+static bool parse_auth_header(apr_pool_t *pool, const char **auth_header,
+ gss_buffer_t value)
+{
+ char *auth_header_value;
+
+ auth_header_value = ap_getword_white(pool, auth_header);
+ if (!auth_header_value) return false;
+ value->length = apr_base64_decode_len(auth_header_value) + 1;
+ value->value = apr_pcalloc(pool, value->length);
+ if (!value->value) return false;
+ value->length = apr_base64_decode(value->value, auth_header_value);
+
+ return true;
+}
+
+static bool is_mech_allowed(struct mag_config *cfg, gss_const_OID mech)
+{
+ if (cfg->allowed_mechs == GSS_C_NO_OID_SET) return true;
+
+ for (int i = 0; i < cfg->allowed_mechs->count; i++) {
+ if (gss_oid_equal(&cfg->allowed_mechs->elements[i], mech)) {
+ return true;
+ }
+ }
+ return false;
+}
+
+#define AUTH_TYPE_NEGOTIATE 0
+#define AUTH_TYPE_BASIC 1
+#define AUTH_TYPE_RAW_NTLM 2
+const char *auth_types[] = {
+ "Negotiate",
+ "Basic",
+ "NTLM",
+ NULL
+};
+