From 386723abe3a18ed3de23f3ff5480d88c1bbee317 Mon Sep 17 00:00:00 2001 From: Luke Howard Date: Sat, 25 Sep 2010 13:27:29 +0200 Subject: [PATCH] GS2 helpers --- Makefile.am | 2 ++ inquire_mech_for_saslname.c | 49 +++++++++++++++++++++++++++++++++++++++++++++ inquire_saslname_for_mech.c | 45 +++++++++++++++++++++++++++++++++++++++++ mech_eap.exports | 2 ++ util.h | 6 ++++++ util_mech.c | 46 +++++++++++++++++++++++++++++++++++------- 6 files changed, 143 insertions(+), 7 deletions(-) create mode 100644 inquire_mech_for_saslname.c create mode 100644 inquire_saslname_for_mech.c diff --git a/Makefile.am b/Makefile.am index 64f2744..3018c8f 100644 --- a/Makefile.am +++ b/Makefile.am @@ -46,9 +46,11 @@ mech_eap_la_SOURCES = \ inquire_context.c \ inquire_cred.c \ inquire_cred_by_oid.c \ + inquire_mech_for_saslname.c \ inquire_mechs_for_name.c \ inquire_name.c \ inquire_names_for_mech.c \ + inquire_saslname_for_mech.c \ inquire_sec_context_by_oid.c \ map_name_to_any.c \ process_context_token.c \ diff --git a/inquire_mech_for_saslname.c b/inquire_mech_for_saslname.c new file mode 100644 index 0000000..f42df28 --- /dev/null +++ b/inquire_mech_for_saslname.c @@ -0,0 +1,49 @@ +/* + * Copyright (c) 2010, JANET(UK) + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of JANET(UK) nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "gssapiP_eap.h" + +OM_uint32 +gss_inquire_saslname_for_mech(OM_uint32 *minor, + const gss_OID mech, + gss_buffer_t sasl_mech_name, + gss_buffer_t mech_name, + gss_buffer_t mech_description) +{ + gss_buffer_t name; + + name = gssEapOidToSaslName(mech); + if (name == GSS_C_NO_BUFFER) + return GSS_S_BAD_MECH; + + return duplicateBuffer(minor, name, sasl_mech_name); +} diff --git a/inquire_saslname_for_mech.c b/inquire_saslname_for_mech.c new file mode 100644 index 0000000..1565d66 --- /dev/null +++ b/inquire_saslname_for_mech.c @@ -0,0 +1,45 @@ +/* + * Copyright (c) 2010, JANET(UK) + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of JANET(UK) nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "gssapiP_eap.h" + +OM_uint32 +gss_inquire_mech_for_saslname(OM_uint32 *minor, + const gss_buffer_t sasl_mech_name, + gss_OID *mech_type) +{ + *mech_type = gssEapSaslNameToOid(sasl_mech_name); + if (*mech_type == GSS_C_NO_OID) + return GSS_S_BAD_MECH; + + return GSS_S_COMPLETE; +} diff --git a/mech_eap.exports b/mech_eap.exports index ad4dc24..043b056 100644 --- a/mech_eap.exports +++ b/mech_eap.exports @@ -23,8 +23,10 @@ gss_inquire_context gss_inquire_cred gss_inquire_cred_by_oid gss_inquire_mechs_for_name +gss_inquire_mech_for_saslname gss_inquire_name gss_inquire_names_for_mech +gss_inquire_saslname_for_mech gss_inquire_sec_context_by_oid gss_map_name_to_any gss_process_context_token diff --git a/util.h b/util.h index 6b47283..b23df78 100644 --- a/util.h +++ b/util.h @@ -293,6 +293,12 @@ OM_uint32 gssEapValidateMechs(OM_uint32 *minor, const gss_OID_set mechs); +gss_buffer_t +gssEapOidToSaslName(const gss_OID oid); + +gss_OID +gssEapSaslNameToOid(const gss_buffer_t name); + /* util_name.c */ #define EXPORT_NAME_FLAG_OID 0x1 #define EXPORT_NAME_FLAG_COMPOSITE 0x2 diff --git a/util_mech.c b/util_mech.c index d73eaf5..1b554c5 100644 --- a/util_mech.c +++ b/util_mech.c @@ -47,7 +47,7 @@ * mechInvoke(5) */ -static gss_OID_desc gssEapConcreteMechs[] = { +static gss_OID_desc gssEapMechOids[] = { /* 1.3.6.1.4.1.5322.21.1 */ { 9, "\x2B\x06\x01\x04\x01\xA9\x4A\x15\x01" }, /* 1.3.6.1.4.1.5322.21.1.17 */ @@ -56,9 +56,9 @@ static gss_OID_desc gssEapConcreteMechs[] = { { 10, "\x2B\x06\x01\x04\x01\xA9\x4A\x15\x01\x12" } }; -gss_OID GSS_EAP_MECHANISM = &gssEapConcreteMechs[0]; -gss_OID GSS_EAP_AES128_CTS_HMAC_SHA1_96_MECHANISM = &gssEapConcreteMechs[1]; -gss_OID GSS_EAP_AES256_CTS_HMAC_SHA1_96_MECHANISM = &gssEapConcreteMechs[2]; +gss_OID GSS_EAP_MECHANISM = &gssEapMechOids[0]; +gss_OID GSS_EAP_AES128_CTS_HMAC_SHA1_96_MECHANISM = &gssEapMechOids[1]; +gss_OID GSS_EAP_AES256_CTS_HMAC_SHA1_96_MECHANISM = &gssEapMechOids[2]; int gssEapIsConcreteMechanismOid(const gss_OID oid) @@ -241,10 +241,10 @@ gssEapInternalizeOid(const gss_OID oid, *pInternalizedOid = GSS_C_NO_OID; for (i = 0; - i < sizeof(gssEapConcreteMechs) / sizeof(gssEapConcreteMechs[0]); + i < sizeof(gssEapMechOids) / sizeof(gssEapMechOids[0]); i++) { - if (oidEqual(oid, &gssEapConcreteMechs[i])) { - *pInternalizedOid = (const gss_OID)&gssEapConcreteMechs[i]; + if (oidEqual(oid, &gssEapMechOids[i])) { + *pInternalizedOid = (const gss_OID)&gssEapMechOids[i]; break; } } @@ -261,3 +261,35 @@ gssEapInternalizeOid(const gss_OID oid, return 1; } + +static gss_buffer_desc gssEapSaslMechs[] = { + { sizeof("GS2-EAP"), "GS2-EAP", }, + { sizeof("GS2-EAP-AES128"), "GS2-EAP-AES128" }, + { sizeof("GS2-EAP-AES256"), "GS2-EAP-AES256" }, +}; + +gss_buffer_t +gssEapOidToSaslName(const gss_OID oid) +{ + size_t i; + + for (i = 0; i < sizeof(gssEapMechOids)/sizeof(gssEapMechOids[0]); i++) { + if (oidEqual(&gssEapMechOids[i], oid)) + return &gssEapSaslMechs[i]; + } + + return GSS_C_NO_BUFFER; +} + +gss_OID +gssEapSaslNameToOid(const gss_buffer_t name) +{ + size_t i; + + for (i = 0; i < sizeof(gssEapSaslMechs)/sizeof(gssEapSaslMechs[0]); i++) { + if (bufferEqual(&gssEapSaslMechs[i], name)) + return &gssEapMechOids[i]; + } + + return GSS_C_NO_OID; +} -- 2.1.4