Support GSS_C_NT_COMPOSITE_EXPORT

author Luke Howard <lukeh@padl.com>

Sun, 19 Sep 2010 16:41:45 +0000 (18:41 +0200)

committer Luke Howard <lukeh@padl.com>

Sun, 19 Sep 2010 16:41:45 +0000 (18:41 +0200)
author Luke Howard <lukeh@padl.com>
Sun, 19 Sep 2010 16:41:45 +0000 (18:41 +0200)
committer Luke Howard <lukeh@padl.com>
Sun, 19 Sep 2010 16:41:45 +0000 (18:41 +0200)
diff --git a/acinclude.m4 b/acinclude.m4

index 8ac594b..31f19df 100644 (file)
--- a/acinclude.m4
+++ b/acinclude.m4
@@ -35,6 +35,7 @@ else
         AC_SUBST(KRB5_CFLAGS)
         AC_SUBST(KRB5_LDFLAGS)
         AC_SUBST(KRB5_LIBS)
+       AC_CHECK_LIB(gssapi_krb5, GSS_C_NT_COMPOSITE_EXPORT, [AC_DEFINE_UNQUOTED([HAVE_GSS_C_NT_COMPOSITE_EXPORT], 1, [Define if GSS-API library supports recent naming extensions draft])], [], "$KRB5_LDFLAGS")
  fi
  ])dnl
  
diff --git a/configure.ac b/configure.ac

index 82bc27a..bdea2fb 100644 (file)
--- a/configure.ac
+++ b/configure.ac
@@ -7,6 +7,7 @@ LT_INIT([dlopen disable-static])
  
  AC_PROG_CC
  AC_PROG_CXX
+AC_CONFIG_HEADERS([config.h])
  
  dnl Check if we're on Solaris and set CFLAGS accordingly
  dnl AC_CANONICAL_TARGET
diff --git a/export_name_composite.c b/export_name_composite.c

index ff5ac8c..6c4fef2 100644 (file)
--- a/export_name_composite.c
+++ b/export_name_composite.c
@@ -32,12 +32,6 @@
  
  #include "gssapiP_eap.h"
  
-#if 0
-/*
- * Not sure about this. If we have a generalised representation of composite
- * names, it should be (a) defined in the naming extensions specification
- * and (b) implemented by the mechanism glue.
- */
  OM_uint32
  gss_export_name_composite(OM_uint32 *minor,
                            gss_name_t input_name,
@@ -51,4 +45,3 @@ gss_export_name_composite(OM_uint32 *minor,
      return gssEapExportNameInternal(minor, input_name, exported_name,
                                      EXPORT_NAME_FLAG_OID | EXPORT_NAME_FLAG_ATTRS);
  }
-#endif
diff --git a/inquire_names_for_mech.c b/inquire_names_for_mech.c

index fe3c64e..e761739 100644 (file)
--- a/inquire_names_for_mech.c
+++ b/inquire_names_for_mech.c
@@ -60,6 +60,12 @@ gss_inquire_names_for_mech(OM_uint32 *minor,
      if (GSS_ERROR(major))
          goto cleanup;
  
+#ifdef HAVE_GSS_C_NT_COMPOSITE_EXPORT
+    major = gss_add_oid_set_member(minor, GSS_C_NT_COMPOSITE_EXPORT, name_types);
+    if (GSS_ERROR(major))
+        goto cleanup;
+#endif
+
      major = gss_add_oid_set_member(minor, GSS_EAP_NT_PRINCIPAL_NAME, name_types);
      if (GSS_ERROR(major))
          goto cleanup;
diff --git a/mech_eap.exports b/mech_eap.exports

index ba11e69..ad4dc24 100644 (file)
--- a/mech_eap.exports
+++ b/mech_eap.exports
@@ -11,6 +11,7 @@ gss_display_name_ext
  gss_display_status
  gss_duplicate_name
  gss_export_name
+gss_export_name_composite
  gss_export_sec_context
  gss_get_mic
  gss_get_name_attribute
diff --git a/util_name.c b/util_name.c

index 50da741..26fccbc 100644 (file)
--- a/util_name.c
+++ b/util_name.c
@@ -237,7 +237,7 @@ gssEapImportNameInternal(OM_uint32 *minor,
      unsigned char *p;
      size_t len, remain;
      gss_buffer_desc buf;
-    enum gss_eap_token_type tok_type;
+    enum gss_eap_token_type tokType;
      gss_name_t name = GSS_C_NO_NAME;
  
      GSSEAP_KRB_INIT(&krbContext);
@@ -249,16 +249,16 @@ gssEapImportNameInternal(OM_uint32 *minor,
          if (remain < 6 + GSS_EAP_MECHANISM->length + 4)
              return GSS_S_BAD_NAME;
  
+        if (flags & EXPORT_NAME_FLAG_ATTRS)
+            tokType = TOK_TYPE_EXPORT_NAME_COMPOSITE;
+        else
+            tokType = TOK_TYPE_EXPORT_NAME;
+
          /* TOK_ID */
-        tok_type = load_uint16_be(p);
-        if (tok_type != TOK_TYPE_EXPORT_NAME &&
-            tok_type != TOK_TYPE_EXPORT_NAME_COMPOSITE)
+        if (load_uint16_be(p) != tokType)
              return GSS_S_BAD_NAME;
          UPDATE_REMAIN(2);
  
-        if (tok_type == TOK_TYPE_EXPORT_NAME_COMPOSITE)
-            flags |= EXPORT_NAME_FLAG_ATTRS;
-
          /* MECH_OID_LEN */
          len = load_uint16_be(p);
          if (len != 2 + GSS_EAP_MECHANISM->length)
@@ -336,6 +336,12 @@ gssEapImportName(OM_uint32 *minor,
      else if (oidEqual(nameType, GSS_C_NT_EXPORT_NAME))
          major = gssEapImportNameInternal(minor, nameBuffer, name,
                                           EXPORT_NAME_FLAG_OID);
+#ifdef HAVE_GSS_C_NT_COMPOSITE_EXPORT
+    else if (oidEqual(nameType, GSS_C_NT_COMPOSITE_EXPORT))
+        major = gssEapImportNameInternal(minor, nameBuffer, name,
+                                         EXPORT_NAME_FLAG_OID |
+                                         EXPORT_NAME_FLAG_ATTRS);
+#endif
      else
          major = GSS_S_BAD_NAMETYPE;
  
@@ -443,4 +449,3 @@ cleanup:
  
      return major;
  }
-
author	Luke Howard <lukeh@padl.com>
	Sun, 19 Sep 2010 16:41:45 +0000 (18:41 +0200)
committer	Luke Howard <lukeh@padl.com>
	Sun, 19 Sep 2010 16:41:45 +0000 (18:41 +0200)
acinclude.m4		patch \| blob \| history
configure.ac		patch \| blob \| history
export_name_composite.c		patch \| blob \| history
inquire_names_for_mech.c		patch \| blob \| history
mech_eap.exports		patch \| blob \| history
util_name.c		patch \| blob \| history