_uint32 *minor, gss_cred_id_t cred GSSEAP_UNUSED, gss_ctx_id_t ctx GSSEAP_UNUSED, - gss_name_t target GSSEAP_UNUSED, + gss_const_name_t target GSSEAP_UNUSED, gss_OID mech GSSEAP_UNUSED, OM_uint32 reqFlags GSSEAP_UNUSED, OM_uint32 timeReq GSSEAP_UNUSED, @@ -190,7 +190,7 @@ static OM_uint32 eapGssSmAcceptIdentity(OM_uint32 *minor, gss_cred_id_t cred, gss_ctx_id_t ctx, - gss_name_t target GSSEAP_UNUSED, + gss_const_name_t target GSSEAP_UNUSED, gss_OID mech GSSEAP_UNUSED, OM_uint32 reqFlags GSSEAP_UNUSED, OM_uint32 timeReq GSSEAP_UNUSED, @@ -495,7 +495,7 @@ static OM_uint32 eapGssSmAcceptAuthenticate(OM_uint32 *minor, gss_cred_id_t cred, gss_ctx_id_t ctx, - gss_name_t target GSSEAP_UNUSED, + gss_const_name_t target GSSEAP_UNUSED, gss_OID mech GSSEAP_UNUSED, OM_uint32 reqFlags GSSEAP_UNUSED, OM_uint32 timeReq GSSEAP_UNUSED, @@ -640,7 +640,7 @@ static OM_uint32 eapGssSmAcceptGssFlags(OM_uint32 *minor, gss_cred_id_t cred GSSEAP_UNUSED, gss_ctx_id_t ctx, - gss_name_t target GSSEAP_UNUSED, + gss_const_name_t target GSSEAP_UNUSED, gss_OID mech GSSEAP_UNUSED, OM_uint32 reqFlags GSSEAP_UNUSED, OM_uint32 timeReq GSSEAP_UNUSED, @@ -674,7 +674,7 @@ static OM_uint32 eapGssSmAcceptGssChannelBindings(OM_uint32 *minor, gss_cred_id_t cred GSSEAP_UNUSED, gss_ctx_id_t ctx, - gss_name_t target GSSEAP_UNUSED, + gss_const_name_t target GSSEAP_UNUSED, gss_OID mech GSSEAP_UNUSED, OM_uint32 reqFlags GSSEAP_UNUSED, OM_uint32 timeReq GSSEAP_UNUSED, @@ -724,7 +724,7 @@ static OM_uint32 eapGssSmAcceptInitiatorMIC(OM_uint32 *minor, gss_cred_id_t cred GSSEAP_UNUSED, gss_ctx_id_t ctx, - gss_name_t target GSSEAP_UNUSED, + gss_const_name_t target GSSEAP_UNUSED, gss_OID mech GSSEAP_UNUSED, OM_uint32 reqFlags GSSEAP_UNUSED, OM_uint32 timeReq GSSEAP_UNUSED, @@ -764,7 +764,7 @@ static OM_uint32 eapGssSmAcceptReauthCreds(OM_uint32 *minor, gss_cred_id_t cred, gss_ctx_id_t ctx, - gss_name_t target GSSEAP_UNUSED, + gss_const_name_t target GSSEAP_UNUSED, gss_OID mech GSSEAP_UNUSED, OM_uint32 reqFlags GSSEAP_UNUSED, OM_uint32 timeReq GSSEAP_UNUSED, @@ -793,7 +793,7 @@ static OM_uint32 eapGssSmAcceptAcceptorMIC(OM_uint32 *minor, gss_cred_id_t cred GSSEAP_UNUSED, gss_ctx_id_t ctx, - gss_name_t target GSSEAP_UNUSED, + gss_const_name_t target GSSEAP_UNUSED, gss_OID mech GSSEAP_UNUSED, OM_uint32 reqFlags GSSEAP_UNUSED, OM_uint32 timeReq GSSEAP_UNUSED, @@ -1022,7 +1022,7 @@ static OM_uint32 eapGssSmAcceptGssReauth(OM_uint32 *minor, gss_cred_id_t cred, gss_ctx_id_t ctx, - gss_name_t target GSSEAP_UNUSED, + gss_const_name_t target GSSEAP_UNUSED, gss_OID mech, OM_uint32 reqFlags GSSEAP_UNUSED, OM_uint32 timeReq GSSEAP_UNUSED, @@ -1080,7 +1080,11 @@ eapGssSmAcceptGssReauth(OM_uint32 *minor, OM_uint32 GSSAPI_CALLCONV gss_accept_sec_context(OM_uint32 *minor, gss_ctx_id_t *context_handle, +#ifdef HAVE_HEIMDAL_VERSION + gss_const_cred_id_t cred, +#else gss_cred_id_t cred, +#endif gss_buffer_t input_token, gss_channel_bindings_t input_chan_bindings, gss_name_t *src_name, @@ -1118,7 +1122,7 @@ gss_accept_sec_context(OM_uint32 *minor, major = gssEapAcceptSecContext(minor, ctx, - cred, + (gss_cred_id_t)cred, input_token, input_chan_bindings, src_name, diff --git a/mech_eap/acquire_cred.c b/mech_eap/acquire_cred.c index ae2648e..6120532 100644 --- a/mech_eap/acquire_cred.c +++ b/mech_eap/acquire_cred.c @@ -38,7 +38,11 @@ OM_uint32 GSSAPI_CALLCONV gss_acquire_cred(OM_uint32 *minor, +#ifdef HAVE_HEIMDAL_VERSION + gss_const_name_t desired_name, +#else gss_name_t desired_name, +#endif OM_uint32 time_req, gss_OID_set desired_mechs, gss_cred_usage_t cred_usage, diff --git a/mech_eap/add_cred.c b/mech_eap/add_cred.c index 64d97c0..95a1867 100644 --- a/mech_eap/add_cred.c +++ b/mech_eap/add_cred.c @@ -43,8 +43,13 @@ */ OM_uint32 GSSAPI_CALLCONV gss_add_cred(OM_uint32 *minor, +#ifdef HAVE_HEIMDAL_VERSION + gss_const_cred_id_t input_cred_handle GSSEAP_UNUSED, + gss_const_name_t desired_name, +#else gss_cred_id_t input_cred_handle GSSEAP_UNUSED, gss_name_t desired_name, +#endif gss_OID desired_mech, gss_cred_usage_t cred_usage, OM_uint32 initiator_time_req, diff --git a/mech_eap/add_cred_with_password.c b/mech_eap/add_cred_with_password.c index b982f0d..742e562 100644 --- a/mech_eap/add_cred_with_password.c +++ b/mech_eap/add_cred_with_password.c @@ -38,8 +38,13 @@ OM_uint32 GSSAPI_CALLCONV gss_add_cred_with_password(OM_uint32 *minor, +#ifdef HAVE_HEIMDAL_VERSION + gss_const_cred_id_t input_cred_handle GSSEAP_UNUSED, + gss_const_name_t desired_name, +#else const gss_cred_id_t input_cred_handle GSSEAP_UNUSED, const gss_name_t desired_name, +#endif const gss_OID desired_mech, const gss_buffer_t password, gss_cred_usage_t cred_usage, diff --git a/mech_eap/canonicalize_name.c b/mech_eap/canonicalize_name.c index 5e66798..06ed323 100644 --- a/mech_eap/canonicalize_name.c +++ b/mech_eap/canonicalize_name.c @@ -38,7 +38,11 @@ OM_uint32 GSSAPI_CALLCONV gss_canonicalize_name(OM_uint32 *minor, +#ifdef HAVE_HEIMDAL_VERSION + gss_const_name_t input_name, +#else const gss_name_t input_name, +#endif const gss_OID mech_type, gss_name_t *output_name) { @@ -54,11 +58,11 @@ gss_canonicalize_name(OM_uint32 *minor, return GSS_S_CALL_INACCESSIBLE_READ | GSS_S_BAD_NAME; } - GSSEAP_MUTEX_LOCK(&input_name->mutex); + GSSEAP_MUTEX_LOCK(&((gss_name_t)input_name)->mutex); major = gssEapCanonicalizeName(minor, input_name, mech_type, output_name); - GSSEAP_MUTEX_UNLOCK(&input_name->mutex); + GSSEAP_MUTEX_UNLOCK(&((gss_name_t)input_name)->mutex); return major; } diff --git a/mech_eap/compare_name.c b/mech_eap/compare_name.c index 1da8354..94fcecb 100644 --- a/mech_eap/compare_name.c +++ b/mech_eap/compare_name.c @@ -38,8 +38,13 @@ OM_uint32 GSSAPI_CALLCONV gss_compare_name(OM_uint32 *minor, +#ifdef HAVE_HEIMDAL_VERSION + gss_const_name_t name1, + gss_const_name_t name2, +#else gss_name_t name1, gss_name_t name2, +#endif int *name_equal) { return gssEapCompareName(minor, name1, name2, 0, name_equal); diff --git a/mech_eap/context_time.c b/mech_eap/context_time.c index ae47d6c..86a2761 100644 --- a/mech_eap/context_time.c +++ b/mech_eap/context_time.c @@ -38,7 +38,11 @@ OM_uint32 GSSAPI_CALLCONV gss_context_time(OM_uint32 *minor, +#ifdef HAVE_HEIMDAL_VERSION + gss_const_ctx_id_t ctx, +#else gss_ctx_id_t ctx, +#endif OM_uint32 *time_rec) { OM_uint32 major; @@ -50,7 +54,7 @@ gss_context_time(OM_uint32 *minor, *minor = 0; - GSSEAP_MUTEX_LOCK(&ctx->mutex); + GSSEAP_MUTEX_LOCK(&((gss_ctx_id_t)ctx)->mutex); if (!CTX_IS_ESTABLISHED(ctx)) { *minor = GSSEAP_CONTEXT_INCOMPLETE; @@ -63,7 +67,7 @@ gss_context_time(OM_uint32 *minor, goto cleanup; cleanup: - GSSEAP_MUTEX_UNLOCK(&ctx->mutex); + GSSEAP_MUTEX_UNLOCK(&((gss_ctx_id_t)ctx)->mutex); return major; } diff --git a/mech_eap/display_name.c b/mech_eap/display_name.c index 2d87e66..b242fad 100644 --- a/mech_eap/display_name.c +++ b/mech_eap/display_name.c @@ -38,7 +38,11 @@ OM_uint32 GSSAPI_CALLCONV gss_display_name(OM_uint32 *minor, +#ifdef HAVE_HEIMDAL_VERSION + gss_const_name_t name, +#else gss_name_t name, +#endif gss_buffer_t output_name_buffer, gss_OID *output_name_type) { diff --git a/mech_eap/duplicate_name.c b/mech_eap/duplicate_name.c index 303619e..1f10c5d 100644 --- a/mech_eap/duplicate_name.c +++ b/mech_eap/duplicate_name.c @@ -38,7 +38,11 @@ OM_uint32 GSSAPI_CALLCONV gss_duplicate_name(OM_uint32 *minor, +#ifdef HAVE_HEIMDAL_VERSION + gss_const_name_t input_name, +#else const gss_name_t input_name, +#endif gss_name_t *dest_name) { OM_uint32 major; @@ -50,11 +54,11 @@ gss_duplicate_name(OM_uint32 *minor, return GSS_S_CALL_INACCESSIBLE_READ | GSS_S_BAD_NAME; } - GSSEAP_MUTEX_LOCK(&input_name->mutex); + GSSEAP_MUTEX_LOCK(&((gss_name_t)input_name)->mutex); major = gssEapDuplicateName(minor, input_name, dest_name); - GSSEAP_MUTEX_UNLOCK(&input_name->mutex); + GSSEAP_MUTEX_UNLOCK(&((gss_name_t)input_name)->mutex); return major; } diff --git a/mech_eap/export_name.c b/mech_eap/export_name.c index d91033f..5fd734d 100644 --- a/mech_eap/export_name.c +++ b/mech_eap/export_name.c @@ -38,7 +38,11 @@ OM_uint32 GSSAPI_CALLCONV gss_export_name(OM_uint32 *minor, +#ifdef HAVE_HEIMDAL_VERSION + gss_const_name_t input_name, +#else const gss_name_t input_name, +#endif gss_buffer_t exported_name) { OM_uint32 major; @@ -50,11 +54,11 @@ gss_export_name(OM_uint32 *minor, return GSS_S_CALL_INACCESSIBLE_READ | GSS_S_BAD_NAME; } - GSSEAP_MUTEX_LOCK(&input_name->mutex); + GSSEAP_MUTEX_LOCK(&((gss_name_t)input_name)->mutex); major = gssEapExportName(minor, input_name, exported_name); - GSSEAP_MUTEX_UNLOCK(&input_name->mutex); + GSSEAP_MUTEX_UNLOCK(&((gss_name_t)input_name)->mutex); return major; } diff --git a/mech_eap/get_mic.c b/mech_eap/get_mic.c index b9241a4..08dda7d 100644 --- a/mech_eap/get_mic.c +++ b/mech_eap/get_mic.c @@ -78,9 +78,17 @@ cleanup: OM_uint32 GSSAPI_CALLCONV gss_get_mic(OM_uint32 *minor, +#ifdef HAVE_HEIMDAL_VERSION + gss_const_ctx_id_t ctx, +#else gss_ctx_id_t ctx, +#endif gss_qop_t qop_req, +#ifdef HAVE_HEIMDAL_VERSION + const gss_buffer_t message_buffer, +#else gss_buffer_t message_buffer, +#endif gss_buffer_t message_token) { OM_uint32 major; @@ -93,7 +101,7 @@ gss_get_mic(OM_uint32 *minor, iov[1].buffer.value = NULL; iov[1].buffer.length = 0; - major = gss_get_mic_iov(minor, ctx, qop_req, iov, 2); + major = gss_get_mic_iov(minor, (gss_ctx_id_t)ctx, qop_req, iov, 2); if (major == GSS_S_COMPLETE) *message_token = iov[1].buffer; diff --git a/mech_eap/gssapiP_eap.h b/mech_eap/gssapiP_eap.h index bc138bf..5c5c1a9 100644 --- a/mech_eap/gssapiP_eap.h +++ b/mech_eap/gssapiP_eap.h @@ -283,7 +283,7 @@ OM_uint32 gssEapInitSecContext(OM_uint32 *minor, gss_cred_id_t cred, gss_ctx_id_t ctx, - gss_name_t target_name, + gss_const_name_t target_name, gss_OID mech_type, OM_uint32 req_flags, OM_uint32 time_req, @@ -315,7 +315,7 @@ gssEapUnwrapOrVerifyMIC(OM_uint32 *minor_status, OM_uint32 gssEapWrapIovLength(OM_uint32 *minor, - gss_ctx_id_t ctx, + gss_const_ctx_id_t ctx, int conf_req_flag, gss_qop_t qop_req, int *conf_state, @@ -333,7 +333,7 @@ gssEapWrap(OM_uint32 *minor, gss_buffer_t output_message_buffer); unsigned char -rfc4121Flags(gss_ctx_id_t ctx, int receiving); +rfc4121Flags(gss_const_ctx_id_t ctx, int receiving); /* display_status.c */ void @@ -386,7 +386,7 @@ gssEapImportContext(OM_uint32 *minor, /* pseudo_random.c */ OM_uint32 gssEapPseudoRandom(OM_uint32 *minor, - gss_ctx_id_t ctx, + gss_const_ctx_id_t ctx, int prf_key, const gss_buffer_t prf_in, gss_buffer_t prf_out); diff --git a/mech_eap/init_sec_context.c b/mech_eap/init_sec_context.c index 5774bbb..9c62f5a 100644 --- a/mech_eap/init_sec_context.c +++ b/mech_eap/init_sec_context.c @@ -543,7 +543,7 @@ initReady(OM_uint32 *minor, gss_ctx_id_t ctx) static OM_uint32 initBegin(OM_uint32 *minor, gss_ctx_id_t ctx, - gss_name_t target, + gss_const_name_t target, gss_OID mech, OM_uint32 reqFlags GSSEAP_UNUSED, OM_uint32 timeReq, @@ -571,15 +571,15 @@ initBegin(OM_uint32 *minor, return major; if (target != GSS_C_NO_NAME) { - GSSEAP_MUTEX_LOCK(&target->mutex); + GSSEAP_MUTEX_LOCK(&((gss_name_t)target)->mutex); major = gssEapDuplicateName(minor, target, &ctx->acceptorName); if (GSS_ERROR(major)) { - GSSEAP_MUTEX_UNLOCK(&target->mutex); + GSSEAP_MUTEX_LOCK(&((gss_name_t)target)->mutex); return major; } - GSSEAP_MUTEX_UNLOCK(&target->mutex); + GSSEAP_MUTEX_UNLOCK(&((gss_name_t)target)->mutex); } major = gssEapCanonicalizeOid(minor, @@ -603,7 +603,7 @@ static OM_uint32 eapGssSmInitError(OM_uint32 *minor, gss_cred_id_t cred GSSEAP_UNUSED, gss_ctx_id_t ctx GSSEAP_UNUSED, - gss_name_t target GSSEAP_UNUSED, + gss_const_name_t target GSSEAP_UNUSED, gss_OID mech GSSEAP_UNUSED, OM_uint32 reqFlags GSSEAP_UNUSED, OM_uint32 timeReq GSSEAP_UNUSED, @@ -643,7 +643,7 @@ static OM_uint32 eapGssSmInitGssReauth(OM_uint32 *minor, gss_cred_id_t cred, gss_ctx_id_t ctx, - gss_name_t target, + gss_const_name_t target, gss_OID mech GSSEAP_UNUSED, OM_uint32 reqFlags, OM_uint32 timeReq, @@ -719,7 +719,7 @@ static OM_uint32 eapGssSmInitVendorInfo(OM_uint32 *minor, gss_cred_id_t cred GSSEAP_UNUSED, gss_ctx_id_t ctx GSSEAP_UNUSED, - gss_name_t target GSSEAP_UNUSED, + gss_const_name_t target GSSEAP_UNUSED, gss_OID mech GSSEAP_UNUSED, OM_uint32 reqFlags GSSEAP_UNUSED, OM_uint32 timeReq GSSEAP_UNUSED, @@ -742,7 +742,7 @@ static OM_uint32 eapGssSmInitAcceptorName(OM_uint32 *minor, gss_cred_id_t cred GSSEAP_UNUSED, gss_ctx_id_t ctx, - gss_name_t target GSSEAP_UNUSED, + gss_const_name_t target GSSEAP_UNUSED, gss_OID mech GSSEAP_UNUSED, OM_uint32 reqFlags GSSEAP_UNUSED, OM_uint32 timeReq GSSEAP_UNUSED, @@ -825,7 +825,7 @@ static OM_uint32 eapGssSmInitIdentity(OM_uint32 *minor, gss_cred_id_t cred GSSEAP_UNUSED, gss_ctx_id_t ctx, - gss_name_t target GSSEAP_UNUSED, + gss_const_name_t target GSSEAP_UNUSED, gss_OID mech GSSEAP_UNUSED, OM_uint32 reqFlags GSSEAP_UNUSED, OM_uint32 timeReq GSSEAP_UNUSED, @@ -881,7 +881,7 @@ static OM_uint32 eapGssSmInitAuthenticate(OM_uint32 *minor, gss_cred_id_t cred GSSEAP_UNUSED, gss_ctx_id_t ctx, - gss_name_t target GSSEAP_UNUSED, + gss_const_name_t target GSSEAP_UNUSED, gss_OID mech GSSEAP_UNUSED, OM_uint32 reqFlags GSSEAP_UNUSED, OM_uint32 timeReq GSSEAP_UNUSED, @@ -962,7 +962,7 @@ static OM_uint32 eapGssSmInitGssFlags(OM_uint32 *minor, gss_cred_id_t cred GSSEAP_UNUSED, gss_ctx_id_t ctx, - gss_name_t target GSSEAP_UNUSED, + gss_const_name_t target GSSEAP_UNUSED, gss_OID mech GSSEAP_UNUSED, OM_uint32 reqFlags GSSEAP_UNUSED, OM_uint32 timeReq GSSEAP_UNUSED, @@ -991,7 +991,7 @@ static OM_uint32 eapGssSmInitGssChannelBindings(OM_uint32 *minor, gss_cred_id_t cred GSSEAP_UNUSED, gss_ctx_id_t ctx, - gss_name_t target GSSEAP_UNUSED, + gss_const_name_t target GSSEAP_UNUSED, gss_OID mech GSSEAP_UNUSED, OM_uint32 reqFlags GSSEAP_UNUSED, OM_uint32 timeReq GSSEAP_UNUSED, @@ -1047,7 +1047,7 @@ static OM_uint32 eapGssSmInitInitiatorMIC(OM_uint32 *minor, gss_cred_id_t cred GSSEAP_UNUSED, gss_ctx_id_t ctx, - gss_name_t target GSSEAP_UNUSED, + gss_const_name_t target GSSEAP_UNUSED, gss_OID mech GSSEAP_UNUSED, OM_uint32 reqFlags GSSEAP_UNUSED, OM_uint32 timeReq GSSEAP_UNUSED, @@ -1075,7 +1075,7 @@ static OM_uint32 eapGssSmInitReauthCreds(OM_uint32 *minor, gss_cred_id_t cred, gss_ctx_id_t ctx, - gss_name_t target GSSEAP_UNUSED, + gss_const_name_t target GSSEAP_UNUSED, gss_OID mech GSSEAP_UNUSED, OM_uint32 reqFlags GSSEAP_UNUSED, OM_uint32 timeReq GSSEAP_UNUSED, @@ -1101,7 +1101,7 @@ static OM_uint32 eapGssSmInitAcceptorMIC(OM_uint32 *minor, gss_cred_id_t cred GSSEAP_UNUSED, gss_ctx_id_t ctx, - gss_name_t target GSSEAP_UNUSED, + gss_const_name_t target GSSEAP_UNUSED, gss_OID mech GSSEAP_UNUSED, OM_uint32 reqFlags GSSEAP_UNUSED, OM_uint32 timeReq GSSEAP_UNUSED, @@ -1218,7 +1218,7 @@ OM_uint32 gssEapInitSecContext(OM_uint32 *minor, gss_cred_id_t cred, gss_ctx_id_t ctx, - gss_name_t target_name, + gss_const_name_t target_name, gss_OID mech_type, OM_uint32 req_flags, OM_uint32 time_req, @@ -1305,9 +1305,17 @@ cleanup: OM_uint32 GSSAPI_CALLCONV gss_init_sec_context(OM_uint32 *minor, +#ifdef HAVE_HEIMDAL_VERSION + gss_const_cred_id_t cred, +#else gss_cred_id_t cred, +#endif gss_ctx_id_t *context_handle, +#ifdef HAVE_HEIMDAL_VERSION + gss_const_name_t target_name, +#else gss_name_t target_name, +#endif gss_OID mech_type, OM_uint32 req_flags, OM_uint32 time_req, @@ -1344,7 +1352,7 @@ gss_init_sec_context(OM_uint32 *minor, GSSEAP_MUTEX_LOCK(&ctx->mutex); major = gssEapInitSecContext(minor, - cred, + (gss_cred_id_t)cred, ctx, target_name, mech_type, diff --git a/mech_eap/inquire_context.c b/mech_eap/inquire_context.c index 5d0e5b6..3dc31b8 100644 --- a/mech_eap/inquire_context.c +++ b/mech_eap/inquire_context.c @@ -38,7 +38,11 @@ OM_uint32 GSSAPI_CALLCONV gss_inquire_context(OM_uint32 *minor, +#ifdef HAVE_HEIMDAL_VERSION + gss_const_ctx_id_t ctx, +#else gss_ctx_id_t ctx, +#endif gss_name_t *src_name, gss_name_t *targ_name, OM_uint32 *lifetime_rec, @@ -54,7 +58,7 @@ gss_inquire_context(OM_uint32 *minor, return GSS_S_CALL_INACCESSIBLE_READ | GSS_S_NO_CONTEXT; } - GSSEAP_MUTEX_LOCK(&ctx->mutex); + GSSEAP_MUTEX_LOCK(&((gss_ctx_id_t)ctx)->mutex); if (src_name != NULL) { if (ctx->initiatorName != GSS_C_NO_NAME) { @@ -99,7 +103,7 @@ gss_inquire_context(OM_uint32 *minor, *minor = 0; cleanup: - GSSEAP_MUTEX_UNLOCK(&ctx->mutex); + GSSEAP_MUTEX_UNLOCK(&((gss_ctx_id_t)ctx)->mutex); if (GSS_ERROR(major)) { gssEapReleaseName(&tmpMinor, src_name); diff --git a/mech_eap/inquire_cred.c b/mech_eap/inquire_cred.c index 227ab16..f75ccf0 100644 --- a/mech_eap/inquire_cred.c +++ b/mech_eap/inquire_cred.c @@ -38,7 +38,11 @@ OM_uint32 GSSAPI_CALLCONV gss_inquire_cred(OM_uint32 *minor, +#ifdef HAVE_HEIMDAL_VERSION + gss_const_cred_id_t cred, +#else gss_cred_id_t cred, +#endif gss_name_t *name, OM_uint32 *pLifetime, gss_cred_usage_t *cred_usage, @@ -51,11 +55,12 @@ gss_inquire_cred(OM_uint32 *minor, return GSS_S_NO_CRED; } - GSSEAP_MUTEX_LOCK(&cred->mutex); + GSSEAP_MUTEX_LOCK(&((gss_cred_id_t)cred)->mutex); - major = gssEapInquireCred(minor, cred, name, pLifetime, cred_usage, mechanisms); + major = gssEapInquireCred(minor, (gss_cred_id_t)cred, name, pLifetime, + cred_usage, mechanisms); - GSSEAP_MUTEX_UNLOCK(&cred->mutex); + GSSEAP_MUTEX_UNLOCK(&((gss_cred_id_t)cred)->mutex); return major; } diff --git a/mech_eap/inquire_cred_by_mech.c b/mech_eap/inquire_cred_by_mech.c index 191902d..836e367 100644 --- a/mech_eap/inquire_cred_by_mech.c +++ b/mech_eap/inquire_cred_by_mech.c @@ -38,7 +38,11 @@ OM_uint32 GSSAPI_CALLCONV gss_inquire_cred_by_mech(OM_uint32 *minor, +#ifdef HAVE_HEIMDAL_VERSION + gss_const_cred_id_t cred, +#else gss_cred_id_t cred, +#endif gss_OID mech_type, gss_name_t *name, OM_uint32 *pInitiatorLifetime, @@ -52,7 +56,7 @@ gss_inquire_cred_by_mech(OM_uint32 *minor, return GSS_S_NO_CRED; } - GSSEAP_MUTEX_LOCK(&cred->mutex); + GSSEAP_MUTEX_LOCK(&((gss_cred_id_t)cred)->mutex); if (!gssEapCredAvailable(cred, mech_type)) { major = GSS_S_BAD_MECH; @@ -60,7 +64,8 @@ gss_inquire_cred_by_mech(OM_uint32 *minor, goto cleanup; } - major = gssEapInquireCred(minor, cred, name, &lifetime, cred_usage, NULL); + major = gssEapInquireCred(minor, (gss_cred_id_t)cred, name, + &lifetime, cred_usage, NULL); if (GSS_ERROR(major)) goto cleanup; @@ -70,7 +75,7 @@ gss_inquire_cred_by_mech(OM_uint32 *minor, *pAcceptorLifetime = (cred->flags & CRED_FLAG_ACCEPT) ? lifetime : 0; cleanup: - GSSEAP_MUTEX_UNLOCK(&cred->mutex); + GSSEAP_MUTEX_UNLOCK(&((gss_cred_id_t)cred)->mutex); return major; } diff --git a/mech_eap/inquire_cred_by_oid.c b/mech_eap/inquire_cred_by_oid.c index 2ad34ed..77c27fb 100644 --- a/mech_eap/inquire_cred_by_oid.c +++ b/mech_eap/inquire_cred_by_oid.c @@ -47,7 +47,11 @@ static struct { OM_uint32 GSSAPI_CALLCONV gss_inquire_cred_by_oid(OM_uint32 *minor, +#ifdef HAVE_HEIMDAL_VERSION + gss_const_cred_id_t cred_handle, +#else const gss_cred_id_t cred_handle, +#endif const gss_OID desired_object GSSEAP_UNUSED, gss_buffer_set_t *data_set) { @@ -62,7 +66,7 @@ gss_inquire_cred_by_oid(OM_uint32 *minor, return GSS_S_CALL_INACCESSIBLE_READ | GSS_S_NO_CRED; } - GSSEAP_MUTEX_LOCK(&cred_handle->mutex); + GSSEAP_MUTEX_LOCK(&((gss_cred_id_t)cred_handle)->mutex); major = GSS_S_UNAVAILABLE; *minor = GSSEAP_BAD_CRED_OPTION; @@ -77,7 +81,7 @@ gss_inquire_cred_by_oid(OM_uint32 *minor, } #endif - GSSEAP_MUTEX_UNLOCK(&cred_handle->mutex); + GSSEAP_MUTEX_UNLOCK(&((gss_cred_id_t)cred_handle)->mutex); return major; } diff --git a/mech_eap/inquire_mechs_for_name.c b/mech_eap/inquire_mechs_for_name.c index 89c869c..6912ebf 100644 --- a/mech_eap/inquire_mechs_for_name.c +++ b/mech_eap/inquire_mechs_for_name.c @@ -38,7 +38,11 @@ OM_uint32 GSSAPI_CALLCONV gss_inquire_mechs_for_name(OM_uint32 *minor, +#ifdef HAVE_HEIMDAL_VERSION + gss_const_name_t input_name, +#else const gss_name_t input_name, +#endif gss_OID_set *mech_types) { OM_uint32 major, tmpMinor; diff --git a/mech_eap/inquire_sec_context_by_oid.c b/mech_eap/inquire_sec_context_by_oid.c index bde7e1c..4b2c0ed 100644 --- a/mech_eap/inquire_sec_context_by_oid.c +++ b/mech_eap/inquire_sec_context_by_oid.c @@ -83,7 +83,7 @@ zeroAndReleaseBufferSet(gss_buffer_set_t *dataSet) static OM_uint32 inquireSessionKey(OM_uint32 *minor, - const gss_ctx_id_t ctx, + gss_const_ctx_id_t ctx, const gss_OID desired_object GSSEAP_UNUSED, gss_buffer_set_t *dataSet) { @@ -119,7 +119,7 @@ cleanup: static OM_uint32 inquireNegoExKey(OM_uint32 *minor, - const gss_ctx_id_t ctx, + gss_const_ctx_id_t ctx, const gss_OID desired_object, gss_buffer_set_t *dataSet) { @@ -193,7 +193,7 @@ cleanup: static struct { gss_OID_desc oid; - OM_uint32 (*inquire)(OM_uint32 *, const gss_ctx_id_t, + OM_uint32 (*inquire)(OM_uint32 *, gss_const_ctx_id_t, const gss_OID, gss_buffer_set_t *); } inquireCtxOps[] = { { @@ -220,7 +220,11 @@ static struct { OM_uint32 GSSAPI_CALLCONV gss_inquire_sec_context_by_oid(OM_uint32 *minor, +#ifdef HAVE_HEIMDAL_VERSION + gss_const_ctx_id_t ctx, +#else const gss_ctx_id_t ctx, +#endif const gss_OID desired_object, gss_buffer_set_t *data_set) { @@ -229,7 +233,7 @@ gss_inquire_sec_context_by_oid(OM_uint32 *minor, *data_set = GSS_C_NO_BUFFER_SET; - GSSEAP_MUTEX_LOCK(&ctx->mutex); + GSSEAP_MUTEX_LOCK(&((gss_ctx_id_t)ctx)->mutex); #if 0 if (!CTX_IS_ESTABLISHED(ctx)) { @@ -250,7 +254,7 @@ gss_inquire_sec_context_by_oid(OM_uint32 *minor, } } - GSSEAP_MUTEX_UNLOCK(&ctx->mutex); + GSSEAP_MUTEX_UNLOCK(&((gss_ctx_id_t)ctx)->mutex); return major; } diff --git a/mech_eap/process_context_token.c b/mech_eap/process_context_token.c index 02a4b6d..a6f8838 100644 --- a/mech_eap/process_context_token.c +++ b/mech_eap/process_context_token.c @@ -34,7 +34,11 @@ OM_uint32 GSSAPI_CALLCONV gss_process_context_token(OM_uint32 *minor, +#ifdef HAVE_HEIMDAL_VERSION + gss_const_ctx_id_t ctx, +#else gss_ctx_id_t ctx, +#endif gss_buffer_t token_buffer) { OM_uint32 major; @@ -47,10 +51,10 @@ gss_process_context_token(OM_uint32 *minor, return GSS_S_CALL_INACCESSIBLE_READ | GSS_S_NO_CONTEXT; } - GSSEAP_MUTEX_LOCK(&ctx->mutex); + GSSEAP_MUTEX_LOCK(&((gss_ctx_id_t)ctx)->mutex); if (!CTX_IS_ESTABLISHED(ctx)) { - GSSEAP_MUTEX_UNLOCK(&ctx->mutex); + GSSEAP_MUTEX_UNLOCK(&((gss_ctx_id_t)ctx)->mutex); *minor = GSSEAP_CONTEXT_INCOMPLETE; return GSS_S_NO_CONTEXT; } @@ -58,14 +62,14 @@ gss_process_context_token(OM_uint32 *minor, iov[0].type = GSS_IOV_BUFFER_TYPE_HEADER; iov[0].buffer = *token_buffer; - major = gssEapUnwrapOrVerifyMIC(minor, ctx, NULL, NULL, + major = gssEapUnwrapOrVerifyMIC(minor, (gss_ctx_id_t)ctx, NULL, NULL, iov, 1, TOK_TYPE_DELETE_CONTEXT); if (GSS_ERROR(major)) { - GSSEAP_MUTEX_UNLOCK(&ctx->mutex); + GSSEAP_MUTEX_UNLOCK(&((gss_ctx_id_t)ctx)->mutex); return major; } - GSSEAP_MUTEX_UNLOCK(&ctx->mutex); + GSSEAP_MUTEX_UNLOCK(&((gss_ctx_id_t)ctx)->mutex); - return gssEapReleaseContext(minor, &ctx); + return gssEapReleaseContext(minor, (gss_ctx_id_t *)&ctx); } diff --git a/mech_eap/pseudo_random.c b/mech_eap/pseudo_random.c index 2d3fcfd..b434282 100644 --- a/mech_eap/pseudo_random.c +++ b/mech_eap/pseudo_random.c @@ -61,7 +61,7 @@ OM_uint32 gssEapPseudoRandom(OM_uint32 *minor, - gss_ctx_id_t ctx, + gss_const_ctx_id_t ctx, int prf_key, const gss_buffer_t prf_in, gss_buffer_t prf_out) diff --git a/mech_eap/unwrap.c b/mech_eap/unwrap.c index a185035..9bbf62b 100644 --- a/mech_eap/unwrap.c +++ b/mech_eap/unwrap.c @@ -38,7 +38,11 @@ OM_uint32 GSSAPI_CALLCONV gss_unwrap(OM_uint32 *minor, +#ifdef HAVE_HEIMDAL_VERSION + gss_const_ctx_id_t ctx, +#else gss_ctx_id_t ctx, +#endif gss_buffer_t input_message_buffer, gss_buffer_t output_message_buffer, int *conf_state, @@ -54,7 +58,7 @@ gss_unwrap(OM_uint32 *minor, *minor = 0; - GSSEAP_MUTEX_LOCK(&ctx->mutex); + GSSEAP_MUTEX_LOCK(&((gss_ctx_id_t)ctx)->mutex); if (!CTX_IS_ESTABLISHED(ctx)) { major = GSS_S_NO_CONTEXT; @@ -69,7 +73,8 @@ gss_unwrap(OM_uint32 *minor, iov[1].buffer.value = NULL; iov[1].buffer.length = 0; - major = gssEapUnwrapOrVerifyMIC(minor, ctx, conf_state, qop_state, + major = gssEapUnwrapOrVerifyMIC(minor, (gss_ctx_id_t)ctx, + conf_state, qop_state, iov, 2, TOK_TYPE_WRAP); if (major == GSS_S_COMPLETE) { *output_message_buffer = iov[1].buffer; @@ -79,7 +84,7 @@ gss_unwrap(OM_uint32 *minor, } cleanup: - GSSEAP_MUTEX_UNLOCK(&ctx->mutex); + GSSEAP_MUTEX_UNLOCK(&((gss_ctx_id_t)ctx)->mutex); return major; } diff --git a/mech_eap/util.h b/mech_eap/util.h index 8a908a3..7734a55 100644 --- a/mech_eap/util.h +++ b/mech_eap/util.h @@ -238,7 +238,7 @@ gssEapVerifyToken(OM_uint32 *minor, OM_uint32 gssEapContextTime(OM_uint32 *minor, - gss_ctx_id_t context_handle, + gss_const_ctx_id_t context_handle, OM_uint32 *time_rec); OM_uint32 @@ -260,7 +260,7 @@ gssEapPrimaryMechForCred(gss_cred_id_t cred); OM_uint32 gssEapAcquireCred(OM_uint32 *minor, - const gss_name_t desiredName, + gss_const_name_t desiredName, OM_uint32 timeReq, const gss_OID_set desiredMechs, int cred_usage, @@ -282,15 +282,15 @@ gssEapSetCredClientCertificate(OM_uint32 *minor, OM_uint32 gssEapSetCredService(OM_uint32 *minor, gss_cred_id_t cred, - const gss_name_t target); + gss_const_name_t target); OM_uint32 gssEapResolveInitiatorCred(OM_uint32 *minor, const gss_cred_id_t cred, - const gss_name_t target, + gss_const_name_t target, gss_cred_id_t *resolvedCred); -int gssEapCredAvailable(gss_cred_id_t cred, gss_OID mech); +int gssEapCredAvailable(gss_const_cred_id_t cred, gss_OID mech); OM_uint32 gssEapInquireCred(OM_uint32 *minor, @@ -470,7 +470,7 @@ krbCryptoLength(krb5_context krbContext, #ifdef HAVE_HEIMDAL_VERSION krb5_crypto krbCrypto, #else - krb5_keyblock *key, + const krb5_keyblock *key, #endif int type, size_t *length); @@ -480,7 +480,7 @@ krbPaddingLength(krb5_context krbContext, #ifdef HAVE_HEIMDAL_VERSION krb5_crypto krbCrypto, #else - krb5_keyblock *key, + const krb5_keyblock *key, #endif size_t dataLength, size_t *padLength); @@ -490,7 +490,7 @@ krbBlockSize(krb5_context krbContext, #ifdef HAVE_HEIMDAL_VERSION krb5_crypto krbCrypto, #else - krb5_keyblock *key, + const krb5_keyblock *key, #endif size_t *blockSize); @@ -522,7 +522,7 @@ krbMakeCred(krb5_context context, /* util_lucid.c */ OM_uint32 gssEapExportLucidSecContext(OM_uint32 *minor, - gss_ctx_id_t ctx, + gss_const_ctx_id_t ctx, const gss_OID desiredObject, gss_buffer_set_t *data_set); @@ -586,7 +586,7 @@ libMoonshotResolveDefaultIdentity(OM_uint32 *minor, OM_uint32 libMoonshotResolveInitiatorCred(OM_uint32 *minor, gss_cred_id_t cred, - const gss_name_t targetName); + gss_const_name_t targetName); /* util_name.c */ #define EXPORT_NAME_FLAG_OID 0x1 @@ -596,10 +596,10 @@ libMoonshotResolveInitiatorCred(OM_uint32 *minor, OM_uint32 gssEapAllocName(OM_uint32 *minor, gss_name_t *pName); OM_uint32 gssEapReleaseName(OM_uint32 *minor, gss_name_t *pName); OM_uint32 gssEapExportName(OM_uint32 *minor, - const gss_name_t name, + gss_const_name_t name, gss_buffer_t exportedName); OM_uint32 gssEapExportNameInternal(OM_uint32 *minor, - const gss_name_t name, + gss_const_name_t name, gss_buffer_t exportedName, OM_uint32 flags); OM_uint32 gssEapImportName(OM_uint32 *minor, @@ -613,18 +613,18 @@ OM_uint32 gssEapImportNameInternal(OM_uint32 *minor, OM_uint32 flags); OM_uint32 gssEapDuplicateName(OM_uint32 *minor, - const gss_name_t input_name, + gss_const_name_t input_name, gss_name_t *dest_name); OM_uint32 gssEapCanonicalizeName(OM_uint32 *minor, - const gss_name_t input_name, + gss_const_name_t input_name, const gss_OID mech_type, gss_name_t *dest_name); OM_uint32 gssEapDisplayName(OM_uint32 *minor, - gss_name_t name, + gss_const_name_t name, gss_buffer_t output_name_buffer, gss_OID *output_name_type); @@ -632,8 +632,8 @@ gssEapDisplayName(OM_uint32 *minor, OM_uint32 gssEapCompareName(OM_uint32 *minor, - gss_name_t name1, - gss_name_t name2, + gss_const_name_t name1, + gss_const_name_t name2, OM_uint32 flags, int *name_equal); @@ -735,7 +735,7 @@ struct gss_eap_sm { OM_uint32 (*processToken)(OM_uint32 *, gss_cred_id_t, gss_ctx_id_t, - gss_name_t, + gss_const_name_t, gss_OID, OM_uint32, OM_uint32, @@ -758,7 +758,7 @@ OM_uint32 gssEapSmStep(OM_uint32 *minor, gss_cred_id_t cred, gss_ctx_id_t ctx, - gss_name_t target, + gss_const_name_t target, gss_OID mech, OM_uint32 reqFlags, OM_uint32 timeReq, diff --git a/mech_eap/util_attr.cpp b/mech_eap/util_attr.cpp index 6058f36..beb283c 100644 --- a/mech_eap/util_attr.cpp +++ b/mech_eap/util_attr.cpp @@ -985,7 +985,7 @@ gssEapSetNameAttribute(OM_uint32 *minor, OM_uint32 gssEapExportAttrContext(OM_uint32 *minor, - gss_name_t name, + gss_const_name_t name, gss_buffer_t buffer) { if (name->attrCtx == NULL) { @@ -1049,7 +1049,7 @@ gssEapImportAttrContext(OM_uint32 *minor, OM_uint32 gssEapDuplicateAttrContext(OM_uint32 *minor, - gss_name_t in, + gss_const_name_t in, gss_name_t out) { gss_eap_attr_ctx *ctx = NULL; diff --git a/mech_eap/util_attr.h b/mech_eap/util_attr.h index 28067a9..d6c0a0f 100644 --- a/mech_eap/util_attr.h +++ b/mech_eap/util_attr.h @@ -349,7 +349,7 @@ gssEapSetNameAttribute(OM_uint32 *minor, OM_uint32 gssEapExportAttrContext(OM_uint32 *minor, - gss_name_t name, + gss_const_name_t name, gss_buffer_t buffer); OM_uint32 @@ -359,7 +359,7 @@ gssEapImportAttrContext(OM_uint32 *minor, OM_uint32 gssEapDuplicateAttrContext(OM_uint32 *minor, - gss_name_t in, + gss_const_name_t in, gss_name_t out); OM_uint32 diff --git a/mech_eap/util_context.c b/mech_eap/util_context.c index 7663f3d..039cfdb 100644 --- a/mech_eap/util_context.c +++ b/mech_eap/util_context.c @@ -214,7 +214,7 @@ gssEapVerifyToken(OM_uint32 *minor, OM_uint32 gssEapContextTime(OM_uint32 *minor, - gss_ctx_id_t context_handle, + gss_const_ctx_id_t context_handle, OM_uint32 *time_rec) { *minor = 0; diff --git a/mech_eap/util_cred.c b/mech_eap/util_cred.c index 52139b7..707e029 100644 --- a/mech_eap/util_cred.c +++ b/mech_eap/util_cred.c @@ -258,7 +258,7 @@ gssEapPrimaryMechForCred(gss_cred_id_t cred) OM_uint32 gssEapAcquireCred(OM_uint32 *minor, - const gss_name_t desiredName, + gss_const_name_t desiredName, OM_uint32 timeReq GSSEAP_UNUSED, const gss_OID_set desiredMechs, int credUsage, @@ -302,15 +302,15 @@ gssEapAcquireCred(OM_uint32 *minor, goto cleanup; if (desiredName != GSS_C_NO_NAME) { - GSSEAP_MUTEX_LOCK(&desiredName->mutex); + GSSEAP_MUTEX_LOCK(&((gss_name_t)desiredName)->mutex); major = gssEapDuplicateName(minor, desiredName, &cred->name); if (GSS_ERROR(major)) { - GSSEAP_MUTEX_UNLOCK(&desiredName->mutex); + GSSEAP_MUTEX_UNLOCK(&((gss_name_t)desiredName)->mutex); goto cleanup; } - GSSEAP_MUTEX_UNLOCK(&desiredName->mutex); + GSSEAP_MUTEX_UNLOCK(&((gss_name_t)desiredName)->mutex); } #ifdef GSSEAP_ENABLE_ACCEPTOR @@ -353,7 +353,7 @@ cleanup: * lock because mechanisms list is immutable. */ int -gssEapCredAvailable(gss_cred_id_t cred, gss_OID mech) +gssEapCredAvailable(gss_const_cred_id_t cred, gss_OID mech) { OM_uint32 minor; int present = 0; @@ -608,7 +608,7 @@ cleanup: OM_uint32 gssEapSetCredService(OM_uint32 *minor, gss_cred_id_t cred, - const gss_name_t target) + gss_const_name_t target) { OM_uint32 major, tmpMinor; gss_name_t newTarget = GSS_C_NO_NAME; @@ -768,7 +768,7 @@ cleanup: OM_uint32 gssEapResolveInitiatorCred(OM_uint32 *minor, const gss_cred_id_t cred, - const gss_name_t targetName + gss_const_name_t targetName #ifndef HAVE_MOONSHOT_GET_IDENTITY GSSEAP_UNUSED #endif diff --git a/mech_eap/util_krb.c b/mech_eap/util_krb.c index 5d654df..2a3e970 100644 --- a/mech_eap/util_krb.c +++ b/mech_eap/util_krb.c @@ -350,7 +350,7 @@ krbCryptoLength(krb5_context krbContext, #ifdef HAVE_HEIMDAL_VERSION krb5_crypto krbCrypto, #else - krb5_keyblock *key, + const krb5_keyblock *key, #endif int type, size_t *length) @@ -374,7 +374,7 @@ krbPaddingLength(krb5_context krbContext, #ifdef HAVE_HEIMDAL_VERSION krb5_crypto krbCrypto, #else - krb5_keyblock *key, + const krb5_keyblock *key, #endif size_t dataLength, size_t *padLength) @@ -417,7 +417,7 @@ krbBlockSize(krb5_context krbContext, #ifdef HAVE_HEIMDAL_VERSION krb5_crypto krbCrypto, #else - krb5_keyblock *key, + const krb5_keyblock *key, #endif size_t *blockSize) { diff --git a/mech_eap/util_lucid.c b/mech_eap/util_lucid.c index f9e9941..f50e498 100644 --- a/mech_eap/util_lucid.c +++ b/mech_eap/util_lucid.c @@ -38,7 +38,7 @@ OM_uint32 gssEapExportLucidSecContext(OM_uint32 *minor, - gss_ctx_id_t ctx, + gss_const_ctx_id_t ctx, const gss_OID desiredObject GSSEAP_UNUSED, gss_buffer_set_t *data_set) { diff --git a/mech_eap/util_moonshot.c b/mech_eap/util_moonshot.c index 68537a3..6d90eb2 100644 --- a/mech_eap/util_moonshot.c +++ b/mech_eap/util_moonshot.c @@ -141,7 +141,7 @@ static int stringEmpty(const char * s) OM_uint32 libMoonshotResolveInitiatorCred(OM_uint32 *minor, gss_cred_id_t cred, - const gss_name_t targetName) + gss_const_name_t targetName) { OM_uint32 major, tmpMinor; gss_OID nameMech = gssEapPrimaryMechForCred(cred); diff --git a/mech_eap/util_name.c b/mech_eap/util_name.c index 8386349..7a2e60b 100644 --- a/mech_eap/util_name.c +++ b/mech_eap/util_name.c @@ -534,7 +534,7 @@ gssEapImportName(OM_uint32 *minor, OM_uint32 gssEapExportName(OM_uint32 *minor, - const gss_name_t name, + gss_const_name_t name, gss_buffer_t exportedName) { return gssEapExportNameInternal(minor, name, exportedName, @@ -543,7 +543,7 @@ gssEapExportName(OM_uint32 *minor, OM_uint32 gssEapExportNameInternal(OM_uint32 *minor, - const gss_name_t name, + gss_const_name_t name, gss_buffer_t exportedName, OM_uint32 flags) { @@ -636,7 +636,7 @@ cleanup: OM_uint32 gssEapCanonicalizeName(OM_uint32 *minor, - const gss_name_t input_name, + gss_const_name_t input_name, const gss_OID mech_type, gss_name_t *dest_name) { @@ -698,7 +698,7 @@ cleanup: OM_uint32 gssEapDuplicateName(OM_uint32 *minor, - const gss_name_t input_name, + gss_const_name_t input_name, gss_name_t *dest_name) { return gssEapCanonicalizeName(minor, input_name, @@ -706,7 +706,7 @@ gssEapDuplicateName(OM_uint32 *minor, } static int -hasRealmP(gss_name_t name) +hasRealmP(gss_const_name_t name) { #ifdef HAVE_HEIMDAL_VERSION if (KRB_PRINC_REALM(name->krbPrincipal) != NULL && @@ -721,7 +721,7 @@ hasRealmP(gss_name_t name) OM_uint32 gssEapDisplayName(OM_uint32 *minor, - gss_name_t name, + gss_const_name_t name, gss_buffer_t output_name_buffer, gss_OID *output_name_type) { @@ -779,8 +779,8 @@ gssEapDisplayName(OM_uint32 *minor, OM_uint32 gssEapCompareName(OM_uint32 *minor, - gss_name_t name1, - gss_name_t name2, + gss_const_name_t name1, + gss_const_name_t name2, OM_uint32 flags, int *name_equal) { diff --git a/mech_eap/util_sm.c b/mech_eap/util_sm.c index a286bba..940ca66 100644 --- a/mech_eap/util_sm.c +++ b/mech_eap/util_sm.c @@ -151,7 +151,7 @@ OM_uint32 gssEapSmStep(OM_uint32 *minor, gss_cred_id_t cred, gss_ctx_id_t ctx, - gss_name_t target, + gss_const_name_t target, gss_OID mech, OM_uint32 reqFlags, OM_uint32 timeReq, diff --git a/mech_eap/verify_mic.c b/mech_eap/verify_mic.c index 047f023..bb9bf19 100644 --- a/mech_eap/verify_mic.c +++ b/mech_eap/verify_mic.c @@ -50,19 +50,23 @@ gss_verify_mic_iov(OM_uint32 *minor, return GSS_S_CALL_INACCESSIBLE_READ | GSS_S_NO_CONTEXT; } - GSSEAP_MUTEX_LOCK(&ctx->mutex); + GSSEAP_MUTEX_LOCK(&((gss_ctx_id_t)ctx)->mutex); - major = gssEapUnwrapOrVerifyMIC(minor, ctx, NULL, qop_state, + major = gssEapUnwrapOrVerifyMIC(minor, (gss_ctx_id_t)ctx, NULL, qop_state, iov, iov_count, TOK_TYPE_MIC); - GSSEAP_MUTEX_UNLOCK(&ctx->mutex); + GSSEAP_MUTEX_UNLOCK(&((gss_ctx_id_t)ctx)->mutex); return major; } OM_uint32 GSSAPI_CALLCONV gss_verify_mic(OM_uint32 *minor, +#ifdef HAVE_HEIMDAL_VERSION + gss_const_ctx_id_t ctx, +#else gss_ctx_id_t ctx, +#endif gss_buffer_t message_buffer, gss_buffer_t message_token, gss_qop_t *qop_state) @@ -75,5 +79,5 @@ gss_verify_mic(OM_uint32 *minor, iov[1].type = GSS_IOV_BUFFER_TYPE_MIC_TOKEN; iov[1].buffer = *message_token; - return gss_verify_mic_iov(minor, ctx, qop_state, iov, 2); + return gss_verify_mic_iov(minor, (gss_ctx_id_t)ctx, qop_state, iov, 2); } diff --git a/mech_eap/wrap.c b/mech_eap/wrap.c index e0f20b8..181bbb0 100644 --- a/mech_eap/wrap.c +++ b/mech_eap/wrap.c @@ -38,7 +38,11 @@ OM_uint32 GSSAPI_CALLCONV gss_wrap(OM_uint32 *minor, +#ifdef HAVE_HEIMDAL_VERSION + gss_const_ctx_id_t ctx, +#else gss_ctx_id_t ctx, +#endif int conf_req_flag, gss_qop_t qop_req, gss_buffer_t input_message_buffer, @@ -54,7 +58,7 @@ gss_wrap(OM_uint32 *minor, *minor = 0; - GSSEAP_MUTEX_LOCK(&ctx->mutex); + GSSEAP_MUTEX_LOCK(&((gss_ctx_id_t)ctx)->mutex); if (!CTX_IS_ESTABLISHED(ctx)) { major = GSS_S_NO_CONTEXT; @@ -62,14 +66,14 @@ gss_wrap(OM_uint32 *minor, goto cleanup; } - major = gssEapWrap(minor, ctx, conf_req_flag, qop_req, - input_message_buffer, + major = gssEapWrap(minor, (gss_ctx_id_t)ctx, conf_req_flag, + qop_req, input_message_buffer, conf_state, output_message_buffer); if (GSS_ERROR(major)) goto cleanup; cleanup: - GSSEAP_MUTEX_UNLOCK(&ctx->mutex); + GSSEAP_MUTEX_UNLOCK(&((gss_ctx_id_t)ctx)->mutex); return major; } diff --git a/mech_eap/wrap_iov.c b/mech_eap/wrap_iov.c index 9f6d4ec..4d5701f 100644 --- a/mech_eap/wrap_iov.c +++ b/mech_eap/wrap_iov.c @@ -60,7 +60,7 @@ #include "gssapiP_eap.h" unsigned char -rfc4121Flags(gss_ctx_id_t ctx, int receiving) +rfc4121Flags(gss_const_ctx_id_t ctx, int receiving) { unsigned char flags; int isAcceptor; @@ -359,7 +359,7 @@ gss_wrap_iov(OM_uint32 *minor, *minor = 0; - GSSEAP_MUTEX_LOCK(&ctx->mutex); + GSSEAP_MUTEX_LOCK(&((gss_ctx_id_t)ctx)->mutex); if (!CTX_IS_ESTABLISHED(ctx)) { major = GSS_S_NO_CONTEXT; @@ -367,13 +367,13 @@ gss_wrap_iov(OM_uint32 *minor, goto cleanup; } - major = gssEapWrapOrGetMIC(minor, ctx, conf_req_flag, conf_state, + major = gssEapWrapOrGetMIC(minor, (gss_ctx_id_t)ctx, conf_req_flag, conf_state, iov, iov_count, TOK_TYPE_WRAP); if (GSS_ERROR(major)) goto cleanup; cleanup: - GSSEAP_MUTEX_UNLOCK(&ctx->mutex); + GSSEAP_MUTEX_UNLOCK(&((gss_ctx_id_t)ctx)->mutex); return major; } diff --git a/mech_eap/wrap_iov_length.c b/mech_eap/wrap_iov_length.c index 737b878..bd1f6fb 100644 --- a/mech_eap/wrap_iov_length.c +++ b/mech_eap/wrap_iov_length.c @@ -65,7 +65,7 @@ OM_uint32 gssEapWrapIovLength(OM_uint32 *minor, - gss_ctx_id_t ctx, + gss_const_ctx_id_t ctx, int conf_req_flag, gss_qop_t qop_req, int *conf_state, diff --git a/mech_eap/wrap_size_limit.c b/mech_eap/wrap_size_limit.c index 78d3223..858b9a7 100644 --- a/mech_eap/wrap_size_limit.c +++ b/mech_eap/wrap_size_limit.c @@ -38,7 +38,11 @@ OM_uint32 GSSAPI_CALLCONV gss_wrap_size_limit(OM_uint32 *minor, +#ifdef HAVE_HEIMDAL_VERSION + gss_const_ctx_id_t ctx, +#else gss_ctx_id_t ctx, +#endif int conf_req_flag, gss_qop_t qop_req, OM_uint32 req_output_size, @@ -54,7 +58,7 @@ gss_wrap_size_limit(OM_uint32 *minor, *minor = 0; - GSSEAP_MUTEX_LOCK(&ctx->mutex); + GSSEAP_MUTEX_LOCK(&((gss_ctx_id_t)ctx)->mutex); if (!CTX_IS_ESTABLISHED(ctx)) { major = GSS_S_NO_CONTEXT; @@ -91,7 +95,7 @@ gss_wrap_size_limit(OM_uint32 *minor, *max_input_size = 0; cleanup: - GSSEAP_MUTEX_UNLOCK(&ctx->mutex); + GSSEAP_MUTEX_UNLOCK(&((gss_ctx_id_t)ctx)->mutex); return major; } -- 2.1.4