From: Luke Howard <lukeh@padl.com>
Date: Sat, 25 Sep 2010 20:00:31 +0000 (+0200)
Subject: support gss_inquire_attrs_for_mech
X-Git-Tag: vm/20110310~218
X-Git-Url: http://www.project-moonshot.org/gitweb/?p=mech_eap.git;a=commitdiff_plain;h=44923e0e7d9daa3c06e458112a618f4674fba464

support gss_inquire_attrs_for_mech
---

diff --git a/Makefile.am b/Makefile.am
index 3018c8f..e794f95 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -43,6 +43,7 @@ mech_eap_la_SOURCES =    			\
 	import_sec_context.c			\
 	indicate_mechs.c			\
 	init_sec_context.c			\
+	inquire_attrs_for_mech.c		\
 	inquire_context.c			\
 	inquire_cred.c				\
 	inquire_cred_by_oid.c			\
diff --git a/acinclude.m4 b/acinclude.m4
index 0ac828b..b88fc94 100644
--- a/acinclude.m4
+++ b/acinclude.m4
@@ -32,7 +32,9 @@ else
 	printf "Kerberos found in $krb5dir\n";
 	AC_SUBST(KRB5_CFLAGS)
 	AC_SUBST(KRB5_LIBS)
-	AC_CHECK_LIB(gssapi_krb5, GSS_C_NT_COMPOSITE_EXPORT, [AC_DEFINE_UNQUOTED([HAVE_GSS_C_NT_COMPOSITE_EXPORT], 1, [Define if GSS-API library supports recent naming extensions draft])], [], "$KRB5_LDFLAGS")
+	AC_CHECK_LIB(gssapi_krb5, GSS_C_NT_COMPOSITE_EXPORT, [AC_DEFINE_UNQUOTED([HAVE_GSS_C_NT_COMPOSITE_EXPORT], 1, [Define if GSS-API library supports recent naming extensions draft])], [], "$KRB5_LIBS")
+	AC_CHECK_LIB(gssapi_krb5, gss_inquire_attrs_for_mech, [AC_DEFINE_UNQUOTED([HAVE_GSS_INQUIRE_ATTRS_FOR_MECH], 1, [Define if GSS-API library supports RFC 5587])], [], "$KRB5_LIBS")
+	AC_CHECK_LIB(gssapi_krb5, gss_krb5_import_cred, [AC_DEFINE_UNQUOTED([HAVE_GSS_INQUIRE_ATTRS_FOR_MECH], 1, [Define if GSS-API library supports krb5_gss_import_cred])], [], "$KRB5_LIBS")
 fi
 ])dnl
 
diff --git a/gssapiP_eap.h b/gssapiP_eap.h
index 1003845..c6c634e 100644
--- a/gssapiP_eap.h
+++ b/gssapiP_eap.h
@@ -33,6 +33,7 @@
 #ifndef _GSSAPIP_EAP_H_
 #define _GSSAPIP_EAP_H_ 1
 
+#include "config.h"
 #include <assert.h>
 #include <string.h>
 #include <errno.h>
diff --git a/inquire_attrs_for_mech.c b/inquire_attrs_for_mech.c
new file mode 100644
index 0000000..96f1a8c
--- /dev/null
+++ b/inquire_attrs_for_mech.c
@@ -0,0 +1,125 @@
+/*
+ * Copyright (c) 2010, JANET(UK)
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ * 3. Neither the name of JANET(UK) nor the names of its contributors
+ *    may be used to endorse or promote products derived from this software
+ *    without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#include "gssapiP_eap.h"
+
+#define MA_ADD(ma, set)    do { \
+    major = gss_add_oid_set_member(minor, (gss_OID)(ma), (set));            \
+    if (GSS_ERROR(major))                                                   \
+        goto cleanup;                                                       \
+    } while (0)
+
+#define MA_SUPPORTED(ma)    MA_ADD((ma), mech_attrs)
+#define MA_KNOWN(ma)        MA_ADD((ma), known_mech_attrs)
+
+#ifndef HAVE_GSS_INQUIRE_ATTRS_FOR_MECH
+typedef const gss_OID_desc *gss_const_OID;
+#endif
+
+OM_uint32
+gss_inquire_attrs_for_mech(OM_uint32 *minor,
+                           gss_const_OID mech_oid,
+                           gss_OID_set *mech_attrs,
+                           gss_OID_set *known_mech_attrs)
+{
+    OM_uint32 major, tmpMinor;
+
+    if (mech_attrs != GSS_C_NO_OID_SET) {
+        major = gss_create_empty_oid_set(minor, mech_attrs);
+        if (GSS_ERROR(major))
+            goto cleanup;
+
+#ifdef HAVE_GSS_INQUIRE_ATTRS_FOR_MECH
+        if (oidEqual(mech_oid, GSS_EAP_MECHANISM))
+            MA_SUPPORTED(GSS_C_MA_MECH_PSEUDO);
+        else
+            MA_SUPPORTED(GSS_C_MA_MECH_CONCRETE);
+        MA_SUPPORTED(GSS_C_MA_ITOK_FRAMED);
+        MA_SUPPORTED(GSS_C_MA_AUTH_INIT);
+        MA_SUPPORTED(GSS_C_MA_AUTH_TARG);
+        MA_SUPPORTED(GSS_C_MA_AUTH_INIT_INIT);
+        MA_SUPPORTED(GSS_C_MA_DELEG_CRED);
+        MA_SUPPORTED(GSS_C_MA_INTEG_PROT);
+        MA_SUPPORTED(GSS_C_MA_CONF_PROT);
+        MA_SUPPORTED(GSS_C_MA_MIC);
+        MA_SUPPORTED(GSS_C_MA_WRAP);
+        MA_SUPPORTED(GSS_C_MA_REPLAY_DET);
+        MA_SUPPORTED(GSS_C_MA_OOS_DET);
+        MA_SUPPORTED(GSS_C_MA_CBINDINGS);
+        MA_SUPPORTED(GSS_C_MA_CTX_TRANS);
+#endif
+    }
+
+    if (known_mech_attrs != GSS_C_NO_OID_SET) {
+        major = gss_create_empty_oid_set(minor, known_mech_attrs);
+        if (GSS_ERROR(major))
+            goto cleanup;
+
+#ifdef HAVE_GSS_INQUIRE_ATTRS_FOR_MECH
+        MA_KNOWN(GSS_C_MA_MECH_CONCRETE);
+        MA_KNOWN(GSS_C_MA_MECH_PSEUDO);
+        MA_KNOWN(GSS_C_MA_MECH_COMPOSITE);
+        MA_KNOWN(GSS_C_MA_MECH_NEGO);
+        MA_KNOWN(GSS_C_MA_MECH_GLUE);
+        MA_KNOWN(GSS_C_MA_NOT_MECH);
+        MA_KNOWN(GSS_C_MA_DEPRECATED);
+        MA_KNOWN(GSS_C_MA_NOT_DFLT_MECH);
+        MA_KNOWN(GSS_C_MA_ITOK_FRAMED);
+        MA_KNOWN(GSS_C_MA_AUTH_INIT);
+        MA_KNOWN(GSS_C_MA_AUTH_TARG);
+        MA_KNOWN(GSS_C_MA_AUTH_INIT_INIT);
+        MA_KNOWN(GSS_C_MA_AUTH_TARG_INIT);
+        MA_KNOWN(GSS_C_MA_AUTH_INIT_ANON);
+        MA_KNOWN(GSS_C_MA_AUTH_TARG_ANON);
+        MA_KNOWN(GSS_C_MA_DELEG_CRED);
+        MA_KNOWN(GSS_C_MA_INTEG_PROT);
+        MA_KNOWN(GSS_C_MA_CONF_PROT);
+        MA_KNOWN(GSS_C_MA_MIC);
+        MA_KNOWN(GSS_C_MA_WRAP);
+        MA_KNOWN(GSS_C_MA_PROT_READY);
+        MA_KNOWN(GSS_C_MA_REPLAY_DET);
+        MA_KNOWN(GSS_C_MA_OOS_DET);
+        MA_KNOWN(GSS_C_MA_CBINDINGS);
+        MA_KNOWN(GSS_C_MA_PFS);
+        MA_KNOWN(GSS_C_MA_COMPRESS);
+        MA_KNOWN(GSS_C_MA_CTX_TRANS);
+#endif
+    }
+
+cleanup:
+    if (GSS_ERROR(major)) {
+        gss_release_oid_set(&tmpMinor, mech_attrs);
+        gss_release_oid_set(&tmpMinor, known_mech_attrs);
+    }
+
+    return major;
+}
diff --git a/mech_eap.exports b/mech_eap.exports
index 043b056..1520043 100644
--- a/mech_eap.exports
+++ b/mech_eap.exports
@@ -19,6 +19,7 @@ gss_import_name
 gss_import_sec_context
 gss_indicate_mechs
 gss_init_sec_context
+gss_inquire_attrs_for_mech
 gss_inquire_context
 gss_inquire_cred
 gss_inquire_cred_by_oid