/missing
/gsseap_err.[ch]
+/radsec_err.[ch]
.DS_Store
map_name_to_any.c \
process_context_token.c \
pseudo_random.c \
+ radsec_err.c \
release_any_name_mapping.c \
release_cred.c \
release_name.c \
radius_ad_la_SOURCES = util_adshim.c
endif
-gsseap_err.c: gsseap_err.et
+gsseap_err.h: gsseap_err.et
$(prefix)/bin/compile_et $<
+gsseap_err.c: gsseap_err.h
+
+radsec_err.h: radsec_err.et
+ $(prefix)/bin/compile_et $<
+
+radsec_err.c: radsec_err.h
+
clean-generic:
- rm -f gsseap_err.[ch]
+ rm -f gsseap_err.[ch] radsec_err.[ch]
major = gssEapRadiusGetRawAvp(minor, ctx->acceptorCtx.vps,
PW_MS_MPPE_SEND_KEY, VENDORPEC_MS, &vp);
- if (GSS_ERROR(major))
- return major;
+ if (GSS_ERROR(major)) {
+ *minor = GSSEAP_KEY_UNAVAILABLE;
+ return GSS_S_UNAVAILABLE;
+ }
major = gssEapDeriveRfc3961Key(minor,
vp->vp_octets,
assert(actx->radHandle == NULL);
assert(actx->radConn == NULL);
- if (rs_context_create(&actx->radHandle, RS_DICT_FILE) != 0)
+ if (rs_context_create(&actx->radHandle, RS_DICT_FILE) != 0) {
+ *minor = GSSEAP_RADSEC_INIT_FAILURE;
return GSS_S_FAILURE;
+ }
if (cred != GSS_C_NO_CREDENTIAL) {
if (cred->radiusConfigFile != NULL)
gss_buffer_t outputToken)
{
/* Called with already established context */
- *minor = EINVAL;
+ *minor = GSSEAP_CONTEXT_ESTABLISHED;
return GSS_S_BAD_STATUS;
}
GSSEAP_MUTEX_LOCK(&cred->mutex);
if ((cred->flags & CRED_FLAG_ACCEPT) == 0) {
+ *minor = GSSEAP_CRED_USAGE_MISMATCH;
major = GSS_S_NO_CRED;
goto cleanup;
}
goto cleanup;
if (!gssEapCredAvailable(cred, ctx->mechanismUsed)) {
+ *minor = GSSEAP_WRONG_MECH;
major = GSS_S_BAD_MECH;
goto cleanup;
}
} else
#endif
if (tokType != sm->inputTokenType) {
+ *minor = GSSEAP_WRONG_TOK_ID;
major = GSS_S_DEFECTIVE_TOKEN;
goto cleanup;
}
#! /bin/sh
+
+PATH=/usr/local/bin:$PATH
+
if [ -x "`which autoreconf 2>/dev/null`" ] ; then
exec autoreconf -ivf
fi
#! /bin/sh
# Attempt to guess a canonical system name.
# Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999,
-# 2000, 2001, 2002, 2003, 2004, 2005, 2006 Free Software Foundation,
-# Inc.
+# 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009
+# Free Software Foundation, Inc.
-timestamp='2006-07-02'
+timestamp='2009-11-20'
# This file is free software; you can redistribute it and/or modify it
# under the terms of the GNU General Public License as published by
# the same distribution terms that you use for the rest of that program.
-# Originally written by Per Bothner <per@bothner.com>.
-# Please send patches to <config-patches@gnu.org>. Submit a context
-# diff and a properly formatted ChangeLog entry.
+# Originally written by Per Bothner. Please send patches (context
+# diff format) to <config-patches@gnu.org> and include a ChangeLog
+# entry.
#
# This script attempts to guess a canonical system name similar to
# config.sub. If it succeeds, it prints the system name on stdout, and
# exits with 0. Otherwise, it exits with 1.
#
-# The plan is that this can be called by configure scripts if you
-# don't specify an explicit build system type.
+# You can get the latest version of this script from:
+# http://git.savannah.gnu.org/gitweb/?p=config.git;a=blob_plain;f=config.guess;hb=HEAD
me=`echo "$0" | sed -e 's,.*/,,'`
GNU config.guess ($timestamp)
Originally written by Per Bothner.
-Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005
-Free Software Foundation, Inc.
+Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001,
+2002, 2003, 2004, 2005, 2006, 2007, 2008 Free Software Foundation, Inc.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE."
arm*) machine=arm-unknown ;;
sh3el) machine=shl-unknown ;;
sh3eb) machine=sh-unknown ;;
+ sh5el) machine=sh5le-unknown ;;
*) machine=${UNAME_MACHINE_ARCH}-unknown ;;
esac
# The Operating System including object format, if it has switched
arm*|i386|m68k|ns32k|sh3*|sparc|vax)
eval $set_cc_for_build
if echo __ELF__ | $CC_FOR_BUILD -E - 2>/dev/null \
- | grep __ELF__ >/dev/null
+ | grep -q __ELF__
then
# Once all utilities can be ECOFF (netbsdecoff) or a.out (netbsdaout).
# Return netbsd for either. FIX?
case `/usr/bin/uname -p` in
sparc) echo sparc-icl-nx7; exit ;;
esac ;;
+ s390x:SunOS:*:*)
+ echo ${UNAME_MACHINE}-ibm-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'`
+ exit ;;
sun4H:SunOS:5.*:*)
echo sparc-hal-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'`
exit ;;
sun4*:SunOS:5.*:* | tadpole*:SunOS:5.*:*)
echo sparc-sun-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'`
exit ;;
- i86pc:SunOS:5.*:*)
- echo i386-pc-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'`
+ i86pc:AuroraUX:5.*:* | i86xen:AuroraUX:5.*:*)
+ echo i386-pc-auroraux${UNAME_RELEASE}
+ exit ;;
+ i86pc:SunOS:5.*:* | i86xen:SunOS:5.*:*)
+ eval $set_cc_for_build
+ SUN_ARCH="i386"
+ # If there is a compiler, see if it is configured for 64-bit objects.
+ # Note that the Sun cc does not turn __LP64__ into 1 like gcc does.
+ # This test works for both compilers.
+ if [ "$CC_FOR_BUILD" != 'no_compiler_found' ]; then
+ if (echo '#ifdef __amd64'; echo IS_64BIT_ARCH; echo '#endif') | \
+ (CCOPTS= $CC_FOR_BUILD -E - 2>/dev/null) | \
+ grep IS_64BIT_ARCH >/dev/null
+ then
+ SUN_ARCH="x86_64"
+ fi
+ fi
+ echo ${SUN_ARCH}-pc-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'`
exit ;;
sun4*:SunOS:6*:*)
# According to config.sub, this is the proper way to canonicalize
echo rs6000-ibm-aix3.2
fi
exit ;;
- *:AIX:*:[45])
+ *:AIX:*:[456])
IBM_CPU_ID=`/usr/sbin/lsdev -C -c processor -S available | sed 1q | awk '{ print $1 }'`
if /usr/sbin/lsattr -El ${IBM_CPU_ID} | grep ' POWER' >/dev/null 2>&1; then
IBM_ARCH=rs6000
# => hppa64-hp-hpux11.23
if echo __LP64__ | (CCOPTS= $CC_FOR_BUILD -E - 2>/dev/null) |
- grep __LP64__ >/dev/null
+ grep -q __LP64__
then
HP_ARCH="hppa2.0w"
else
i*:CYGWIN*:*)
echo ${UNAME_MACHINE}-pc-cygwin
exit ;;
- i*:MINGW*:*)
+ *:MINGW*:*)
echo ${UNAME_MACHINE}-pc-mingw32
exit ;;
i*:windows32*:*)
i*:PW*:*)
echo ${UNAME_MACHINE}-pc-pw32
exit ;;
- x86:Interix*:[3456]*)
- echo i586-pc-interix${UNAME_RELEASE}
- exit ;;
- EM64T:Interix*:[3456]*)
- echo x86_64-unknown-interix${UNAME_RELEASE}
- exit ;;
+ *:Interix*:*)
+ case ${UNAME_MACHINE} in
+ x86)
+ echo i586-pc-interix${UNAME_RELEASE}
+ exit ;;
+ authenticamd | genuineintel | EM64T)
+ echo x86_64-unknown-interix${UNAME_RELEASE}
+ exit ;;
+ IA64)
+ echo ia64-unknown-interix${UNAME_RELEASE}
+ exit ;;
+ esac ;;
[345]86:Windows_95:* | [345]86:Windows_98:* | [345]86:Windows_NT:*)
echo i${UNAME_MACHINE}-pc-mks
exit ;;
+ 8664:Windows_NT:*)
+ echo x86_64-pc-mks
+ exit ;;
i*:Windows_NT*:* | Pentium*:Windows_NT*:*)
# How do we know it's Interix rather than the generic POSIX subsystem?
# It also conflicts with pre-2.0 versions of AT&T UWIN. Should we
i*86:Minix:*:*)
echo ${UNAME_MACHINE}-pc-minix
exit ;;
+ alpha:Linux:*:*)
+ case `sed -n '/^cpu model/s/^.*: \(.*\)/\1/p' < /proc/cpuinfo` in
+ EV5) UNAME_MACHINE=alphaev5 ;;
+ EV56) UNAME_MACHINE=alphaev56 ;;
+ PCA56) UNAME_MACHINE=alphapca56 ;;
+ PCA57) UNAME_MACHINE=alphapca56 ;;
+ EV6) UNAME_MACHINE=alphaev6 ;;
+ EV67) UNAME_MACHINE=alphaev67 ;;
+ EV68*) UNAME_MACHINE=alphaev68 ;;
+ esac
+ objdump --private-headers /bin/sh | grep -q ld.so.1
+ if test "$?" = 0 ; then LIBC="libc1" ; else LIBC="" ; fi
+ echo ${UNAME_MACHINE}-unknown-linux-gnu${LIBC}
+ exit ;;
arm*:Linux:*:*)
- echo ${UNAME_MACHINE}-unknown-linux-gnu
+ eval $set_cc_for_build
+ if echo __ARM_EABI__ | $CC_FOR_BUILD -E - 2>/dev/null \
+ | grep -q __ARM_EABI__
+ then
+ echo ${UNAME_MACHINE}-unknown-linux-gnu
+ else
+ echo ${UNAME_MACHINE}-unknown-linux-gnueabi
+ fi
exit ;;
avr32*:Linux:*:*)
echo ${UNAME_MACHINE}-unknown-linux-gnu
frv:Linux:*:*)
echo frv-unknown-linux-gnu
exit ;;
+ i*86:Linux:*:*)
+ LIBC=gnu
+ eval $set_cc_for_build
+ sed 's/^ //' << EOF >$dummy.c
+ #ifdef __dietlibc__
+ LIBC=dietlibc
+ #endif
+EOF
+ eval `$CC_FOR_BUILD -E $dummy.c 2>/dev/null | grep '^LIBC'`
+ echo "${UNAME_MACHINE}-pc-linux-${LIBC}"
+ exit ;;
ia64:Linux:*:*)
echo ${UNAME_MACHINE}-unknown-linux-gnu
exit ;;
m68*:Linux:*:*)
echo ${UNAME_MACHINE}-unknown-linux-gnu
exit ;;
- mips:Linux:*:*)
- eval $set_cc_for_build
- sed 's/^ //' << EOF >$dummy.c
- #undef CPU
- #undef mips
- #undef mipsel
- #if defined(__MIPSEL__) || defined(__MIPSEL) || defined(_MIPSEL) || defined(MIPSEL)
- CPU=mipsel
- #else
- #if defined(__MIPSEB__) || defined(__MIPSEB) || defined(_MIPSEB) || defined(MIPSEB)
- CPU=mips
- #else
- CPU=
- #endif
- #endif
-EOF
- eval "`$CC_FOR_BUILD -E $dummy.c 2>/dev/null | sed -n '
- /^CPU/{
- s: ::g
- p
- }'`"
- test x"${CPU}" != x && { echo "${CPU}-unknown-linux-gnu"; exit; }
- ;;
- mips64:Linux:*:*)
+ mips:Linux:*:* | mips64:Linux:*:*)
eval $set_cc_for_build
sed 's/^ //' << EOF >$dummy.c
#undef CPU
- #undef mips64
- #undef mips64el
+ #undef ${UNAME_MACHINE}
+ #undef ${UNAME_MACHINE}el
#if defined(__MIPSEL__) || defined(__MIPSEL) || defined(_MIPSEL) || defined(MIPSEL)
- CPU=mips64el
+ CPU=${UNAME_MACHINE}el
#else
#if defined(__MIPSEB__) || defined(__MIPSEB) || defined(_MIPSEB) || defined(MIPSEB)
- CPU=mips64
+ CPU=${UNAME_MACHINE}
#else
CPU=
#endif
#endif
EOF
- eval "`$CC_FOR_BUILD -E $dummy.c 2>/dev/null | sed -n '
- /^CPU/{
- s: ::g
- p
- }'`"
+ eval `$CC_FOR_BUILD -E $dummy.c 2>/dev/null | grep '^CPU'`
test x"${CPU}" != x && { echo "${CPU}-unknown-linux-gnu"; exit; }
;;
or32:Linux:*:*)
echo or32-unknown-linux-gnu
exit ;;
- ppc:Linux:*:*)
- echo powerpc-unknown-linux-gnu
+ padre:Linux:*:*)
+ echo sparc-unknown-linux-gnu
exit ;;
- ppc64:Linux:*:*)
- echo powerpc64-unknown-linux-gnu
- exit ;;
- alpha:Linux:*:*)
- case `sed -n '/^cpu model/s/^.*: \(.*\)/\1/p' < /proc/cpuinfo` in
- EV5) UNAME_MACHINE=alphaev5 ;;
- EV56) UNAME_MACHINE=alphaev56 ;;
- PCA56) UNAME_MACHINE=alphapca56 ;;
- PCA57) UNAME_MACHINE=alphapca56 ;;
- EV6) UNAME_MACHINE=alphaev6 ;;
- EV67) UNAME_MACHINE=alphaev67 ;;
- EV68*) UNAME_MACHINE=alphaev68 ;;
- esac
- objdump --private-headers /bin/sh | grep ld.so.1 >/dev/null
- if test "$?" = 0 ; then LIBC="libc1" ; else LIBC="" ; fi
- echo ${UNAME_MACHINE}-unknown-linux-gnu${LIBC}
+ parisc64:Linux:*:* | hppa64:Linux:*:*)
+ echo hppa64-unknown-linux-gnu
exit ;;
parisc:Linux:*:* | hppa:Linux:*:*)
# Look for CPU level
*) echo hppa-unknown-linux-gnu ;;
esac
exit ;;
- parisc64:Linux:*:* | hppa64:Linux:*:*)
- echo hppa64-unknown-linux-gnu
+ ppc64:Linux:*:*)
+ echo powerpc64-unknown-linux-gnu
+ exit ;;
+ ppc:Linux:*:*)
+ echo powerpc-unknown-linux-gnu
exit ;;
s390:Linux:*:* | s390x:Linux:*:*)
echo ${UNAME_MACHINE}-ibm-linux
x86_64:Linux:*:*)
echo x86_64-unknown-linux-gnu
exit ;;
- i*86:Linux:*:*)
- # The BFD linker knows what the default object file format is, so
- # first see if it will tell us. cd to the root directory to prevent
- # problems with other programs or directories called `ld' in the path.
- # Set LC_ALL=C to ensure ld outputs messages in English.
- ld_supported_targets=`cd /; LC_ALL=C ld --help 2>&1 \
- | sed -ne '/supported targets:/!d
- s/[ ][ ]*/ /g
- s/.*supported targets: *//
- s/ .*//
- p'`
- case "$ld_supported_targets" in
- elf32-i386)
- TENTATIVE="${UNAME_MACHINE}-pc-linux-gnu"
- ;;
- a.out-i386-linux)
- echo "${UNAME_MACHINE}-pc-linux-gnuaout"
- exit ;;
- coff-i386)
- echo "${UNAME_MACHINE}-pc-linux-gnucoff"
- exit ;;
- "")
- # Either a pre-BFD a.out linker (linux-gnuoldld) or
- # one that does not give us useful --help.
- echo "${UNAME_MACHINE}-pc-linux-gnuoldld"
- exit ;;
- esac
- # Determine whether the default compiler is a.out or elf
- eval $set_cc_for_build
- sed 's/^ //' << EOF >$dummy.c
- #include <features.h>
- #ifdef __ELF__
- # ifdef __GLIBC__
- # if __GLIBC__ >= 2
- LIBC=gnu
- # else
- LIBC=gnulibc1
- # endif
- # else
- LIBC=gnulibc1
- # endif
- #else
- #if defined(__INTEL_COMPILER) || defined(__PGI) || defined(__SUNPRO_C) || defined(__SUNPRO_CC)
- LIBC=gnu
- #else
- LIBC=gnuaout
- #endif
- #endif
- #ifdef __dietlibc__
- LIBC=dietlibc
- #endif
-EOF
- eval "`$CC_FOR_BUILD -E $dummy.c 2>/dev/null | sed -n '
- /^LIBC/{
- s: ::g
- p
- }'`"
- test x"${LIBC}" != x && {
- echo "${UNAME_MACHINE}-pc-linux-${LIBC}"
- exit
- }
- test x"${TENTATIVE}" != x && { echo "${TENTATIVE}"; exit; }
- ;;
+ xtensa*:Linux:*:*)
+ echo ${UNAME_MACHINE}-unknown-linux-gnu
+ exit ;;
i*86:DYNIX/ptx:4*:*)
# ptx 4.0 does uname -s correctly, with DYNIX/ptx in there.
# earlier versions are messed up and put the nodename in both
i*86:syllable:*:*)
echo ${UNAME_MACHINE}-pc-syllable
exit ;;
- i*86:LynxOS:2.*:* | i*86:LynxOS:3.[01]*:* | i*86:LynxOS:4.0*:*)
+ i*86:LynxOS:2.*:* | i*86:LynxOS:3.[01]*:* | i*86:LynxOS:4.[02]*:*)
echo i386-unknown-lynxos${UNAME_RELEASE}
exit ;;
i*86:*DOS:*:*)
pc:*:*:*)
# Left here for compatibility:
# uname -m prints for DJGPP always 'pc', but it prints nothing about
- # the processor, so we play safe by assuming i386.
- echo i386-pc-msdosdjgpp
+ # the processor, so we play safe by assuming i586.
+ # Note: whatever this is, it MUST be the same as what config.sub
+ # prints for the "djgpp" host, or else GDB configury will decide that
+ # this is a cross-build.
+ echo i586-pc-msdosdjgpp
exit ;;
Intel:Mach:3*:*)
echo i386-pc-mach3
3[34]??:*:4.0:* | 3[34]??,*:*:4.0:*)
/bin/uname -p 2>/dev/null | grep 86 >/dev/null \
&& { echo i486-ncr-sysv4; exit; } ;;
+ NCR*:*:4.2:* | MPRAS*:*:4.2:*)
+ OS_REL='.3'
+ test -r /etc/.relid \
+ && OS_REL=.`sed -n 's/[^ ]* [^ ]* \([0-9][0-9]\).*/\1/p' < /etc/.relid`
+ /bin/uname -p 2>/dev/null | grep 86 >/dev/null \
+ && { echo i486-ncr-sysv4.3${OS_REL}; exit; }
+ /bin/uname -p 2>/dev/null | /bin/grep entium >/dev/null \
+ && { echo i586-ncr-sysv4.3${OS_REL}; exit; }
+ /bin/uname -p 2>/dev/null | /bin/grep pteron >/dev/null \
+ && { echo i586-ncr-sysv4.3${OS_REL}; exit; } ;;
m68*:LynxOS:2.*:* | m68*:LynxOS:3.0*:*)
echo m68k-unknown-lynxos${UNAME_RELEASE}
exit ;;
rs6000:LynxOS:2.*:*)
echo rs6000-unknown-lynxos${UNAME_RELEASE}
exit ;;
- PowerPC:LynxOS:2.*:* | PowerPC:LynxOS:3.[01]*:* | PowerPC:LynxOS:4.0*:*)
+ PowerPC:LynxOS:2.*:* | PowerPC:LynxOS:3.[01]*:* | PowerPC:LynxOS:4.[02]*:*)
echo powerpc-unknown-lynxos${UNAME_RELEASE}
exit ;;
SM[BE]S:UNIX_SV:*:*)
BePC:BeOS:*:*) # BeOS running on Intel PC compatible.
echo i586-pc-beos
exit ;;
+ BePC:Haiku:*:*) # Haiku running on Intel PC compatible.
+ echo i586-pc-haiku
+ exit ;;
SX-4:SUPER-UX:*:*)
echo sx4-nec-superux${UNAME_RELEASE}
exit ;;
SX-6:SUPER-UX:*:*)
echo sx6-nec-superux${UNAME_RELEASE}
exit ;;
+ SX-7:SUPER-UX:*:*)
+ echo sx7-nec-superux${UNAME_RELEASE}
+ exit ;;
+ SX-8:SUPER-UX:*:*)
+ echo sx8-nec-superux${UNAME_RELEASE}
+ exit ;;
+ SX-8R:SUPER-UX:*:*)
+ echo sx8r-nec-superux${UNAME_RELEASE}
+ exit ;;
Power*:Rhapsody:*:*)
echo powerpc-apple-rhapsody${UNAME_RELEASE}
exit ;;
*:Darwin:*:*)
UNAME_PROCESSOR=`uname -p` || UNAME_PROCESSOR=unknown
case $UNAME_PROCESSOR in
+ i386)
+ eval $set_cc_for_build
+ if [ "$CC_FOR_BUILD" != 'no_compiler_found' ]; then
+ if (echo '#ifdef __LP64__'; echo IS_64BIT_ARCH; echo '#endif') | \
+ (CCOPTS= $CC_FOR_BUILD -E - 2>/dev/null) | \
+ grep IS_64BIT_ARCH >/dev/null
+ then
+ UNAME_PROCESSOR="x86_64"
+ fi
+ fi ;;
unknown) UNAME_PROCESSOR=powerpc ;;
esac
echo ${UNAME_PROCESSOR}-apple-darwin${UNAME_RELEASE}
i*86:rdos:*:*)
echo ${UNAME_MACHINE}-pc-rdos
exit ;;
+ i*86:AROS:*:*)
+ echo ${UNAME_MACHINE}-pc-aros
+ exit ;;
esac
#echo '(No uname command or uname output not recognized.)' 1>&2
the operating system you are using. It is advised that you
download the most up to date version of the config scripts from
- http://savannah.gnu.org/cgi-bin/viewcvs/*checkout*/config/config/config.guess
+ http://git.savannah.gnu.org/gitweb/?p=config.git;a=blob_plain;f=config.guess;hb=HEAD
and
- http://savannah.gnu.org/cgi-bin/viewcvs/*checkout*/config/config/config.sub
+ http://git.savannah.gnu.org/gitweb/?p=config.git;a=blob_plain;f=config.sub;hb=HEAD
If the version you run ($0) is already up to date, please
send the following data and any information you think might be
#! /bin/sh
# Configuration validation subroutine script.
# Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999,
-# 2000, 2001, 2002, 2003, 2004, 2005, 2006 Free Software Foundation,
-# Inc.
+# 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009
+# Free Software Foundation, Inc.
-timestamp='2006-09-20'
+timestamp='2009-11-20'
# This file is (in principle) common to ALL GNU software.
# The presence of a machine in this file suggests that SOME GNU software
# Please send patches to <config-patches@gnu.org>. Submit a context
-# diff and a properly formatted ChangeLog entry.
+# diff and a properly formatted GNU ChangeLog entry.
#
# Configuration subroutine to validate and canonicalize a configuration type.
# Supply the specified configuration type as an argument.
# If it is invalid, we print an error message on stderr and exit with code 1.
# Otherwise, we print the canonical config type on stdout and succeed.
+# You can get the latest version of this script from:
+# http://git.savannah.gnu.org/gitweb/?p=config.git;a=blob_plain;f=config.sub;hb=HEAD
+
# This file is supposed to be the same for all GNU packages
# and recognize all the CPU types, system types and aliases
# that are meaningful with *any* GNU software.
version="\
GNU config.sub ($timestamp)
-Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005
-Free Software Foundation, Inc.
+Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001,
+2002, 2003, 2004, 2005, 2006, 2007, 2008 Free Software Foundation, Inc.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE."
case $maybe_os in
nto-qnx* | linux-gnu* | linux-dietlibc | linux-newlib* | linux-uclibc* | \
uclinux-uclibc* | uclinux-gnu* | kfreebsd*-gnu* | knetbsd*-gnu* | netbsd*-gnu* | \
+ kopensolaris*-gnu* | \
storm-chaos* | os2-emx* | rtmk-nova*)
os=-$maybe_os
basic_machine=`echo $1 | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\1/'`
-convergent* | -ncr* | -news | -32* | -3600* | -3100* | -hitachi* |\
-c[123]* | -convex* | -sun | -crds | -omron* | -dg | -ultra | -tti* | \
-harris | -dolphin | -highlevel | -gould | -cbm | -ns | -masscomp | \
- -apple | -axis | -knuth | -cray)
+ -apple | -axis | -knuth | -cray | -microblaze)
os=
basic_machine=$1
;;
+ -bluegene*)
+ os=-cnk
+ ;;
-sim | -cisco | -oki | -wec | -winbond)
os=
basic_machine=$1
| bfin \
| c4x | clipper \
| d10v | d30v | dlx | dsp16xx \
- | fr30 | frv \
+ | fido | fr30 | frv \
| h8300 | h8500 | hppa | hppa1.[01] | hppa2.0 | hppa2.0[nw] | hppa64 \
| i370 | i860 | i960 | ia64 \
| ip2k | iq2000 \
+ | lm32 \
| m32c | m32r | m32rle | m68000 | m68k | m88k \
- | maxq | mb | microblaze | mcore \
+ | maxq | mb | microblaze | mcore | mep | metag \
| mips | mipsbe | mipseb | mipsel | mipsle \
| mips16 \
| mips64 | mips64el \
- | mips64vr | mips64vrel \
+ | mips64octeon | mips64octeonel \
| mips64orion | mips64orionel \
+ | mips64r5900 | mips64r5900el \
+ | mips64vr | mips64vrel \
| mips64vr4100 | mips64vr4100el \
| mips64vr4300 | mips64vr4300el \
| mips64vr5000 | mips64vr5000el \
| mipsisa64sr71k | mipsisa64sr71kel \
| mipstx39 | mipstx39el \
| mn10200 | mn10300 \
+ | moxie \
| mt \
| msp430 \
| nios | nios2 \
| pdp10 | pdp11 | pj | pjl \
| powerpc | powerpc64 | powerpc64le | powerpcle | ppcbe \
| pyramid \
+ | rx \
| score \
- | sh | sh[1234] | sh[24]a | sh[23]e | sh[34]eb | sheb | shbe | shle | sh[1234]le | sh3ele \
+ | sh | sh[1234] | sh[24]a | sh[24]aeb | sh[23]e | sh[34]eb | sheb | shbe | shle | sh[1234]le | sh3ele \
| sh64 | sh64le \
| sparc | sparc64 | sparc64b | sparc64v | sparc86x | sparclet | sparclite \
| sparcv8 | sparcv9 | sparcv9b | sparcv9v \
| spu | strongarm \
| tahoe | thumb | tic4x | tic80 | tron \
+ | ubicom32 \
| v850 | v850e \
| we32k \
| x86 | xc16x | xscale | xscalee[bl] | xstormy16 | xtensa \
- | z8k)
+ | z8k | z80)
basic_machine=$basic_machine-unknown
;;
- m6811 | m68hc11 | m6812 | m68hc12)
+ m6811 | m68hc11 | m6812 | m68hc12 | picochip)
# Motorola 68HC11/12.
basic_machine=$basic_machine-unknown
os=-none
| clipper-* | craynv-* | cydra-* \
| d10v-* | d30v-* | dlx-* \
| elxsi-* \
- | f30[01]-* | f700-* | fr30-* | frv-* | fx80-* \
+ | f30[01]-* | f700-* | fido-* | fr30-* | frv-* | fx80-* \
| h8300-* | h8500-* \
| hppa-* | hppa1.[01]-* | hppa2.0-* | hppa2.0[nw]-* | hppa64-* \
| i*86-* | i860-* | i960-* | ia64-* \
| ip2k-* | iq2000-* \
+ | lm32-* \
| m32c-* | m32r-* | m32rle-* \
| m68000-* | m680[012346]0-* | m68360-* | m683?2-* | m68k-* \
- | m88110-* | m88k-* | maxq-* | mcore-* \
+ | m88110-* | m88k-* | maxq-* | mcore-* | metag-* | microblaze-* \
| mips-* | mipsbe-* | mipseb-* | mipsel-* | mipsle-* \
| mips16-* \
| mips64-* | mips64el-* \
- | mips64vr-* | mips64vrel-* \
+ | mips64octeon-* | mips64octeonel-* \
| mips64orion-* | mips64orionel-* \
+ | mips64r5900-* | mips64r5900el-* \
+ | mips64vr-* | mips64vrel-* \
| mips64vr4100-* | mips64vr4100el-* \
| mips64vr4300-* | mips64vr4300el-* \
| mips64vr5000-* | mips64vr5000el-* \
| pdp10-* | pdp11-* | pj-* | pjl-* | pn-* | power-* \
| powerpc-* | powerpc64-* | powerpc64le-* | powerpcle-* | ppcbe-* \
| pyramid-* \
- | romp-* | rs6000-* \
- | sh-* | sh[1234]-* | sh[24]a-* | sh[23]e-* | sh[34]eb-* | sheb-* | shbe-* \
+ | romp-* | rs6000-* | rx-* \
+ | sh-* | sh[1234]-* | sh[24]a-* | sh[24]aeb-* | sh[23]e-* | sh[34]eb-* | sheb-* | shbe-* \
| shle-* | sh[1234]le-* | sh3ele-* | sh64-* | sh64le-* \
| sparc-* | sparc64-* | sparc64b-* | sparc64v-* | sparc86x-* | sparclet-* \
| sparclite-* \
| sparcv8-* | sparcv9-* | sparcv9b-* | sparcv9v-* | strongarm-* | sv1-* | sx?-* \
| tahoe-* | thumb-* \
- | tic30-* | tic4x-* | tic54x-* | tic55x-* | tic6x-* | tic80-* \
+ | tic30-* | tic4x-* | tic54x-* | tic55x-* | tic6x-* | tic80-* | tile-* \
| tron-* \
+ | ubicom32-* \
| v850-* | v850e-* | vax-* \
| we32k-* \
| x86-* | x86_64-* | xc16x-* | xps100-* | xscale-* | xscalee[bl]-* \
- | xstormy16-* | xtensa-* \
+ | xstormy16-* | xtensa*-* \
| ymp-* \
- | z8k-*)
+ | z8k-* | z80-*)
+ ;;
+ # Recognize the basic CPU types without company name, with glob match.
+ xtensa*)
+ basic_machine=$basic_machine-unknown
;;
# Recognize the various machine names and aliases which stand
# for a CPU type and a company and sometimes even an OS.
basic_machine=m68k-apollo
os=-bsd
;;
+ aros)
+ basic_machine=i386-pc
+ os=-aros
+ ;;
aux)
basic_machine=m68k-apple
os=-aux
basic_machine=ns32k-sequent
os=-dynix
;;
+ blackfin)
+ basic_machine=bfin-unknown
+ os=-linux
+ ;;
+ blackfin-*)
+ basic_machine=bfin-`echo $basic_machine | sed 's/^[^-]*-//'`
+ os=-linux
+ ;;
+ bluegene*)
+ basic_machine=powerpc-ibm
+ os=-cnk
+ ;;
c90)
basic_machine=c90-cray
os=-unicos
;;
+ cegcc)
+ basic_machine=arm-unknown
+ os=-cegcc
+ ;;
convex-c1)
basic_machine=c1-convex
os=-bsd
basic_machine=craynv-cray
os=-unicosmp
;;
- cr16c)
- basic_machine=cr16c-unknown
+ cr16)
+ basic_machine=cr16-unknown
os=-elf
;;
crds | unos)
basic_machine=m88k-motorola
os=-sysv3
;;
+ dicos)
+ basic_machine=i686-pc
+ os=-dicos
+ ;;
djgpp)
basic_machine=i586-pc
os=-msdosdjgpp
basic_machine=m68k-isi
os=-sysv
;;
+ m68knommu)
+ basic_machine=m68k-unknown
+ os=-linux
+ ;;
+ m68knommu-*)
+ basic_machine=m68k-`echo $basic_machine | sed 's/^[^-]*-//'`
+ os=-linux
+ ;;
m88k-omron*)
basic_machine=m88k-omron
;;
basic_machine=ns32k-utek
os=-sysv
;;
+ microblaze)
+ basic_machine=microblaze-xilinx
+ ;;
mingw32)
basic_machine=i386-pc
os=-mingw32
;;
+ mingw32ce)
+ basic_machine=arm-unknown
+ os=-mingw32ce
+ ;;
miniframe)
basic_machine=m68000-convergent
;;
basic_machine=i860-intel
os=-osf
;;
+ parisc)
+ basic_machine=hppa-unknown
+ os=-linux
+ ;;
+ parisc-*)
+ basic_machine=hppa-`echo $basic_machine | sed 's/^[^-]*-//'`
+ os=-linux
+ ;;
pbd)
basic_machine=sparc-tti
;;
basic_machine=sh-hitachi
os=-hms
;;
+ sh5el)
+ basic_machine=sh5le-unknown
+ ;;
sh64)
basic_machine=sh64-unknown
;;
basic_machine=tic6x-unknown
os=-coff
;;
+ tile*)
+ basic_machine=tile-unknown
+ os=-linux-gnu
+ ;;
tx39)
basic_machine=mipstx39-unknown
;;
basic_machine=z8k-unknown
os=-sim
;;
+ z80-*-coff)
+ basic_machine=z80-unknown
+ os=-sim
+ ;;
none)
basic_machine=none-none
os=-none
we32k)
basic_machine=we32k-att
;;
- sh[1234] | sh[24]a | sh[34]eb | sh[1234]le | sh[23]ele)
+ sh[1234] | sh[24]a | sh[24]aeb | sh[34]eb | sh[1234]le | sh[23]ele)
basic_machine=sh-unknown
;;
sparc | sparcv8 | sparcv9 | sparcv9b | sparcv9v)
# First match some system type aliases
# that might get confused with valid system types.
# -solaris* is a basic system type, with this one exception.
+ -auroraux)
+ os=-auroraux
+ ;;
-solaris1 | -solaris1.*)
os=`echo $os | sed -e 's|solaris1|sunos4|'`
;;
# Each alternative MUST END IN A *, to match a version number.
# -sysv* is not here because it comes later, after sysvr4.
-gnu* | -bsd* | -mach* | -minix* | -genix* | -ultrix* | -irix* \
- | -*vms* | -sco* | -esix* | -isc* | -aix* | -sunos | -sunos[34]*\
- | -hpux* | -unos* | -osf* | -luna* | -dgux* | -solaris* | -sym* \
+ | -*vms* | -sco* | -esix* | -isc* | -aix* | -cnk* | -sunos | -sunos[34]*\
+ | -hpux* | -unos* | -osf* | -luna* | -dgux* | -auroraux* | -solaris* \
+ | -sym* | -kopensolaris* \
| -amigaos* | -amigados* | -msdos* | -newsos* | -unicos* | -aof* \
- | -aos* \
+ | -aos* | -aros* \
| -nindy* | -vxsim* | -vxworks* | -ebmon* | -hms* | -mvs* \
| -clix* | -riscos* | -uniplus* | -iris* | -rtu* | -xenix* \
| -hiux* | -386bsd* | -knetbsd* | -mirbsd* | -netbsd* \
| -bosx* | -nextstep* | -cxux* | -aout* | -elf* | -oabi* \
| -ptx* | -coff* | -ecoff* | -winnt* | -domain* | -vsta* \
| -udi* | -eabi* | -lites* | -ieee* | -go32* | -aux* \
- | -chorusos* | -chorusrdb* \
+ | -chorusos* | -chorusrdb* | -cegcc* \
| -cygwin* | -pe* | -psos* | -moss* | -proelf* | -rtems* \
| -mingw32* | -linux-gnu* | -linux-newlib* | -linux-uclibc* \
| -uxpv* | -beos* | -mpeix* | -udk* \
| -os2* | -vos* | -palmos* | -uclinux* | -nucleus* \
| -morphos* | -superux* | -rtmk* | -rtmk-nova* | -windiss* \
| -powermax* | -dnix* | -nx6 | -nx7 | -sei* | -dragonfly* \
- | -skyos* | -haiku* | -rdos* | -toppers*)
+ | -skyos* | -haiku* | -rdos* | -toppers* | -drops* | -es*)
# Remember, each alternative MUST END IN *, to match a version number.
;;
-qnx*)
-zvmoe)
os=-zvmoe
;;
+ -dicos*)
+ os=-dicos
+ ;;
-none)
;;
*)
m68*-cisco)
os=-aout
;;
+ mep-*)
+ os=-elf
+ ;;
mips*-cisco)
os=-elf
;;
-sunos*)
vendor=sun
;;
- -aix*)
+ -cnk*|-aix*)
vendor=ibm
;;
-beos*)
GSSEAP_MUTEX_LOCK(&ctx->mutex);
if (!CTX_IS_ESTABLISHED(ctx)) {
+ *minor = GSSEAP_CONTEXT_INCOMPLETE;
major = GSS_S_NO_CONTEXT;
goto cleanup;
}
static void
saveStatusInfoNoCopy(OM_uint32 minor, char *message)
{
- struct gss_eap_status_info *info, *p;
+ struct gss_eap_status_info **next = NULL, *p;
GSSEAP_ONCE(&gssEapStatusInfoKeyOnce, createStatusInfoKey);
- info = GSSEAP_CALLOC(1, sizeof(*info));
- if (info == NULL) {
- GSSEAP_FREE(message);
- return;
+ p = GSSEAP_GETSPECIFIC(gssEapStatusInfoKey);
+ for (; p != NULL; p = p->next) {
+ if (p->code == minor) {
+ p->message = message;
+ return;
+ }
+ next = &p->next;
}
- info->code = minor;
- info->message = message;
-
- p = GSSEAP_GETSPECIFIC(gssEapStatusInfoKey);
+ p = GSSEAP_CALLOC(1, sizeof(*p));
if (p == NULL) {
- GSSEAP_SETSPECIFIC(gssEapStatusInfoKey, info);
- } else {
- struct gss_eap_status_info **next = &p;
+ GSSEAP_FREE(message);
+ return;
+ }
- for (; p != NULL; p = p->next)
- next = &p->next;
+ p->code = minor;
+ p->message = message;
- *next = info;
- }
+ if (p != NULL)
+ *next = p;
+ else
+ GSSEAP_SETSPECIFIC(gssEapStatusInfoKey, p);
}
static const char *
{
OM_uint32 major, minor;
- initialize_gsseap_error_table();
+ initialize_eapg_error_table();
+ initialize_rse_error_table();
major = gssEapInitLibEap(&minor);
assert(major == GSS_S_COMPLETE);
GSSEAP_MUTEX_LOCK(&ctx->mutex);
if (!CTX_IS_ESTABLISHED(ctx)) {
+ *minor = GSSEAP_CONTEXT_INCOMPLETE;
major = GSS_S_NO_CONTEXT;
goto cleanup;
}
#endif
#include "gsseap_err.h"
+#include "radsec_err.h"
#include "util.h"
#ifdef __cplusplus
# SUCH DAMAGE.
#
-error_table gsseap
+error_table eapg
+error_code GSSEAP_BAD_SERVICE_NAME, "Could not parse service name"
+error_code GSSEAP_WRONG_SIZE, "Buffer is incorrect size"
+error_code GSSEAP_BAD_USAGE, "Credential usage type is unknown"
+error_code GSSEAP_WRONG_MECH, "Mechanism OID is incorrect"
+error_code GSSEAP_BAD_TOK_HEADER, "Token header is malformed or corrupt"
+error_code GSSEAP_BAD_DIRECTION, "Packet was replayed in wrong direction"
+error_code GSSEAP_WRONG_TOK_ID, "Received token ID does not match expected token ID"
+error_code GSSEAP_CRED_USAGE_MISMATCH, "Credential usage does not match requested usage"
error_code GSSEAP_CRIT_EXT_UNAVAILABLE, "Critical extension unavailable"
error_code GSSEAP_MISSING_REQUIRED_EXT, "Missing required extension"
+error_code GSSEAP_INPUT_TOO_LONG, "PRF input too long"
+error_code GSSEAP_CONTEXT_ESTABLISHED, "Context is already fully established"
+error_code GSSEAP_CONTEXT_INCOMPLETE, "Attempt to use incomplete security context"
+error_code GSSEAP_RADSEC_INIT_FAILURE, "Failed to initialise RADIUS library"
+error_code GSSEAP_SAML_INIT_FAILURE, "Failed to initialise SAML library"
+error_code GSSEAP_SHIB_INIT_FAILURE, "Failed to initialise Shibboleth"
+error_code GSSEAP_PEER_INIT_FAILURE, "Failed to initialise EAP state machine"
+error_code GSSEAP_PEER_AUTH_FAILURE, "EAP authentication failure"
+error_code GSSEAP_PEER_BAD_MESSAGE, "Bad EAP message"
+error_code GSSEAP_KEY_UNAVAILABLE, "EAP key unavailable"
+error_code GSSEAP_KEY_TOO_SHORT, "EAP key too short"
+error_code GSSEAP_NO_ATTR_CONTEXT, "Name has no attributes"
+error_code GSSEAP_NO_ATTR_PROVIDERS, "Failed to initialise attribute providers"
+error_code GSSEAP_NO_SUCH_ATTR, "Unknown naming attribute"
+error_code GSSEAP_BAD_ATTR_TOKEN, "Serialised attributes are malformed or corrupt"
+error_code GSSEAP_ATTR_CONTEXT_FAILURE, "Failed to initialise attribute context"
+error_code GSSEAP_BAD_CONTEXT_TOKEN, "Context token is malformed or corrupt"
+error_code GSSEAP_MISSING_IOV, "IOV is missing required buffer"
+error_code GSSEAP_BAD_STREAM_IOV, "Stream IOV can only contain a single data buffer"
end
#include "gssapiP_eap.h"
-#define UPDATE_REMAIN(n) do { \
- p += (n); \
- remain -= (n); \
+#define UPDATE_REMAIN(n) do { \
+ p += (n); \
+ remain -= (n); \
} while (0)
-#define CHECK_REMAIN(n) do { \
- if (remain < (n)) { \
- *minor = ERANGE; \
- return GSS_S_DEFECTIVE_TOKEN; \
- } \
+#define CHECK_REMAIN(n) do { \
+ if (remain < (n)) { \
+ *minor = GSSEAP_WRONG_SIZE; \
+ return GSS_S_DEFECTIVE_TOKEN; \
+ } \
} while (0)
static OM_uint32
oidBuf.length = load_uint32_be(p);
if (remain < 4 + oidBuf.length || oidBuf.length == 0) {
- *minor = ERANGE;
+ *minor = GSSEAP_WRONG_SIZE;
return GSS_S_DEFECTIVE_TOKEN;
}
oidBuf.elements = &p[4];
if (!gssEapIsConcreteMechanismOid(&oidBuf)) {
+ *minor = GSSEAP_WRONG_MECH;
return GSS_S_BAD_MECH;
}
gss_buffer_desc tmp;
if (remain < 12) {
- *minor = ERANGE;
+ *minor = GSSEAP_WRONG_SIZE;
return GSS_S_DEFECTIVE_TOKEN;
}
length = load_uint32_be(&p[8]);
if ((length != 0) != (encryptionType != ENCTYPE_NULL)) {
- *minor = ERANGE;
+ *minor = GSSEAP_BAD_CONTEXT_TOKEN;
return GSS_S_DEFECTIVE_TOKEN;
}
if (remain - 12 < length) {
- *minor = ERANGE;
+ *minor = GSSEAP_WRONG_SIZE;
return GSS_S_DEFECTIVE_TOKEN;
}
gss_buffer_desc tmp;
if (remain < 4) {
- *minor = ERANGE;
+ *minor = GSSEAP_WRONG_SIZE;
return GSS_S_DEFECTIVE_TOKEN;
}
tmp.length = load_uint32_be(p);
if (tmp.length != 0) {
if (remain - 4 < tmp.length) {
- *minor = ERANGE;
+ *minor = GSSEAP_WRONG_SIZE;
return GSS_S_DEFECTIVE_TOKEN;
}
size_t remain = token->length;
if (remain < 16) {
- *minor = ERANGE;
+ *minor = GSSEAP_WRONG_SIZE;
return GSS_S_DEFECTIVE_TOKEN;
}
if (load_uint32_be(&p[0]) != EAP_EXPORT_CONTEXT_V1) {
- *minor = EINVAL;
+ *minor = GSSEAP_BAD_CONTEXT_TOKEN;
return GSS_S_DEFECTIVE_TOKEN;
}
ctx->state = load_uint32_be(&p[4]);
}
if (remain < 24 + sequenceSize(ctx->seqState)) {
- *minor = ERANGE;
+ *minor = GSSEAP_WRONG_SIZE;
return GSS_S_DEFECTIVE_TOKEN;
}
ctx->expiryTime = (time_t)load_uint64_be(&p[0]); /* XXX */
if (GSS_ERROR(major))
return major;
- if (!eap_key_available(ctx->initiatorCtx.eap))
+ if (!eap_key_available(ctx->initiatorCtx.eap)) {
+ *minor = GSSEAP_KEY_UNAVAILABLE;
return GSS_S_UNAVAILABLE;
+ }
key = eap_get_eapKeyData(ctx->initiatorCtx.eap, &keyLength);
- if (keyLength < EAP_EMSK_LEN)
+ if (keyLength < EAP_EMSK_LEN) {
+ *minor = GSSEAP_KEY_TOO_SHORT;
return GSS_S_UNAVAILABLE;
+ }
major = gssEapDeriveRfc3961Key(minor,
&key[EAP_EMSK_LEN / 2],
if (GSS_ERROR(major))
return major;
+ *minor = 0;
return GSS_S_COMPLETE;
}
if (!gssEapInternalizeOid(mech, &ctx->mechanismUsed))
major = duplicateOid(minor, mech, &ctx->mechanismUsed);
} else {
+ *minor = GSSEAP_WRONG_MECH;
major = GSS_S_BAD_MECH;
}
if (GSS_ERROR(major))
int initialContextToken;
initialContextToken = (inputToken->length == 0);
- if (!initialContextToken)
+ if (!initialContextToken) {
+ *minor = GSSEAP_WRONG_SIZE;
return GSS_S_DEFECTIVE_TOKEN;
+ }
major = initBegin(minor, cred, ctx, target, mech,
reqFlags, timeReq, chanBindings,
ctx,
&eapConfig);
if (ctx->initiatorCtx.eap == NULL) {
+ *minor = GSSEAP_PEER_INIT_FAILURE;
major = GSS_S_FAILURE;
goto cleanup;
}
major = GSS_S_CONTINUE_NEEDED;
ctx->state = EAP_STATE_EXTENSIONS_REQ;
} else if (ctx->flags & CTX_FLAG_EAP_FAIL) {
+ *minor = GSSEAP_PEER_AUTH_FAILURE;
major = GSS_S_DEFECTIVE_CREDENTIAL;
} else if (code == 0 && initialContextToken) {
resp = &emptyWpaBuffer;
major = GSS_S_CONTINUE_NEEDED;
} else {
+ *minor = GSSEAP_PEER_BAD_MESSAGE;
major = GSS_S_DEFECTIVE_TOKEN;
}
gss_buffer_t outputToken)
{
/* Called with already established context */
- *minor = EINVAL;
+ *minor = GSSEAP_CONTEXT_ESTABLISHED;
return GSS_S_BAD_STATUS;
}
if (ctx == GSS_C_NO_CONTEXT) {
if (input_token != GSS_C_NO_BUFFER && input_token->length != 0) {
+ *minor = GSSEAP_WRONG_SIZE;
return GSS_S_DEFECTIVE_TOKEN;
}
#ifdef GSSEAP_ENABLE_REAUTH
if (initialContextToken && gssEapCanReauthP(cred, target_name, time_req))
- ctx->state = EAP_STATE_KRB_REAUTH_GSS;
+ ctx->state = EAP_STATE_KRB_REAUTH_GSS;
#endif
if ((cred->flags & CRED_FLAG_INITIATE) == 0) {
+ *minor = GSSEAP_CRED_USAGE_MISMATCH;
major = GSS_S_NO_CRED;
goto cleanup;
}
goto cleanup;
if (tokType != sm->inputTokenType) {
+ *minor = GSSEAP_WRONG_TOK_ID;
major = GSS_S_DEFECTIVE_TOKEN;
goto cleanup;
}
if (known_mech_attrs != NULL)
*known_mech_attrs = GSS_C_NO_OID_SET;
- if (!gssEapIsConcreteMechanismOid((const gss_OID)mech_oid))
+ if (!gssEapIsConcreteMechanismOid((const gss_OID)mech_oid)) {
+ *minor = GSSEAP_WRONG_MECH;
return GSS_S_BAD_MECH;
+ }
if (mech_attrs != NULL) {
major = gss_create_empty_oid_set(minor, mech_attrs);
OM_uint32
gss_inquire_names_for_mech(OM_uint32 *minor,
gss_OID mechanism,
- gss_OID_set *name_types)
+ gss_OID_set *ret_name_types)
{
OM_uint32 major, tmpMinor;
+ gss_OID nameTypes[] = {
+ GSS_C_NT_USER_NAME,
+ GSS_C_NT_HOSTBASED_SERVICE,
+ GSS_C_NT_EXPORT_NAME,
+#ifdef HAVE_GSS_C_NT_COMPOSITE_EXPORT
+ GSS_C_NT_COMPOSITE_EXPORT,
+#endif
+ GSS_EAP_NT_PRINCIPAL_NAME,
+ };
+ size_t i;
if (!gssEapIsMechanismOid(mechanism)) {
*minor = 0;
return GSS_S_BAD_MECH;
}
- major = gss_create_empty_oid_set(minor, name_types);
- if (GSS_ERROR(major))
- goto cleanup;
-
- major = gss_add_oid_set_member(minor, GSS_C_NT_USER_NAME, name_types);
+ major = gss_create_empty_oid_set(minor, ret_name_types);
if (GSS_ERROR(major))
goto cleanup;
- major = gss_add_oid_set_member(minor, GSS_C_NT_HOSTBASED_SERVICE, name_types);
- if (GSS_ERROR(major))
- goto cleanup;
-
- major = gss_add_oid_set_member(minor, GSS_C_NT_EXPORT_NAME, name_types);
- if (GSS_ERROR(major))
- goto cleanup;
-
-#ifdef HAVE_GSS_C_NT_COMPOSITE_EXPORT
- major = gss_add_oid_set_member(minor, GSS_C_NT_COMPOSITE_EXPORT, name_types);
- if (GSS_ERROR(major))
- goto cleanup;
-#endif
-
- major = gss_add_oid_set_member(minor, GSS_EAP_NT_PRINCIPAL_NAME, name_types);
- if (GSS_ERROR(major))
- goto cleanup;
+ for (i = 0; i < sizeof(nameTypes)/sizeof(nameTypes[0]); i++) {
+ major = gss_add_oid_set_member(minor, nameTypes[i], ret_name_types);
+ if (GSS_ERROR(major))
+ goto cleanup;
+ }
cleanup:
if (GSS_ERROR(major))
- gss_release_oid_set(&tmpMinor, name_types);
+ gss_release_oid_set(&tmpMinor, ret_name_types);
return major;
}
GSSEAP_MUTEX_LOCK(&ctx->mutex);
if (!CTX_IS_ESTABLISHED(ctx)) {
+ *minor = GSSEAP_CONTEXT_INCOMPLETE;
major = GSS_S_NO_CONTEXT;
goto cleanup;
}
#!/bin/sh
# install - install a program, script, or datafile
-scriptversion=2006-10-14.15
+scriptversion=2009-04-28.21; # UTC
# This originates from X11R5 (mit/util/scripts/install.sh), which was
# later released in X11R6 (xc/config/util/install.sh) with the
# set DOITPROG to echo to test this script
# Don't use :- since 4.3BSD and earlier shells don't like it.
-doit="${DOITPROG-}"
+doit=${DOITPROG-}
if test -z "$doit"; then
doit_exec=exec
else
# Put in absolute file names if you don't have them in your path;
# or use environment vars.
-mvprog="${MVPROG-mv}"
-cpprog="${CPPROG-cp}"
-chmodprog="${CHMODPROG-chmod}"
-chownprog="${CHOWNPROG-chown}"
-chgrpprog="${CHGRPPROG-chgrp}"
-stripprog="${STRIPPROG-strip}"
-rmprog="${RMPROG-rm}"
-mkdirprog="${MKDIRPROG-mkdir}"
+chgrpprog=${CHGRPPROG-chgrp}
+chmodprog=${CHMODPROG-chmod}
+chownprog=${CHOWNPROG-chown}
+cmpprog=${CMPPROG-cmp}
+cpprog=${CPPROG-cp}
+mkdirprog=${MKDIRPROG-mkdir}
+mvprog=${MVPROG-mv}
+rmprog=${RMPROG-rm}
+stripprog=${STRIPPROG-strip}
+
+posix_glob='?'
+initialize_posix_glob='
+ test "$posix_glob" != "?" || {
+ if (set -f) 2>/dev/null; then
+ posix_glob=
+ else
+ posix_glob=:
+ fi
+ }
+'
-posix_glob=
posix_mkdir=
# Desired mode of installed file.
mode=0755
+chgrpcmd=
chmodcmd=$chmodprog
chowncmd=
-chgrpcmd=
-stripcmd=
+mvcmd=$mvprog
rmcmd="$rmprog -f"
-mvcmd="$mvprog"
+stripcmd=
+
src=
dst=
dir_arg=
-dstarg=
+dst_arg=
+
+copy_on_change=false
no_target_directory=
-usage="Usage: $0 [OPTION]... [-T] SRCFILE DSTFILE
+usage="\
+Usage: $0 [OPTION]... [-T] SRCFILE DSTFILE
or: $0 [OPTION]... SRCFILES... DIRECTORY
or: $0 [OPTION]... -t DIRECTORY SRCFILES...
or: $0 [OPTION]... -d DIRECTORIES...
In the 4th, create DIRECTORIES.
Options:
--c (ignored)
--d create directories instead of installing files.
--g GROUP $chgrpprog installed files to GROUP.
--m MODE $chmodprog installed files to MODE.
--o USER $chownprog installed files to USER.
--s $stripprog installed files.
--t DIRECTORY install into DIRECTORY.
--T report an error if DSTFILE is a directory.
---help display this help and exit.
---version display version info and exit.
+ --help display this help and exit.
+ --version display version info and exit.
+
+ -c (ignored)
+ -C install only if different (preserve the last data modification time)
+ -d create directories instead of installing files.
+ -g GROUP $chgrpprog installed files to GROUP.
+ -m MODE $chmodprog installed files to MODE.
+ -o USER $chownprog installed files to USER.
+ -s $stripprog installed files.
+ -t DIRECTORY install into DIRECTORY.
+ -T report an error if DSTFILE is a directory.
Environment variables override the default commands:
- CHGRPPROG CHMODPROG CHOWNPROG CPPROG MKDIRPROG MVPROG RMPROG STRIPPROG
+ CHGRPPROG CHMODPROG CHOWNPROG CMPPROG CPPROG MKDIRPROG MVPROG
+ RMPROG STRIPPROG
"
while test $# -ne 0; do
case $1 in
- -c) shift
- continue;;
+ -c) ;;
+
+ -C) copy_on_change=true;;
- -d) dir_arg=true
- shift
- continue;;
+ -d) dir_arg=true;;
-g) chgrpcmd="$chgrpprog $2"
- shift
- shift
- continue;;
+ shift;;
--help) echo "$usage"; exit $?;;
-m) mode=$2
- shift
- shift
case $mode in
*' '* | *' '* | *'
'* | *'*'* | *'?'* | *'['*)
echo "$0: invalid mode: $mode" >&2
exit 1;;
esac
- continue;;
+ shift;;
-o) chowncmd="$chownprog $2"
- shift
- shift
- continue;;
+ shift;;
- -s) stripcmd=$stripprog
- shift
- continue;;
+ -s) stripcmd=$stripprog;;
- -t) dstarg=$2
- shift
- shift
- continue;;
+ -t) dst_arg=$2
+ shift;;
- -T) no_target_directory=true
- shift
- continue;;
+ -T) no_target_directory=true;;
--version) echo "$0 $scriptversion"; exit $?;;
*) break;;
esac
+ shift
done
-if test $# -ne 0 && test -z "$dir_arg$dstarg"; then
+if test $# -ne 0 && test -z "$dir_arg$dst_arg"; then
# When -d is used, all remaining arguments are directories to create.
# When -t is used, the destination is already specified.
# Otherwise, the last argument is the destination. Remove it from $@.
for arg
do
- if test -n "$dstarg"; then
+ if test -n "$dst_arg"; then
# $@ is not empty: it contains at least $arg.
- set fnord "$@" "$dstarg"
+ set fnord "$@" "$dst_arg"
shift # fnord
fi
shift # arg
- dstarg=$arg
+ dst_arg=$arg
done
fi
do
# Protect names starting with `-'.
case $src in
- -*) src=./$src ;;
+ -*) src=./$src;;
esac
if test -n "$dir_arg"; then
exit 1
fi
- if test -z "$dstarg"; then
+ if test -z "$dst_arg"; then
echo "$0: no destination specified." >&2
exit 1
fi
- dst=$dstarg
+ dst=$dst_arg
# Protect names starting with `-'.
case $dst in
- -*) dst=./$dst ;;
+ -*) dst=./$dst;;
esac
# If destination is a directory, append the input filename; won't work
# if double slashes aren't ignored.
if test -d "$dst"; then
if test -n "$no_target_directory"; then
- echo "$0: $dstarg: Is a directory" >&2
+ echo "$0: $dst_arg: Is a directory" >&2
exit 1
fi
dstdir=$dst
# directory the slow way, step by step, checking for races as we go.
case $dstdir in
- /*) prefix=/ ;;
- -*) prefix=./ ;;
- *) prefix= ;;
+ /*) prefix='/';;
+ -*) prefix='./';;
+ *) prefix='';;
esac
- case $posix_glob in
- '')
- if (set -f) 2>/dev/null; then
- posix_glob=true
- else
- posix_glob=false
- fi ;;
- esac
+ eval "$initialize_posix_glob"
oIFS=$IFS
IFS=/
- $posix_glob && set -f
+ $posix_glob set -f
set fnord $dstdir
shift
- $posix_glob && set +f
+ $posix_glob set +f
IFS=$oIFS
prefixes=
# ignore errors from any of these, just make sure not to ignore
# errors from the above "$doit $cpprog $src $dsttmp" command.
#
- { test -z "$chowncmd" || $doit $chowncmd "$dsttmp"; } \
- && { test -z "$chgrpcmd" || $doit $chgrpcmd "$dsttmp"; } \
- && { test -z "$stripcmd" || $doit $stripcmd "$dsttmp"; } \
- && { test -z "$chmodcmd" || $doit $chmodcmd $mode "$dsttmp"; } &&
-
- # Now rename the file to the real destination.
- { $doit $mvcmd -f "$dsttmp" "$dst" 2>/dev/null \
- || {
- # The rename failed, perhaps because mv can't rename something else
- # to itself, or perhaps because mv is so ancient that it does not
- # support -f.
-
- # Now remove or move aside any old file at destination location.
- # We try this two ways since rm can't unlink itself on some
- # systems and the destination file might be busy for other
- # reasons. In this case, the final cleanup might fail but the new
- # file should still install successfully.
- {
- if test -f "$dst"; then
- $doit $rmcmd -f "$dst" 2>/dev/null \
- || { $doit $mvcmd -f "$dst" "$rmtmp" 2>/dev/null \
- && { $doit $rmcmd -f "$rmtmp" 2>/dev/null; :; }; }\
- || {
- echo "$0: cannot unlink or rename $dst" >&2
- (exit 1); exit 1
- }
- else
- :
- fi
- } &&
-
- # Now rename the file to the real destination.
- $doit $mvcmd "$dsttmp" "$dst"
- }
- } || exit 1
+ { test -z "$chowncmd" || $doit $chowncmd "$dsttmp"; } &&
+ { test -z "$chgrpcmd" || $doit $chgrpcmd "$dsttmp"; } &&
+ { test -z "$stripcmd" || $doit $stripcmd "$dsttmp"; } &&
+ { test -z "$chmodcmd" || $doit $chmodcmd $mode "$dsttmp"; } &&
+
+ # If -C, don't bother to copy if it wouldn't change the file.
+ if $copy_on_change &&
+ old=`LC_ALL=C ls -dlL "$dst" 2>/dev/null` &&
+ new=`LC_ALL=C ls -dlL "$dsttmp" 2>/dev/null` &&
+
+ eval "$initialize_posix_glob" &&
+ $posix_glob set -f &&
+ set X $old && old=:$2:$4:$5:$6 &&
+ set X $new && new=:$2:$4:$5:$6 &&
+ $posix_glob set +f &&
+
+ test "$old" = "$new" &&
+ $cmpprog "$dst" "$dsttmp" >/dev/null 2>&1
+ then
+ rm -f "$dsttmp"
+ else
+ # Rename the file to the real destination.
+ $doit $mvcmd -f "$dsttmp" "$dst" 2>/dev/null ||
+
+ # The rename failed, perhaps because mv can't rename something else
+ # to itself, or perhaps because mv is so ancient that it does not
+ # support -f.
+ {
+ # Now remove or move aside any old file at destination location.
+ # We try this two ways since rm can't unlink itself on some
+ # systems and the destination file might be busy for other
+ # reasons. In this case, the final cleanup might fail but the new
+ # file should still install successfully.
+ {
+ test ! -f "$dst" ||
+ $doit $rmcmd -f "$dst" 2>/dev/null ||
+ { $doit $mvcmd -f "$dst" "$rmtmp" 2>/dev/null &&
+ { $doit $rmcmd -f "$rmtmp" 2>/dev/null; :; }
+ } ||
+ { echo "$0: cannot unlink or rename $dst" >&2
+ (exit 1); exit 1
+ }
+ } &&
+
+ # Now rename the file to the real destination.
+ $doit $mvcmd "$dsttmp" "$dst"
+ }
+ fi || exit 1
trap '' 0
fi
# eval: (add-hook 'write-file-hooks 'time-stamp)
# time-stamp-start: "scriptversion="
# time-stamp-format: "%:y-%02m-%02d.%02H"
-# time-stamp-end: "$"
+# time-stamp-time-zone: "UTC"
+# time-stamp-end: "; # UTC"
# End:
if (!CTX_IS_ESTABLISHED(ctx)) {
GSSEAP_MUTEX_UNLOCK(&ctx->mutex);
+ *minor = GSSEAP_CONTEXT_INCOMPLETE;
return GSS_S_NO_CONTEXT;
}
if (!CTX_IS_ESTABLISHED(ctx)) {
GSSEAP_MUTEX_UNLOCK(&ctx->mutex);
+ *minor = GSSEAP_CONTEXT_INCOMPLETE;
return GSS_S_NO_CONTEXT;
}
--- /dev/null
+#
+# Copyright (c) 2010, JANET(UK)
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions
+# are met:
+#
+# 1. Redistributions of source code must retain the above copyright
+# notice, this list of conditions and the following disclaimer.
+#
+# 2. Redistributions in binary form must reproduce the above copyright
+# notice, this list of conditions and the following disclaimer in the
+# documentation and/or other materials provided with the distribution.
+#
+# 3. Neither the name of JANET(UK) nor the names of its contributors
+# may be used to endorse or promote products derived from this software
+# without specific prior written permission.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+# ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
+# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+# SUCH DAMAGE.
+#
+
+# Placeholders only
+error_table rse
+
+end
if (!CTX_IS_ESTABLISHED(ctx)) {
major = GSS_S_NO_CONTEXT;
+ *minor = GSSEAP_CONTEXT_INCOMPLETE;
goto cleanup;
}
assert(toktype == TOK_TYPE_WRAP);
if (toktype != TOK_TYPE_WRAP) {
- code = EINVAL;
+ code = GSSEAP_WRONG_TOK_ID;
goto cleanup;
}
if (type == GSS_IOV_BUFFER_TYPE_DATA) {
if (data != NULL) {
/* only a single DATA buffer can appear */
- code = EINVAL;
+ code = GSSEAP_BAD_STREAM_IOV;
goto cleanup;
}
if (data == NULL) {
/* a single DATA buffer must be present */
- code = EINVAL;
+ code = GSSEAP_BAD_STREAM_IOV;
goto cleanup;
}
if (stream->buffer.length < theader->buffer.length +
tpadding->buffer.length +
ttrailer->buffer.length) {
- code = KRB5_BAD_MSIZE;
+ code = GSSEAP_WRONG_SIZE;
major = GSS_S_DEFECTIVE_TOKEN;
goto cleanup;
}
gss_iov_buffer_desc *iov,
int iov_count)
{
- OM_uint32 major = GSS_S_NO_CONTEXT;
+ OM_uint32 major;
if (ctx == GSS_C_NO_CONTEXT) {
*minor = EINVAL;
GSSEAP_MUTEX_LOCK(&ctx->mutex);
- if (CTX_IS_ESTABLISHED(ctx)) {
- major = gssEapUnwrapOrVerifyMIC(minor, ctx, conf_state, qop_state,
- iov, iov_count, TOK_TYPE_WRAP);
+ if (!CTX_IS_ESTABLISHED(ctx)) {
+ *minor = GSSEAP_CONTEXT_INCOMPLETE;
+ major = GSS_S_NO_CONTEXT;
+ goto cleanup;
}
+ major = gssEapUnwrapOrVerifyMIC(minor, ctx, conf_state, qop_state,
+ iov, iov_count, TOK_TYPE_WRAP);
+ if (GSS_ERROR(major))
+ goto cleanup;
+
+cleanup:
GSSEAP_MUTEX_UNLOCK(&ctx->mutex);
return major;
}
static OM_uint32
-gssEapAttrProvidersInit(void)
+gssEapAttrProvidersInit(OM_uint32 *minor)
{
GSSEAP_ONCE(&gssEapAttrProvidersInitOnce, gssEapAttrProvidersInitInternal);
+
+ if (GSS_ERROR(gssEapAttrProvidersInitStatus))
+ *minor = GSSEAP_NO_ATTR_PROVIDERS;
+
return gssEapAttrProvidersInitStatus;
}
gss_OID *MN_mech,
gss_buffer_set_t *attrs)
{
- if (name->attrCtx == NULL)
+ if (name->attrCtx == NULL) {
+ *minor = GSSEAP_NO_ATTR_CONTEXT;
return GSS_S_UNAVAILABLE;
+ }
- if (GSS_ERROR(gssEapAttrProvidersInit()))
+ if (GSS_ERROR(gssEapAttrProvidersInit(minor))) {
return GSS_S_UNAVAILABLE;
+ }
try {
- if (!name->attrCtx->getAttributeTypes(attrs))
+ if (!name->attrCtx->getAttributeTypes(attrs)) {
+ *minor = GSSEAP_NO_ATTR_CONTEXT;
return GSS_S_UNAVAILABLE;
+ }
} catch (std::exception &e) {
return mapException(minor, e);
}
display_value->value = NULL;
}
- if (name->attrCtx == NULL)
+ if (name->attrCtx == NULL) {
+ *minor = GSSEAP_NO_ATTR_CONTEXT;
return GSS_S_UNAVAILABLE;
+ }
- if (GSS_ERROR(gssEapAttrProvidersInit()))
+ if (GSS_ERROR(gssEapAttrProvidersInit(minor))) {
return GSS_S_UNAVAILABLE;
+ }
try {
if (!name->attrCtx->getAttribute(attr, authenticated, complete,
- value, display_value, more))
+ value, display_value, more)) {
+ *minor = GSSEAP_NO_SUCH_ATTR;
+ gssEapSaveStatusInfo(*minor, "Unknown naming attribute %.*s",
+ (int)attr->length, (char *)attr->value);
return GSS_S_UNAVAILABLE;
+ }
} catch (std::exception &e) {
return mapException(minor, e);
}
gss_name_t name,
gss_buffer_t attr)
{
- if (name->attrCtx == NULL)
+ if (name->attrCtx == NULL) {
+ *minor = GSSEAP_NO_ATTR_CONTEXT;
return GSS_S_UNAVAILABLE;
+ }
- if (GSS_ERROR(gssEapAttrProvidersInit()))
+ if (GSS_ERROR(gssEapAttrProvidersInit(minor)))
return GSS_S_UNAVAILABLE;
try {
gss_buffer_t attr,
gss_buffer_t value)
{
- if (name->attrCtx == NULL)
+ if (name->attrCtx == NULL) {
+ *minor = GSSEAP_NO_ATTR_CONTEXT;
return GSS_S_UNAVAILABLE;
+ }
- if (GSS_ERROR(gssEapAttrProvidersInit()))
+ if (GSS_ERROR(gssEapAttrProvidersInit(minor)))
return GSS_S_UNAVAILABLE;
try {
return GSS_S_COMPLETE;
}
- if (GSS_ERROR(gssEapAttrProvidersInit()))
+ if (GSS_ERROR(gssEapAttrProvidersInit(minor)))
return GSS_S_UNAVAILABLE;
try {
assert(name->attrCtx == NULL);
- if (GSS_ERROR(gssEapAttrProvidersInit()))
+ if (GSS_ERROR(gssEapAttrProvidersInit(minor)))
return GSS_S_UNAVAILABLE;
if (buffer->length != 0) {
if (!ctx->initFromBuffer(buffer)) {
delete ctx;
+ *minor = GSSEAP_BAD_ATTR_TOKEN;
return GSS_S_DEFECTIVE_TOKEN;
}
name->attrCtx = ctx;
assert(out->attrCtx == NULL);
- if (GSS_ERROR(gssEapAttrProvidersInit()))
+ if (GSS_ERROR(gssEapAttrProvidersInit(minor)))
return GSS_S_UNAVAILABLE;
try {
ctx = new gss_eap_attr_ctx();
if (!ctx->initFromExistingContext(in->attrCtx)) {
delete ctx;
+ *minor = GSSEAP_ATTR_CONTEXT_FAILURE;
return GSS_S_FAILURE;
}
out->attrCtx = ctx;
gss_buffer_t type_id,
gss_any_t *output)
{
- if (name->attrCtx == NULL)
+ if (name->attrCtx == NULL) {
+ *minor = GSSEAP_NO_ATTR_CONTEXT;
return GSS_S_UNAVAILABLE;
+ }
- if (GSS_ERROR(gssEapAttrProvidersInit()))
+ if (GSS_ERROR(gssEapAttrProvidersInit(minor)))
return GSS_S_UNAVAILABLE;
try {
gss_buffer_t type_id,
gss_any_t *input)
{
- if (name->attrCtx == NULL)
+ if (name->attrCtx == NULL) {
+ *minor = GSSEAP_NO_ATTR_CONTEXT;
return GSS_S_UNAVAILABLE;
+ }
- if (GSS_ERROR(gssEapAttrProvidersInit()))
+ if (GSS_ERROR(gssEapAttrProvidersInit(minor)))
return GSS_S_UNAVAILABLE;
try {
gss_ctx_id_t gssCtx)
{
gss_eap_attr_ctx *ctx;
+ OM_uint32 tmpMinor;
assert(gssCtx != GSS_C_NO_CONTEXT);
- if (GSS_ERROR(gssEapAttrProvidersInit()))
+ if (GSS_ERROR(gssEapAttrProvidersInit(&tmpMinor)))
return NULL;
ctx = new gss_eap_attr_ctx();
return major;
if (ctx->mechanismUsed == GSS_C_NO_OID) {
- if (!gssEapIsConcreteMechanismOid(oid))
+ if (!gssEapIsConcreteMechanismOid(oid)) {
+ *minor = GSSEAP_WRONG_MECH;
return GSS_S_BAD_MECH;
+ }
if (!gssEapInternalizeOid(oid, &ctx->mechanismUsed)) {
major = duplicateOid(minor, oid, &ctx->mechanismUsed);
cred->flags |= CRED_FLAG_ACCEPT;
break;
default:
+ *minor = GSSEAP_BAD_USAGE;
major = GSS_S_FAILURE;
goto cleanup;
break;
#define CHECK_REMAIN(n) do { \
if (remain < (n)) { \
- *minor = ERANGE; \
+ *minor = GSSEAP_WRONG_SIZE; \
major = GSS_S_BAD_NAME; \
goto cleanup; \
} \
return GSS_S_FAILURE;
}
if (oid->length < prefix_len) {
- *minor = ERANGE;
+ *minor = GSSEAP_WRONG_SIZE;
return GSS_S_FAILURE;
}
for (i = 0; i < slen; i++) {
*suffix = (*suffix << 7) | (op[i] & 0x7f);
if (i + 1 != slen && (op[i] & 0x80) == 0) {
- *minor = EINVAL;
+ *minor = GSSEAP_WRONG_SIZE;
return GSS_S_FAILURE;
}
}
OM_uint32
gssEapRadiusAttrProviderInit(OM_uint32 *minor)
{
- return gss_eap_radius_attr_provider::init()
- ? GSS_S_COMPLETE : GSS_S_FAILURE;
+ if (!gss_eap_radius_attr_provider::init()) {
+ *minor = GSSEAP_RADSEC_INIT_FAILURE;
+ return GSS_S_FAILURE;
+ }
+
+ return GSS_S_COMPLETE;
}
OM_uint32
}
/* partition error namespace so it does not conflict with krb5 */
-#define ERROR_TABLE_BASE_rse (46882560L)
-
#define RS_TO_COM_ERR(rse) ((rse) == RSE_OK ? 0 : (rse) + ERROR_TABLE_BASE_rse)
#define COM_TO_RS_ERR(err) ((err) > ERROR_TABLE_BASE_rse && \
(err) <= (ERROR_TABLE_BASE_rse + RSE_SOME_ERROR) ? \
*minor = RS_TO_COM_ERR(code);
- gssEapSaveStatusInfo(*minor, "radsec: %s", rs_err_msg(err, 0));
+ gssEapSaveStatusInfo(*minor, "%s", rs_err_msg(err, 0));
rs_err_free(err);
return GSS_S_FAILURE;
OM_uint32
gssEapSamlAttrProvidersInit(OM_uint32 *minor)
{
- if (gss_eap_saml_assertion_provider::init() &&
- gss_eap_saml_attr_provider::init())
- return GSS_S_COMPLETE;
+ if (!gss_eap_saml_assertion_provider::init() ||
+ !gss_eap_saml_attr_provider::init()) {
+ *minor = GSSEAP_SAML_INIT_FAILURE;
+ return GSS_S_FAILURE;
+ }
- return GSS_S_FAILURE;
+ return GSS_S_COMPLETE;
}
OM_uint32
OM_uint32
gssEapLocalAttrProviderInit(OM_uint32 *minor)
{
- return gss_eap_shib_attr_provider::init()
- ? GSS_S_COMPLETE : GSS_S_FAILURE;
+ if (!gss_eap_shib_attr_provider::init()) {
+ *minor = GSSEAP_SHIB_INIT_FAILURE;
+ return GSS_S_FAILURE;
+ }
+ return GSS_S_COMPLETE;
}
OM_uint32
gss_OID_desc toid;
ssize_t toksize = (ssize_t)toksize_in;
- *minor = 0;
+ *minor = GSSEAP_BAD_TOK_HEADER;
if (ret_tok_type != NULL)
*ret_tok_type = TOK_TYPE_NONE;
if (toid.length == 0)
return GSS_S_BAD_MECH;
} else if (!oidEqual(&toid, mech)) {
+ *minor = GSSEAP_WRONG_MECH;
return GSS_S_BAD_MECH;
}
*ret_tok_type = load_uint16_be(buf);
buf += 2;
}
+
*buf_in = buf;
*body_size = toksize;
+ *minor = 0;
return GSS_S_COMPLETE;
}
gss_iov_buffer_desc iov[3];
int conf_state;
- *minor = 0;
-
if (message_token->length < 16) {
- *minor = KRB5_BAD_MSIZE;
+ *minor = GSSEAP_WRONG_SIZE;
return GSS_S_BAD_SIG;
}
+ *minor = 0;
+
iov[0].type = GSS_IOV_BUFFER_TYPE_DATA;
iov[0].buffer = *message_buffer;
GSSEAP_MUTEX_LOCK(&ctx->mutex);
if (!CTX_IS_ESTABLISHED(ctx)) {
+ *minor = GSSEAP_CONTEXT_INCOMPLETE;
major = GSS_S_NO_CONTEXT;
goto cleanup;
}
header = gssEapLocateIov(iov, iov_count, GSS_IOV_BUFFER_TYPE_HEADER);
if (header == NULL) {
- *minor = EINVAL;
+ *minor = GSSEAP_MISSING_IOV;
return GSS_S_FAILURE;
}
if (header->type & GSS_IOV_BUFFER_FLAG_ALLOCATE) {
code = gssEapAllocIov(header, (size_t)gssHeaderLen);
} else if (header->buffer.length < gssHeaderLen)
- code = KRB5_BAD_MSIZE;
+ code = GSSEAP_WRONG_SIZE;
if (code != 0)
goto cleanup;
outbuf = (unsigned char *)header->buffer.value;
if (trailer->type & GSS_IOV_BUFFER_FLAG_ALLOCATE)
code = gssEapAllocIov(trailer, (size_t)gssTrailerLen);
else if (trailer->buffer.length < gssTrailerLen)
- code = KRB5_BAD_MSIZE;
+ code = GSSEAP_WRONG_SIZE;
if (code != 0)
goto cleanup;
trailer->buffer.length = (size_t)gssTrailerLen;
if (header->type & GSS_IOV_BUFFER_FLAG_ALLOCATE)
code = gssEapAllocIov(header, (size_t)gssHeaderLen);
else if (header->buffer.length < gssHeaderLen)
- code = KRB5_BAD_MSIZE;
+ code = GSSEAP_WRONG_SIZE;
if (code != 0)
goto cleanup;
outbuf = (unsigned char *)header->buffer.value;
if (trailer->type & GSS_IOV_BUFFER_FLAG_ALLOCATE)
code = gssEapAllocIov(trailer, (size_t)gssTrailerLen);
else if (trailer->buffer.length < gssTrailerLen)
- code = KRB5_BAD_MSIZE;
+ code = GSSEAP_WRONG_SIZE;
if (code != 0)
goto cleanup;
trailer->buffer.length = (size_t)gssTrailerLen;
GSSEAP_MUTEX_LOCK(&ctx->mutex);
if (!CTX_IS_ESTABLISHED(ctx)) {
+ *minor = GSSEAP_CONTEXT_INCOMPLETE;
major = GSS_S_NO_CONTEXT;
goto cleanup;
}
header = gssEapLocateIov(iov, iov_count, GSS_IOV_BUFFER_TYPE_HEADER);
if (header == NULL) {
- *minor = EINVAL;
+ *minor = GSSEAP_MISSING_IOV;
return GSS_S_FAILURE;
}
INIT_IOV_DATA(header);
GSSEAP_MUTEX_LOCK(&ctx->mutex);
if (!CTX_IS_ESTABLISHED(ctx)) {
+ *minor = GSSEAP_CONTEXT_INCOMPLETE;
major = GSS_S_NO_CONTEXT;
goto cleanup;
}
GSSEAP_MUTEX_LOCK(&ctx->mutex);
if (!CTX_IS_ESTABLISHED(ctx)) {
+ *minor = GSSEAP_CONTEXT_INCOMPLETE;
major = GSS_S_NO_CONTEXT;
goto cleanup;
}