Better error reporting through com_err

diff --git a/.gitignore b/.gitignore
index 6cc5e45..06a3924 100644 (file)
--- a/.gitignore
+++ b/.gitignore
@@ -15,6 +15,7 @@
 /missing
 
 /gsseap_err.[ch]
 /missing
 
 /gsseap_err.[ch]

+/radsec_err.[ch]

 
 .DS_Store
 
 
 .DS_Store
 

diff --git a/Makefile.am b/Makefile.am
index 7ce3113..f44d87b 100644 (file)
--- a/Makefile.am
+++ b/Makefile.am
@@ -57,6 +57,7 @@ mech_eap_la_SOURCES =                         \
        map_name_to_any.c                       \
        process_context_token.c                 \
        pseudo_random.c                         \
        map_name_to_any.c                       \
        process_context_token.c                 \
        pseudo_random.c                         \

+       radsec_err.c                            \

        release_any_name_mapping.c              \
        release_cred.c                          \
        release_name.c                          \
        release_any_name_mapping.c              \
        release_cred.c                          \
        release_name.c                          \


@@ -104,8 +105,15 @@ radius_ad_la_LIBADD  = @KRB5_LIBS@
 radius_ad_la_SOURCES = util_adshim.c
 endif
 
 radius_ad_la_SOURCES = util_adshim.c
 endif
 

-gsseap_err.c: gsseap_err.et
+gsseap_err.h: gsseap_err.et

        $(prefix)/bin/compile_et $<
 
        $(prefix)/bin/compile_et $<
 

+gsseap_err.c: gsseap_err.h
+
+radsec_err.h: radsec_err.et
+       $(prefix)/bin/compile_et $<
+
+radsec_err.c: radsec_err.h
+

 clean-generic:
 clean-generic:

-       rm -f gsseap_err.[ch]
+       rm -f gsseap_err.[ch] radsec_err.[ch]

diff --git a/accept_sec_context.c b/accept_sec_context.c
index bac6523..c68548f 100644 (file)
--- a/accept_sec_context.c
+++ b/accept_sec_context.c
@@ -76,8 +76,10 @@ acceptReadyEap(OM_uint32 *minor, gss_ctx_id_t ctx, gss_cred_id_t cred)
 
     major = gssEapRadiusGetRawAvp(minor, ctx->acceptorCtx.vps,
                                   PW_MS_MPPE_SEND_KEY, VENDORPEC_MS, &vp);
 
     major = gssEapRadiusGetRawAvp(minor, ctx->acceptorCtx.vps,
                                   PW_MS_MPPE_SEND_KEY, VENDORPEC_MS, &vp);

-    if (GSS_ERROR(major))
-        return major;
+    if (GSS_ERROR(major)) {
+        *minor = GSSEAP_KEY_UNAVAILABLE;
+        return GSS_S_UNAVAILABLE;
+    }

 
     major = gssEapDeriveRfc3961Key(minor,
                                    vp->vp_octets,
 
     major = gssEapDeriveRfc3961Key(minor,
                                    vp->vp_octets,


@@ -249,8 +251,10 @@ createRadiusHandle(OM_uint32 *minor,
     assert(actx->radHandle == NULL);
     assert(actx->radConn == NULL);
 
     assert(actx->radHandle == NULL);
     assert(actx->radConn == NULL);
 

-    if (rs_context_create(&actx->radHandle, RS_DICT_FILE) != 0)
+    if (rs_context_create(&actx->radHandle, RS_DICT_FILE) != 0) {
+        *minor = GSSEAP_RADSEC_INIT_FAILURE;

         return GSS_S_FAILURE;
         return GSS_S_FAILURE;

+    }

 
     if (cred != GSS_C_NO_CREDENTIAL) {
         if (cred->radiusConfigFile != NULL)
 
     if (cred != GSS_C_NO_CREDENTIAL) {
         if (cred->radiusConfigFile != NULL)


@@ -454,7 +458,7 @@ eapGssSmAcceptEstablished(OM_uint32 *minor,
                           gss_buffer_t outputToken)
 {
     /* Called with already established context */
                           gss_buffer_t outputToken)
 {
     /* Called with already established context */

-    *minor = EINVAL;
+    *minor = GSSEAP_CONTEXT_ESTABLISHED;

     return GSS_S_BAD_STATUS;
 }
 
     return GSS_S_BAD_STATUS;
 }
 


@@ -525,6 +529,7 @@ gss_accept_sec_context(OM_uint32 *minor,
         GSSEAP_MUTEX_LOCK(&cred->mutex);
 
         if ((cred->flags & CRED_FLAG_ACCEPT) == 0) {
         GSSEAP_MUTEX_LOCK(&cred->mutex);
 
         if ((cred->flags & CRED_FLAG_ACCEPT) == 0) {

+            *minor = GSSEAP_CRED_USAGE_MISMATCH;

             major = GSS_S_NO_CRED;
             goto cleanup;
         }
             major = GSS_S_NO_CRED;
             goto cleanup;
         }


@@ -538,6 +543,7 @@ gss_accept_sec_context(OM_uint32 *minor,
         goto cleanup;
 
     if (!gssEapCredAvailable(cred, ctx->mechanismUsed)) {
         goto cleanup;
 
     if (!gssEapCredAvailable(cred, ctx->mechanismUsed)) {

+        *minor = GSSEAP_WRONG_MECH;

         major = GSS_S_BAD_MECH;
         goto cleanup;
     }
         major = GSS_S_BAD_MECH;
         goto cleanup;
     }


@@ -554,6 +560,7 @@ gss_accept_sec_context(OM_uint32 *minor,
     } else
 #endif
     if (tokType != sm->inputTokenType) {
     } else
 #endif
     if (tokType != sm->inputTokenType) {

+        *minor = GSSEAP_WRONG_TOK_ID;

         major = GSS_S_DEFECTIVE_TOKEN;
         goto cleanup;
     }
         major = GSS_S_DEFECTIVE_TOKEN;
         goto cleanup;
     }

diff --git a/autogen.sh b/autogen.sh
index 42cb684..0928bcf 100755 (executable)
--- a/autogen.sh
+++ b/autogen.sh
@@ -1,4 +1,7 @@
 #! /bin/sh
 #! /bin/sh

+
+PATH=/usr/local/bin:$PATH
+

 if [ -x "`which autoreconf 2>/dev/null`" ] ; then
    exec autoreconf -ivf
 fi
 if [ -x "`which autoreconf 2>/dev/null`" ] ; then
    exec autoreconf -ivf
 fi

diff --git a/config.guess b/config.guess
index 396482d..dc84c68 100755 (executable)
--- a/config.guess
+++ b/config.guess
@@ -1,10 +1,10 @@
 #! /bin/sh
 # Attempt to guess a canonical system name.
 #   Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999,
 #! /bin/sh
 # Attempt to guess a canonical system name.
 #   Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999,

-#   2000, 2001, 2002, 2003, 2004, 2005, 2006 Free Software Foundation,
-#   Inc.
+#   2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009
+#   Free Software Foundation, Inc.

 
 

-timestamp='2006-07-02'
+timestamp='2009-11-20'

 
 # This file is free software; you can redistribute it and/or modify it
 # under the terms of the GNU General Public License as published by
 
 # This file is free software; you can redistribute it and/or modify it
 # under the terms of the GNU General Public License as published by


@@ -27,16 +27,16 @@ timestamp='2006-07-02'
 # the same distribution terms that you use for the rest of that program.
 
 
 # the same distribution terms that you use for the rest of that program.
 
 

-# Originally written by Per Bothner <per@bothner.com>.
-# Please send patches to <config-patches@gnu.org>.  Submit a context
-# diff and a properly formatted ChangeLog entry.
+# Originally written by Per Bothner.  Please send patches (context
+# diff format) to <config-patches@gnu.org> and include a ChangeLog
+# entry.

 #
 # This script attempts to guess a canonical system name similar to
 # config.sub.  If it succeeds, it prints the system name on stdout, and
 # exits with 0.  Otherwise, it exits with 1.
 #
 #
 # This script attempts to guess a canonical system name similar to
 # config.sub.  If it succeeds, it prints the system name on stdout, and
 # exits with 0.  Otherwise, it exits with 1.
 #

-# The plan is that this can be called by configure scripts if you
-# don't specify an explicit build system type.
+# You can get the latest version of this script from:
+# http://git.savannah.gnu.org/gitweb/?p=config.git;a=blob_plain;f=config.guess;hb=HEAD

 
 me=`echo "$0" | sed -e 's,.*/,,'`
 
 
 me=`echo "$0" | sed -e 's,.*/,,'`
 


@@ -56,8 +56,8 @@ version="\
 GNU config.guess ($timestamp)
 
 Originally written by Per Bothner.
 GNU config.guess ($timestamp)
 
 Originally written by Per Bothner.

-Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005
-Free Software Foundation, Inc.
+Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001,
+2002, 2003, 2004, 2005, 2006, 2007, 2008 Free Software Foundation, Inc.

 
 This is free software; see the source for copying conditions.  There is NO
 warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE."
 
 This is free software; see the source for copying conditions.  There is NO
 warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE."


@@ -161,6 +161,7 @@ case "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" in
            arm*) machine=arm-unknown ;;
            sh3el) machine=shl-unknown ;;
            sh3eb) machine=sh-unknown ;;
            arm*) machine=arm-unknown ;;
            sh3el) machine=shl-unknown ;;
            sh3eb) machine=sh-unknown ;;

+           sh5el) machine=sh5le-unknown ;;

            *) machine=${UNAME_MACHINE_ARCH}-unknown ;;
        esac
        # The Operating System including object format, if it has switched
            *) machine=${UNAME_MACHINE_ARCH}-unknown ;;
        esac
        # The Operating System including object format, if it has switched


@@ -169,7 +170,7 @@ case "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" in
            arm*|i386|m68k|ns32k|sh3*|sparc|vax)
                eval $set_cc_for_build
                if echo __ELF__ | $CC_FOR_BUILD -E - 2>/dev/null \
            arm*|i386|m68k|ns32k|sh3*|sparc|vax)
                eval $set_cc_for_build
                if echo __ELF__ | $CC_FOR_BUILD -E - 2>/dev/null \

-                       | grep __ELF__ >/dev/null
+                       | grep -q __ELF__

                then
                    # Once all utilities can be ECOFF (netbsdecoff) or a.out (netbsdaout).
                    # Return netbsd for either.  FIX?
                then
                    # Once all utilities can be ECOFF (netbsdecoff) or a.out (netbsdaout).
                    # Return netbsd for either.  FIX?


@@ -323,14 +324,33 @@ case "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" in
        case `/usr/bin/uname -p` in
            sparc) echo sparc-icl-nx7; exit ;;
        esac ;;
        case `/usr/bin/uname -p` in
            sparc) echo sparc-icl-nx7; exit ;;
        esac ;;

+    s390x:SunOS:*:*)
+       echo ${UNAME_MACHINE}-ibm-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'`
+       exit ;;

     sun4H:SunOS:5.*:*)
        echo sparc-hal-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'`
        exit ;;
     sun4*:SunOS:5.*:* | tadpole*:SunOS:5.*:*)
        echo sparc-sun-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'`
        exit ;;
     sun4H:SunOS:5.*:*)
        echo sparc-hal-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'`
        exit ;;
     sun4*:SunOS:5.*:* | tadpole*:SunOS:5.*:*)
        echo sparc-sun-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'`
        exit ;;

-    i86pc:SunOS:5.*:*)
-       echo i386-pc-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'`
+    i86pc:AuroraUX:5.*:* | i86xen:AuroraUX:5.*:*)
+       echo i386-pc-auroraux${UNAME_RELEASE}
+       exit ;;
+    i86pc:SunOS:5.*:* | i86xen:SunOS:5.*:*)
+       eval $set_cc_for_build
+       SUN_ARCH="i386"
+       # If there is a compiler, see if it is configured for 64-bit objects.
+       # Note that the Sun cc does not turn __LP64__ into 1 like gcc does.
+       # This test works for both compilers.
+       if [ "$CC_FOR_BUILD" != 'no_compiler_found' ]; then
+           if (echo '#ifdef __amd64'; echo IS_64BIT_ARCH; echo '#endif') | \
+               (CCOPTS= $CC_FOR_BUILD -E - 2>/dev/null) | \
+               grep IS_64BIT_ARCH >/dev/null
+           then
+               SUN_ARCH="x86_64"
+           fi
+       fi
+       echo ${SUN_ARCH}-pc-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'`

        exit ;;
     sun4*:SunOS:6*:*)
        # According to config.sub, this is the proper way to canonicalize
        exit ;;
     sun4*:SunOS:6*:*)
        # According to config.sub, this is the proper way to canonicalize


@@ -531,7 +551,7 @@ EOF
                echo rs6000-ibm-aix3.2
        fi
        exit ;;
                echo rs6000-ibm-aix3.2
        fi
        exit ;;

-    *:AIX:*:[45])
+    *:AIX:*:[456])

        IBM_CPU_ID=`/usr/sbin/lsdev -C -c processor -S available | sed 1q | awk '{ print $1 }'`
        if /usr/sbin/lsattr -El ${IBM_CPU_ID} | grep ' POWER' >/dev/null 2>&1; then
                IBM_ARCH=rs6000
        IBM_CPU_ID=`/usr/sbin/lsdev -C -c processor -S available | sed 1q | awk '{ print $1 }'`
        if /usr/sbin/lsattr -El ${IBM_CPU_ID} | grep ' POWER' >/dev/null 2>&1; then
                IBM_ARCH=rs6000


@@ -639,7 +659,7 @@ EOF
            # => hppa64-hp-hpux11.23
 
            if echo __LP64__ | (CCOPTS= $CC_FOR_BUILD -E - 2>/dev/null) |
            # => hppa64-hp-hpux11.23
 
            if echo __LP64__ | (CCOPTS= $CC_FOR_BUILD -E - 2>/dev/null) |

-               grep __LP64__ >/dev/null
+               grep -q __LP64__

            then
                HP_ARCH="hppa2.0w"
            else
            then
                HP_ARCH="hppa2.0w"
            else


@@ -780,7 +800,7 @@ EOF
     i*:CYGWIN*:*)
        echo ${UNAME_MACHINE}-pc-cygwin
        exit ;;
     i*:CYGWIN*:*)
        echo ${UNAME_MACHINE}-pc-cygwin
        exit ;;

-    i*:MINGW*:*)
+    *:MINGW*:*)

        echo ${UNAME_MACHINE}-pc-mingw32
        exit ;;
     i*:windows32*:*)
        echo ${UNAME_MACHINE}-pc-mingw32
        exit ;;
     i*:windows32*:*)


@@ -790,15 +810,24 @@ EOF
     i*:PW*:*)
        echo ${UNAME_MACHINE}-pc-pw32
        exit ;;
     i*:PW*:*)
        echo ${UNAME_MACHINE}-pc-pw32
        exit ;;

-    x86:Interix*:[3456]*)
-       echo i586-pc-interix${UNAME_RELEASE}
-       exit ;;
-    EM64T:Interix*:[3456]*)
-       echo x86_64-unknown-interix${UNAME_RELEASE}
-       exit ;;
+    *:Interix*:*)
+       case ${UNAME_MACHINE} in
+           x86)
+               echo i586-pc-interix${UNAME_RELEASE}
+               exit ;;
+           authenticamd | genuineintel | EM64T)
+               echo x86_64-unknown-interix${UNAME_RELEASE}
+               exit ;;
+           IA64)
+               echo ia64-unknown-interix${UNAME_RELEASE}
+               exit ;;
+       esac ;;

     [345]86:Windows_95:* | [345]86:Windows_98:* | [345]86:Windows_NT:*)
        echo i${UNAME_MACHINE}-pc-mks
        exit ;;
     [345]86:Windows_95:* | [345]86:Windows_98:* | [345]86:Windows_NT:*)
        echo i${UNAME_MACHINE}-pc-mks
        exit ;;

+    8664:Windows_NT:*)
+       echo x86_64-pc-mks
+       exit ;;

     i*:Windows_NT*:* | Pentium*:Windows_NT*:*)
        # How do we know it's Interix rather than the generic POSIX subsystem?
        # It also conflicts with pre-2.0 versions of AT&T UWIN. Should we
     i*:Windows_NT*:* | Pentium*:Windows_NT*:*)
        # How do we know it's Interix rather than the generic POSIX subsystem?
        # It also conflicts with pre-2.0 versions of AT&T UWIN. Should we


@@ -828,8 +857,29 @@ EOF
     i*86:Minix:*:*)
        echo ${UNAME_MACHINE}-pc-minix
        exit ;;
     i*86:Minix:*:*)
        echo ${UNAME_MACHINE}-pc-minix
        exit ;;

+    alpha:Linux:*:*)
+       case `sed -n '/^cpu model/s/^.*: \(.*\)/\1/p' < /proc/cpuinfo` in
+         EV5)   UNAME_MACHINE=alphaev5 ;;
+         EV56)  UNAME_MACHINE=alphaev56 ;;
+         PCA56) UNAME_MACHINE=alphapca56 ;;
+         PCA57) UNAME_MACHINE=alphapca56 ;;
+         EV6)   UNAME_MACHINE=alphaev6 ;;
+         EV67)  UNAME_MACHINE=alphaev67 ;;
+         EV68*) UNAME_MACHINE=alphaev68 ;;
+        esac
+       objdump --private-headers /bin/sh | grep -q ld.so.1
+       if test "$?" = 0 ; then LIBC="libc1" ; else LIBC="" ; fi
+       echo ${UNAME_MACHINE}-unknown-linux-gnu${LIBC}
+       exit ;;

     arm*:Linux:*:*)
     arm*:Linux:*:*)

-       echo ${UNAME_MACHINE}-unknown-linux-gnu
+       eval $set_cc_for_build
+       if echo __ARM_EABI__ | $CC_FOR_BUILD -E - 2>/dev/null \
+           | grep -q __ARM_EABI__
+       then
+           echo ${UNAME_MACHINE}-unknown-linux-gnu
+       else
+           echo ${UNAME_MACHINE}-unknown-linux-gnueabi
+       fi

        exit ;;
     avr32*:Linux:*:*)
        echo ${UNAME_MACHINE}-unknown-linux-gnu
        exit ;;
     avr32*:Linux:*:*)
        echo ${UNAME_MACHINE}-unknown-linux-gnu


@@ -843,6 +893,17 @@ EOF
     frv:Linux:*:*)
        echo frv-unknown-linux-gnu
        exit ;;
     frv:Linux:*:*)
        echo frv-unknown-linux-gnu
        exit ;;

+    i*86:Linux:*:*)
+       LIBC=gnu
+       eval $set_cc_for_build
+       sed 's/^        //' << EOF >$dummy.c
+       #ifdef __dietlibc__
+       LIBC=dietlibc
+       #endif
+EOF
+       eval `$CC_FOR_BUILD -E $dummy.c 2>/dev/null | grep '^LIBC'`
+       echo "${UNAME_MACHINE}-pc-linux-${LIBC}"
+       exit ;;

     ia64:Linux:*:*)
        echo ${UNAME_MACHINE}-unknown-linux-gnu
        exit ;;
     ia64:Linux:*:*)
        echo ${UNAME_MACHINE}-unknown-linux-gnu
        exit ;;


@@ -852,74 +913,33 @@ EOF
     m68*:Linux:*:*)
        echo ${UNAME_MACHINE}-unknown-linux-gnu
        exit ;;
     m68*:Linux:*:*)
        echo ${UNAME_MACHINE}-unknown-linux-gnu
        exit ;;

-    mips:Linux:*:*)
-       eval $set_cc_for_build
-       sed 's/^        //' << EOF >$dummy.c
-       #undef CPU
-       #undef mips
-       #undef mipsel
-       #if defined(__MIPSEL__) || defined(__MIPSEL) || defined(_MIPSEL) || defined(MIPSEL)
-       CPU=mipsel
-       #else
-       #if defined(__MIPSEB__) || defined(__MIPSEB) || defined(_MIPSEB) || defined(MIPSEB)
-       CPU=mips
-       #else
-       CPU=
-       #endif
-       #endif
-EOF
-       eval "`$CC_FOR_BUILD -E $dummy.c 2>/dev/null | sed -n '
-           /^CPU/{
-               s: ::g
-               p
-           }'`"
-       test x"${CPU}" != x && { echo "${CPU}-unknown-linux-gnu"; exit; }
-       ;;
-    mips64:Linux:*:*)
+    mips:Linux:*:* | mips64:Linux:*:*)

        eval $set_cc_for_build
        sed 's/^        //' << EOF >$dummy.c
        #undef CPU
        eval $set_cc_for_build
        sed 's/^        //' << EOF >$dummy.c
        #undef CPU

-       #undef mips64
-       #undef mips64el
+       #undef ${UNAME_MACHINE}
+       #undef ${UNAME_MACHINE}el

        #if defined(__MIPSEL__) || defined(__MIPSEL) || defined(_MIPSEL) || defined(MIPSEL)
        #if defined(__MIPSEL__) || defined(__MIPSEL) || defined(_MIPSEL) || defined(MIPSEL)

-       CPU=mips64el
+       CPU=${UNAME_MACHINE}el

        #else
        #if defined(__MIPSEB__) || defined(__MIPSEB) || defined(_MIPSEB) || defined(MIPSEB)
        #else
        #if defined(__MIPSEB__) || defined(__MIPSEB) || defined(_MIPSEB) || defined(MIPSEB)

-       CPU=mips64
+       CPU=${UNAME_MACHINE}

        #else
        CPU=
        #endif
        #endif
 EOF
        #else
        CPU=
        #endif
        #endif
 EOF

-       eval "`$CC_FOR_BUILD -E $dummy.c 2>/dev/null | sed -n '
-           /^CPU/{
-               s: ::g
-               p
-           }'`"
+       eval `$CC_FOR_BUILD -E $dummy.c 2>/dev/null | grep '^CPU'`

        test x"${CPU}" != x && { echo "${CPU}-unknown-linux-gnu"; exit; }
        ;;
     or32:Linux:*:*)
        echo or32-unknown-linux-gnu
        exit ;;
        test x"${CPU}" != x && { echo "${CPU}-unknown-linux-gnu"; exit; }
        ;;
     or32:Linux:*:*)
        echo or32-unknown-linux-gnu
        exit ;;

-    ppc:Linux:*:*)
-       echo powerpc-unknown-linux-gnu
+    padre:Linux:*:*)
+       echo sparc-unknown-linux-gnu

        exit ;;
        exit ;;

-    ppc64:Linux:*:*)
-       echo powerpc64-unknown-linux-gnu
-       exit ;;
-    alpha:Linux:*:*)
-       case `sed -n '/^cpu model/s/^.*: \(.*\)/\1/p' < /proc/cpuinfo` in
-         EV5)   UNAME_MACHINE=alphaev5 ;;
-         EV56)  UNAME_MACHINE=alphaev56 ;;
-         PCA56) UNAME_MACHINE=alphapca56 ;;
-         PCA57) UNAME_MACHINE=alphapca56 ;;
-         EV6)   UNAME_MACHINE=alphaev6 ;;
-         EV67)  UNAME_MACHINE=alphaev67 ;;
-         EV68*) UNAME_MACHINE=alphaev68 ;;
-        esac
-       objdump --private-headers /bin/sh | grep ld.so.1 >/dev/null
-       if test "$?" = 0 ; then LIBC="libc1" ; else LIBC="" ; fi
-       echo ${UNAME_MACHINE}-unknown-linux-gnu${LIBC}
+    parisc64:Linux:*:* | hppa64:Linux:*:*)
+       echo hppa64-unknown-linux-gnu

        exit ;;
     parisc:Linux:*:* | hppa:Linux:*:*)
        # Look for CPU level
        exit ;;
     parisc:Linux:*:* | hppa:Linux:*:*)
        # Look for CPU level


@@ -929,8 +949,11 @@ EOF
          *)    echo hppa-unknown-linux-gnu ;;
        esac
        exit ;;
          *)    echo hppa-unknown-linux-gnu ;;
        esac
        exit ;;

-    parisc64:Linux:*:* | hppa64:Linux:*:*)
-       echo hppa64-unknown-linux-gnu
+    ppc64:Linux:*:*)
+       echo powerpc64-unknown-linux-gnu
+       exit ;;
+    ppc:Linux:*:*)
+       echo powerpc-unknown-linux-gnu

        exit ;;
     s390:Linux:*:* | s390x:Linux:*:*)
        echo ${UNAME_MACHINE}-ibm-linux
        exit ;;
     s390:Linux:*:* | s390x:Linux:*:*)
        echo ${UNAME_MACHINE}-ibm-linux


@@ -950,69 +973,9 @@ EOF
     x86_64:Linux:*:*)
        echo x86_64-unknown-linux-gnu
        exit ;;
     x86_64:Linux:*:*)
        echo x86_64-unknown-linux-gnu
        exit ;;

-    i*86:Linux:*:*)
-       # The BFD linker knows what the default object file format is, so
-       # first see if it will tell us. cd to the root directory to prevent
-       # problems with other programs or directories called `ld' in the path.
-       # Set LC_ALL=C to ensure ld outputs messages in English.
-       ld_supported_targets=`cd /; LC_ALL=C ld --help 2>&1 \
-                        | sed -ne '/supported targets:/!d
-                                   s/[         ][      ]*/ /g
-                                   s/.*supported targets: *//
-                                   s/ .*//
-                                   p'`
-        case "$ld_supported_targets" in
-         elf32-i386)
-               TENTATIVE="${UNAME_MACHINE}-pc-linux-gnu"
-               ;;
-         a.out-i386-linux)
-               echo "${UNAME_MACHINE}-pc-linux-gnuaout"
-               exit ;;
-         coff-i386)
-               echo "${UNAME_MACHINE}-pc-linux-gnucoff"
-               exit ;;
-         "")
-               # Either a pre-BFD a.out linker (linux-gnuoldld) or
-               # one that does not give us useful --help.
-               echo "${UNAME_MACHINE}-pc-linux-gnuoldld"
-               exit ;;
-       esac
-       # Determine whether the default compiler is a.out or elf
-       eval $set_cc_for_build
-       sed 's/^        //' << EOF >$dummy.c
-       #include <features.h>
-       #ifdef __ELF__
-       # ifdef __GLIBC__
-       #  if __GLIBC__ >= 2
-       LIBC=gnu
-       #  else
-       LIBC=gnulibc1
-       #  endif
-       # else
-       LIBC=gnulibc1
-       # endif
-       #else
-       #if defined(__INTEL_COMPILER) || defined(__PGI) || defined(__SUNPRO_C) || defined(__SUNPRO_CC)
-       LIBC=gnu
-       #else
-       LIBC=gnuaout
-       #endif
-       #endif
-       #ifdef __dietlibc__
-       LIBC=dietlibc
-       #endif
-EOF
-       eval "`$CC_FOR_BUILD -E $dummy.c 2>/dev/null | sed -n '
-           /^LIBC/{
-               s: ::g
-               p
-           }'`"
-       test x"${LIBC}" != x && {
-               echo "${UNAME_MACHINE}-pc-linux-${LIBC}"
-               exit
-       }
-       test x"${TENTATIVE}" != x && { echo "${TENTATIVE}"; exit; }
-       ;;
+    xtensa*:Linux:*:*)
+       echo ${UNAME_MACHINE}-unknown-linux-gnu
+       exit ;;

     i*86:DYNIX/ptx:4*:*)
        # ptx 4.0 does uname -s correctly, with DYNIX/ptx in there.
        # earlier versions are messed up and put the nodename in both
     i*86:DYNIX/ptx:4*:*)
        # ptx 4.0 does uname -s correctly, with DYNIX/ptx in there.
        # earlier versions are messed up and put the nodename in both


@@ -1041,7 +1004,7 @@ EOF
     i*86:syllable:*:*)
        echo ${UNAME_MACHINE}-pc-syllable
        exit ;;
     i*86:syllable:*:*)
        echo ${UNAME_MACHINE}-pc-syllable
        exit ;;

-    i*86:LynxOS:2.*:* | i*86:LynxOS:3.[01]*:* | i*86:LynxOS:4.0*:*)
+    i*86:LynxOS:2.*:* | i*86:LynxOS:3.[01]*:* | i*86:LynxOS:4.[02]*:*)

        echo i386-unknown-lynxos${UNAME_RELEASE}
        exit ;;
     i*86:*DOS:*:*)
        echo i386-unknown-lynxos${UNAME_RELEASE}
        exit ;;
     i*86:*DOS:*:*)


@@ -1085,8 +1048,11 @@ EOF
     pc:*:*:*)
        # Left here for compatibility:
         # uname -m prints for DJGPP always 'pc', but it prints nothing about
     pc:*:*:*)
        # Left here for compatibility:
         # uname -m prints for DJGPP always 'pc', but it prints nothing about

-        # the processor, so we play safe by assuming i386.
-       echo i386-pc-msdosdjgpp
+        # the processor, so we play safe by assuming i586.
+       # Note: whatever this is, it MUST be the same as what config.sub
+       # prints for the "djgpp" host, or else GDB configury will decide that
+       # this is a cross-build.
+       echo i586-pc-msdosdjgpp

         exit ;;
     Intel:Mach:3*:*)
        echo i386-pc-mach3
         exit ;;
     Intel:Mach:3*:*)
        echo i386-pc-mach3


@@ -1124,6 +1090,16 @@ EOF
     3[34]??:*:4.0:* | 3[34]??,*:*:4.0:*)
         /bin/uname -p 2>/dev/null | grep 86 >/dev/null \
           && { echo i486-ncr-sysv4; exit; } ;;
     3[34]??:*:4.0:* | 3[34]??,*:*:4.0:*)
         /bin/uname -p 2>/dev/null | grep 86 >/dev/null \
           && { echo i486-ncr-sysv4; exit; } ;;

+    NCR*:*:4.2:* | MPRAS*:*:4.2:*)
+       OS_REL='.3'
+       test -r /etc/.relid \
+           && OS_REL=.`sed -n 's/[^ ]* [^ ]* \([0-9][0-9]\).*/\1/p' < /etc/.relid`
+       /bin/uname -p 2>/dev/null | grep 86 >/dev/null \
+           && { echo i486-ncr-sysv4.3${OS_REL}; exit; }
+       /bin/uname -p 2>/dev/null | /bin/grep entium >/dev/null \
+           && { echo i586-ncr-sysv4.3${OS_REL}; exit; }
+       /bin/uname -p 2>/dev/null | /bin/grep pteron >/dev/null \
+           && { echo i586-ncr-sysv4.3${OS_REL}; exit; } ;;

     m68*:LynxOS:2.*:* | m68*:LynxOS:3.0*:*)
        echo m68k-unknown-lynxos${UNAME_RELEASE}
        exit ;;
     m68*:LynxOS:2.*:* | m68*:LynxOS:3.0*:*)
        echo m68k-unknown-lynxos${UNAME_RELEASE}
        exit ;;


@@ -1136,7 +1112,7 @@ EOF
     rs6000:LynxOS:2.*:*)
        echo rs6000-unknown-lynxos${UNAME_RELEASE}
        exit ;;
     rs6000:LynxOS:2.*:*)
        echo rs6000-unknown-lynxos${UNAME_RELEASE}
        exit ;;

-    PowerPC:LynxOS:2.*:* | PowerPC:LynxOS:3.[01]*:* | PowerPC:LynxOS:4.0*:*)
+    PowerPC:LynxOS:2.*:* | PowerPC:LynxOS:3.[01]*:* | PowerPC:LynxOS:4.[02]*:*)

        echo powerpc-unknown-lynxos${UNAME_RELEASE}
        exit ;;
     SM[BE]S:UNIX_SV:*:*)
        echo powerpc-unknown-lynxos${UNAME_RELEASE}
        exit ;;
     SM[BE]S:UNIX_SV:*:*)


@@ -1199,6 +1175,9 @@ EOF
     BePC:BeOS:*:*)     # BeOS running on Intel PC compatible.
        echo i586-pc-beos
        exit ;;
     BePC:BeOS:*:*)     # BeOS running on Intel PC compatible.
        echo i586-pc-beos
        exit ;;

+    BePC:Haiku:*:*)    # Haiku running on Intel PC compatible.
+       echo i586-pc-haiku
+       exit ;;

     SX-4:SUPER-UX:*:*)
        echo sx4-nec-superux${UNAME_RELEASE}
        exit ;;
     SX-4:SUPER-UX:*:*)
        echo sx4-nec-superux${UNAME_RELEASE}
        exit ;;


@@ -1208,6 +1187,15 @@ EOF
     SX-6:SUPER-UX:*:*)
        echo sx6-nec-superux${UNAME_RELEASE}
        exit ;;
     SX-6:SUPER-UX:*:*)
        echo sx6-nec-superux${UNAME_RELEASE}
        exit ;;

+    SX-7:SUPER-UX:*:*)
+       echo sx7-nec-superux${UNAME_RELEASE}
+       exit ;;
+    SX-8:SUPER-UX:*:*)
+       echo sx8-nec-superux${UNAME_RELEASE}
+       exit ;;
+    SX-8R:SUPER-UX:*:*)
+       echo sx8r-nec-superux${UNAME_RELEASE}
+       exit ;;

     Power*:Rhapsody:*:*)
        echo powerpc-apple-rhapsody${UNAME_RELEASE}
        exit ;;
     Power*:Rhapsody:*:*)
        echo powerpc-apple-rhapsody${UNAME_RELEASE}
        exit ;;


@@ -1217,6 +1205,16 @@ EOF
     *:Darwin:*:*)
        UNAME_PROCESSOR=`uname -p` || UNAME_PROCESSOR=unknown
        case $UNAME_PROCESSOR in
     *:Darwin:*:*)
        UNAME_PROCESSOR=`uname -p` || UNAME_PROCESSOR=unknown
        case $UNAME_PROCESSOR in

+           i386)
+               eval $set_cc_for_build
+               if [ "$CC_FOR_BUILD" != 'no_compiler_found' ]; then
+                 if (echo '#ifdef __LP64__'; echo IS_64BIT_ARCH; echo '#endif') | \
+                     (CCOPTS= $CC_FOR_BUILD -E - 2>/dev/null) | \
+                     grep IS_64BIT_ARCH >/dev/null
+                 then
+                     UNAME_PROCESSOR="x86_64"
+                 fi
+               fi ;;

            unknown) UNAME_PROCESSOR=powerpc ;;
        esac
        echo ${UNAME_PROCESSOR}-apple-darwin${UNAME_RELEASE}
            unknown) UNAME_PROCESSOR=powerpc ;;
        esac
        echo ${UNAME_PROCESSOR}-apple-darwin${UNAME_RELEASE}


@@ -1298,6 +1296,9 @@ EOF
     i*86:rdos:*:*)
        echo ${UNAME_MACHINE}-pc-rdos
        exit ;;
     i*86:rdos:*:*)
        echo ${UNAME_MACHINE}-pc-rdos
        exit ;;

+    i*86:AROS:*:*)
+       echo ${UNAME_MACHINE}-pc-aros
+       exit ;;

 esac
 
 #echo '(No uname command or uname output not recognized.)' 1>&2
 esac
 
 #echo '(No uname command or uname output not recognized.)' 1>&2


@@ -1458,9 +1459,9 @@ This script, last modified $timestamp, has failed to recognize
 the operating system you are using. It is advised that you
 download the most up to date version of the config scripts from
 
 the operating system you are using. It is advised that you
 download the most up to date version of the config scripts from
 

-  http://savannah.gnu.org/cgi-bin/viewcvs/*checkout*/config/config/config.guess
+  http://git.savannah.gnu.org/gitweb/?p=config.git;a=blob_plain;f=config.guess;hb=HEAD

 and
 and

-  http://savannah.gnu.org/cgi-bin/viewcvs/*checkout*/config/config/config.sub
+  http://git.savannah.gnu.org/gitweb/?p=config.git;a=blob_plain;f=config.sub;hb=HEAD

 
 If the version you run ($0) is already up to date, please
 send the following data and any information you think might be
 
 If the version you run ($0) is already up to date, please
 send the following data and any information you think might be

diff --git a/config.sub b/config.sub
index fab0aa3..2a55a50 100755 (executable)
--- a/config.sub
+++ b/config.sub
@@ -1,10 +1,10 @@
 #! /bin/sh
 # Configuration validation subroutine script.
 #   Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999,
 #! /bin/sh
 # Configuration validation subroutine script.
 #   Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999,

-#   2000, 2001, 2002, 2003, 2004, 2005, 2006 Free Software Foundation,
-#   Inc.
+#   2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009
+#   Free Software Foundation, Inc.

 
 

-timestamp='2006-09-20'
+timestamp='2009-11-20'

 
 # This file is (in principle) common to ALL GNU software.
 # The presence of a machine in this file suggests that SOME GNU software
 
 # This file is (in principle) common to ALL GNU software.
 # The presence of a machine in this file suggests that SOME GNU software


@@ -32,13 +32,16 @@ timestamp='2006-09-20'
 
 
 # Please send patches to <config-patches@gnu.org>.  Submit a context
 
 
 # Please send patches to <config-patches@gnu.org>.  Submit a context

-# diff and a properly formatted ChangeLog entry.
+# diff and a properly formatted GNU ChangeLog entry.

 #
 # Configuration subroutine to validate and canonicalize a configuration type.
 # Supply the specified configuration type as an argument.
 # If it is invalid, we print an error message on stderr and exit with code 1.
 # Otherwise, we print the canonical config type on stdout and succeed.
 
 #
 # Configuration subroutine to validate and canonicalize a configuration type.
 # Supply the specified configuration type as an argument.
 # If it is invalid, we print an error message on stderr and exit with code 1.
 # Otherwise, we print the canonical config type on stdout and succeed.
 

+# You can get the latest version of this script from:
+# http://git.savannah.gnu.org/gitweb/?p=config.git;a=blob_plain;f=config.sub;hb=HEAD
+

 # This file is supposed to be the same for all GNU packages
 # and recognize all the CPU types, system types and aliases
 # that are meaningful with *any* GNU software.
 # This file is supposed to be the same for all GNU packages
 # and recognize all the CPU types, system types and aliases
 # that are meaningful with *any* GNU software.


@@ -72,8 +75,8 @@ Report bugs and patches to <config-patches@gnu.org>."
 version="\
 GNU config.sub ($timestamp)
 
 version="\
 GNU config.sub ($timestamp)
 

-Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005
-Free Software Foundation, Inc.
+Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001,
+2002, 2003, 2004, 2005, 2006, 2007, 2008 Free Software Foundation, Inc.

 
 This is free software; see the source for copying conditions.  There is NO
 warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE."
 
 This is free software; see the source for copying conditions.  There is NO
 warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE."


@@ -122,6 +125,7 @@ maybe_os=`echo $1 | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\2/'`
 case $maybe_os in
   nto-qnx* | linux-gnu* | linux-dietlibc | linux-newlib* | linux-uclibc* | \
   uclinux-uclibc* | uclinux-gnu* | kfreebsd*-gnu* | knetbsd*-gnu* | netbsd*-gnu* | \
 case $maybe_os in
   nto-qnx* | linux-gnu* | linux-dietlibc | linux-newlib* | linux-uclibc* | \
   uclinux-uclibc* | uclinux-gnu* | kfreebsd*-gnu* | knetbsd*-gnu* | netbsd*-gnu* | \

+  kopensolaris*-gnu* | \

   storm-chaos* | os2-emx* | rtmk-nova*)
     os=-$maybe_os
     basic_machine=`echo $1 | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\1/'`
   storm-chaos* | os2-emx* | rtmk-nova*)
     os=-$maybe_os
     basic_machine=`echo $1 | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\1/'`


@@ -148,10 +152,13 @@ case $os in
        -convergent* | -ncr* | -news | -32* | -3600* | -3100* | -hitachi* |\
        -c[123]* | -convex* | -sun | -crds | -omron* | -dg | -ultra | -tti* | \
        -harris | -dolphin | -highlevel | -gould | -cbm | -ns | -masscomp | \
        -convergent* | -ncr* | -news | -32* | -3600* | -3100* | -hitachi* |\
        -c[123]* | -convex* | -sun | -crds | -omron* | -dg | -ultra | -tti* | \
        -harris | -dolphin | -highlevel | -gould | -cbm | -ns | -masscomp | \

-       -apple | -axis | -knuth | -cray)
+       -apple | -axis | -knuth | -cray | -microblaze)

                os=
                basic_machine=$1
                ;;
                os=
                basic_machine=$1
                ;;

+        -bluegene*)
+               os=-cnk
+               ;;

        -sim | -cisco | -oki | -wec | -winbond)
                os=
                basic_machine=$1
        -sim | -cisco | -oki | -wec | -winbond)
                os=
                basic_machine=$1


@@ -245,17 +252,20 @@ case $basic_machine in
        | bfin \
        | c4x | clipper \
        | d10v | d30v | dlx | dsp16xx \
        | bfin \
        | c4x | clipper \
        | d10v | d30v | dlx | dsp16xx \

-       | fr30 | frv \
+       | fido | fr30 | frv \

        | h8300 | h8500 | hppa | hppa1.[01] | hppa2.0 | hppa2.0[nw] | hppa64 \
        | i370 | i860 | i960 | ia64 \
        | ip2k | iq2000 \
        | h8300 | h8500 | hppa | hppa1.[01] | hppa2.0 | hppa2.0[nw] | hppa64 \
        | i370 | i860 | i960 | ia64 \
        | ip2k | iq2000 \

+       | lm32 \

        | m32c | m32r | m32rle | m68000 | m68k | m88k \
        | m32c | m32r | m32rle | m68000 | m68k | m88k \

-       | maxq | mb | microblaze | mcore \
+       | maxq | mb | microblaze | mcore | mep | metag \

        | mips | mipsbe | mipseb | mipsel | mipsle \
        | mips16 \
        | mips64 | mips64el \
        | mips | mipsbe | mipseb | mipsel | mipsle \
        | mips16 \
        | mips64 | mips64el \

-       | mips64vr | mips64vrel \
+       | mips64octeon | mips64octeonel \

        | mips64orion | mips64orionel \
        | mips64orion | mips64orionel \

+       | mips64r5900 | mips64r5900el \
+       | mips64vr | mips64vrel \

        | mips64vr4100 | mips64vr4100el \
        | mips64vr4300 | mips64vr4300el \
        | mips64vr5000 | mips64vr5000el \
        | mips64vr4100 | mips64vr4100el \
        | mips64vr4300 | mips64vr4300el \
        | mips64vr5000 | mips64vr5000el \


@@ -268,6 +278,7 @@ case $basic_machine in
        | mipsisa64sr71k | mipsisa64sr71kel \
        | mipstx39 | mipstx39el \
        | mn10200 | mn10300 \
        | mipsisa64sr71k | mipsisa64sr71kel \
        | mipstx39 | mipstx39el \
        | mn10200 | mn10300 \

+       | moxie \

        | mt \
        | msp430 \
        | nios | nios2 \
        | mt \
        | msp430 \
        | nios | nios2 \


@@ -276,20 +287,22 @@ case $basic_machine in
        | pdp10 | pdp11 | pj | pjl \
        | powerpc | powerpc64 | powerpc64le | powerpcle | ppcbe \
        | pyramid \
        | pdp10 | pdp11 | pj | pjl \
        | powerpc | powerpc64 | powerpc64le | powerpcle | ppcbe \
        | pyramid \

+       | rx \

        | score \
        | score \

-       | sh | sh[1234] | sh[24]a | sh[23]e | sh[34]eb | sheb | shbe | shle | sh[1234]le | sh3ele \
+       | sh | sh[1234] | sh[24]a | sh[24]aeb | sh[23]e | sh[34]eb | sheb | shbe | shle | sh[1234]le | sh3ele \

        | sh64 | sh64le \
        | sparc | sparc64 | sparc64b | sparc64v | sparc86x | sparclet | sparclite \
        | sparcv8 | sparcv9 | sparcv9b | sparcv9v \
        | spu | strongarm \
        | tahoe | thumb | tic4x | tic80 | tron \
        | sh64 | sh64le \
        | sparc | sparc64 | sparc64b | sparc64v | sparc86x | sparclet | sparclite \
        | sparcv8 | sparcv9 | sparcv9b | sparcv9v \
        | spu | strongarm \
        | tahoe | thumb | tic4x | tic80 | tron \

+       | ubicom32 \

        | v850 | v850e \
        | we32k \
        | x86 | xc16x | xscale | xscalee[bl] | xstormy16 | xtensa \
        | v850 | v850e \
        | we32k \
        | x86 | xc16x | xscale | xscalee[bl] | xstormy16 | xtensa \

-       | z8k)
+       | z8k | z80)

                basic_machine=$basic_machine-unknown
                ;;
                basic_machine=$basic_machine-unknown
                ;;

-       m6811 | m68hc11 | m6812 | m68hc12)
+       m6811 | m68hc11 | m6812 | m68hc12 | picochip)

                # Motorola 68HC11/12.
                basic_machine=$basic_machine-unknown
                os=-none
                # Motorola 68HC11/12.
                basic_machine=$basic_machine-unknown
                os=-none


@@ -324,19 +337,22 @@ case $basic_machine in
        | clipper-* | craynv-* | cydra-* \
        | d10v-* | d30v-* | dlx-* \
        | elxsi-* \
        | clipper-* | craynv-* | cydra-* \
        | d10v-* | d30v-* | dlx-* \
        | elxsi-* \

-       | f30[01]-* | f700-* | fr30-* | frv-* | fx80-* \
+       | f30[01]-* | f700-* | fido-* | fr30-* | frv-* | fx80-* \

        | h8300-* | h8500-* \
        | hppa-* | hppa1.[01]-* | hppa2.0-* | hppa2.0[nw]-* | hppa64-* \
        | i*86-* | i860-* | i960-* | ia64-* \
        | ip2k-* | iq2000-* \
        | h8300-* | h8500-* \
        | hppa-* | hppa1.[01]-* | hppa2.0-* | hppa2.0[nw]-* | hppa64-* \
        | i*86-* | i860-* | i960-* | ia64-* \
        | ip2k-* | iq2000-* \

+       | lm32-* \

        | m32c-* | m32r-* | m32rle-* \
        | m68000-* | m680[012346]0-* | m68360-* | m683?2-* | m68k-* \
        | m32c-* | m32r-* | m32rle-* \
        | m68000-* | m680[012346]0-* | m68360-* | m683?2-* | m68k-* \

-       | m88110-* | m88k-* | maxq-* | mcore-* \
+       | m88110-* | m88k-* | maxq-* | mcore-* | metag-* | microblaze-* \

        | mips-* | mipsbe-* | mipseb-* | mipsel-* | mipsle-* \
        | mips16-* \
        | mips64-* | mips64el-* \
        | mips-* | mipsbe-* | mipseb-* | mipsel-* | mipsle-* \
        | mips16-* \
        | mips64-* | mips64el-* \

-       | mips64vr-* | mips64vrel-* \
+       | mips64octeon-* | mips64octeonel-* \

        | mips64orion-* | mips64orionel-* \
        | mips64orion-* | mips64orionel-* \

+       | mips64r5900-* | mips64r5900el-* \
+       | mips64vr-* | mips64vrel-* \

        | mips64vr4100-* | mips64vr4100el-* \
        | mips64vr4300-* | mips64vr4300el-* \
        | mips64vr5000-* | mips64vr5000el-* \
        | mips64vr4100-* | mips64vr4100el-* \
        | mips64vr4300-* | mips64vr4300el-* \
        | mips64vr5000-* | mips64vr5000el-* \


@@ -357,21 +373,26 @@ case $basic_machine in
        | pdp10-* | pdp11-* | pj-* | pjl-* | pn-* | power-* \
        | powerpc-* | powerpc64-* | powerpc64le-* | powerpcle-* | ppcbe-* \
        | pyramid-* \
        | pdp10-* | pdp11-* | pj-* | pjl-* | pn-* | power-* \
        | powerpc-* | powerpc64-* | powerpc64le-* | powerpcle-* | ppcbe-* \
        | pyramid-* \

-       | romp-* | rs6000-* \
-       | sh-* | sh[1234]-* | sh[24]a-* | sh[23]e-* | sh[34]eb-* | sheb-* | shbe-* \
+       | romp-* | rs6000-* | rx-* \
+       | sh-* | sh[1234]-* | sh[24]a-* | sh[24]aeb-* | sh[23]e-* | sh[34]eb-* | sheb-* | shbe-* \

        | shle-* | sh[1234]le-* | sh3ele-* | sh64-* | sh64le-* \
        | sparc-* | sparc64-* | sparc64b-* | sparc64v-* | sparc86x-* | sparclet-* \
        | sparclite-* \
        | sparcv8-* | sparcv9-* | sparcv9b-* | sparcv9v-* | strongarm-* | sv1-* | sx?-* \
        | tahoe-* | thumb-* \
        | shle-* | sh[1234]le-* | sh3ele-* | sh64-* | sh64le-* \
        | sparc-* | sparc64-* | sparc64b-* | sparc64v-* | sparc86x-* | sparclet-* \
        | sparclite-* \
        | sparcv8-* | sparcv9-* | sparcv9b-* | sparcv9v-* | strongarm-* | sv1-* | sx?-* \
        | tahoe-* | thumb-* \

-       | tic30-* | tic4x-* | tic54x-* | tic55x-* | tic6x-* | tic80-* \
+       | tic30-* | tic4x-* | tic54x-* | tic55x-* | tic6x-* | tic80-* | tile-* \

        | tron-* \
        | tron-* \

+       | ubicom32-* \

        | v850-* | v850e-* | vax-* \
        | we32k-* \
        | x86-* | x86_64-* | xc16x-* | xps100-* | xscale-* | xscalee[bl]-* \
        | v850-* | v850e-* | vax-* \
        | we32k-* \
        | x86-* | x86_64-* | xc16x-* | xps100-* | xscale-* | xscalee[bl]-* \

-       | xstormy16-* | xtensa-* \
+       | xstormy16-* | xtensa*-* \

        | ymp-* \
        | ymp-* \

-       | z8k-*)
+       | z8k-* | z80-*)
+               ;;
+       # Recognize the basic CPU types without company name, with glob match.
+       xtensa*)
+               basic_machine=$basic_machine-unknown

                ;;
        # Recognize the various machine names and aliases which stand
        # for a CPU type and a company and sometimes even an OS.
                ;;
        # Recognize the various machine names and aliases which stand
        # for a CPU type and a company and sometimes even an OS.


@@ -435,6 +456,10 @@ case $basic_machine in
                basic_machine=m68k-apollo
                os=-bsd
                ;;
                basic_machine=m68k-apollo
                os=-bsd
                ;;

+       aros)
+               basic_machine=i386-pc
+               os=-aros
+               ;;

        aux)
                basic_machine=m68k-apple
                os=-aux
        aux)
                basic_machine=m68k-apple
                os=-aux


@@ -443,10 +468,26 @@ case $basic_machine in
                basic_machine=ns32k-sequent
                os=-dynix
                ;;
                basic_machine=ns32k-sequent
                os=-dynix
                ;;

+       blackfin)
+               basic_machine=bfin-unknown
+               os=-linux
+               ;;
+       blackfin-*)
+               basic_machine=bfin-`echo $basic_machine | sed 's/^[^-]*-//'`
+               os=-linux
+               ;;
+       bluegene*)
+               basic_machine=powerpc-ibm
+               os=-cnk
+               ;;

        c90)
                basic_machine=c90-cray
                os=-unicos
                ;;
        c90)
                basic_machine=c90-cray
                os=-unicos
                ;;

+        cegcc)
+               basic_machine=arm-unknown
+               os=-cegcc
+               ;;

        convex-c1)
                basic_machine=c1-convex
                os=-bsd
        convex-c1)
                basic_machine=c1-convex
                os=-bsd


@@ -475,8 +516,8 @@ case $basic_machine in
                basic_machine=craynv-cray
                os=-unicosmp
                ;;
                basic_machine=craynv-cray
                os=-unicosmp
                ;;

-       cr16c)
-               basic_machine=cr16c-unknown
+       cr16)
+               basic_machine=cr16-unknown

                os=-elf
                ;;
        crds | unos)
                os=-elf
                ;;
        crds | unos)


@@ -514,6 +555,10 @@ case $basic_machine in
                basic_machine=m88k-motorola
                os=-sysv3
                ;;
                basic_machine=m88k-motorola
                os=-sysv3
                ;;

+       dicos)
+               basic_machine=i686-pc
+               os=-dicos
+               ;;

        djgpp)
                basic_machine=i586-pc
                os=-msdosdjgpp
        djgpp)
                basic_machine=i586-pc
                os=-msdosdjgpp


@@ -668,6 +713,14 @@ case $basic_machine in
                basic_machine=m68k-isi
                os=-sysv
                ;;
                basic_machine=m68k-isi
                os=-sysv
                ;;

+       m68knommu)
+               basic_machine=m68k-unknown
+               os=-linux
+               ;;
+       m68knommu-*)
+               basic_machine=m68k-`echo $basic_machine | sed 's/^[^-]*-//'`
+               os=-linux
+               ;;

        m88k-omron*)
                basic_machine=m88k-omron
                ;;
        m88k-omron*)
                basic_machine=m88k-omron
                ;;


@@ -679,10 +732,17 @@ case $basic_machine in
                basic_machine=ns32k-utek
                os=-sysv
                ;;
                basic_machine=ns32k-utek
                os=-sysv
                ;;

+        microblaze)
+               basic_machine=microblaze-xilinx
+               ;;

        mingw32)
                basic_machine=i386-pc
                os=-mingw32
                ;;
        mingw32)
                basic_machine=i386-pc
                os=-mingw32
                ;;

+       mingw32ce)
+               basic_machine=arm-unknown
+               os=-mingw32ce
+               ;;

        miniframe)
                basic_machine=m68000-convergent
                ;;
        miniframe)
                basic_machine=m68000-convergent
                ;;


@@ -809,6 +869,14 @@ case $basic_machine in
                basic_machine=i860-intel
                os=-osf
                ;;
                basic_machine=i860-intel
                os=-osf
                ;;

+       parisc)
+               basic_machine=hppa-unknown
+               os=-linux
+               ;;
+       parisc-*)
+               basic_machine=hppa-`echo $basic_machine | sed 's/^[^-]*-//'`
+               os=-linux
+               ;;

        pbd)
                basic_machine=sparc-tti
                ;;
        pbd)
                basic_machine=sparc-tti
                ;;


@@ -925,6 +993,9 @@ case $basic_machine in
                basic_machine=sh-hitachi
                os=-hms
                ;;
                basic_machine=sh-hitachi
                os=-hms
                ;;

+       sh5el)
+               basic_machine=sh5le-unknown
+               ;;

        sh64)
                basic_machine=sh64-unknown
                ;;
        sh64)
                basic_machine=sh64-unknown
                ;;


@@ -1014,6 +1085,10 @@ case $basic_machine in
                basic_machine=tic6x-unknown
                os=-coff
                ;;
                basic_machine=tic6x-unknown
                os=-coff
                ;;

+       tile*)
+               basic_machine=tile-unknown
+               os=-linux-gnu
+               ;;

        tx39)
                basic_machine=mipstx39-unknown
                ;;
        tx39)
                basic_machine=mipstx39-unknown
                ;;


@@ -1089,6 +1164,10 @@ case $basic_machine in
                basic_machine=z8k-unknown
                os=-sim
                ;;
                basic_machine=z8k-unknown
                os=-sim
                ;;

+       z80-*-coff)
+               basic_machine=z80-unknown
+               os=-sim
+               ;;

        none)
                basic_machine=none-none
                os=-none
        none)
                basic_machine=none-none
                os=-none


@@ -1127,7 +1206,7 @@ case $basic_machine in
        we32k)
                basic_machine=we32k-att
                ;;
        we32k)
                basic_machine=we32k-att
                ;;

-       sh[1234] | sh[24]a | sh[34]eb | sh[1234]le | sh[23]ele)
+       sh[1234] | sh[24]a | sh[24]aeb | sh[34]eb | sh[1234]le | sh[23]ele)

                basic_machine=sh-unknown
                ;;
        sparc | sparcv8 | sparcv9 | sparcv9b | sparcv9v)
                basic_machine=sh-unknown
                ;;
        sparc | sparcv8 | sparcv9 | sparcv9b | sparcv9v)


@@ -1177,6 +1256,9 @@ case $os in
         # First match some system type aliases
         # that might get confused with valid system types.
        # -solaris* is a basic system type, with this one exception.
         # First match some system type aliases
         # that might get confused with valid system types.
        # -solaris* is a basic system type, with this one exception.

+        -auroraux)
+               os=-auroraux
+               ;;

        -solaris1 | -solaris1.*)
                os=`echo $os | sed -e 's|solaris1|sunos4|'`
                ;;
        -solaris1 | -solaris1.*)
                os=`echo $os | sed -e 's|solaris1|sunos4|'`
                ;;


@@ -1197,10 +1279,11 @@ case $os in
        # Each alternative MUST END IN A *, to match a version number.
        # -sysv* is not here because it comes later, after sysvr4.
        -gnu* | -bsd* | -mach* | -minix* | -genix* | -ultrix* | -irix* \
        # Each alternative MUST END IN A *, to match a version number.
        # -sysv* is not here because it comes later, after sysvr4.
        -gnu* | -bsd* | -mach* | -minix* | -genix* | -ultrix* | -irix* \

-             | -*vms* | -sco* | -esix* | -isc* | -aix* | -sunos | -sunos[34]*\
-             | -hpux* | -unos* | -osf* | -luna* | -dgux* | -solaris* | -sym* \
+             | -*vms* | -sco* | -esix* | -isc* | -aix* | -cnk* | -sunos | -sunos[34]*\
+             | -hpux* | -unos* | -osf* | -luna* | -dgux* | -auroraux* | -solaris* \
+             | -sym* | -kopensolaris* \

              | -amigaos* | -amigados* | -msdos* | -newsos* | -unicos* | -aof* \
              | -amigaos* | -amigados* | -msdos* | -newsos* | -unicos* | -aof* \

-             | -aos* \
+             | -aos* | -aros* \

              | -nindy* | -vxsim* | -vxworks* | -ebmon* | -hms* | -mvs* \
              | -clix* | -riscos* | -uniplus* | -iris* | -rtu* | -xenix* \
              | -hiux* | -386bsd* | -knetbsd* | -mirbsd* | -netbsd* \
              | -nindy* | -vxsim* | -vxworks* | -ebmon* | -hms* | -mvs* \
              | -clix* | -riscos* | -uniplus* | -iris* | -rtu* | -xenix* \
              | -hiux* | -386bsd* | -knetbsd* | -mirbsd* | -netbsd* \


@@ -1209,7 +1292,7 @@ case $os in
              | -bosx* | -nextstep* | -cxux* | -aout* | -elf* | -oabi* \
              | -ptx* | -coff* | -ecoff* | -winnt* | -domain* | -vsta* \
              | -udi* | -eabi* | -lites* | -ieee* | -go32* | -aux* \
              | -bosx* | -nextstep* | -cxux* | -aout* | -elf* | -oabi* \
              | -ptx* | -coff* | -ecoff* | -winnt* | -domain* | -vsta* \
              | -udi* | -eabi* | -lites* | -ieee* | -go32* | -aux* \

-             | -chorusos* | -chorusrdb* \
+             | -chorusos* | -chorusrdb* | -cegcc* \

              | -cygwin* | -pe* | -psos* | -moss* | -proelf* | -rtems* \
              | -mingw32* | -linux-gnu* | -linux-newlib* | -linux-uclibc* \
              | -uxpv* | -beos* | -mpeix* | -udk* \
              | -cygwin* | -pe* | -psos* | -moss* | -proelf* | -rtems* \
              | -mingw32* | -linux-gnu* | -linux-newlib* | -linux-uclibc* \
              | -uxpv* | -beos* | -mpeix* | -udk* \


@@ -1219,7 +1302,7 @@ case $os in
              | -os2* | -vos* | -palmos* | -uclinux* | -nucleus* \
              | -morphos* | -superux* | -rtmk* | -rtmk-nova* | -windiss* \
              | -powermax* | -dnix* | -nx6 | -nx7 | -sei* | -dragonfly* \
              | -os2* | -vos* | -palmos* | -uclinux* | -nucleus* \
              | -morphos* | -superux* | -rtmk* | -rtmk-nova* | -windiss* \
              | -powermax* | -dnix* | -nx6 | -nx7 | -sei* | -dragonfly* \

-             | -skyos* | -haiku* | -rdos* | -toppers*)
+             | -skyos* | -haiku* | -rdos* | -toppers* | -drops* | -es*)

        # Remember, each alternative MUST END IN *, to match a version number.
                ;;
        -qnx*)
        # Remember, each alternative MUST END IN *, to match a version number.
                ;;
        -qnx*)


@@ -1349,6 +1432,9 @@ case $os in
        -zvmoe)
                os=-zvmoe
                ;;
        -zvmoe)
                os=-zvmoe
                ;;

+       -dicos*)
+               os=-dicos
+               ;;

        -none)
                ;;
        *)
        -none)
                ;;
        *)


@@ -1414,6 +1500,9 @@ case $basic_machine in
        m68*-cisco)
                os=-aout
                ;;
        m68*-cisco)
                os=-aout
                ;;

+        mep-*)
+               os=-elf
+               ;;

        mips*-cisco)
                os=-elf
                ;;
        mips*-cisco)
                os=-elf
                ;;


@@ -1543,7 +1632,7 @@ case $basic_machine in
                        -sunos*)
                                vendor=sun
                                ;;
                        -sunos*)
                                vendor=sun
                                ;;

-                       -aix*)
+                       -cnk*|-aix*)

                                vendor=ibm
                                ;;
                        -beos*)
                                vendor=ibm
                                ;;
                        -beos*)

diff --git a/context_time.c b/context_time.c
index b72836b..707d29d 100644 (file)
--- a/context_time.c
+++ b/context_time.c
@@ -49,6 +49,7 @@ gss_context_time(OM_uint32 *minor,
     GSSEAP_MUTEX_LOCK(&ctx->mutex);
 
     if (!CTX_IS_ESTABLISHED(ctx)) {
     GSSEAP_MUTEX_LOCK(&ctx->mutex);
 
     if (!CTX_IS_ESTABLISHED(ctx)) {

+        *minor = GSSEAP_CONTEXT_INCOMPLETE;

         major = GSS_S_NO_CONTEXT;
         goto cleanup;
     }
         major = GSS_S_NO_CONTEXT;
         goto cleanup;
     }

diff --git a/display_status.c b/display_status.c
index ebe66bd..44b5390 100644 (file)
--- a/display_status.c
+++ b/display_status.c
@@ -62,30 +62,32 @@ createStatusInfoKey(void)
 static void
 saveStatusInfoNoCopy(OM_uint32 minor, char *message)
 {
 static void
 saveStatusInfoNoCopy(OM_uint32 minor, char *message)
 {

-    struct gss_eap_status_info *info, *p;
+    struct gss_eap_status_info **next = NULL, *p;

 
     GSSEAP_ONCE(&gssEapStatusInfoKeyOnce, createStatusInfoKey);
 
 
     GSSEAP_ONCE(&gssEapStatusInfoKeyOnce, createStatusInfoKey);
 

-    info = GSSEAP_CALLOC(1, sizeof(*info));
-    if (info == NULL) {
-        GSSEAP_FREE(message);
-        return;
+    p = GSSEAP_GETSPECIFIC(gssEapStatusInfoKey);
+    for (; p != NULL; p = p->next) {
+        if (p->code == minor) {
+            p->message = message;
+            return;
+        }
+        next = &p->next;

     }
 
     }
 

-    info->code = minor;
-    info->message = message;
-
-    p = GSSEAP_GETSPECIFIC(gssEapStatusInfoKey);
+    p = GSSEAP_CALLOC(1, sizeof(*p));

     if (p == NULL) {
     if (p == NULL) {

-        GSSEAP_SETSPECIFIC(gssEapStatusInfoKey, info);
-    } else {
-        struct gss_eap_status_info **next = &p;
+        GSSEAP_FREE(message);
+        return;
+    }

 
 

-        for (; p != NULL; p = p->next)
-            next = &p->next;
+    p->code = minor;
+    p->message = message;

 
 

-        *next = info;
-    }
+    if (p != NULL)
+        *next = p;
+    else
+        GSSEAP_SETSPECIFIC(gssEapStatusInfoKey, p);

 }
 
 static const char *
 }
 
 static const char *

diff --git a/eap_mech.c b/eap_mech.c
index 686bea9..b6ef299 100644 (file)
--- a/eap_mech.c
+++ b/eap_mech.c
@@ -160,7 +160,8 @@ gssEapInitiatorInit(void)
 {
     OM_uint32 major, minor;
 
 {
     OM_uint32 major, minor;
 

-    initialize_gsseap_error_table();
+    initialize_eapg_error_table();
+    initialize_rse_error_table();

 
     major = gssEapInitLibEap(&minor);
     assert(major == GSS_S_COMPLETE);
 
     major = gssEapInitLibEap(&minor);
     assert(major == GSS_S_COMPLETE);

diff --git a/get_mic.c b/get_mic.c
index a5f6a14..2fa71a2 100644 (file)
--- a/get_mic.c
+++ b/get_mic.c
@@ -55,6 +55,7 @@ gss_get_mic(OM_uint32 *minor,
     GSSEAP_MUTEX_LOCK(&ctx->mutex);
 
     if (!CTX_IS_ESTABLISHED(ctx)) {
     GSSEAP_MUTEX_LOCK(&ctx->mutex);
 
     if (!CTX_IS_ESTABLISHED(ctx)) {

+        *minor = GSSEAP_CONTEXT_INCOMPLETE;

         major = GSS_S_NO_CONTEXT;
         goto cleanup;
     }
         major = GSS_S_NO_CONTEXT;
         goto cleanup;
     }

diff --git a/gssapiP_eap.h b/gssapiP_eap.h
index 0cf0cb9..de45508 100644 (file)
--- a/gssapiP_eap.h
+++ b/gssapiP_eap.h
@@ -75,6 +75,7 @@ extern "C" {
 #endif
 
 #include "gsseap_err.h"
 #endif
 
 #include "gsseap_err.h"

+#include "radsec_err.h"

 #include "util.h"
 
 #ifdef __cplusplus
 #include "util.h"
 
 #ifdef __cplusplus

diff --git a/gsseap_err.et b/gsseap_err.et
index f89da01..5a6a493 100644 (file)
--- a/gsseap_err.et
+++ b/gsseap_err.et
@@ -30,9 +30,36 @@
 #  SUCH DAMAGE.
 #
 
 #  SUCH DAMAGE.
 #
 

-error_table gsseap
+error_table eapg

 
 

+error_code GSSEAP_BAD_SERVICE_NAME,         "Could not parse service name"
+error_code GSSEAP_WRONG_SIZE,               "Buffer is incorrect size"
+error_code GSSEAP_BAD_USAGE,                "Credential usage type is unknown"
+error_code GSSEAP_WRONG_MECH,               "Mechanism OID is incorrect"
+error_code GSSEAP_BAD_TOK_HEADER,           "Token header is malformed or corrupt"
+error_code GSSEAP_BAD_DIRECTION,            "Packet was replayed in wrong direction"
+error_code GSSEAP_WRONG_TOK_ID,             "Received token ID does not match expected token ID"
+error_code GSSEAP_CRED_USAGE_MISMATCH,      "Credential usage does not match requested usage"

 error_code GSSEAP_CRIT_EXT_UNAVAILABLE,     "Critical extension unavailable"
 error_code GSSEAP_MISSING_REQUIRED_EXT,     "Missing required extension"
 error_code GSSEAP_CRIT_EXT_UNAVAILABLE,     "Critical extension unavailable"
 error_code GSSEAP_MISSING_REQUIRED_EXT,     "Missing required extension"

+error_code GSSEAP_INPUT_TOO_LONG,           "PRF input too long"
+error_code GSSEAP_CONTEXT_ESTABLISHED,      "Context is already fully established"
+error_code GSSEAP_CONTEXT_INCOMPLETE,       "Attempt to use incomplete security context"
+error_code GSSEAP_RADSEC_INIT_FAILURE,      "Failed to initialise RADIUS library"
+error_code GSSEAP_SAML_INIT_FAILURE,        "Failed to initialise SAML library"
+error_code GSSEAP_SHIB_INIT_FAILURE,        "Failed to initialise Shibboleth"
+error_code GSSEAP_PEER_INIT_FAILURE,        "Failed to initialise EAP state machine"
+error_code GSSEAP_PEER_AUTH_FAILURE,        "EAP authentication failure"
+error_code GSSEAP_PEER_BAD_MESSAGE,         "Bad EAP message"
+error_code GSSEAP_KEY_UNAVAILABLE,          "EAP key unavailable"
+error_code GSSEAP_KEY_TOO_SHORT,            "EAP key too short"
+error_code GSSEAP_NO_ATTR_CONTEXT,          "Name has no attributes"
+error_code GSSEAP_NO_ATTR_PROVIDERS,        "Failed to initialise attribute providers"
+error_code GSSEAP_NO_SUCH_ATTR,             "Unknown naming attribute"
+error_code GSSEAP_BAD_ATTR_TOKEN,           "Serialised attributes are malformed or corrupt"
+error_code GSSEAP_ATTR_CONTEXT_FAILURE,     "Failed to initialise attribute context"
+error_code GSSEAP_BAD_CONTEXT_TOKEN,        "Context token is malformed or corrupt"
+error_code GSSEAP_MISSING_IOV,              "IOV is missing required buffer"
+error_code GSSEAP_BAD_STREAM_IOV,           "Stream IOV can only contain a single data buffer"

 
 end
 
 end

diff --git a/import_sec_context.c b/import_sec_context.c
index 202be3d..1e05f93 100644 (file)
--- a/import_sec_context.c
+++ b/import_sec_context.c
@@ -32,16 +32,16 @@
 
 #include "gssapiP_eap.h"
 
 
 #include "gssapiP_eap.h"
 

-#define UPDATE_REMAIN(n)    do {            \
-        p += (n);                           \
-        remain -= (n);                      \
+#define UPDATE_REMAIN(n)    do {                \
+        p += (n);                               \
+        remain -= (n);                          \

     } while (0)
 
     } while (0)
 

-#define CHECK_REMAIN(n)     do {            \
-        if (remain < (n)) {                 \
-            *minor = ERANGE;                \
-            return GSS_S_DEFECTIVE_TOKEN;   \
-        }                                   \
+#define CHECK_REMAIN(n)     do {                \
+        if (remain < (n)) {                     \
+            *minor = GSSEAP_WRONG_SIZE;         \
+            return GSS_S_DEFECTIVE_TOKEN;       \
+        }                                       \

     } while (0)
 
 static OM_uint32
     } while (0)
 
 static OM_uint32


@@ -111,13 +111,14 @@ importMechanismOid(OM_uint32 *minor,
 
     oidBuf.length = load_uint32_be(p);
     if (remain < 4 + oidBuf.length || oidBuf.length == 0) {
 
     oidBuf.length = load_uint32_be(p);
     if (remain < 4 + oidBuf.length || oidBuf.length == 0) {

-        *minor = ERANGE;
+        *minor = GSSEAP_WRONG_SIZE;

         return GSS_S_DEFECTIVE_TOKEN;
     }
 
     oidBuf.elements = &p[4];
 
     if (!gssEapIsConcreteMechanismOid(&oidBuf)) {
         return GSS_S_DEFECTIVE_TOKEN;
     }
 
     oidBuf.elements = &p[4];
 
     if (!gssEapIsConcreteMechanismOid(&oidBuf)) {

+        *minor = GSSEAP_WRONG_MECH;

         return GSS_S_BAD_MECH;
     }
 
         return GSS_S_BAD_MECH;
     }
 


@@ -149,7 +150,7 @@ importKerberosKey(OM_uint32 *minor,
     gss_buffer_desc tmp;
 
     if (remain < 12) {
     gss_buffer_desc tmp;
 
     if (remain < 12) {

-        *minor = ERANGE;
+        *minor = GSSEAP_WRONG_SIZE;

         return GSS_S_DEFECTIVE_TOKEN;
     }
 
         return GSS_S_DEFECTIVE_TOKEN;
     }
 


@@ -158,12 +159,12 @@ importKerberosKey(OM_uint32 *minor,
     length         = load_uint32_be(&p[8]);
 
     if ((length != 0) != (encryptionType != ENCTYPE_NULL)) {
     length         = load_uint32_be(&p[8]);
 
     if ((length != 0) != (encryptionType != ENCTYPE_NULL)) {

-        *minor = ERANGE;
+        *minor = GSSEAP_BAD_CONTEXT_TOKEN;

         return GSS_S_DEFECTIVE_TOKEN;
     }
 
     if (remain - 12 < length) {
         return GSS_S_DEFECTIVE_TOKEN;
     }
 
     if (remain - 12 < length) {

-        *minor = ERANGE;
+        *minor = GSSEAP_WRONG_SIZE;

         return GSS_S_DEFECTIVE_TOKEN;
     }
 
         return GSS_S_DEFECTIVE_TOKEN;
     }
 


@@ -196,14 +197,14 @@ importName(OM_uint32 *minor,
     gss_buffer_desc tmp;
 
     if (remain < 4) {
     gss_buffer_desc tmp;
 
     if (remain < 4) {

-        *minor = ERANGE;
+        *minor = GSSEAP_WRONG_SIZE;

         return GSS_S_DEFECTIVE_TOKEN;
     }
 
     tmp.length = load_uint32_be(p);
     if (tmp.length != 0) {
         if (remain - 4 < tmp.length) {
         return GSS_S_DEFECTIVE_TOKEN;
     }
 
     tmp.length = load_uint32_be(p);
     if (tmp.length != 0) {
         if (remain - 4 < tmp.length) {

-            *minor = ERANGE;
+            *minor = GSSEAP_WRONG_SIZE;

             return GSS_S_DEFECTIVE_TOKEN;
         }
 
             return GSS_S_DEFECTIVE_TOKEN;
         }
 


@@ -232,11 +233,11 @@ gssEapImportContext(OM_uint32 *minor,
     size_t remain = token->length;
 
     if (remain < 16) {
     size_t remain = token->length;
 
     if (remain < 16) {

-        *minor = ERANGE;
+        *minor = GSSEAP_WRONG_SIZE;

         return GSS_S_DEFECTIVE_TOKEN;
     }
     if (load_uint32_be(&p[0]) != EAP_EXPORT_CONTEXT_V1) {
         return GSS_S_DEFECTIVE_TOKEN;
     }
     if (load_uint32_be(&p[0]) != EAP_EXPORT_CONTEXT_V1) {

-        *minor = EINVAL;
+        *minor = GSSEAP_BAD_CONTEXT_TOKEN;

         return GSS_S_DEFECTIVE_TOKEN;
     }
     ctx->state      = load_uint32_be(&p[4]);
         return GSS_S_DEFECTIVE_TOKEN;
     }
     ctx->state      = load_uint32_be(&p[4]);


@@ -281,7 +282,7 @@ gssEapImportContext(OM_uint32 *minor,
     }
 
     if (remain < 24 + sequenceSize(ctx->seqState)) {
     }
 
     if (remain < 24 + sequenceSize(ctx->seqState)) {

-        *minor = ERANGE;
+        *minor = GSSEAP_WRONG_SIZE;

         return GSS_S_DEFECTIVE_TOKEN;
     }
     ctx->expiryTime = (time_t)load_uint64_be(&p[0]); /* XXX */
         return GSS_S_DEFECTIVE_TOKEN;
     }
     ctx->expiryTime = (time_t)load_uint64_be(&p[0]); /* XXX */

diff --git a/init_sec_context.c b/init_sec_context.c
index 996e250..f7eda20 100644 (file)
--- a/init_sec_context.c
+++ b/init_sec_context.c
@@ -267,13 +267,17 @@ initReady(OM_uint32 *minor, gss_ctx_id_t ctx, OM_uint32 reqFlags)
     if (GSS_ERROR(major))
         return major;
 
     if (GSS_ERROR(major))
         return major;
 

-    if (!eap_key_available(ctx->initiatorCtx.eap))
+    if (!eap_key_available(ctx->initiatorCtx.eap)) {
+        *minor = GSSEAP_KEY_UNAVAILABLE;

         return GSS_S_UNAVAILABLE;
         return GSS_S_UNAVAILABLE;

+    }

 
     key = eap_get_eapKeyData(ctx->initiatorCtx.eap, &keyLength);
 
 
     key = eap_get_eapKeyData(ctx->initiatorCtx.eap, &keyLength);
 

-    if (keyLength < EAP_EMSK_LEN)
+    if (keyLength < EAP_EMSK_LEN) {
+        *minor = GSSEAP_KEY_TOO_SHORT;

         return GSS_S_UNAVAILABLE;
         return GSS_S_UNAVAILABLE;

+    }

 
     major = gssEapDeriveRfc3961Key(minor,
                                    &key[EAP_EMSK_LEN / 2],
 
     major = gssEapDeriveRfc3961Key(minor,
                                    &key[EAP_EMSK_LEN / 2],


@@ -297,6 +301,7 @@ initReady(OM_uint32 *minor, gss_ctx_id_t ctx, OM_uint32 reqFlags)
     if (GSS_ERROR(major))
         return major;
 
     if (GSS_ERROR(major))
         return major;
 

+    *minor = 0;

     return GSS_S_COMPLETE;
 }
 
     return GSS_S_COMPLETE;
 }
 


@@ -348,6 +353,7 @@ initBegin(OM_uint32 *minor,
         if (!gssEapInternalizeOid(mech, &ctx->mechanismUsed))
             major = duplicateOid(minor, mech, &ctx->mechanismUsed);
     } else {
         if (!gssEapInternalizeOid(mech, &ctx->mechanismUsed))
             major = duplicateOid(minor, mech, &ctx->mechanismUsed);
     } else {

+        *minor = GSSEAP_WRONG_MECH;

         major = GSS_S_BAD_MECH;
     }
     if (GSS_ERROR(major))
         major = GSS_S_BAD_MECH;
     }
     if (GSS_ERROR(major))


@@ -376,8 +382,10 @@ eapGssSmInitIdentity(OM_uint32 *minor,
     int initialContextToken;
 
     initialContextToken = (inputToken->length == 0);
     int initialContextToken;
 
     initialContextToken = (inputToken->length == 0);

-    if (!initialContextToken)
+    if (!initialContextToken) {
+        *minor = GSSEAP_WRONG_SIZE;

         return GSS_S_DEFECTIVE_TOKEN;
         return GSS_S_DEFECTIVE_TOKEN;

+    }

 
     major = initBegin(minor, cred, ctx, target, mech,
                       reqFlags, timeReq, chanBindings,
 
     major = initBegin(minor, cred, ctx, target, mech,
                       reqFlags, timeReq, chanBindings,


@@ -427,6 +435,7 @@ eapGssSmInitAuthenticate(OM_uint32 *minor,
                                                  ctx,
                                                  &eapConfig);
         if (ctx->initiatorCtx.eap == NULL) {
                                                  ctx,
                                                  &eapConfig);
         if (ctx->initiatorCtx.eap == NULL) {

+            *minor = GSSEAP_PEER_INIT_FAILURE;

             major = GSS_S_FAILURE;
             goto cleanup;
         }
             major = GSS_S_FAILURE;
             goto cleanup;
         }


@@ -455,11 +464,13 @@ eapGssSmInitAuthenticate(OM_uint32 *minor,
         major = GSS_S_CONTINUE_NEEDED;
         ctx->state = EAP_STATE_EXTENSIONS_REQ;
     } else if (ctx->flags & CTX_FLAG_EAP_FAIL) {
         major = GSS_S_CONTINUE_NEEDED;
         ctx->state = EAP_STATE_EXTENSIONS_REQ;
     } else if (ctx->flags & CTX_FLAG_EAP_FAIL) {

+        *minor = GSSEAP_PEER_AUTH_FAILURE;

         major = GSS_S_DEFECTIVE_CREDENTIAL;
     } else if (code == 0 && initialContextToken) {
         resp = &emptyWpaBuffer;
         major = GSS_S_CONTINUE_NEEDED;
     } else {
         major = GSS_S_DEFECTIVE_CREDENTIAL;
     } else if (code == 0 && initialContextToken) {
         resp = &emptyWpaBuffer;
         major = GSS_S_CONTINUE_NEEDED;
     } else {

+        *minor = GSSEAP_PEER_BAD_MESSAGE;

         major = GSS_S_DEFECTIVE_TOKEN;
     }
 
         major = GSS_S_DEFECTIVE_TOKEN;
     }
 


@@ -547,7 +558,7 @@ eapGssSmInitEstablished(OM_uint32 *minor,
                         gss_buffer_t outputToken)
 {
     /* Called with already established context */
                         gss_buffer_t outputToken)
 {
     /* Called with already established context */

-    *minor = EINVAL;
+    *minor = GSSEAP_CONTEXT_ESTABLISHED;

     return GSS_S_BAD_STATUS;
 }
 
     return GSS_S_BAD_STATUS;
 }
 


@@ -607,6 +618,7 @@ gss_init_sec_context(OM_uint32 *minor,
 
     if (ctx == GSS_C_NO_CONTEXT) {
         if (input_token != GSS_C_NO_BUFFER && input_token->length != 0) {
 
     if (ctx == GSS_C_NO_CONTEXT) {
         if (input_token != GSS_C_NO_BUFFER && input_token->length != 0) {

+            *minor = GSSEAP_WRONG_SIZE;

             return GSS_S_DEFECTIVE_TOKEN;
         }
 
             return GSS_S_DEFECTIVE_TOKEN;
         }
 


@@ -644,10 +656,11 @@ gss_init_sec_context(OM_uint32 *minor,
 
 #ifdef GSSEAP_ENABLE_REAUTH
     if (initialContextToken && gssEapCanReauthP(cred, target_name, time_req))
 
 #ifdef GSSEAP_ENABLE_REAUTH
     if (initialContextToken && gssEapCanReauthP(cred, target_name, time_req))

-            ctx->state = EAP_STATE_KRB_REAUTH_GSS;
+        ctx->state = EAP_STATE_KRB_REAUTH_GSS;

 #endif
 
     if ((cred->flags & CRED_FLAG_INITIATE) == 0) {
 #endif
 
     if ((cred->flags & CRED_FLAG_INITIATE) == 0) {

+        *minor = GSSEAP_CRED_USAGE_MISMATCH;

         major = GSS_S_NO_CRED;
         goto cleanup;
     }
         major = GSS_S_NO_CRED;
         goto cleanup;
     }


@@ -661,6 +674,7 @@ gss_init_sec_context(OM_uint32 *minor,
             goto cleanup;
 
         if (tokType != sm->inputTokenType) {
             goto cleanup;
 
         if (tokType != sm->inputTokenType) {

+            *minor = GSSEAP_WRONG_TOK_ID;

             major = GSS_S_DEFECTIVE_TOKEN;
             goto cleanup;
         }
             major = GSS_S_DEFECTIVE_TOKEN;
             goto cleanup;
         }

diff --git a/inquire_attrs_for_mech.c b/inquire_attrs_for_mech.c
index fdd8893..a40e63e 100644 (file)
--- a/inquire_attrs_for_mech.c
+++ b/inquire_attrs_for_mech.c
@@ -58,8 +58,10 @@ gss_inquire_attrs_for_mech(OM_uint32 *minor,
     if (known_mech_attrs != NULL)
         *known_mech_attrs = GSS_C_NO_OID_SET;
 
     if (known_mech_attrs != NULL)
         *known_mech_attrs = GSS_C_NO_OID_SET;
 

-    if (!gssEapIsConcreteMechanismOid((const gss_OID)mech_oid))
+    if (!gssEapIsConcreteMechanismOid((const gss_OID)mech_oid)) {
+        *minor = GSSEAP_WRONG_MECH;

         return GSS_S_BAD_MECH;
         return GSS_S_BAD_MECH;

+    }

 
     if (mech_attrs != NULL) {
         major = gss_create_empty_oid_set(minor, mech_attrs);
 
     if (mech_attrs != NULL) {
         major = gss_create_empty_oid_set(minor, mech_attrs);

diff --git a/inquire_names_for_mech.c b/inquire_names_for_mech.c
index e761739..8ceaa89 100644 (file)
--- a/inquire_names_for_mech.c
+++ b/inquire_names_for_mech.c
@@ -35,44 +35,38 @@
 OM_uint32
 gss_inquire_names_for_mech(OM_uint32 *minor,
                            gss_OID mechanism,
 OM_uint32
 gss_inquire_names_for_mech(OM_uint32 *minor,
                            gss_OID mechanism,

-                           gss_OID_set *name_types)
+                           gss_OID_set *ret_name_types)

 {
     OM_uint32 major, tmpMinor;
 {
     OM_uint32 major, tmpMinor;

+    gss_OID nameTypes[] = {
+        GSS_C_NT_USER_NAME,
+        GSS_C_NT_HOSTBASED_SERVICE,
+        GSS_C_NT_EXPORT_NAME,
+#ifdef HAVE_GSS_C_NT_COMPOSITE_EXPORT
+        GSS_C_NT_COMPOSITE_EXPORT,
+#endif
+        GSS_EAP_NT_PRINCIPAL_NAME,
+    };
+    size_t i;

 
     if (!gssEapIsMechanismOid(mechanism)) {
         *minor = 0;
         return GSS_S_BAD_MECH;
     }
 
 
     if (!gssEapIsMechanismOid(mechanism)) {
         *minor = 0;
         return GSS_S_BAD_MECH;
     }
 

-    major = gss_create_empty_oid_set(minor, name_types);
-    if (GSS_ERROR(major))
-        goto cleanup;
-
-    major = gss_add_oid_set_member(minor, GSS_C_NT_USER_NAME, name_types);
+    major = gss_create_empty_oid_set(minor, ret_name_types);

     if (GSS_ERROR(major))
         goto cleanup;
 
     if (GSS_ERROR(major))
         goto cleanup;
 

-    major = gss_add_oid_set_member(minor, GSS_C_NT_HOSTBASED_SERVICE, name_types);
-    if (GSS_ERROR(major))
-        goto cleanup;
-
-    major = gss_add_oid_set_member(minor, GSS_C_NT_EXPORT_NAME, name_types);
-    if (GSS_ERROR(major))
-        goto cleanup;
-
-#ifdef HAVE_GSS_C_NT_COMPOSITE_EXPORT
-    major = gss_add_oid_set_member(minor, GSS_C_NT_COMPOSITE_EXPORT, name_types);
-    if (GSS_ERROR(major))
-        goto cleanup;
-#endif
-
-    major = gss_add_oid_set_member(minor, GSS_EAP_NT_PRINCIPAL_NAME, name_types);
-    if (GSS_ERROR(major))
-        goto cleanup;
+    for (i = 0; i < sizeof(nameTypes)/sizeof(nameTypes[0]); i++) {
+        major = gss_add_oid_set_member(minor, nameTypes[i], ret_name_types);
+        if (GSS_ERROR(major))
+            goto cleanup;
+    }

 
 cleanup:
     if (GSS_ERROR(major))
 
 cleanup:
     if (GSS_ERROR(major))

-        gss_release_oid_set(&tmpMinor, name_types);
+        gss_release_oid_set(&tmpMinor, ret_name_types);

 
     return major;
 }
 
     return major;
 }

diff --git a/inquire_sec_context_by_oid.c b/inquire_sec_context_by_oid.c
index b147ccc..6413b28 100644 (file)
--- a/inquire_sec_context_by_oid.c
+++ b/inquire_sec_context_by_oid.c
@@ -113,6 +113,7 @@ gss_inquire_sec_context_by_oid(OM_uint32 *minor,
     GSSEAP_MUTEX_LOCK(&ctx->mutex);
 
     if (!CTX_IS_ESTABLISHED(ctx)) {
     GSSEAP_MUTEX_LOCK(&ctx->mutex);
 
     if (!CTX_IS_ESTABLISHED(ctx)) {

+        *minor = GSSEAP_CONTEXT_INCOMPLETE;

         major = GSS_S_NO_CONTEXT;
         goto cleanup;
     }
         major = GSS_S_NO_CONTEXT;
         goto cleanup;
     }

diff --git a/install-sh b/install-sh
index 4fbbae7..6781b98 100755 (executable)
--- a/install-sh
+++ b/install-sh
@@ -1,7 +1,7 @@
 #!/bin/sh
 # install - install a program, script, or datafile
 
 #!/bin/sh
 # install - install a program, script, or datafile
 

-scriptversion=2006-10-14.15
+scriptversion=2009-04-28.21; # UTC

 
 # This originates from X11R5 (mit/util/scripts/install.sh), which was
 # later released in X11R6 (xc/config/util/install.sh) with the
 
 # This originates from X11R5 (mit/util/scripts/install.sh), which was
 # later released in X11R6 (xc/config/util/install.sh) with the


@@ -48,7 +48,7 @@ IFS=" ""      $nl"
 # set DOITPROG to echo to test this script
 
 # Don't use :- since 4.3BSD and earlier shells don't like it.
 # set DOITPROG to echo to test this script
 
 # Don't use :- since 4.3BSD and earlier shells don't like it.

-doit="${DOITPROG-}"
+doit=${DOITPROG-}

 if test -z "$doit"; then
   doit_exec=exec
 else
 if test -z "$doit"; then
   doit_exec=exec
 else


@@ -58,34 +58,49 @@ fi
 # Put in absolute file names if you don't have them in your path;
 # or use environment vars.
 
 # Put in absolute file names if you don't have them in your path;
 # or use environment vars.
 

-mvprog="${MVPROG-mv}"
-cpprog="${CPPROG-cp}"
-chmodprog="${CHMODPROG-chmod}"
-chownprog="${CHOWNPROG-chown}"
-chgrpprog="${CHGRPPROG-chgrp}"
-stripprog="${STRIPPROG-strip}"
-rmprog="${RMPROG-rm}"
-mkdirprog="${MKDIRPROG-mkdir}"
+chgrpprog=${CHGRPPROG-chgrp}
+chmodprog=${CHMODPROG-chmod}
+chownprog=${CHOWNPROG-chown}
+cmpprog=${CMPPROG-cmp}
+cpprog=${CPPROG-cp}
+mkdirprog=${MKDIRPROG-mkdir}
+mvprog=${MVPROG-mv}
+rmprog=${RMPROG-rm}
+stripprog=${STRIPPROG-strip}
+
+posix_glob='?'
+initialize_posix_glob='
+  test "$posix_glob" != "?" || {
+    if (set -f) 2>/dev/null; then
+      posix_glob=
+    else
+      posix_glob=:
+    fi
+  }
+'

 
 

-posix_glob=

 posix_mkdir=
 
 # Desired mode of installed file.
 mode=0755
 
 posix_mkdir=
 
 # Desired mode of installed file.
 mode=0755
 

+chgrpcmd=

 chmodcmd=$chmodprog
 chowncmd=
 chmodcmd=$chmodprog
 chowncmd=

-chgrpcmd=
-stripcmd=
+mvcmd=$mvprog

 rmcmd="$rmprog -f"
 rmcmd="$rmprog -f"

-mvcmd="$mvprog"
+stripcmd=
+

 src=
 dst=
 dir_arg=
 src=
 dst=
 dir_arg=

-dstarg=
+dst_arg=
+
+copy_on_change=false

 no_target_directory=
 
 no_target_directory=
 

-usage="Usage: $0 [OPTION]... [-T] SRCFILE DSTFILE
+usage="\
+Usage: $0 [OPTION]... [-T] SRCFILE DSTFILE

    or: $0 [OPTION]... SRCFILES... DIRECTORY
    or: $0 [OPTION]... -t DIRECTORY SRCFILES...
    or: $0 [OPTION]... -d DIRECTORIES...
    or: $0 [OPTION]... SRCFILES... DIRECTORY
    or: $0 [OPTION]... -t DIRECTORY SRCFILES...
    or: $0 [OPTION]... -d DIRECTORIES...


@@ -95,65 +110,55 @@ In the 2nd and 3rd, copy all SRCFILES to DIRECTORY.
 In the 4th, create DIRECTORIES.
 
 Options:
 In the 4th, create DIRECTORIES.
 
 Options:

--c         (ignored)
--d         create directories instead of installing files.
--g GROUP   $chgrpprog installed files to GROUP.
--m MODE    $chmodprog installed files to MODE.
--o USER    $chownprog installed files to USER.
--s         $stripprog installed files.
--t DIRECTORY  install into DIRECTORY.
--T         report an error if DSTFILE is a directory.
---help     display this help and exit.
---version  display version info and exit.
+     --help     display this help and exit.
+     --version  display version info and exit.
+
+  -c            (ignored)
+  -C            install only if different (preserve the last data modification time)
+  -d            create directories instead of installing files.
+  -g GROUP      $chgrpprog installed files to GROUP.
+  -m MODE       $chmodprog installed files to MODE.
+  -o USER       $chownprog installed files to USER.
+  -s            $stripprog installed files.
+  -t DIRECTORY  install into DIRECTORY.
+  -T            report an error if DSTFILE is a directory.

 
 Environment variables override the default commands:
 
 Environment variables override the default commands:

-  CHGRPPROG CHMODPROG CHOWNPROG CPPROG MKDIRPROG MVPROG RMPROG STRIPPROG
+  CHGRPPROG CHMODPROG CHOWNPROG CMPPROG CPPROG MKDIRPROG MVPROG
+  RMPROG STRIPPROG

 "
 
 while test $# -ne 0; do
   case $1 in
 "
 
 while test $# -ne 0; do
   case $1 in

-    -c) shift
-        continue;;
+    -c) ;;
+
+    -C) copy_on_change=true;;

 
 

-    -d) dir_arg=true
-        shift
-        continue;;
+    -d) dir_arg=true;;

 
     -g) chgrpcmd="$chgrpprog $2"
 
     -g) chgrpcmd="$chgrpprog $2"

-        shift
-        shift
-        continue;;
+       shift;;

 
     --help) echo "$usage"; exit $?;;
 
     -m) mode=$2
 
     --help) echo "$usage"; exit $?;;
 
     -m) mode=$2

-        shift
-        shift

        case $mode in
          *' '* | *'    '* | *'
 '*       | *'*'* | *'?'* | *'['*)
            echo "$0: invalid mode: $mode" >&2
            exit 1;;
        esac
        case $mode in
          *' '* | *'    '* | *'
 '*       | *'*'* | *'?'* | *'['*)
            echo "$0: invalid mode: $mode" >&2
            exit 1;;
        esac

-        continue;;
+       shift;;

 
     -o) chowncmd="$chownprog $2"
 
     -o) chowncmd="$chownprog $2"

-        shift
-        shift
-        continue;;
+       shift;;

 
 

-    -s) stripcmd=$stripprog
-        shift
-        continue;;
+    -s) stripcmd=$stripprog;;

 
 

-    -t) dstarg=$2
-       shift
-       shift
-       continue;;
+    -t) dst_arg=$2
+       shift;;

 
 

-    -T) no_target_directory=true
-       shift
-       continue;;
+    -T) no_target_directory=true;;

 
     --version) echo "$0 $scriptversion"; exit $?;;
 
 
     --version) echo "$0 $scriptversion"; exit $?;;
 


@@ -165,21 +170,22 @@ while test $# -ne 0; do
 
     *)  break;;
   esac
 
     *)  break;;
   esac

+  shift

 done
 
 done
 

-if test $# -ne 0 && test -z "$dir_arg$dstarg"; then
+if test $# -ne 0 && test -z "$dir_arg$dst_arg"; then

   # When -d is used, all remaining arguments are directories to create.
   # When -t is used, the destination is already specified.
   # Otherwise, the last argument is the destination.  Remove it from $@.
   for arg
   do
   # When -d is used, all remaining arguments are directories to create.
   # When -t is used, the destination is already specified.
   # Otherwise, the last argument is the destination.  Remove it from $@.
   for arg
   do

-    if test -n "$dstarg"; then
+    if test -n "$dst_arg"; then

       # $@ is not empty: it contains at least $arg.
       # $@ is not empty: it contains at least $arg.

-      set fnord "$@" "$dstarg"
+      set fnord "$@" "$dst_arg"

       shift # fnord
     fi
     shift # arg
       shift # fnord
     fi
     shift # arg

-    dstarg=$arg
+    dst_arg=$arg

   done
 fi
 
   done
 fi
 


@@ -224,7 +230,7 @@ for src
 do
   # Protect names starting with `-'.
   case $src in
 do
   # Protect names starting with `-'.
   case $src in

-    -*) src=./$src ;;
+    -*) src=./$src;;

   esac
 
   if test -n "$dir_arg"; then
   esac
 
   if test -n "$dir_arg"; then


@@ -242,22 +248,22 @@ do
       exit 1
     fi
 
       exit 1
     fi
 

-    if test -z "$dstarg"; then
+    if test -z "$dst_arg"; then

       echo "$0: no destination specified." >&2
       exit 1
     fi
 
       echo "$0: no destination specified." >&2
       exit 1
     fi
 

-    dst=$dstarg
+    dst=$dst_arg

     # Protect names starting with `-'.
     case $dst in
     # Protect names starting with `-'.
     case $dst in

-      -*) dst=./$dst ;;
+      -*) dst=./$dst;;

     esac
 
     # If destination is a directory, append the input filename; won't work
     # if double slashes aren't ignored.
     if test -d "$dst"; then
       if test -n "$no_target_directory"; then
     esac
 
     # If destination is a directory, append the input filename; won't work
     # if double slashes aren't ignored.
     if test -d "$dst"; then
       if test -n "$no_target_directory"; then

-       echo "$0: $dstarg: Is a directory" >&2
+       echo "$0: $dst_arg: Is a directory" >&2

        exit 1
       fi
       dstdir=$dst
        exit 1
       fi
       dstdir=$dst


@@ -378,26 +384,19 @@ do
       # directory the slow way, step by step, checking for races as we go.
 
       case $dstdir in
       # directory the slow way, step by step, checking for races as we go.
 
       case $dstdir in

-       /*) prefix=/ ;;
-       -*) prefix=./ ;;
-       *)  prefix= ;;
+       /*) prefix='/';;
+       -*) prefix='./';;
+       *)  prefix='';;

       esac
 
       esac
 

-      case $posix_glob in
-        '')
-         if (set -f) 2>/dev/null; then
-           posix_glob=true
-         else
-           posix_glob=false
-         fi ;;
-      esac
+      eval "$initialize_posix_glob"

 
       oIFS=$IFS
       IFS=/
 
       oIFS=$IFS
       IFS=/

-      $posix_glob && set -f
+      $posix_glob set -f

       set fnord $dstdir
       shift
       set fnord $dstdir
       shift

-      $posix_glob && set +f
+      $posix_glob set +f

       IFS=$oIFS
 
       prefixes=
       IFS=$oIFS
 
       prefixes=


@@ -459,41 +458,54 @@ do
     # ignore errors from any of these, just make sure not to ignore
     # errors from the above "$doit $cpprog $src $dsttmp" command.
     #
     # ignore errors from any of these, just make sure not to ignore
     # errors from the above "$doit $cpprog $src $dsttmp" command.
     #

-    { test -z "$chowncmd" || $doit $chowncmd "$dsttmp"; } \
-      && { test -z "$chgrpcmd" || $doit $chgrpcmd "$dsttmp"; } \
-      && { test -z "$stripcmd" || $doit $stripcmd "$dsttmp"; } \
-      && { test -z "$chmodcmd" || $doit $chmodcmd $mode "$dsttmp"; } &&
-
-    # Now rename the file to the real destination.
-    { $doit $mvcmd -f "$dsttmp" "$dst" 2>/dev/null \
-      || {
-          # The rename failed, perhaps because mv can't rename something else
-          # to itself, or perhaps because mv is so ancient that it does not
-          # support -f.
-
-          # Now remove or move aside any old file at destination location.
-          # We try this two ways since rm can't unlink itself on some
-          # systems and the destination file might be busy for other
-          # reasons.  In this case, the final cleanup might fail but the new
-          # file should still install successfully.
-          {
-            if test -f "$dst"; then
-              $doit $rmcmd -f "$dst" 2>/dev/null \
-              || { $doit $mvcmd -f "$dst" "$rmtmp" 2>/dev/null \
-                    && { $doit $rmcmd -f "$rmtmp" 2>/dev/null; :; }; }\
-              || {
-                echo "$0: cannot unlink or rename $dst" >&2
-                (exit 1); exit 1
-              }
-            else
-              :
-            fi
-          } &&
-
-          # Now rename the file to the real destination.
-          $doit $mvcmd "$dsttmp" "$dst"
-        }
-    } || exit 1
+    { test -z "$chowncmd" || $doit $chowncmd "$dsttmp"; } &&
+    { test -z "$chgrpcmd" || $doit $chgrpcmd "$dsttmp"; } &&
+    { test -z "$stripcmd" || $doit $stripcmd "$dsttmp"; } &&
+    { test -z "$chmodcmd" || $doit $chmodcmd $mode "$dsttmp"; } &&
+
+    # If -C, don't bother to copy if it wouldn't change the file.
+    if $copy_on_change &&
+       old=`LC_ALL=C ls -dlL "$dst"    2>/dev/null` &&
+       new=`LC_ALL=C ls -dlL "$dsttmp" 2>/dev/null` &&
+
+       eval "$initialize_posix_glob" &&
+       $posix_glob set -f &&
+       set X $old && old=:$2:$4:$5:$6 &&
+       set X $new && new=:$2:$4:$5:$6 &&
+       $posix_glob set +f &&
+
+       test "$old" = "$new" &&
+       $cmpprog "$dst" "$dsttmp" >/dev/null 2>&1
+    then
+      rm -f "$dsttmp"
+    else
+      # Rename the file to the real destination.
+      $doit $mvcmd -f "$dsttmp" "$dst" 2>/dev/null ||
+
+      # The rename failed, perhaps because mv can't rename something else
+      # to itself, or perhaps because mv is so ancient that it does not
+      # support -f.
+      {
+       # Now remove or move aside any old file at destination location.
+       # We try this two ways since rm can't unlink itself on some
+       # systems and the destination file might be busy for other
+       # reasons.  In this case, the final cleanup might fail but the new
+       # file should still install successfully.
+       {
+         test ! -f "$dst" ||
+         $doit $rmcmd -f "$dst" 2>/dev/null ||
+         { $doit $mvcmd -f "$dst" "$rmtmp" 2>/dev/null &&
+           { $doit $rmcmd -f "$rmtmp" 2>/dev/null; :; }
+         } ||
+         { echo "$0: cannot unlink or rename $dst" >&2
+           (exit 1); exit 1
+         }
+       } &&
+
+       # Now rename the file to the real destination.
+       $doit $mvcmd "$dsttmp" "$dst"
+      }
+    fi || exit 1

 
     trap '' 0
   fi
 
     trap '' 0
   fi


@@ -503,5 +515,6 @@ done
 # eval: (add-hook 'write-file-hooks 'time-stamp)
 # time-stamp-start: "scriptversion="
 # time-stamp-format: "%:y-%02m-%02d.%02H"
 # eval: (add-hook 'write-file-hooks 'time-stamp)
 # time-stamp-start: "scriptversion="
 # time-stamp-format: "%:y-%02m-%02d.%02H"

-# time-stamp-end: "$"
+# time-stamp-time-zone: "UTC"
+# time-stamp-end: "; # UTC"

 # End:
 # End:

diff --git a/process_context_token.c b/process_context_token.c
index 32e657c..daba6f8 100644 (file)
--- a/process_context_token.c
+++ b/process_context_token.c
@@ -49,6 +49,7 @@ gss_process_context_token(OM_uint32 *minor,
 
     if (!CTX_IS_ESTABLISHED(ctx)) {
         GSSEAP_MUTEX_UNLOCK(&ctx->mutex);
 
     if (!CTX_IS_ESTABLISHED(ctx)) {
         GSSEAP_MUTEX_UNLOCK(&ctx->mutex);

+        *minor = GSSEAP_CONTEXT_INCOMPLETE;

         return GSS_S_NO_CONTEXT;
     }
 
         return GSS_S_NO_CONTEXT;
     }
 

diff --git a/pseudo_random.c b/pseudo_random.c
index f07e099..7895060 100644 (file)
--- a/pseudo_random.c
+++ b/pseudo_random.c
@@ -85,6 +85,7 @@ gss_pseudo_random(OM_uint32 *minor,
 
     if (!CTX_IS_ESTABLISHED(ctx)) {
         GSSEAP_MUTEX_UNLOCK(&ctx->mutex);
 
     if (!CTX_IS_ESTABLISHED(ctx)) {
         GSSEAP_MUTEX_UNLOCK(&ctx->mutex);

+        *minor = GSSEAP_CONTEXT_INCOMPLETE;

         return GSS_S_NO_CONTEXT;
     }
 
         return GSS_S_NO_CONTEXT;
     }
 

diff --git a/radsec_err.et b/radsec_err.et
new file mode 100644 (file)
index 0000000..07aa549
--- /dev/null
+++ b/radsec_err.et
@@ -0,0 +1,36 @@
+#
+# Copyright (c) 2010, JANET(UK)
+#  All rights reserved.
+# 
+#  Redistribution and use in source and binary forms, with or without
+#  modification, are permitted provided that the following conditions
+#  are met:
+# 
+#  1. Redistributions of source code must retain the above copyright
+#     notice, this list of conditions and the following disclaimer.
+# 
+#  2. Redistributions in binary form must reproduce the above copyright
+#     notice, this list of conditions and the following disclaimer in the
+#     documentation and/or other materials provided with the distribution.
+# 
+#  3. Neither the name of JANET(UK) nor the names of its contributors
+#     may be used to endorse or promote products derived from this software
+#     without specific prior written permission.
+# 
+#  THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+#  AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+#  IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+#  ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
+#  FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+#  DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+#  OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+#  HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+#  LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+#  OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+#  SUCH DAMAGE.
+#
+
+# Placeholders only
+error_table rse
+
+end

diff --git a/unwrap.c b/unwrap.c
index cd8196f..911fd2b 100644 (file)
--- a/unwrap.c
+++ b/unwrap.c
@@ -54,6 +54,7 @@ gss_unwrap(OM_uint32 *minor,
 
     if (!CTX_IS_ESTABLISHED(ctx)) {
         major = GSS_S_NO_CONTEXT;
 
     if (!CTX_IS_ESTABLISHED(ctx)) {
         major = GSS_S_NO_CONTEXT;

+        *minor = GSSEAP_CONTEXT_INCOMPLETE;

         goto cleanup;
     }
 
         goto cleanup;
     }
 

diff --git a/unwrap_iov.c b/unwrap_iov.c
index 705cbc1..a5a2c2f 100644 (file)
--- a/unwrap_iov.c
+++ b/unwrap_iov.c
@@ -294,7 +294,7 @@ unwrapStream(OM_uint32 *minor,
     assert(toktype == TOK_TYPE_WRAP);
 
     if (toktype != TOK_TYPE_WRAP) {
     assert(toktype == TOK_TYPE_WRAP);
 
     if (toktype != TOK_TYPE_WRAP) {

-        code = EINVAL;
+        code = GSSEAP_WRONG_TOK_ID;

         goto cleanup;
     }
 
         goto cleanup;
     }
 


@@ -330,7 +330,7 @@ unwrapStream(OM_uint32 *minor,
         if (type == GSS_IOV_BUFFER_TYPE_DATA) {
             if (data != NULL) {
                 /* only a single DATA buffer can appear */
         if (type == GSS_IOV_BUFFER_TYPE_DATA) {
             if (data != NULL) {
                 /* only a single DATA buffer can appear */

-                code = EINVAL;
+                code = GSSEAP_BAD_STREAM_IOV;

                 goto cleanup;
             }
 
                 goto cleanup;
             }
 


@@ -344,7 +344,7 @@ unwrapStream(OM_uint32 *minor,
 
     if (data == NULL) {
         /* a single DATA buffer must be present */
 
     if (data == NULL) {
         /* a single DATA buffer must be present */

-        code = EINVAL;
+        code = GSSEAP_BAD_STREAM_IOV;

         goto cleanup;
     }
 
         goto cleanup;
     }
 


@@ -405,7 +405,7 @@ unwrapStream(OM_uint32 *minor,
     if (stream->buffer.length < theader->buffer.length +
         tpadding->buffer.length +
         ttrailer->buffer.length) {
     if (stream->buffer.length < theader->buffer.length +
         tpadding->buffer.length +
         ttrailer->buffer.length) {

-        code = KRB5_BAD_MSIZE;
+        code = GSSEAP_WRONG_SIZE;

         major = GSS_S_DEFECTIVE_TOKEN;
         goto cleanup;
     }
         major = GSS_S_DEFECTIVE_TOKEN;
         goto cleanup;
     }


@@ -484,7 +484,7 @@ gss_unwrap_iov(OM_uint32 *minor,
                gss_iov_buffer_desc *iov,
                int iov_count)
 {
                gss_iov_buffer_desc *iov,
                int iov_count)
 {

-    OM_uint32 major = GSS_S_NO_CONTEXT;
+    OM_uint32 major;

 
     if (ctx == GSS_C_NO_CONTEXT) {
         *minor = EINVAL;
 
     if (ctx == GSS_C_NO_CONTEXT) {
         *minor = EINVAL;


@@ -495,11 +495,18 @@ gss_unwrap_iov(OM_uint32 *minor,
 
     GSSEAP_MUTEX_LOCK(&ctx->mutex);
 
 
     GSSEAP_MUTEX_LOCK(&ctx->mutex);
 

-    if (CTX_IS_ESTABLISHED(ctx)) {
-        major = gssEapUnwrapOrVerifyMIC(minor, ctx, conf_state, qop_state,
-                                        iov, iov_count, TOK_TYPE_WRAP);
+    if (!CTX_IS_ESTABLISHED(ctx)) {
+        *minor = GSSEAP_CONTEXT_INCOMPLETE;
+        major = GSS_S_NO_CONTEXT;
+        goto cleanup;

     }
 
     }
 

+    major = gssEapUnwrapOrVerifyMIC(minor, ctx, conf_state, qop_state,
+                                    iov, iov_count, TOK_TYPE_WRAP);
+    if (GSS_ERROR(major))
+        goto cleanup;
+
+cleanup:

     GSSEAP_MUTEX_UNLOCK(&ctx->mutex);
 
     return major;
     GSSEAP_MUTEX_UNLOCK(&ctx->mutex);
 
     return major;

diff --git a/util_attr.cpp b/util_attr.cpp
index 89296e6..57af9cd 100644 (file)
--- a/util_attr.cpp
+++ b/util_attr.cpp
@@ -62,9 +62,13 @@ gssEapAttrProvidersInitInternal(void)
 }
 
 static OM_uint32
 }
 
 static OM_uint32

-gssEapAttrProvidersInit(void)
+gssEapAttrProvidersInit(OM_uint32 *minor)

 {
     GSSEAP_ONCE(&gssEapAttrProvidersInitOnce, gssEapAttrProvidersInitInternal);
 {
     GSSEAP_ONCE(&gssEapAttrProvidersInitOnce, gssEapAttrProvidersInitInternal);

+
+    if (GSS_ERROR(gssEapAttrProvidersInitStatus))
+        *minor = GSSEAP_NO_ATTR_PROVIDERS;
+

     return gssEapAttrProvidersInitStatus;
 }
 
     return gssEapAttrProvidersInitStatus;
 }
 


@@ -729,15 +733,20 @@ gssEapInquireName(OM_uint32 *minor,
                   gss_OID *MN_mech,
                   gss_buffer_set_t *attrs)
 {
                   gss_OID *MN_mech,
                   gss_buffer_set_t *attrs)
 {

-    if (name->attrCtx == NULL)
+    if (name->attrCtx == NULL) {
+        *minor = GSSEAP_NO_ATTR_CONTEXT;

         return GSS_S_UNAVAILABLE;
         return GSS_S_UNAVAILABLE;

+    }

 
 

-    if (GSS_ERROR(gssEapAttrProvidersInit()))
+    if (GSS_ERROR(gssEapAttrProvidersInit(minor))) {

         return GSS_S_UNAVAILABLE;
         return GSS_S_UNAVAILABLE;

+    }

 
     try {
 
     try {

-        if (!name->attrCtx->getAttributeTypes(attrs))
+        if (!name->attrCtx->getAttributeTypes(attrs)) {
+            *minor = GSSEAP_NO_ATTR_CONTEXT;

             return GSS_S_UNAVAILABLE;
             return GSS_S_UNAVAILABLE;

+        }

     } catch (std::exception &e) {
         return mapException(minor, e);
     }
     } catch (std::exception &e) {
         return mapException(minor, e);
     }


@@ -768,16 +777,23 @@ gssEapGetNameAttribute(OM_uint32 *minor,
         display_value->value = NULL;
     }
 
         display_value->value = NULL;
     }
 

-    if (name->attrCtx == NULL)
+    if (name->attrCtx == NULL) {
+        *minor = GSSEAP_NO_ATTR_CONTEXT;

         return GSS_S_UNAVAILABLE;
         return GSS_S_UNAVAILABLE;

+    }

 
 

-    if (GSS_ERROR(gssEapAttrProvidersInit()))
+    if (GSS_ERROR(gssEapAttrProvidersInit(minor))) {

         return GSS_S_UNAVAILABLE;
         return GSS_S_UNAVAILABLE;

+    }

 
     try {
         if (!name->attrCtx->getAttribute(attr, authenticated, complete,
 
     try {
         if (!name->attrCtx->getAttribute(attr, authenticated, complete,

-                                         value, display_value, more))
+                                         value, display_value, more)) {
+            *minor = GSSEAP_NO_SUCH_ATTR;
+            gssEapSaveStatusInfo(*minor, "Unknown naming attribute %.*s",
+                                 (int)attr->length, (char *)attr->value);

             return GSS_S_UNAVAILABLE;
             return GSS_S_UNAVAILABLE;

+        }

     } catch (std::exception &e) {
         return mapException(minor, e);
     }
     } catch (std::exception &e) {
         return mapException(minor, e);
     }


@@ -790,10 +806,12 @@ gssEapDeleteNameAttribute(OM_uint32 *minor,
                           gss_name_t name,
                           gss_buffer_t attr)
 {
                           gss_name_t name,
                           gss_buffer_t attr)
 {

-    if (name->attrCtx == NULL)
+    if (name->attrCtx == NULL) {
+        *minor = GSSEAP_NO_ATTR_CONTEXT;

         return GSS_S_UNAVAILABLE;
         return GSS_S_UNAVAILABLE;

+    }

 
 

-    if (GSS_ERROR(gssEapAttrProvidersInit()))
+    if (GSS_ERROR(gssEapAttrProvidersInit(minor)))

         return GSS_S_UNAVAILABLE;
 
     try {
         return GSS_S_UNAVAILABLE;
 
     try {


@@ -812,10 +830,12 @@ gssEapSetNameAttribute(OM_uint32 *minor,
                        gss_buffer_t attr,
                        gss_buffer_t value)
 {
                        gss_buffer_t attr,
                        gss_buffer_t value)
 {

-    if (name->attrCtx == NULL)
+    if (name->attrCtx == NULL) {
+        *minor = GSSEAP_NO_ATTR_CONTEXT;

         return GSS_S_UNAVAILABLE;
         return GSS_S_UNAVAILABLE;

+    }

 
 

-    if (GSS_ERROR(gssEapAttrProvidersInit()))
+    if (GSS_ERROR(gssEapAttrProvidersInit(minor)))

         return GSS_S_UNAVAILABLE;
 
     try {
         return GSS_S_UNAVAILABLE;
 
     try {


@@ -839,7 +859,7 @@ gssEapExportAttrContext(OM_uint32 *minor,
         return GSS_S_COMPLETE;
     }
 
         return GSS_S_COMPLETE;
     }
 

-    if (GSS_ERROR(gssEapAttrProvidersInit()))
+    if (GSS_ERROR(gssEapAttrProvidersInit(minor)))

         return GSS_S_UNAVAILABLE;
 
     try {
         return GSS_S_UNAVAILABLE;
 
     try {


@@ -860,7 +880,7 @@ gssEapImportAttrContext(OM_uint32 *minor,
 
     assert(name->attrCtx == NULL);
 
 
     assert(name->attrCtx == NULL);
 

-    if (GSS_ERROR(gssEapAttrProvidersInit()))
+    if (GSS_ERROR(gssEapAttrProvidersInit(minor)))

         return GSS_S_UNAVAILABLE;
 
     if (buffer->length != 0) {
         return GSS_S_UNAVAILABLE;
 
     if (buffer->length != 0) {


@@ -869,6 +889,7 @@ gssEapImportAttrContext(OM_uint32 *minor,
 
             if (!ctx->initFromBuffer(buffer)) {
                 delete ctx;
 
             if (!ctx->initFromBuffer(buffer)) {
                 delete ctx;

+                *minor = GSSEAP_BAD_ATTR_TOKEN;

                 return GSS_S_DEFECTIVE_TOKEN;
             }
             name->attrCtx = ctx;
                 return GSS_S_DEFECTIVE_TOKEN;
             }
             name->attrCtx = ctx;


@@ -890,7 +911,7 @@ gssEapDuplicateAttrContext(OM_uint32 *minor,
 
     assert(out->attrCtx == NULL);
 
 
     assert(out->attrCtx == NULL);
 

-    if (GSS_ERROR(gssEapAttrProvidersInit()))
+    if (GSS_ERROR(gssEapAttrProvidersInit(minor)))

         return GSS_S_UNAVAILABLE;
 
     try {
         return GSS_S_UNAVAILABLE;
 
     try {


@@ -898,6 +919,7 @@ gssEapDuplicateAttrContext(OM_uint32 *minor,
             ctx = new gss_eap_attr_ctx();
             if (!ctx->initFromExistingContext(in->attrCtx)) {
                 delete ctx;
             ctx = new gss_eap_attr_ctx();
             if (!ctx->initFromExistingContext(in->attrCtx)) {
                 delete ctx;

+                *minor = GSSEAP_ATTR_CONTEXT_FAILURE;

                 return GSS_S_FAILURE;
             }
             out->attrCtx = ctx;
                 return GSS_S_FAILURE;
             }
             out->attrCtx = ctx;


@@ -917,10 +939,12 @@ gssEapMapNameToAny(OM_uint32 *minor,
                    gss_buffer_t type_id,
                    gss_any_t *output)
 {
                    gss_buffer_t type_id,
                    gss_any_t *output)
 {

-    if (name->attrCtx == NULL)
+    if (name->attrCtx == NULL) {
+        *minor = GSSEAP_NO_ATTR_CONTEXT;

         return GSS_S_UNAVAILABLE;
         return GSS_S_UNAVAILABLE;

+    }

 
 

-    if (GSS_ERROR(gssEapAttrProvidersInit()))
+    if (GSS_ERROR(gssEapAttrProvidersInit(minor)))

         return GSS_S_UNAVAILABLE;
 
     try {
         return GSS_S_UNAVAILABLE;
 
     try {


@@ -938,10 +962,12 @@ gssEapReleaseAnyNameMapping(OM_uint32 *minor,
                             gss_buffer_t type_id,
                             gss_any_t *input)
 {
                             gss_buffer_t type_id,
                             gss_any_t *input)
 {

-    if (name->attrCtx == NULL)
+    if (name->attrCtx == NULL) {
+        *minor = GSSEAP_NO_ATTR_CONTEXT;

         return GSS_S_UNAVAILABLE;
         return GSS_S_UNAVAILABLE;

+    }

 
 

-    if (GSS_ERROR(gssEapAttrProvidersInit()))
+    if (GSS_ERROR(gssEapAttrProvidersInit(minor)))

         return GSS_S_UNAVAILABLE;
 
     try {
         return GSS_S_UNAVAILABLE;
 
     try {


@@ -974,10 +1000,11 @@ gssEapCreateAttrContext(gss_cred_id_t gssCred,
                         gss_ctx_id_t gssCtx)
 {
     gss_eap_attr_ctx *ctx;
                         gss_ctx_id_t gssCtx)
 {
     gss_eap_attr_ctx *ctx;

+    OM_uint32 tmpMinor;

 
     assert(gssCtx != GSS_C_NO_CONTEXT);
 
 
     assert(gssCtx != GSS_C_NO_CONTEXT);
 

-    if (GSS_ERROR(gssEapAttrProvidersInit()))
+    if (GSS_ERROR(gssEapAttrProvidersInit(&tmpMinor)))

         return NULL;
 
     ctx = new gss_eap_attr_ctx();
         return NULL;
 
     ctx = new gss_eap_attr_ctx();

diff --git a/util_context.c b/util_context.c
index 0998369..ae3712a 100644 (file)
--- a/util_context.c
+++ b/util_context.c
@@ -190,8 +190,10 @@ gssEapVerifyToken(OM_uint32 *minor,
         return major;
 
     if (ctx->mechanismUsed == GSS_C_NO_OID) {
         return major;
 
     if (ctx->mechanismUsed == GSS_C_NO_OID) {

-        if (!gssEapIsConcreteMechanismOid(oid))
+        if (!gssEapIsConcreteMechanismOid(oid)) {
+            *minor = GSSEAP_WRONG_MECH;

             return GSS_S_BAD_MECH;
             return GSS_S_BAD_MECH;

+        }

 
         if (!gssEapInternalizeOid(oid, &ctx->mechanismUsed)) {
             major = duplicateOid(minor, oid, &ctx->mechanismUsed);
 
         if (!gssEapInternalizeOid(oid, &ctx->mechanismUsed)) {
             major = duplicateOid(minor, oid, &ctx->mechanismUsed);

diff --git a/util_cred.c b/util_cred.c
index f85639c..58700c7 100644 (file)
--- a/util_cred.c
+++ b/util_cred.c
@@ -180,6 +180,7 @@ gssEapAcquireCred(OM_uint32 *minor,
         cred->flags |= CRED_FLAG_ACCEPT;
         break;
     default:
         cred->flags |= CRED_FLAG_ACCEPT;
         break;
     default:

+        *minor = GSSEAP_BAD_USAGE;

         major = GSS_S_FAILURE;
         goto cleanup;
         break;
         major = GSS_S_FAILURE;
         goto cleanup;
         break;

diff --git a/util_name.c b/util_name.c
index cc224b5..b3f061f 100644 (file)
--- a/util_name.c
+++ b/util_name.c
@@ -227,7 +227,7 @@ importUserName(OM_uint32 *minor,
 
 #define CHECK_REMAIN(n)     do {        \
         if (remain < (n)) {             \
 
 #define CHECK_REMAIN(n)     do {        \
         if (remain < (n)) {             \

-            *minor = ERANGE;            \
+            *minor = GSSEAP_WRONG_SIZE; \

             major = GSS_S_BAD_NAME;     \
             goto cleanup;               \
         }                               \
             major = GSS_S_BAD_NAME;     \
             goto cleanup;               \
         }                               \

diff --git a/util_oid.c b/util_oid.c
index 9586689..45c37d8 100644 (file)
--- a/util_oid.c
+++ b/util_oid.c
@@ -101,7 +101,7 @@ composeOid(OM_uint32 *minor,
         return GSS_S_FAILURE;
     }
     if (oid->length < prefix_len) {
         return GSS_S_FAILURE;
     }
     if (oid->length < prefix_len) {

-        *minor = ERANGE;
+        *minor = GSSEAP_WRONG_SIZE;

         return GSS_S_FAILURE;
     }
 
         return GSS_S_FAILURE;
     }
 


@@ -160,7 +160,7 @@ decomposeOid(OM_uint32 *minor,
     for (i = 0; i < slen; i++) {
         *suffix = (*suffix << 7) | (op[i] & 0x7f);
         if (i + 1 != slen && (op[i] & 0x80) == 0) {
     for (i = 0; i < slen; i++) {
         *suffix = (*suffix << 7) | (op[i] & 0x7f);
         if (i + 1 != slen && (op[i] & 0x80) == 0) {

-            *minor = EINVAL;
+            *minor = GSSEAP_WRONG_SIZE;

             return GSS_S_FAILURE;
         }
     }
             return GSS_S_FAILURE;
         }
     }

diff --git a/util_radius.cpp b/util_radius.cpp
index 0237eed..3aef0db 100644 (file)
--- a/util_radius.cpp
+++ b/util_radius.cpp
@@ -514,8 +514,12 @@ gssEapRadiusFreeAvps(OM_uint32 *minor,
 OM_uint32
 gssEapRadiusAttrProviderInit(OM_uint32 *minor)
 {
 OM_uint32
 gssEapRadiusAttrProviderInit(OM_uint32 *minor)
 {

-    return gss_eap_radius_attr_provider::init()
-        ? GSS_S_COMPLETE : GSS_S_FAILURE;
+    if (!gss_eap_radius_attr_provider::init()) {
+        *minor = GSSEAP_RADSEC_INIT_FAILURE;
+        return GSS_S_FAILURE;
+    }
+
+    return GSS_S_COMPLETE;

 }
 
 OM_uint32
 }
 
 OM_uint32


@@ -712,8 +716,6 @@ gss_eap_radius_attr_provider::getExpiryTime(void) const
 }
 
 /* partition error namespace so it does not conflict with krb5 */
 }
 
 /* partition error namespace so it does not conflict with krb5 */

-#define ERROR_TABLE_BASE_rse (46882560L)
-

 #define RS_TO_COM_ERR(rse)                  ((rse) == RSE_OK ? 0 : (rse) + ERROR_TABLE_BASE_rse)
 #define COM_TO_RS_ERR(err)                  ((err) > ERROR_TABLE_BASE_rse && \
                                              (err) <= (ERROR_TABLE_BASE_rse + RSE_SOME_ERROR) ? \
 #define RS_TO_COM_ERR(rse)                  ((rse) == RSE_OK ? 0 : (rse) + ERROR_TABLE_BASE_rse)
 #define COM_TO_RS_ERR(err)                  ((err) > ERROR_TABLE_BASE_rse && \
                                              (err) <= (ERROR_TABLE_BASE_rse + RSE_SOME_ERROR) ? \


@@ -732,7 +734,7 @@ gssEapRadiusMapError(OM_uint32 *minor,
 
     *minor = RS_TO_COM_ERR(code);
 
 
     *minor = RS_TO_COM_ERR(code);
 

-    gssEapSaveStatusInfo(*minor, "radsec: %s", rs_err_msg(err, 0));
+    gssEapSaveStatusInfo(*minor, "%s", rs_err_msg(err, 0));

 
     rs_err_free(err);
     return GSS_S_FAILURE;
 
     rs_err_free(err);
     return GSS_S_FAILURE;

diff --git a/util_saml.cpp b/util_saml.cpp
index f9a74ee..820896f 100644 (file)
--- a/util_saml.cpp
+++ b/util_saml.cpp
@@ -584,11 +584,13 @@ gss_eap_saml_attr_provider::createAttrContext(void)
 OM_uint32
 gssEapSamlAttrProvidersInit(OM_uint32 *minor)
 {
 OM_uint32
 gssEapSamlAttrProvidersInit(OM_uint32 *minor)
 {

-    if (gss_eap_saml_assertion_provider::init() &&
-        gss_eap_saml_attr_provider::init())
-        return GSS_S_COMPLETE;
+    if (!gss_eap_saml_assertion_provider::init() ||
+        !gss_eap_saml_attr_provider::init()) {
+        *minor = GSSEAP_SAML_INIT_FAILURE;
+        return GSS_S_FAILURE;
+    }

 
 

-    return GSS_S_FAILURE;
+    return GSS_S_COMPLETE;

 }
 
 OM_uint32
 }
 
 OM_uint32

diff --git a/util_shib.cpp b/util_shib.cpp
index c5790f5..a37329f 100644 (file)
--- a/util_shib.cpp
+++ b/util_shib.cpp
@@ -478,8 +478,11 @@ gss_eap_shib_attr_provider::duplicateAttributes(const vector <Attribute *>src)
 OM_uint32
 gssEapLocalAttrProviderInit(OM_uint32 *minor)
 {
 OM_uint32
 gssEapLocalAttrProviderInit(OM_uint32 *minor)
 {

-    return gss_eap_shib_attr_provider::init()
-        ? GSS_S_COMPLETE : GSS_S_FAILURE;
+    if (!gss_eap_shib_attr_provider::init()) {
+        *minor = GSSEAP_SHIB_INIT_FAILURE;
+        return GSS_S_FAILURE;
+    }
+    return GSS_S_COMPLETE;

 }
 
 OM_uint32
 }
 
 OM_uint32

diff --git a/util_token.c b/util_token.c
index 29614fd..6642375 100644 (file)
--- a/util_token.c
+++ b/util_token.c
@@ -208,7 +208,7 @@ verifyTokenHeader(OM_uint32 *minor,
     gss_OID_desc toid;
     ssize_t toksize = (ssize_t)toksize_in;
 
     gss_OID_desc toid;
     ssize_t toksize = (ssize_t)toksize_in;
 

-    *minor = 0;
+    *minor = GSSEAP_BAD_TOK_HEADER;

 
     if (ret_tok_type != NULL)
         *ret_tok_type = TOK_TYPE_NONE;
 
     if (ret_tok_type != NULL)
         *ret_tok_type = TOK_TYPE_NONE;


@@ -248,6 +248,7 @@ verifyTokenHeader(OM_uint32 *minor,
         if (toid.length == 0)
             return GSS_S_BAD_MECH;
     } else if (!oidEqual(&toid, mech)) {
         if (toid.length == 0)
             return GSS_S_BAD_MECH;
     } else if (!oidEqual(&toid, mech)) {

+        *minor = GSSEAP_WRONG_MECH;

         return GSS_S_BAD_MECH;
     }
 
         return GSS_S_BAD_MECH;
     }
 


@@ -258,8 +259,10 @@ verifyTokenHeader(OM_uint32 *minor,
         *ret_tok_type = load_uint16_be(buf);
         buf += 2;
     }
         *ret_tok_type = load_uint16_be(buf);
         buf += 2;
     }

+

     *buf_in = buf;
     *body_size = toksize;
 
     *buf_in = buf;
     *body_size = toksize;
 

+    *minor = 0;

     return GSS_S_COMPLETE;
 }
     return GSS_S_COMPLETE;
 }

diff --git a/verify_mic.c b/verify_mic.c
index 1403eca..f8ecf94 100644 (file)
--- a/verify_mic.c
+++ b/verify_mic.c
@@ -43,13 +43,13 @@ gss_verify_mic(OM_uint32 *minor,
     gss_iov_buffer_desc iov[3];
     int conf_state;
 
     gss_iov_buffer_desc iov[3];
     int conf_state;
 

-    *minor = 0;
-

     if (message_token->length < 16) {
     if (message_token->length < 16) {

-        *minor = KRB5_BAD_MSIZE;
+        *minor = GSSEAP_WRONG_SIZE;

         return GSS_S_BAD_SIG;
     }
 
         return GSS_S_BAD_SIG;
     }
 

+    *minor = 0;
+

     iov[0].type = GSS_IOV_BUFFER_TYPE_DATA;
     iov[0].buffer = *message_buffer;
 
     iov[0].type = GSS_IOV_BUFFER_TYPE_DATA;
     iov[0].buffer = *message_buffer;
 

diff --git a/wrap.c b/wrap.c
index 0407a33..122945e 100644 (file)
--- a/wrap.c
+++ b/wrap.c
@@ -53,6 +53,7 @@ gss_wrap(OM_uint32 *minor,
     GSSEAP_MUTEX_LOCK(&ctx->mutex);
 
     if (!CTX_IS_ESTABLISHED(ctx)) {
     GSSEAP_MUTEX_LOCK(&ctx->mutex);
 
     if (!CTX_IS_ESTABLISHED(ctx)) {

+        *minor = GSSEAP_CONTEXT_INCOMPLETE;

         major = GSS_S_NO_CONTEXT;
         goto cleanup;
     }
         major = GSS_S_NO_CONTEXT;
         goto cleanup;
     }

diff --git a/wrap_iov.c b/wrap_iov.c
index 10a3254..8b8dc69 100644 (file)
--- a/wrap_iov.c
+++ b/wrap_iov.c
@@ -119,7 +119,7 @@ gssEapWrapOrGetMIC(OM_uint32 *minor,
 
     header = gssEapLocateIov(iov, iov_count, GSS_IOV_BUFFER_TYPE_HEADER);
     if (header == NULL) {
 
     header = gssEapLocateIov(iov, iov_count, GSS_IOV_BUFFER_TYPE_HEADER);
     if (header == NULL) {

-        *minor = EINVAL;
+        *minor = GSSEAP_MISSING_IOV;

         return GSS_S_FAILURE;
     }
 
         return GSS_S_FAILURE;
     }
 


@@ -172,7 +172,7 @@ gssEapWrapOrGetMIC(OM_uint32 *minor,
         if (header->type & GSS_IOV_BUFFER_FLAG_ALLOCATE) {
             code = gssEapAllocIov(header, (size_t)gssHeaderLen);
         } else if (header->buffer.length < gssHeaderLen)
         if (header->type & GSS_IOV_BUFFER_FLAG_ALLOCATE) {
             code = gssEapAllocIov(header, (size_t)gssHeaderLen);
         } else if (header->buffer.length < gssHeaderLen)

-            code = KRB5_BAD_MSIZE;
+            code = GSSEAP_WRONG_SIZE;

         if (code != 0)
             goto cleanup;
         outbuf = (unsigned char *)header->buffer.value;
         if (code != 0)
             goto cleanup;
         outbuf = (unsigned char *)header->buffer.value;


@@ -182,7 +182,7 @@ gssEapWrapOrGetMIC(OM_uint32 *minor,
             if (trailer->type & GSS_IOV_BUFFER_FLAG_ALLOCATE)
                 code = gssEapAllocIov(trailer, (size_t)gssTrailerLen);
             else if (trailer->buffer.length < gssTrailerLen)
             if (trailer->type & GSS_IOV_BUFFER_FLAG_ALLOCATE)
                 code = gssEapAllocIov(trailer, (size_t)gssTrailerLen);
             else if (trailer->buffer.length < gssTrailerLen)

-                code = KRB5_BAD_MSIZE;
+                code = GSSEAP_WRONG_SIZE;

             if (code != 0)
                 goto cleanup;
             trailer->buffer.length = (size_t)gssTrailerLen;
             if (code != 0)
                 goto cleanup;
             trailer->buffer.length = (size_t)gssTrailerLen;


@@ -245,7 +245,7 @@ gssEapWrapOrGetMIC(OM_uint32 *minor,
         if (header->type & GSS_IOV_BUFFER_FLAG_ALLOCATE)
             code = gssEapAllocIov(header, (size_t)gssHeaderLen);
         else if (header->buffer.length < gssHeaderLen)
         if (header->type & GSS_IOV_BUFFER_FLAG_ALLOCATE)
             code = gssEapAllocIov(header, (size_t)gssHeaderLen);
         else if (header->buffer.length < gssHeaderLen)

-            code = KRB5_BAD_MSIZE;
+            code = GSSEAP_WRONG_SIZE;

         if (code != 0)
             goto cleanup;
         outbuf = (unsigned char *)header->buffer.value;
         if (code != 0)
             goto cleanup;
         outbuf = (unsigned char *)header->buffer.value;


@@ -255,7 +255,7 @@ gssEapWrapOrGetMIC(OM_uint32 *minor,
             if (trailer->type & GSS_IOV_BUFFER_FLAG_ALLOCATE)
                 code = gssEapAllocIov(trailer, (size_t)gssTrailerLen);
             else if (trailer->buffer.length < gssTrailerLen)
             if (trailer->type & GSS_IOV_BUFFER_FLAG_ALLOCATE)
                 code = gssEapAllocIov(trailer, (size_t)gssTrailerLen);
             else if (trailer->buffer.length < gssTrailerLen)

-                code = KRB5_BAD_MSIZE;
+                code = GSSEAP_WRONG_SIZE;

             if (code != 0)
                 goto cleanup;
             trailer->buffer.length = (size_t)gssTrailerLen;
             if (code != 0)
                 goto cleanup;
             trailer->buffer.length = (size_t)gssTrailerLen;


@@ -338,6 +338,7 @@ gss_wrap_iov(OM_uint32 *minor,
     GSSEAP_MUTEX_LOCK(&ctx->mutex);
 
     if (!CTX_IS_ESTABLISHED(ctx)) {
     GSSEAP_MUTEX_LOCK(&ctx->mutex);
 
     if (!CTX_IS_ESTABLISHED(ctx)) {

+        *minor = GSSEAP_CONTEXT_INCOMPLETE;

         major = GSS_S_NO_CONTEXT;
         goto cleanup;
     }
         major = GSS_S_NO_CONTEXT;
         goto cleanup;
     }

diff --git a/wrap_iov_length.c b/wrap_iov_length.c
index f24976d..25bc3be 100644 (file)
--- a/wrap_iov_length.c
+++ b/wrap_iov_length.c
@@ -87,7 +87,7 @@ gssEapWrapIovLength(OM_uint32 *minor,
 
     header = gssEapLocateIov(iov, iov_count, GSS_IOV_BUFFER_TYPE_HEADER);
     if (header == NULL) {
 
     header = gssEapLocateIov(iov, iov_count, GSS_IOV_BUFFER_TYPE_HEADER);
     if (header == NULL) {

-        *minor = EINVAL;
+        *minor = GSSEAP_MISSING_IOV;

         return GSS_S_FAILURE;
     }
     INIT_IOV_DATA(header);
         return GSS_S_FAILURE;
     }
     INIT_IOV_DATA(header);


@@ -200,6 +200,7 @@ gss_wrap_iov_length(OM_uint32 *minor,
     GSSEAP_MUTEX_LOCK(&ctx->mutex);
 
     if (!CTX_IS_ESTABLISHED(ctx)) {
     GSSEAP_MUTEX_LOCK(&ctx->mutex);
 
     if (!CTX_IS_ESTABLISHED(ctx)) {

+        *minor = GSSEAP_CONTEXT_INCOMPLETE;

         major = GSS_S_NO_CONTEXT;
         goto cleanup;
     }
         major = GSS_S_NO_CONTEXT;
         goto cleanup;
     }

diff --git a/wrap_size_limit.c b/wrap_size_limit.c
index 48d8212..8fd9251 100644 (file)
--- a/wrap_size_limit.c
+++ b/wrap_size_limit.c
@@ -53,6 +53,7 @@ gss_wrap_size_limit(OM_uint32 *minor,
     GSSEAP_MUTEX_LOCK(&ctx->mutex);
 
     if (!CTX_IS_ESTABLISHED(ctx)) {
     GSSEAP_MUTEX_LOCK(&ctx->mutex);
 
     if (!CTX_IS_ESTABLISHED(ctx)) {

+        *minor = GSSEAP_CONTEXT_INCOMPLETE;

         major = GSS_S_NO_CONTEXT;
         goto cleanup;
     }
         major = GSS_S_NO_CONTEXT;
         goto cleanup;
     }