From: Luke Howard Date: Fri, 20 May 2011 11:08:42 +0000 (+0200) Subject: Revert "implement gss_acquire_cred_ext" X-Git-Tag: tr-beta1~141 X-Git-Url: http://www.project-moonshot.org/gitweb/?p=moonshot.git;a=commitdiff_plain;h=eff4114fb39f77dc7ec4587c3c31f2f779ae874c Revert "implement gss_acquire_cred_ext" This reverts commit 57135a1070518a0c1228a29ed9fcf726357856a1. --- diff --git a/moonshot/mech_eap/Makefile.am b/moonshot/mech_eap/Makefile.am index 8da8ebc..55014cb 100644 --- a/moonshot/mech_eap/Makefile.am +++ b/moonshot/mech_eap/Makefile.am @@ -25,7 +25,6 @@ mech_eap_la_LIBADD = @KRB5_LIBS@ ../libeap/libeap.la @RADSEC_LIBS@ \ mech_eap_la_SOURCES = \ accept_sec_context.c \ acquire_cred.c \ - acquire_cred_ext.c \ acquire_cred_with_password.c \ add_cred.c \ add_cred_with_password.c \ diff --git a/moonshot/mech_eap/accept_sec_context.c b/moonshot/mech_eap/accept_sec_context.c index 7d1981d..cc8702d 100644 --- a/moonshot/mech_eap/accept_sec_context.c +++ b/moonshot/mech_eap/accept_sec_context.c @@ -843,7 +843,6 @@ gss_accept_sec_context(OM_uint32 *minor, if (ctx->defaultCred == GSS_C_NO_CREDENTIAL) { major = gssEapAcquireCred(minor, GSS_C_NO_NAME, - GSS_C_NO_OID, GSS_C_NO_BUFFER, GSS_C_INDEFINITE, GSS_C_NO_OID_SET, diff --git a/moonshot/mech_eap/acquire_cred.c b/moonshot/mech_eap/acquire_cred.c index 8c5f7fc..2326eaa 100644 --- a/moonshot/mech_eap/acquire_cred.c +++ b/moonshot/mech_eap/acquire_cred.c @@ -46,13 +46,7 @@ gss_acquire_cred(OM_uint32 *minor, gss_OID_set *actual_mechs, OM_uint32 *time_rec) { - return gssEapAcquireCred(minor, - desired_name, - GSS_C_NO_OID, - GSS_C_NO_BUFFER, - time_req, - desired_mechs, cred_usage, - output_cred_handle, - actual_mechs, - time_rec); + return gssEapAcquireCred(minor, desired_name, GSS_C_NO_BUFFER, + time_req, desired_mechs, cred_usage, + output_cred_handle, actual_mechs, time_rec); } diff --git a/moonshot/mech_eap/acquire_cred_ext.c b/moonshot/mech_eap/acquire_cred_ext.c deleted file mode 100644 index d8c2c61..0000000 --- a/moonshot/mech_eap/acquire_cred_ext.c +++ /dev/null @@ -1,69 +0,0 @@ -/* - * Copyright (c) 2011, JANET(UK) - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of JANET(UK) nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* - * Wrapper for acquiring a credential handle. - */ - -#include "gssapiP_eap.h" - -OM_uint32 -gss_acquire_cred_ext - (OM_uint32 *minor, - const gss_name_t desired_name, - gss_const_OID credential_type, - const void *credential_data, - OM_uint32 time_req, - gss_const_OID desired_mech, - gss_cred_usage_t cred_usage, - gss_cred_id_t *output_cred_handle - ) -{ - OM_uint32 major; - gss_OID_set_desc mechs; - - mechs.count = 1; - mechs.elements = (gss_OID)desired_mech; - - major = gssEapAcquireCred(minor, - desired_name, - credential_type, - credential_data, - time_req, - &mechs, - cred_usage, - output_cred_handle, - NULL, - NULL); - - return major; -} diff --git a/moonshot/mech_eap/acquire_cred_with_password.c b/moonshot/mech_eap/acquire_cred_with_password.c index 5904616..c0f4159 100644 --- a/moonshot/mech_eap/acquire_cred_with_password.c +++ b/moonshot/mech_eap/acquire_cred_with_password.c @@ -47,14 +47,7 @@ gssspi_acquire_cred_with_password(OM_uint32 *minor, gss_OID_set *actual_mechs, OM_uint32 *time_rec) { - return gssEapAcquireCred(minor, - desired_name, - &gssEapPasswordCredType, - password, - time_req, - desired_mechs, - cred_usage, - output_cred_handle, - actual_mechs, - time_rec); + return gssEapAcquireCred(minor, desired_name, password, + time_req, desired_mechs, cred_usage, + output_cred_handle, actual_mechs, time_rec); } diff --git a/moonshot/mech_eap/add_cred.c b/moonshot/mech_eap/add_cred.c index e6ca129..37d0add 100644 --- a/moonshot/mech_eap/add_cred.c +++ b/moonshot/mech_eap/add_cred.c @@ -71,7 +71,6 @@ gss_add_cred(OM_uint32 *minor, major = gssEapAcquireCred(minor, desired_name, - GSS_C_NO_OID, GSS_C_NO_BUFFER, time_req, &mechs, diff --git a/moonshot/mech_eap/add_cred_with_password.c b/moonshot/mech_eap/add_cred_with_password.c index 6193405..7907138 100644 --- a/moonshot/mech_eap/add_cred_with_password.c +++ b/moonshot/mech_eap/add_cred_with_password.c @@ -67,7 +67,6 @@ gss_add_cred_with_password(OM_uint32 *minor, major = gssEapAcquireCred(minor, desired_name, - &gssEapPasswordCredType, password, time_req, &mechs, diff --git a/moonshot/mech_eap/gsseap_err.et b/moonshot/mech_eap/gsseap_err.et index d85c134..6bcfff0 100644 --- a/moonshot/mech_eap/gsseap_err.et +++ b/moonshot/mech_eap/gsseap_err.et @@ -79,11 +79,9 @@ error_code GSSEAP_BAD_USAGE, "Credential usage type is unknow error_code GSSEAP_CRED_USAGE_MISMATCH, "Credential usage does not match requested usage" error_code GSSEAP_CRED_MECH_MISMATCH, "Credential is not usable with this mechanism" error_code GSSEAP_CRED_EXPIRED, "Attributes indicate credentials have expired" -error_code GSSEAP_BAD_CRED_TYPE, "Bad credential type" error_code GSSEAP_BAD_CRED_OPTION, "Bad credential option" error_code GSSEAP_NO_DEFAULT_IDENTITY, "Default credentials identity unavailable" error_code GSSEAP_NO_DEFAULT_CRED, "Missing default password or other credentials" - # # Wrap/unwrap/PRF errors # diff --git a/moonshot/mech_eap/init_sec_context.c b/moonshot/mech_eap/init_sec_context.c index 03a9ef1..930eb32 100644 --- a/moonshot/mech_eap/init_sec_context.c +++ b/moonshot/mech_eap/init_sec_context.c @@ -943,7 +943,6 @@ gss_init_sec_context(OM_uint32 *minor, if (ctx->defaultCred == GSS_C_NO_CREDENTIAL) { major = gssEapAcquireCred(minor, GSS_C_NO_NAME, - GSS_C_NO_OID, GSS_C_NO_BUFFER, time_req, GSS_C_NO_OID_SET, diff --git a/moonshot/mech_eap/mech_eap.exports b/moonshot/mech_eap/mech_eap.exports index 14ece92..12f7f54 100644 --- a/moonshot/mech_eap/mech_eap.exports +++ b/moonshot/mech_eap/mech_eap.exports @@ -1,6 +1,5 @@ gss_accept_sec_context gss_acquire_cred -gss_acquire_cred_ext gss_add_cred gss_add_cred_with_password gss_canonicalize_name diff --git a/moonshot/mech_eap/util.h b/moonshot/mech_eap/util.h index 883eabf..4de00e3 100644 --- a/moonshot/mech_eap/util.h +++ b/moonshot/mech_eap/util.h @@ -206,16 +206,13 @@ gssEapContextTime(OM_uint32 *minor, OM_uint32 *time_rec); /* util_cred.c */ -extern const gss_OID_desc gssEapPasswordCredType; - OM_uint32 gssEapAllocCred(OM_uint32 *minor, gss_cred_id_t *pCred); OM_uint32 gssEapReleaseCred(OM_uint32 *minor, gss_cred_id_t *pCred); OM_uint32 gssEapAcquireCred(OM_uint32 *minor, const gss_name_t desiredName, - gss_const_OID credType, - const void *credData, + const gss_buffer_t password, OM_uint32 timeReq, const gss_OID_set desiredMechs, int cred_usage, diff --git a/moonshot/mech_eap/util_cred.c b/moonshot/mech_eap/util_cred.c index b481118..28cb76c 100644 --- a/moonshot/mech_eap/util_cred.c +++ b/moonshot/mech_eap/util_cred.c @@ -38,9 +38,6 @@ #include -const gss_OID_desc gssEapPasswordCredType = - { 7, "\x2a\x85\x70\x2b\x0d\x81\x48" }; - OM_uint32 gssEapAllocCred(OM_uint32 *minor, gss_cred_id_t *pCred) { @@ -200,8 +197,7 @@ cleanup: OM_uint32 gssEapAcquireCred(OM_uint32 *minor, const gss_name_t desiredName, - gss_const_OID credType, - const void *credData, + const gss_buffer_t password, OM_uint32 timeReq GSSEAP_UNUSED, const gss_OID_set desiredMechs, int credUsage, @@ -215,21 +211,10 @@ gssEapAcquireCred(OM_uint32 *minor, gss_name_t defaultIdentityName = GSS_C_NO_NAME; gss_buffer_desc defaultCreds = GSS_C_EMPTY_BUFFER; gss_OID nameMech = GSS_C_NO_OID; - gss_buffer_t password = GSS_C_NO_BUFFER; /* XXX TODO validate with changed set_cred_option API */ *pCred = GSS_C_NO_CREDENTIAL; - if (credType != GSS_C_NO_OID) { - if (oidEqual(credType, &gssEapPasswordCredType)) { - password = (gss_buffer_t)credData; - } else { - major = GSS_S_CRED_UNAVAIL; - *minor = GSSEAP_BAD_CRED_TYPE; - goto cleanup; - } - } - major = gssEapAllocCred(minor, &cred); if (GSS_ERROR(major)) goto cleanup;