[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[SCM] GNU gsasl branch, master, updated. gsasl-1-4-1-10-gb8b7067
From: |
Simon Josefsson |
Subject: |
[SCM] GNU gsasl branch, master, updated. gsasl-1-4-1-10-gb8b7067 |
Date: |
Tue, 02 Mar 2010 23:30:29 +0000 |
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU gsasl".
http://git.savannah.gnu.org/cgit/gsasl.git/commit/?id=b8b7067f1a47f3bbeb87fdd6df130f81e01316d5
The branch, master has been updated
via b8b7067f1a47f3bbeb87fdd6df130f81e01316d5 (commit)
via 389a6818e1fe09e429e65c9845c0082ccc6bb4b8 (commit)
via 1cbabbc7ea446848417245265a871643e9c1155b (commit)
via 3584888d532f3d653992b60e514f02ca04fa6eb4 (commit)
via 4c1fe9c2db2057e8f3b20ad09d89809a7a0d9da7 (commit)
from 5ef75d6685ae6022f9f77549ba8a5218cf88dbbd (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit b8b7067f1a47f3bbeb87fdd6df130f81e01316d5
Author: Simon Josefsson <address@hidden>
Date: Wed Mar 3 00:30:25 2010 +0100
Simplify GSS-API detection. More GS2 cleanup.
commit 389a6818e1fe09e429e65c9845c0082ccc6bb4b8
Author: Simon Josefsson <address@hidden>
Date: Wed Mar 3 00:12:54 2010 +0100
GS2: Remove debug code. The client side should now actually be finished,
yay.
commit 1cbabbc7ea446848417245265a871643e9c1155b
Author: Simon Josefsson <address@hidden>
Date: Wed Mar 3 00:09:51 2010 +0100
GS2: Channel binding stuff. Cleanup.
commit 3584888d532f3d653992b60e514f02ca04fa6eb4
Author: Simon Josefsson <address@hidden>
Date: Tue Mar 2 16:46:09 2010 +0100
Begin some work on GS2 update.
commit 4c1fe9c2db2057e8f3b20ad09d89809a7a0d9da7
Author: Simon Josefsson <address@hidden>
Date: Mon Mar 1 15:25:35 2010 +0100
Generated.
-----------------------------------------------------------------------
Summary of changes:
lib/configure.ac | 40 +---
lib/gs2/Makefile.am | 9 +-
lib/gs2/client.c | 366 +++++++++------------------
lib/gs2/gs2.h | 12 +-
lib/{anonymous/client.c => gs2/gs2helper.c} | 49 ++--
lib/{digest-md5/qop.h => gs2/gs2helper.h} | 16 +-
lib/gs2/gs2parser.c | 121 ---------
lib/gs2/gs2parser.h | 43 ---
lib/gs2/gs2wrap.c | 91 -------
lib/gs2/mechinfo.c | 54 ++---
lib/gs2/server.c | 27 +--
lib/gs2/test-parser.c | 106 --------
lib/gssapi/client.c | 11 +-
lib/gssapi/server.c | 11 +-
lib/src/gsasl.h | 2 +-
15 files changed, 199 insertions(+), 759 deletions(-)
copy lib/{anonymous/client.c => gs2/gs2helper.c} (56%)
copy lib/{digest-md5/qop.h => gs2/gs2helper.h} (72%)
delete mode 100644 lib/gs2/gs2parser.c
delete mode 100644 lib/gs2/gs2parser.h
delete mode 100644 lib/gs2/gs2wrap.c
delete mode 100644 lib/gs2/test-parser.c
diff --git a/lib/configure.ac b/lib/configure.ac
index 84e2d98..b86434b 100644
--- a/lib/configure.ac
+++ b/lib/configure.ac
@@ -204,17 +204,6 @@ elif test "$gssapi_impl" = "mit"; then
if test "$KRB5_CONFIG" != "no" ; then
CPPFLAGS="$CPPFLAGS `$KRB5_CONFIG --cflags`"
LIBS="$LIBS `$KRB5_CONFIG --libs gssapi`"
- AC_CHECK_HEADERS(gssapi/gssapi.h gssapi/gssapi_generic.h)
- AC_CHECK_DECL(GSS_C_NT_HOSTBASED_SERVICE,,
- [AC_DEFINE(GSS_C_NT_HOSTBASED_SERVICE, gss_nt_service_name,
- [Work around buggy MIT library])], [
-#ifdef HAVE_GSSAPI_GSSAPI_H
-# include <gssapi/gssapi.h>
-#endif
-#ifdef HAVE_GSSAPI_GSSAPI_GENERIC_H
-# include <gssapi/gssapi_generic.h>
-#endif
-])
else
AC_MSG_WARN([MIT Kerberos krb5-config not found, disabling GSSAPI])
gssapi_impl=no
@@ -225,7 +214,6 @@ elif test "$gssapi_impl" = "heimdal"; then
if test "$KRB5_CONFIG" != "no" ; then
CPPFLAGS="$CPPFLAGS `$KRB5_CONFIG --cflags`"
LIBS="$LIBS `$KRB5_CONFIG --libs gssapi`"
- AC_CHECK_HEADERS(gssapi.h)
else
AC_MSG_WARN([Heimdal krb5-config not found, disabling GSSAPI])
gssapi_impl=no
@@ -249,29 +237,7 @@ elif test "$gssapi_impl" != "no" ; then
AC_MSG_NOTICE([MIT/Heimdal found])
CPPFLAGS="$CPPFLAGS `$KRB5_CONFIG --cflags`"
LIBS="$LIBS `$KRB5_CONFIG --libs gssapi`"
- AC_CHECK_HEADERS(gssapi.h gssapi/gssapi.h gssapi/gssapi_generic.h)
- if test "$ac_cv_header_gssapi_h" = "yes" &&
- test "$ac_cv_header_gssapi_gssapi_h" = "yes"; then
- AC_MSG_WARN([Both Heimdal and MIT GSSAPI header files found. Will use
Heimdal.])
- AC_MSG_WARN([Use --with-gssapi-impl=mit to override.])
- fi
- if test "$ac_cv_header_gssapi_h" != "no"; then
- AC_MSG_NOTICE([Heimdal found])
- gssapi_impl=heimdal
- else
- AC_MSG_NOTICE([MIT found])
- AC_CHECK_DECL(GSS_C_NT_HOSTBASED_SERVICE,,
- [AC_DEFINE(GSS_C_NT_HOSTBASED_SERVICE, gss_nt_service_name,
- [Work around buggy MIT library])], [
-#ifdef HAVE_GSSAPI_GSSAPI_H
-# include <gssapi/gssapi.h>
-#endif
-#ifdef HAVE_GSSAPI_GSSAPI_GENERIC_H
-# include <gssapi/gssapi_generic.h>
-#endif
-])
- gssapi_impl=mit
- fi
+ gssapi_impl=mitheimdal
else
gssapi_impl=no
AC_MSG_WARN([krb5-config not found, disabling GSSAPI])
@@ -285,7 +251,7 @@ if test "$gssapi_impl" = "no"; then
gssapi=no
fi
-# GSSAPI, second part
+# GS2, second part
if test "$gs2" != "no" ; then
AC_DEFINE(USE_GS2, 1, [Define to 1 if you want GS2.])
fi
@@ -293,7 +259,7 @@ AC_MSG_CHECKING([if GS2 should be used])
AC_MSG_RESULT($gs2)
AM_CONDITIONAL(GS2, test x$gs2 = xyes)
-# GS2, second part
+# GSSAPI, second part
if test "$gssapi" != "no" ; then
AC_DEFINE(USE_GSSAPI, 1, [Define to 1 if you want GSSAPI.])
fi
diff --git a/lib/gs2/Makefile.am b/lib/gs2/Makefile.am
index 30ebf73..d4dd9ce 100644
--- a/lib/gs2/Makefile.am
+++ b/lib/gs2/Makefile.am
@@ -26,7 +26,8 @@ EXTRA_DIST = README
noinst_LTLIBRARIES = libgsasl-gs2.la
libgsasl_gs2_la_SOURCES = gs2.h mechinfo.c \
- gs2parser.h gs2parser.c
+ gs2helper.h gs2helper.c \
+ gs2asn1.h gs2asn1.c
if CLIENT
libgsasl_gs2_la_SOURCES += client.c
@@ -35,9 +36,3 @@ endif
if SERVER
libgsasl_gs2_la_SOURCES += server.c
endif
-
-LDADD = libgsasl-gs2.la ../gl/libgl.la
-
-ctests = test-parser
-TESTS = $(ctests)
-check_PROGRAMS = $(ctests)
diff --git a/lib/gs2/client.c b/lib/gs2/client.c
index 361d6ff..c0f2740 100644
--- a/lib/gs2/client.c
+++ b/lib/gs2/client.c
@@ -1,5 +1,5 @@
/* client.c --- SASL mechanism GS2, client side.
- * Copyright (C) 2002, 2003, 2004, 2005, 2006, 2007 Simon Josefsson
+ * Copyright (C) 2002, 2003, 2004, 2005, 2006, 2007, 2010 Simon Josefsson
*
* This file is part of GNU SASL Library.
*
@@ -35,25 +35,20 @@
#ifdef HAVE_LIBGSS
# include <gss.h>
-#elif HAVE_GSSAPI_H /* Heimdal GSSAPI */
+#else
# include <gssapi.h>
-#else /* MIT GSSAPI */
-# ifdef HAVE_GSSAPI_GSSAPI_H
-# include <gssapi/gssapi.h>
-# endif
-# ifdef HAVE_GSSAPI_GSSAPI_GENERIC_H
-# include <gssapi/gssapi_generic.h>
-# endif
#endif
-#include "gs2parser.h"
+#include "gs2helper.h"
+#include "gs2asn1.h"
struct _gsasl_gs2_client_state
{
int step;
gss_name_t service;
gss_ctx_id_t context;
- gss_qop_t qop;
+ gss_OID mech_oid;
+ struct gss_channel_bindings_struct cb;
};
typedef struct _gsasl_gs2_client_state _gsasl_gs2_client_state;
@@ -61,6 +56,8 @@ int
_gsasl_gs2_client_start (Gsasl_session * sctx, void **mech_data)
{
_gsasl_gs2_client_state *state;
+ OM_uint32 maj_stat, min_stat;
+ gss_buffer_desc sasl_mech_name;
state = (_gsasl_gs2_client_state *) malloc (sizeof (*state));
if (state == NULL)
@@ -69,7 +66,29 @@ _gsasl_gs2_client_start (Gsasl_session * sctx, void
**mech_data)
state->context = GSS_C_NO_CONTEXT;
state->service = GSS_C_NO_NAME;
state->step = 0;
- state->qop = GSASL_QOP_AUTH; /* FIXME: Should be GSASL_QOP_AUTH_CONF. */
+
+ /* The initiator-address-type and acceptor-address-type fields of
+ the GSS-CHANNEL-BINDINGS structure MUST be set to 0. The
+ initiator-address and acceptor-address fields MUST be the empty
+ string. */
+ state->cb.initiator_addrtype = 0;
+ state->cb.initiator_address.length = 0;
+ state->cb.initiator_address.value = NULL;
+ state->cb.acceptor_addrtype = 0;
+ state->cb.acceptor_address.length = 0;
+ state->cb.acceptor_address.value = NULL;
+ state->cb.application_data.length = 0;
+ state->cb.application_data.value = NULL;
+
+ sasl_mech_name.value = (void *) gsasl_mechanism_name (sctx);
+ if (!sasl_mech_name.value)
+ return GSASL_AUTHENTICATION_ERROR;
+ sasl_mech_name.length = strlen (sasl_mech_name.value);
+
+ maj_stat = gss_inquiry_mech_for_saslname (&min_stat, &sasl_mech_name,
+ &state->mech_oid);
+ if (GSS_ERROR (maj_stat))
+ return GSASL_AUTHENTICATION_ERROR;
*mech_data = state;
@@ -83,20 +102,16 @@ _gsasl_gs2_client_step (Gsasl_session * sctx,
char **output, size_t * output_len)
{
_gsasl_gs2_client_state *state = mech_data;
- char clientwrap[4];
- gss_qop_t serverqop;
gss_buffer_desc bufdesc, bufdesc2;
gss_buffer_t buf = GSS_C_NO_BUFFER;
OM_uint32 maj_stat, min_stat;
- int conf_state;
+ gss_OID actual_mech_type;
int res;
- const char *p;
- OM_uint32 ret_flags;
- struct gs2_token tok = { NULL, 0, NULL, 0 };
- if (state->service == NULL)
+ if (state->step == 0)
{
const char *service, *hostname;
+ const char *authzid = gsasl_property_get (sctx, GSASL_AUTHZID);
service = gsasl_property_get (sctx, GSASL_SERVICE);
if (!service)
@@ -106,164 +121,134 @@ _gsasl_gs2_client_step (Gsasl_session * sctx,
if (!hostname)
return GSASL_NO_HOSTNAME;
- /* FIXME: Use asprintf. */
-
- bufdesc.length = strlen (service) + 1 + strlen (hostname) + 1;
- bufdesc.value = malloc (bufdesc.length);
- if (bufdesc.value == NULL)
+ bufdesc.length = asprintf ((char**) &bufdesc.value, "address@hidden",
+ service, hostname);
+ if (bufdesc.length <= 0 || bufdesc.value == NULL)
return GSASL_MALLOC_ERROR;
- sprintf (bufdesc.value, "address@hidden", service, hostname);
-
maj_stat = gss_import_name (&min_stat, &bufdesc,
GSS_C_NT_HOSTBASED_SERVICE,
&state->service);
free (bufdesc.value);
if (GSS_ERROR (maj_stat))
return GSASL_GSSAPI_IMPORT_NAME_ERROR;
+
+ /* FIXME escape '=' and ',' in authzid to '=3D' and '=2C'
+ respectively. */
+
+ if (authzid)
+ state->cb.application_data.length
+ = asprintf ((char**) &state->cb.application_data.value,
+ "n,a=%s,", authzid);
+ else
+ {
+ state->cb.application_data.value = strdup ("n,,");
+ state->cb.application_data.length = 3;
+ }
+
+ if (state->cb.application_data.length <= 0
+ || state->cb.application_data.value == NULL)
+ return GSASL_MALLOC_ERROR;
}
switch (state->step)
{
case 1:
- res = gs2_parser (input, input_len, &tok);
- if (res < 0)
- return GSASL_MECHANISM_PARSE_ERROR;
-
- bufdesc.length = tok.context_length;
- bufdesc.value = (void *) tok.context_token;
+ bufdesc.length = input_len;
+ bufdesc.value = (void *) input;
buf = &bufdesc;
/* fall through */
case 0:
bufdesc2.length = 0;
bufdesc2.value = NULL;
+
maj_stat = gss_init_sec_context (&min_stat,
GSS_C_NO_CREDENTIAL,
&state->context,
state->service,
- GSS_C_NO_OID,
+ state->mech_oid,
GSS_C_MUTUAL_FLAG |
- GSS_C_REPLAY_FLAG |
- GSS_C_SEQUENCE_FLAG |
GSS_C_INTEG_FLAG |
GSS_C_CONF_FLAG,
0,
- GSS_C_NO_CHANNEL_BINDINGS,
- buf, NULL, &bufdesc2,
- &ret_flags, NULL);
+ &state->cb,
+ buf,
+ &actual_mech_type,
+ &bufdesc2,
+ NULL, /* ret_flags irrelevant */
+ NULL);
if (maj_stat != GSS_S_COMPLETE && maj_stat != GSS_S_CONTINUE_NEEDED)
return GSASL_GSSAPI_INIT_SEC_CONTEXT_ERROR;
- if ((ret_flags & GSS_C_PROT_READY_FLAG) || (maj_stat == GSS_S_COMPLETE))
+ if (state->mech_oid->length != actual_mech_type->length ||
+ memcmp (state->mech_oid->elements, actual_mech_type->elements,
+ state->mech_oid->length) != 0)
+ return GSASL_AUTHENTICATION_ERROR;
+
+ if (buf == GSS_C_NO_BUFFER)
{
- puts ("prot_ready");
- /* Deal with wrap token here. */
- /* Generate wrap token here. */
+ const char *der = bufdesc2.value;
+ size_t derlen = bufdesc2.length;
+ size_t l, ll;
+
+ /* Strip off RFC 2743 section 3.1 token header. */
+
+ if (derlen-- == 0)
+ return GSASL_GSSAPI_INIT_SEC_CONTEXT_ERROR;
+ if (*der++ != '\x60')
+ return GSASL_GSSAPI_INIT_SEC_CONTEXT_ERROR;
+ l = gs2_asn1_get_length_der (der, derlen, &ll);
+ if (l <= 0 || derlen <= ll)
+ return GSASL_GSSAPI_INIT_SEC_CONTEXT_ERROR;
+ derlen -= ll;
+ der += ll;
+ if (derlen != l)
+ return GSASL_GSSAPI_INIT_SEC_CONTEXT_ERROR;
+ if (derlen-- == 0)
+ return GSASL_GSSAPI_INIT_SEC_CONTEXT_ERROR;
+ if (*der++ != '\x06')
+ return GSASL_GSSAPI_INIT_SEC_CONTEXT_ERROR;
+ l = gs2_asn1_get_length_der (der, derlen, &ll);
+ if (l <= 0 || derlen <= ll)
+ return GSASL_GSSAPI_INIT_SEC_CONTEXT_ERROR;
+ derlen -= ll;
+ der += ll;
+ if (l != state->mech_oid->length)
+ return GSASL_GSSAPI_INIT_SEC_CONTEXT_ERROR;
+ if (memcmp (state->mech_oid->elements, der, l) != 0)
+ return GSASL_GSSAPI_INIT_SEC_CONTEXT_ERROR;
+ derlen -= l;
+ der += l;
+
+ *output_len = state->cb.application_data.length + derlen;
+ *output = malloc (*output_len);
+ if (!*output)
+ return GSASL_MALLOC_ERROR;
+ memcpy (*output, state->cb.application_data.value,
+ state->cb.application_data.length);
+ memcpy (*output + state->cb.application_data.length, der, derlen);
}
- else if (tok.wrap_length > 0)
+ else
{
- /* Server provided wrap token but we are not ready for it.
- Server error. */
- return GSASL_MECHANISM_PARSE_ERROR;
+ *output_len = bufdesc2.length;
+ *output = malloc (*output_len);
+ if (!*output)
+ return GSASL_MALLOC_ERROR;
+ memcpy (*output, bufdesc2.value, bufdesc2.length);
}
- res = gs2_encode (bufdesc2.value, bufdesc2.length,
- NULL, 0, output, output_len);
- if (res < 0)
- return GSASL_GSSAPI_INIT_SEC_CONTEXT_ERROR;
-
if (maj_stat == GSS_S_COMPLETE)
- state->step = 2;
+ {
+ state->step++;
+ res = GSASL_OK;
+ }
else
- state->step = 1;
+ res = GSASL_NEEDS_MORE;
maj_stat = gss_release_buffer (&min_stat, &bufdesc2);
if (GSS_ERROR (maj_stat))
return GSASL_GSSAPI_RELEASE_BUFFER_ERROR;
-
- res = GSASL_NEEDS_MORE;
- break;
-
- case 2:
- /* [RFC 2222 section 7.2.1]:
- The client passes this token to GSS_Unwrap and interprets the
- first octet of resulting cleartext as a bit-mask specifying
- the security layers supported by the server and the second
- through fourth octets as the maximum size output_message to
- send to the server. The client then constructs data, with
- the first octet containing the bit-mask specifying the
- selected security layer, the second through fourth octets
- containing in network byte order the maximum size
- output_message the client is able to receive, and the
- remaining octets containing the authorization identity. The
- client passes the data to GSS_Wrap with conf_flag set to
- FALSE, and responds with the generated output_message. The
- client can then consider the server authenticated. */
-
- bufdesc.length = input_len;
- bufdesc.value = (void *) input;
- maj_stat = gss_unwrap (&min_stat, state->context, &bufdesc,
- &bufdesc2, &conf_state, &serverqop);
- if (GSS_ERROR (maj_stat))
- return GSASL_GSSAPI_UNWRAP_ERROR;
-
- if (bufdesc2.length != 4)
- return GSASL_MECHANISM_PARSE_ERROR;
-
- memcpy (clientwrap, bufdesc2.value, 4);
-
- maj_stat = gss_release_buffer (&min_stat, &bufdesc2);
- if (GSS_ERROR (maj_stat))
- return GSASL_GSSAPI_RELEASE_BUFFER_ERROR;
-
-#if 0
- /* FIXME: Fix qop. */
- if (cb_qop)
- state->qop = cb_qop (sctx, serverqop);
-
- if ((state->qop & serverqop) == 0)
- /* Server does not support what user wanted. */
- return GSASL_GSSAPI_UNSUPPORTED_PROTECTION_ERROR;
-#endif
-
- /* FIXME: Fix maxbuf. */
-
- p = gsasl_property_get (sctx, GSASL_AUTHID);
- if (!p)
- return GSASL_NO_AUTHID;
-
- bufdesc.length = 4 + strlen (p);
- bufdesc.value = malloc (bufdesc.length);
- if (!bufdesc.value)
- return GSASL_MALLOC_ERROR;
-
- {
- char *q = bufdesc.value;
- q[0] = state->qop;
- memcpy (q + 1, clientwrap + 1, 3);
- memcpy (q + 4, p, strlen (p));
- }
-
- maj_stat = gss_wrap (&min_stat, state->context, 0, GSS_C_QOP_DEFAULT,
- &bufdesc, &conf_state, &bufdesc2);
- free (bufdesc.value);
- if (GSS_ERROR (maj_stat))
- return GSASL_GSSAPI_WRAP_ERROR;
-
- *output_len = bufdesc2.length;
- *output = malloc (bufdesc2.length);
- if (!*output)
- return GSASL_MALLOC_ERROR;
-
- memcpy (*output, bufdesc2.value, bufdesc2.length);
-
- maj_stat = gss_release_buffer (&min_stat, &bufdesc2);
- if (GSS_ERROR (maj_stat))
- return GSASL_GSSAPI_RELEASE_BUFFER_ERROR;
-
- state->step++;
- res = GSASL_OK;
break;
default:
@@ -289,113 +274,6 @@ _gsasl_gs2_client_finish (Gsasl_session * sctx, void
*mech_data)
maj_stat = gss_delete_sec_context (&min_stat, &state->context,
GSS_C_NO_BUFFER);
+ free (state->cb.application_data.value);
free (state);
}
-
-int
-_gsasl_gs2_client_encode (Gsasl_session * sctx,
- void *mech_data,
- const char *input, size_t input_len,
- char **output, size_t * output_len)
-{
- _gsasl_gs2_client_state *state = mech_data;
- OM_uint32 min_stat, maj_stat;
- gss_buffer_desc foo;
- gss_buffer_t input_message_buffer = &foo;
- gss_buffer_desc output_message_buffer;
-
- foo.length = input_len;
- foo.value = (void *) input;
-
- if (state && state->step == 3 &&
- state->qop & (GSASL_QOP_AUTH_INT | GSASL_QOP_AUTH_CONF))
- {
- maj_stat = gss_wrap (&min_stat,
- state->context,
- state->qop & GSASL_QOP_AUTH_CONF ? 1 : 0,
- GSS_C_QOP_DEFAULT,
- input_message_buffer,
- NULL, &output_message_buffer);
- if (GSS_ERROR (maj_stat))
- return GSASL_GSSAPI_WRAP_ERROR;
- *output_len = output_message_buffer.length;
- *output = malloc (input_len);
- if (!*output)
- {
- maj_stat = gss_release_buffer (&min_stat, &output_message_buffer);
- return GSASL_MALLOC_ERROR;
- }
- memcpy (*output, output_message_buffer.value,
- output_message_buffer.length);
-
- maj_stat = gss_release_buffer (&min_stat, &output_message_buffer);
- if (GSS_ERROR (maj_stat))
- {
- free (*output);
- return GSASL_GSSAPI_RELEASE_BUFFER_ERROR;
- }
- }
- else
- {
- *output_len = input_len;
- *output = malloc (input_len);
- if (!*output)
- return GSASL_MALLOC_ERROR;
- memcpy (*output, input, input_len);
- }
-
- return GSASL_OK;
-}
-
-int
-_gsasl_gs2_client_decode (Gsasl_session * sctx,
- void *mech_data,
- const char *input, size_t input_len,
- char **output, size_t * output_len)
-{
- _gsasl_gs2_client_state *state = mech_data;
- OM_uint32 min_stat, maj_stat;
- gss_buffer_desc foo;
- gss_buffer_t input_message_buffer = &foo;
- gss_buffer_desc output_message_buffer;
-
- foo.length = input_len;
- foo.value = (void *) input;
-
- if (state && state->step == 3 &&
- state->qop & (GSASL_QOP_AUTH_INT | GSASL_QOP_AUTH_CONF))
- {
- maj_stat = gss_unwrap (&min_stat,
- state->context,
- input_message_buffer,
- &output_message_buffer, NULL, NULL);
- if (GSS_ERROR (maj_stat))
- return GSASL_GSSAPI_UNWRAP_ERROR;
- *output_len = output_message_buffer.length;
- *output = malloc (input_len);
- if (!*output)
- {
- maj_stat = gss_release_buffer (&min_stat, &output_message_buffer);
- return GSASL_MALLOC_ERROR;
- }
- memcpy (*output, output_message_buffer.value,
- output_message_buffer.length);
-
- maj_stat = gss_release_buffer (&min_stat, &output_message_buffer);
- if (GSS_ERROR (maj_stat))
- {
- free (*output);
- return GSASL_GSSAPI_RELEASE_BUFFER_ERROR;
- }
- }
- else
- {
- *output_len = input_len;
- *output = malloc (input_len);
- if (!*output)
- return GSASL_MALLOC_ERROR;
- memcpy (*output, input, input_len);
- }
-
- return GSASL_OK;
-}
diff --git a/lib/gs2/gs2.h b/lib/gs2/gs2.h
index 1098402..22012c8 100644
--- a/lib/gs2/gs2.h
+++ b/lib/gs2/gs2.h
@@ -1,5 +1,5 @@
/* gs2.h --- Prototypes for SASL mechanism GS2.
- * Copyright (C) 2006 Simon Josefsson
+ * Copyright (C) 2006, 2010 Simon Josefsson
*
* This file is part of GNU SASL Library.
*
@@ -25,7 +25,7 @@
#include <gsasl.h>
-#define GSASL_GS2_KRB5_NAME "GS2-FNUO57PLKGM5XHGE"
+#define GSASL_GS2_KRB5_NAME "GS2-KRB5"
extern Gsasl_mechanism gsasl_gs2_krb5_mechanism;
@@ -35,14 +35,6 @@ extern int _gsasl_gs2_client_step (Gsasl_session * sctx,
const char *input, size_t input_len,
char **output, size_t * output_len);
extern void _gsasl_gs2_client_finish (Gsasl_session * sctx, void *mech_data);
-extern int _gsasl_gs2_client_encode (Gsasl_session * sctx,
- void *mech_data,
- const char *input, size_t input_len,
- char **output, size_t * output_len);
-extern int _gsasl_gs2_client_decode (Gsasl_session * sctx,
- void *mech_data,
- const char *input, size_t input_len,
- char **output, size_t * output_len);
extern int _gsasl_gs2_server_start (Gsasl_session * sctx, void **mech_data);
extern int _gsasl_gs2_server_step (Gsasl_session * sctx,
diff --git a/lib/anonymous/client.c b/lib/gs2/gs2helper.c
similarity index 56%
copy from lib/anonymous/client.c
copy to lib/gs2/gs2helper.c
index 5119bc1..2e370f4 100644
--- a/lib/anonymous/client.c
+++ b/lib/gs2/gs2helper.c
@@ -1,5 +1,5 @@
-/* client.c --- ANONYMOUS mechanism as defined in RFC 2245, client side.
- * Copyright (C) 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009 Simon
Josefsson
+/* gs2helper.h --- GS2 helper functions for missing GSS-API interface.
+ * Copyright (C) 2010 Simon Josefsson
*
* This file is part of GNU SASL Library.
*
@@ -24,28 +24,37 @@
# include "config.h"
#endif
-/* Get specification. */
-#include "anonymous.h"
-
-/* Get strdup, strlen. */
+/* Get strcmp. */
#include <string.h>
-int
-_gsasl_anonymous_client_step (Gsasl_session * sctx,
- void *mech_data,
- const char *input, size_t input_len,
- char **output, size_t * output_len)
+#ifdef HAVE_LIBGSS
+# include <gss.h>
+#else
+# include <gssapi.h>
+#endif
+
+/* Get specification. */
+#include "gs2helper.h"
+
+OM_uint32
+gss_inquiry_mech_for_saslname (OM_uint32 *minor_status,
+ const gss_buffer_t sasl_mech_name,
+ gss_OID *mech_type)
{
- const char *p;
+ static const gss_OID_desc krb5oid_static = {
+ 9, "\x2a\x86\x48\x86\xf7\x12\x01\x02\x02"
+ };
- p = gsasl_property_get (sctx, GSASL_ANONYMOUS_TOKEN);
- if (!p)
- return GSASL_NO_ANONYMOUS_TOKEN;
+ if (sasl_mech_name->value == NULL ||
+ strcmp (sasl_mech_name->value, "GS2-KRB5") != 0)
+ {
+ if (minor_status)
+ *minor_status = 0;
+ return GSS_S_BAD_MECH;
+ }
- *output = strdup (p);
- if (!*output)
- return GSASL_MALLOC_ERROR;
- *output_len = strlen (p);
+ if (mech_type)
+ *mech_type = &krb5oid_static;
- return GSASL_OK;
+ return GSS_S_COMPLETE;
}
diff --git a/lib/digest-md5/qop.h b/lib/gs2/gs2helper.h
similarity index 72%
copy from lib/digest-md5/qop.h
copy to lib/gs2/gs2helper.h
index 418f998..ec0b604 100644
--- a/lib/digest-md5/qop.h
+++ b/lib/gs2/gs2helper.h
@@ -1,5 +1,5 @@
-/* qop.h --- Prototypes for DIGEST-MD5 qop handling.
- * Copyright (C) 2009 Simon Josefsson
+/* gs2helper.h --- GS2 helper functions for missing GSS-API interface.
+ * Copyright (C) 2010 Simon Josefsson
*
* This file is part of GNU SASL Library.
*
@@ -20,10 +20,12 @@
*
*/
-#ifndef DIGEST_MD5_QOP_H
-# define DIGEST_MD5_QOP_H
+#ifndef GS2_HELPER_H
+# define GS2_HELPER_H
-extern int digest_md5_qopstr2qops (const char *qopstr);
-extern const char *digest_md5_qops2qopstr (int qops);
+extern OM_uint32
+gss_inquiry_mech_for_saslname (OM_uint32 *minor_status,
+ const gss_buffer_t sasl_mech_name,
+ gss_OID *mech_type);
-#endif /* DIGEST_MD5_QOP_H */
+#endif
diff --git a/lib/gs2/gs2parser.c b/lib/gs2/gs2parser.c
deleted file mode 100644
index 9a6cf44..0000000
--- a/lib/gs2/gs2parser.c
+++ /dev/null
@@ -1,121 +0,0 @@
-/* gs2parser.h --- GS2 parser.
- * Copyright (C) 2006, 2007 Simon Josefsson
- *
- * This file is part of GNU SASL Library.
- *
- * GNU SASL Library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public License
- * as published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * GNU SASL Library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with GNU SASL Library; if not, write to the Free
- * Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
- * Boston, MA 02110-1301, USA.
- *
- */
-
-#include "gs2parser.h"
-
-#include <stdint.h>
-
-/* Parse a GS2 token in TOKEN of TOKLEN length, check the length
- field, and set the appropriate values in OUT, if OUT is non-NULL.
- The values in OUT that are set points into the TOKEN buffer, so
- they must not be deallocated. On success, the function sets all
- values in OUT. Returns 0 on success, or negative on failures
- (i.e., the input is invalid). */
-int
-gs2_parser (const char *token, size_t toklen, struct gs2_token *out)
-{
- uint32_t context_length, wrap_length;
-
- if (!out)
- return -1;
-
- /* Messages shorter than or equal to 8 octets are invalid. */
- if (toklen <= 8)
- return -1;
-
- context_length =
- (token[0] << 24) & 0xFF000000 |
- (token[1] << 16) & 0xFF0000 |
- (token[2] << 8) & 0xFF00 | (token[3]) & 0xFF;
-
- wrap_length =
- (token[4] << 24) & 0xFF000000 |
- (token[5] << 16) & 0xFF0000 |
- (token[6] << 8) & 0xFF00 | (token[7]) & 0xFF;
-
- /* Check that lengths are not out of bounds. */
- if (context_length > toklen || wrap_length > toklen ||
- context_length + wrap_length + 8 != toklen)
- return -1;
-
- out->context_length = context_length;
- if (context_length > 0)
- out->context_token = token + 8;
- else
- out->context_token = NULL;
-
- out->wrap_length = wrap_length;
- if (wrap_length > 0)
- out->wrap_token = token + 8 + context_length;
- else
- out->wrap_token = NULL;
-
- return 0;
-}
-
-/* Encode a GS2 token into newly allocated OUT buffer. CONTEXT is the
- context token, of length CONTEXT_LENGTH. WRAP is the wrap token,
- of length WRAP_LENGTH. If OUTLEN is non-NULL, the length of the
- output token is written to it on successful exit. If OUT is NULL,
- no data is written, but the input lengths are verified, and the
- OUTLEN variable is written (if applicable). This can be used to
- determine how large the output will be. Returns 0 on success, or
- negative on failures (i.e., the input is invalid). */
-int
-gs2_encode (const char *context, size_t context_length,
- const char *wrap, size_t wrap_length, char **out, size_t * outlen)
-{
- size_t totlen = 4 + context_length + wrap_length;
- uint32_t ctxlen;
-
- /* Reject out of bounds conditions. */
- if (totlen > UINT32_MAX || totlen < context_length || totlen < wrap_length)
- return -1;
-
- /* Only time we accept NULL inputs is for zero-length inputs. */
- if (context == NULL && context_length != 0)
- return -2;
- if (wrap == NULL && wrap_length != 0)
- return -3;
-
- if (outlen)
- *outlen = totlen;
-
- if (!out)
- return 0;
-
- *out = malloc (*outlen);
- if (!*out)
- return -4;
-
- (*out)[0] = (context_length >> 24) & 0xFF;
- (*out)[1] = (context_length >> 16) & 0xFF;
- (*out)[2] = (context_length >> 8) & 0xFF;
- (*out)[3] = context_length & 0xFF;
-
- if (context)
- memcpy (*out + 4, context, context_length);
- if (wrap)
- memcpy (*out + 4 + context_length, wrap, wrap_length);
-
- return 0;
-}
diff --git a/lib/gs2/gs2parser.h b/lib/gs2/gs2parser.h
deleted file mode 100644
index 76b85e5..0000000
--- a/lib/gs2/gs2parser.h
+++ /dev/null
@@ -1,43 +0,0 @@
-/* gs2parser.h --- GS2 parser.
- * Copyright (C) 2006 Simon Josefsson
- *
- * This file is part of GNU SASL Library.
- *
- * GNU SASL Library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public License
- * as published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * GNU SASL Library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with GNU SASL Library; if not, write to the Free
- * Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
- * Boston, MA 02110-1301, USA.
- *
- */
-
-#ifndef GS2_PARSER_H
-# define GS2_PARSER_H
-
-#include <string.h>
-
-struct gs2_token
-{
- const char *context_token;
- size_t context_length;
- const char *wrap_token;
- size_t wrap_length;
-};
-
-extern int gs2_parser (const char *token, size_t toklen,
- struct gs2_token *out);
-
-extern int gs2_encode (const char *context, size_t context_length,
- const char *wrap, size_t wrap_length,
- char **out, size_t * outlen);
-
-#endif /* GS2_PARSER_H */
diff --git a/lib/gs2/gs2wrap.c b/lib/gs2/gs2wrap.c
deleted file mode 100644
index c81fa75..0000000
--- a/lib/gs2/gs2wrap.c
+++ /dev/null
@@ -1,91 +0,0 @@
-/* gs2parser.h --- GS2 parser.
- * Copyright (C) 2006 Simon Josefsson
- *
- * This file is part of GNU SASL Library.
- *
- * GNU SASL Library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public License
- * as published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * GNU SASL Library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with GNU SASL Library; if not, write to the Free
- * Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
- * Boston, MA 02110-1301, USA.
- *
- */
-
-#include "gs2parser.h"
-
-#include <stdint.h>
-
-/*
- *
- * 1 1 1 1 1 1 1 1 1 1 2 2 2 2 2 2 2 2 2 2 3 3
- * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
- * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- * | client_qops | client_maxbuf |
- * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- * | channel_binding_length |
- * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- * |[client_cbqops]| [channel_binding_data] /
- * / /
- * / / [authzid] /
- * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- *
- */
-int
-gs2_parse_request (const char *request, size_t reqlen,
- int clientp,
- int *qop, size_t * maxbuf, size_t * cblen,
- int *cbqops, char **cbdata, char **authzid)
-{
- size_t l;
-
- if (reqlen < 8)
- return -1;
-
- if (qop)
- *qop = request[0];
-
- if (maxbuf)
- *maxbuf =
- (request[1] << 16) & 0xFF0000 |
- (request[2] << 8) & 0xFF00 | (request[3]) & 0xFF;
-
- l = (request[4] << 24) & 0xFF000000 |
- (request[5] << 16) & 0xFF0000 |
- (request[6] << 8) & 0xFF00 | (request[7]) & 0xFF;
-
- if (l > 0 && reqlen == 8)
- return -2;
-
- if (cblen)
- *cblen = l;
-
- if (l > 0)
- {
- if (cbqops)
- *cbqops = request[8];
- if (cbdata)
- *cbdata = &request[9];
- if (authzid)
- *authzid = &request[9] + l;
- }
- else
- {
- if (cbqops)
- *cbqops = 0;
- if (cbdata)
- *cbdata = NULL;
- if (authzid)
- *authzid = NULL;
- }
-
- return 0;
-}
diff --git a/lib/gs2/mechinfo.c b/lib/gs2/mechinfo.c
index 45064ca..d1a7a98 100644
--- a/lib/gs2/mechinfo.c
+++ b/lib/gs2/mechinfo.c
@@ -1,5 +1,5 @@
/* mechinfo.c --- Definition of GS2 mechanism.
- * Copyright (C) 2006 Simon Josefsson
+ * Copyright (C) 2006, 2010 Simon Josefsson
*
* This file is part of GNU SASL Library.
*
@@ -30,53 +30,45 @@
Gsasl_mechanism gsasl_gs2_krb5_mechanism = {
GSASL_GS2_KRB5_NAME,
{
- NULL,
- NULL,
+ NULL,
+ NULL,
#ifdef USE_CLIENT
- _gsasl_gs2_client_start,
+ _gsasl_gs2_client_start,
#else
- NULL,
+ NULL,
#endif
#ifdef USE_CLIENT
- _gsasl_gs2_client_step,
+ _gsasl_gs2_client_step,
#else
- NULL,
+ NULL,
#endif
#ifdef USE_CLIENT
- _gsasl_gs2_client_finish,
+ _gsasl_gs2_client_finish,
#else
- NULL,
+ NULL,
#endif
-#ifdef USE_CLIENT
- _gsasl_gs2_client_encode,
-#else
- NULL,
-#endif
-#ifdef USE_CLIENT
- _gsasl_gs2_client_decode
-#else
- NULL
-#endif
- }
- ,
+ NULL,
+ NULL
+ },
{
- NULL,
- NULL,
+ NULL,
+ NULL,
#ifdef USE_SERVER
- _gsasl_gs2_server_start,
+ _gsasl_gs2_server_start,
#else
- NULL,
+ NULL,
#endif
#ifdef USE_SERVER
- _gsasl_gs2_server_step,
+ _gsasl_gs2_server_step,
#else
- NULL,
+ NULL,
#endif
#ifdef USE_SERVER
- _gsasl_gs2_server_finish,
+ _gsasl_gs2_server_finish,
#else
- NULL,
+ NULL,
#endif
- NULL,
- NULL}
+ NULL,
+ NULL
+ }
};
diff --git a/lib/gs2/server.c b/lib/gs2/server.c
index 5964216..5f0c494 100644
--- a/lib/gs2/server.c
+++ b/lib/gs2/server.c
@@ -1,5 +1,5 @@
/* server.c --- SASL mechanism GS2, server side.
- * Copyright (C) 2002, 2003, 2004, 2005, 2006 Simon Josefsson
+ * Copyright (C) 2002, 2003, 2004, 2005, 2006, 2010 Simon Josefsson
*
* This file is part of GNU SASL Library.
*
@@ -35,19 +35,10 @@
#ifdef HAVE_LIBGSS
# include <gss.h>
-#elif HAVE_GSSAPI_H /* Heimdal GSSAPI */
+#else
# include <gssapi.h>
-#else /* MIT GSSAPI */
-# ifdef HAVE_GSSAPI_GSSAPI_H
-# include <gssapi/gssapi.h>
-# endif
-# ifdef HAVE_GSSAPI_GSSAPI_GENERIC_H
-# include <gssapi/gssapi_generic.h>
-# endif
#endif
-#include "gs2parser.h"
-
struct _Gsasl_gs2_server_state
{
int step;
@@ -133,7 +124,6 @@ _gsasl_gs2_server_step (Gsasl_session * sctx,
char tmp[4];
int res;
OM_uint32 ret_flags;
- struct gs2_token tok;
*output = NULL;
*output_len = 0;
@@ -150,12 +140,8 @@ _gsasl_gs2_server_step (Gsasl_session * sctx,
/* fall through */
case 1:
- res = gs2_parser (input, input_len, &tok);
- if (res < 0)
- return GSASL_MECHANISM_PARSE_ERROR;
-
- bufdesc1.value = tok.context_token;
- bufdesc1.length = tok.context_length;
+ bufdesc1.value = input;
+ bufdesc1.length = input_len;
if (state->client)
{
gss_release_name (&min_stat, &state->client);
@@ -181,11 +167,6 @@ _gsasl_gs2_server_step (Gsasl_session * sctx,
/* XXX gss_wrap token */
}
- res = gs2_encode (bufdesc2.value, bufdesc2.length,
- NULL, 0, output, output_len);
- if (res < 0)
- return GSASL_GSSAPI_INIT_SEC_CONTEXT_ERROR;
-
maj_stat = gss_release_buffer (&min_stat, &bufdesc2);
if (GSS_ERROR (maj_stat))
return GSASL_GSSAPI_RELEASE_BUFFER_ERROR;
diff --git a/lib/gs2/test-parser.c b/lib/gs2/test-parser.c
deleted file mode 100644
index cf08e82..0000000
--- a/lib/gs2/test-parser.c
+++ /dev/null
@@ -1,106 +0,0 @@
-/* test-parser.c --- Self tests of GS2 parser & printer.
- * Copyright (C) 2006, 2007, 2008 Simon Josefsson
- *
- * This file is part of GNU SASL Library.
- *
- * GNU SASL Library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public License
- * as published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * GNU SASL Library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with GNU SASL Library; if not, write to the Free
- * Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
- * Boston, MA 02110-1301, USA.
- *
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-#include "gs2parser.h"
-
-#define ZERO "\x00\x00\x00\x00"
-#define ONE "\x00\x00\x00\x01"
-#define TWO "\x00\x00\x00\x02"
-#define DATA "\x41"
-#define DATA2 "\x42"
-
-struct
-{
- char *name;
- char *token;
- size_t length;
- int expected_rc;
- char *expected_context;
- size_t expected_context_length;
- char *expected_wrap;
- size_t expected_wrap_length;
-} tv[] =
-{
- /* *INDENT-OFF* */
- { "string0", "foobarbaz", 0, -1 },
- { "string1", "foobarbaz", 1, -1 },
- { "string2", "foobarbaz", 2, -1 },
- { "string3", "foobarbaz", 3, -1 },
- { "string4", "foobarbaz", 4, -1 },
- { "string5", "foobarbaz", 5, -1 },
- { "string6", "foobarbaz", 6, -1 },
- { "string7", "foobarbaz", 7, -1 },
- { "string8", "foobarbaz", 8, -1 },
- { "string9", "foobarbaz", 9, -1 },
- { "allzero", ZERO ZERO, 8, -1 },
- { "allzero-overlong", ZERO ZERO DATA, 9, -1 },
- { "one-empty", ONE ZERO, 8, -1 },
- { "one-empty2", ZERO ONE, 8, -1 },
- { "size-one", ONE ZERO DATA, 9, 0, DATA, 1, NULL, 0 },
- { "size-one2", ZERO ONE DATA, 9, 0, NULL, 0, DATA, 1 },
- { "size-one3", ONE ONE DATA DATA, 10, 0, DATA, 1, DATA, 1 },
- { "size-one-overlong", ZERO ONE DATA DATA, 10, -1 },
- { "size-one-overlong2", ONE ZERO DATA DATA, 10, -1 },
- { "size-one-overlong3", ONE ONE DATA DATA DATA, 11, -1 },
- { "size-two", TWO TWO DATA DATA2 DATA DATA2, 12, 0,
- DATA DATA2, 2, DATA2 DATA, 2 },
- /* *INDENT-ON* */
-};
-
-int
-main (int argc, char *argv[])
-{
- struct gs2_token tok;
- int rc;
- size_t i;
-
- for (i = 0; i < sizeof (tv) / sizeof (tv[0]); i++)
- {
- rc = gs2_parser (tv[i].token, tv[i].length, &tok);
- if (rc != tv[i].expected_rc)
- {
- printf ("gs2 tv[%d] '%s': %.*s expected %d got %d\n",
- i, tv[i].name, tv[i].length,
- tv[i].token, tv[i].expected_rc, rc);
- }
- if (rc >= 0 &&
- (tv[i].expected_context_length != tok.context_length ||
- memcmp (tv[i].expected_context, tok.context_token,
- tok.context_length) != 0))
- {
- printf ("gs2 tv[%d] '%s': "
- "expected context %.*s (size %d) got %.*s (size %d)\n",
- i, tv[i].name,
- tv[i].expected_context_length,
- tv[i].expected_context,
- tv[i].expected_context_length,
- tok.context_length, tok.context_token, tok.context_length);
- abort ();
- }
- }
-
- return 0;
-}
diff --git a/lib/gssapi/client.c b/lib/gssapi/client.c
index 5af4a61..59c8f52 100644
--- a/lib/gssapi/client.c
+++ b/lib/gssapi/client.c
@@ -1,5 +1,5 @@
/* client.c --- SASL mechanism GSSAPI as defined in RFC 2222, client side.
- * Copyright (C) 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009 Simon
Josefsson
+ * Copyright (C) 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010 Simon
Josefsson
*
* This file is part of GNU SASL Library.
*
@@ -35,15 +35,8 @@
#ifdef HAVE_LIBGSS
# include <gss.h>
-#elif HAVE_GSSAPI_H /* Heimdal GSSAPI */
+#else
# include <gssapi.h>
-#else /* MIT GSSAPI */
-# ifdef HAVE_GSSAPI_GSSAPI_H
-# include <gssapi/gssapi.h>
-# endif
-# ifdef HAVE_GSSAPI_GSSAPI_GENERIC_H
-# include <gssapi/gssapi_generic.h>
-# endif
#endif
struct _Gsasl_gssapi_client_state
diff --git a/lib/gssapi/server.c b/lib/gssapi/server.c
index 12827c2..aafc8aa 100644
--- a/lib/gssapi/server.c
+++ b/lib/gssapi/server.c
@@ -1,5 +1,5 @@
/* server.c --- SASL mechanism GSSAPI as defined in RFC 2222, server side.
- * Copyright (C) 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009 Simon
Josefsson
+ * Copyright (C) 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010 Simon
Josefsson
*
* This file is part of GNU SASL Library.
*
@@ -35,15 +35,8 @@
#ifdef HAVE_LIBGSS
# include <gss.h>
-#elif HAVE_GSSAPI_H /* Heimdal GSSAPI */
+#else
# include <gssapi.h>
-#else /* MIT GSSAPI */
-# ifdef HAVE_GSSAPI_GSSAPI_H
-# include <gssapi/gssapi.h>
-# endif
-# ifdef HAVE_GSSAPI_GSSAPI_GENERIC_H
-# include <gssapi/gssapi_generic.h>
-# endif
#endif
struct _Gsasl_gssapi_server_state
diff --git a/lib/src/gsasl.h b/lib/src/gsasl.h
index ba84290..4da3ef9 100644
--- a/lib/src/gsasl.h
+++ b/lib/src/gsasl.h
@@ -51,7 +51,7 @@ extern "C"
* version number. Used together with gsasl_check_version() to
* verify header file and run-time library consistency.
*/
-# define GSASL_VERSION "1.4.2"
+# define GSASL_VERSION "1.5.0"
/**
* GSASL_VERSION_MAJOR
hooks/post-receive
--
GNU gsasl
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [SCM] GNU gsasl branch, master, updated. gsasl-1-4-1-10-gb8b7067,
Simon Josefsson <=