dnl Based on the one from the Boinc project by Reinhard
+AC_DEFUN([AX_CHECK_WINDOWS],
+[AC_MSG_CHECKING(for windows)
+target_windows="no"
+AC_CHECK_HEADER(windows.h,[target_windows="yes"],[target_windows="no"])
+AC_MSG_RESULT($target_windows)
+AM_CONDITIONAL(TARGET_WINDOWS,test "x$target_windows" = "xyes")
+])dnl
+
AC_DEFUN([AX_CHECK_KRB5],
[AC_MSG_CHECKING(for GSS-API and Kerberos implementation)
KRB5_DIR=
krb5dir="$dir"
if test -x "$dir/bin/krb5-config"; then
found_krb5="yes";
- KRB5_CFLAGS=`$dir/bin/krb5-config gssapi --cflags`;
- KRB5_LIBS=`$dir/bin/krb5-config gssapi --libs`;
- COMPILE_ET="$dir/bin/compile_et";
+ if test "x$target_windows" = "xyes"; then
+ KRB5_CFLAGS=-I"$check_krb5_dir/include";
+ KRB5_LIBS="-L$check_krb5_dir/lib/ -lkrb5_32 -lgssapi32";
+ COMPILE_ET="$check_krb5_dir/bin/compile_et";
+ else
+ KRB5_CFLAGS=`$dir/bin/krb5-config gssapi --cflags`;
+ KRB5_LIBS=`$dir/bin/krb5-config gssapi --libs`;
+ COMPILE_ET="$dir/bin/compile_et";
+ fi
break;
fi
done
AC_INIT([mech_eap], [0.1], [bugs@project-moonshot.org])
dnl AC_CONFIG_MACRO_DIR([m4])
dnl AM_INIT_AUTOMAKE([silent-rules])
+AC_USE_SYSTEM_EXTENSIONS
+AC_GNU_SOURCE
AM_INIT_AUTOMAKE
+AM_PROG_CC_C_O
+AM_MAINTAINER_MODE()
LT_PREREQ([2.2])
-LT_INIT([dlopen disable-static])
+LT_INIT([dlopen disable-static win32-dll])
-AC_PROG_CC
+dnl AC_PROG_CC
AC_PROG_CXX
AC_CONFIG_HEADERS([config.h])
AC_CHECK_HEADERS(stdarg.h stdio.h stdint.h sys/param.h)
AC_REPLACE_FUNCS(vasprintf)
-AC_GNU_SOURCE
dnl Check if we're on Solaris and set CFLAGS accordingly
dnl AC_CANONICAL_TARGET
AC_SUBST(TARGET_CFLAGS)
AC_SUBST(TARGET_LDFLAGS)
+AX_CHECK_WINDOWS
AX_CHECK_KRB5
AX_CHECK_OPENSAML
AM_CONDITIONAL(OPENSAML, test "x_$check_opensaml_dir" != "x_no")
gssinclude_HEADERS = gssapi_eap.h
EAP_CFLAGS = -I$(srcdir)/../libeap/src -I$(srcdir)/../libeap/src/common -I$(srcdir)/../libeap/src/eap_common \
- -I$(srcdir)/../libeap/src/utils \
- -DEAP_TLS -DEAP_PEAP -DEAP_TTLS -DEAP_MD5 -DEAP_MSCHAPv2 -DEAP_GTC -DEAP_OTP -DEAP_LEAP -DEAP_PSK -DEAP_PAX -DEAP_SAKE -DEAP_GPSK -DEAP_GPSK_SHA256 -DEAP_SERVER_IDENTITY -DEAP_SERVER_TLS -DEAP_SERVER_PEAP -DEAP_SERVER_TTLS -DEAP_SERVER_MD5 -DEAP_SERVER_MSCHAPV2 -DEAP_SERVER_GTC -DEAP_SERVER_PSK -DEAP_SERVER_PAX -DEAP_SERVER_SAKE -DEAP_SERVER_GPSK -DEAP_SERVER_GPSK_SHA256 -DIEEE8021X_EAPOL
+ -I$(srcdir)/../libeap/src/utils
if GSSEAP_ENABLE_ACCEPTOR
GSSEAP_EXPORTS = mech_eap.exports
gssdir = $(libdir)/gss
gss_LTLIBRARIES = mech_eap.la
+if TARGET_WINDOWS
+EAP_CFLAGS += -DCONFIG_WIN32_DEFAULTS -DUSE_INTERNAL_CRYPTO
+OS_LIBS = -lshell32 -ladvapi32 -lws2_32 -lcomerr32
+mech_eap_la_CFLAGS = -Zi
+mech_eap_la_CXXFLAGS = -Zi
+else
+EAP_CFLAGS += -DEAP_TLS -DEAP_PEAP -DEAP_TTLS -DEAP_MD5 -DEAP_MSCHAPv2 -DEAP_GTC -DEAP_OTP -DEAP_LEAP -DEAP_PSK -DEAP_PAX -DEAP_SAKE -DEAP_GPSK -DEAP_GPSK_SHA256 -DEAP_SERVER_IDENTITY -DEAP_SERVER_TLS -DEAP_SERVER_PEAP -DEAP_SERVER_TTLS -DEAP_SERVER_MD5 -DEAP_SERVER_MSCHAPV2 -DEAP_SERVER_GTC -DEAP_SERVER_PSK -DEAP_SERVER_PAX -DEAP_SERVER_SAKE -DEAP_SERVER_GPSK -DEAP_SERVER_GPSK_SHA256 -DIEEE8021X_EAPOL
+OS_LIBS =
+mech_eap_la_CFLAGS = -Werror -Wall -Wunused-parameter
+mech_eap_la_CXXFLAGS = -Werror -Wall -Wunused-parameter
+endif
+
mech_eap_la_CPPFLAGS = -DBUILD_GSSEAP_LIB -DSYSCONFDIR=\"${sysconfdir}\" -DDATAROOTDIR=\"${datarootdir}\"
mech_eap_la_CFLAGS = -Werror -Wall -Wunused-parameter \
@KRB5_CFLAGS@ @RADSEC_CFLAGS@ @TARGET_CFLAGS@ $(EAP_CFLAGS)
mech_eap_la_LDFLAGS = -avoid-version -module \
-export-symbols $(GSSEAP_EXPORTS) -no-undefined \
@RADSEC_LDFLAGS@ @TARGET_LDFLAGS@
+if TARGET_WINDOWS
+mech_eap_la_LDFLAGS += -debug
+endif
+
mech_eap_la_LIBADD = @KRB5_LIBS@ ../libeap/libeap.la @RADSEC_LIBS@ \
@OPENSAML_LIBS@ @SHIBRESOLVER_LIBS@ @SHIBSP_LIBS@ @JANSSON_LIBS@
-
mech_eap_la_SOURCES = \
acquire_cred.c \
acquire_cred_with_password.c \
clean-generic:
rm -f gsseap_err.[ch] radsec_err.[ch]
-
iov[1].buffer.value = NULL;
iov[1].buffer.length = 0;
- major = gssEapWrapOrGetMIC(minor, ctx, FALSE, FALSE,
+ major = gssEapWrapOrGetMIC(minor, ctx, FALSE, NULL,
iov, 2, TOK_TYPE_DELETE_CONTEXT);
if (GSS_ERROR(major)) {
GSSEAP_MUTEX_UNLOCK(&ctx->mutex);
return p->message;
}
}
-
return NULL;
}
size_t length, serverLen = 0;
unsigned char *p;
char serverBuf[MAXHOSTNAMELEN];
-
if (ctx->acceptorCtx.radConn != NULL) {
if (rs_conn_get_current_peer(ctx->acceptorCtx.radConn,
serverBuf, sizeof(serverBuf)) != 0) {
}
serverLen = strlen(serverBuf);
}
-
length = 4 + serverLen + 4 + ctx->acceptorCtx.state.length;
token->value = GSSEAP_MALLOC(length);
#include <eap_common/eap_common.h>
#include <wpabuf.h>
-/* FreeRADIUS headers */
#ifdef GSSEAP_ENABLE_ACCEPTOR
+/* FreeRADIUS headers */
#ifdef __cplusplus
extern "C" {
#define operator fr_operator
#endif
#include <freeradius/libradius.h>
#include <freeradius/radius.h>
+
+#undef pid_t
+
+/* libradsec headers */
#include <radsec/radsec.h>
#include <radsec/request.h>
#ifdef __cplusplus
return GSS_S_COMPLETE;
}
-#endif
+#endif /* GSSEAP_ENABLE_ACCEPTOR */
static OM_uint32
importMechanismOid(OM_uint32 *minor,
#ifdef GSSEAP_DEBUG
assert(remain == 0);
#endif
-#endif
+#endif /* GSSEAP_ENABLE_ACCEPTOR */
major = GSS_S_COMPLETE;
*minor = 0;
#define MIN(_a,_b) ((_a)<(_b)?(_a):(_b))
#endif
-#if !defined(WIN32) && (!(defined(__cplusplus)) || (__GNUC__ > 3 || (__GNUC__ == 3 && __GNUC_MINOR__ >= 4)))
+#if !defined(WIN32) && !(defined(__cplusplus)) || (__GNUC__ > 3 || (__GNUC__ == 3 && __GNUC_MINOR__ >= 4))
#define GSSEAP_UNUSED __attribute__ ((__unused__))
#else
#define GSSEAP_UNUSED
#define GSSEAP_GET_LAST_ERROR() (GetLastError())
#define GSSEAP_MUTEX CRITICAL_SECTION
-
#define GSSEAP_MUTEX_INIT(m) (InitializeCriticalSection((m)), 0)
#define GSSEAP_MUTEX_DESTROY(m) DeleteCriticalSection((m))
#define GSSEAP_MUTEX_LOCK(m) EnterCriticalSection((m))
#define GSSEAP_MUTEX_UNLOCK(m) LeaveCriticalSection((m))
-/* XXX yet to implement thread-local wrappers */
+/* Thread-local is handled separately */
#define GSSEAP_THREAD_ONCE INIT_ONCE
#define GSSEAP_ONCE(o, i) InitOnceExecuteOnce((o), (i))
#define GSSEAP_GET_LAST_ERROR() (errno)
#define GSSEAP_MUTEX pthread_mutex_t
-
#define GSSEAP_MUTEX_INIT(m) pthread_mutex_init((m), NULL)
#define GSSEAP_MUTEX_DESTROY(m) pthread_mutex_destroy((m))
#define GSSEAP_MUTEX_LOCK(m) pthread_mutex_lock((m))
#include "util_json.h"
#include "util_attr.h"
#include "util_base64.h"
-#endif
+#endif /* GSSEAP_ENABLE_ACCEPTOR */
#ifdef GSSEAP_ENABLE_REAUTH
#include "util_reauth.h"
#endif
if (ctx->vps != NULL)
gssEapRadiusFreeAvps(&tmpMinor, &ctx->vps);
}
-#endif
+#endif /* GSSEAP_ENABLE_ACCEPTOR */
OM_uint32
gssEapReleaseContext(OM_uint32 *minor,
if (ctx->flags & CTX_FLAG_KRB_REAUTH) {
gssDeleteSecContext(&tmpMinor, &ctx->reauthCtx, GSS_C_NO_BUFFER);
} else
-#endif
+#endif /* GSSEAP_ENABLE_REAUTH */
if (CTX_IS_INITIATOR(ctx)) {
releaseInitiatorContext(&ctx->initiatorCtx);
}
else {
releaseAcceptorContext(&ctx->acceptorCtx);
}
-#endif
+#endif /* GSSEAP_ENABLE_ACCEPTOR */
krb5_free_keyblock_contents(krbContext, &ctx->rfc3961Key);
gssEapReleaseName(&tmpMinor, &ctx->initiatorName);
#include "gssapiP_eap.h"
#ifdef WIN32
-#include <shlobj.h>
+# include <shlobj.h> /* may need to use ShFolder.h instead */
+# include <stdio.h>
#else
-#include <pwd.h>
+# include <pwd.h>
#endif
OM_uint32
if (!SUCCEEDED(SHGetFolderPath(NULL,
CSIDL_APPDATA, /* |CSIDL_FLAG_CREATE */
NULL, /* User access token */
- 0,
+ 0, /* SHGFP_TYPE_CURRENT */
szPath))) {
major = GSS_S_CRED_UNAVAIL;
- *minor = GetLastError();
+ *minor = GSSEAP_GET_LAST_ERROR(); /* XXX */
goto cleanup;
}
tld->krbContext = *context;
}
}
-
return *minor == 0 ? GSS_S_COMPLETE : GSS_S_FAILURE;
}
GSSEAP_KRB_INIT(&krbContext);
krb5_free_principal(krbContext, name->krbPrincipal);
gssEapReleaseOid(&tmpMinor, &name->mechanismUsed);
-
#ifdef GSSEAP_ENABLE_ACCEPTOR
gssEapReleaseAttrContext(&tmpMinor, name);
#endif
gssEapRadiusMapError(OM_uint32 *minor,
struct rs_error *err);
+/* This really needs to be a function call on Windows */
#define RS_CONFIG_FILE SYSCONFDIR "/radsec.conf"
#define VENDORPEC_MS 311 /* RFC 2548 */
*/
/*
- * Thread local data abstraction.
+ * Thread local data abstraction, using pthreads on Unix and the TlsXXX
+ * APIs on Windows.
*/
#include "gssapiP_eap.h"
return tld;
}
+
#endif /* WIN32 */