gsasl-commit
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[SCM] GNU gsasl branch, master, updated. gsasl-1-4-1-10-gb8b7067


From: Simon Josefsson
Subject: [SCM] GNU gsasl branch, master, updated. gsasl-1-4-1-10-gb8b7067
Date: Tue, 02 Mar 2010 23:30:29 +0000

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU gsasl".

http://git.savannah.gnu.org/cgit/gsasl.git/commit/?id=b8b7067f1a47f3bbeb87fdd6df130f81e01316d5

The branch, master has been updated
       via  b8b7067f1a47f3bbeb87fdd6df130f81e01316d5 (commit)
       via  389a6818e1fe09e429e65c9845c0082ccc6bb4b8 (commit)
       via  1cbabbc7ea446848417245265a871643e9c1155b (commit)
       via  3584888d532f3d653992b60e514f02ca04fa6eb4 (commit)
       via  4c1fe9c2db2057e8f3b20ad09d89809a7a0d9da7 (commit)
      from  5ef75d6685ae6022f9f77549ba8a5218cf88dbbd (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit b8b7067f1a47f3bbeb87fdd6df130f81e01316d5
Author: Simon Josefsson <address@hidden>
Date:   Wed Mar 3 00:30:25 2010 +0100

    Simplify GSS-API detection.  More GS2 cleanup.

commit 389a6818e1fe09e429e65c9845c0082ccc6bb4b8
Author: Simon Josefsson <address@hidden>
Date:   Wed Mar 3 00:12:54 2010 +0100

    GS2: Remove debug code.  The client side should now actually be finished, 
yay.

commit 1cbabbc7ea446848417245265a871643e9c1155b
Author: Simon Josefsson <address@hidden>
Date:   Wed Mar 3 00:09:51 2010 +0100

    GS2: Channel binding stuff.  Cleanup.

commit 3584888d532f3d653992b60e514f02ca04fa6eb4
Author: Simon Josefsson <address@hidden>
Date:   Tue Mar 2 16:46:09 2010 +0100

    Begin some work on GS2 update.

commit 4c1fe9c2db2057e8f3b20ad09d89809a7a0d9da7
Author: Simon Josefsson <address@hidden>
Date:   Mon Mar 1 15:25:35 2010 +0100

    Generated.

-----------------------------------------------------------------------

Summary of changes:
 lib/configure.ac                            |   40 +---
 lib/gs2/Makefile.am                         |    9 +-
 lib/gs2/client.c                            |  366 +++++++++------------------
 lib/gs2/gs2.h                               |   12 +-
 lib/{anonymous/client.c => gs2/gs2helper.c} |   49 ++--
 lib/{digest-md5/qop.h => gs2/gs2helper.h}   |   16 +-
 lib/gs2/gs2parser.c                         |  121 ---------
 lib/gs2/gs2parser.h                         |   43 ---
 lib/gs2/gs2wrap.c                           |   91 -------
 lib/gs2/mechinfo.c                          |   54 ++---
 lib/gs2/server.c                            |   27 +--
 lib/gs2/test-parser.c                       |  106 --------
 lib/gssapi/client.c                         |   11 +-
 lib/gssapi/server.c                         |   11 +-
 lib/src/gsasl.h                             |    2 +-
 15 files changed, 199 insertions(+), 759 deletions(-)
 copy lib/{anonymous/client.c => gs2/gs2helper.c} (56%)
 copy lib/{digest-md5/qop.h => gs2/gs2helper.h} (72%)
 delete mode 100644 lib/gs2/gs2parser.c
 delete mode 100644 lib/gs2/gs2parser.h
 delete mode 100644 lib/gs2/gs2wrap.c
 delete mode 100644 lib/gs2/test-parser.c

diff --git a/lib/configure.ac b/lib/configure.ac
index 84e2d98..b86434b 100644
--- a/lib/configure.ac
+++ b/lib/configure.ac
@@ -204,17 +204,6 @@ elif test "$gssapi_impl" = "mit"; then
   if test "$KRB5_CONFIG" != "no" ; then
     CPPFLAGS="$CPPFLAGS `$KRB5_CONFIG --cflags`"
     LIBS="$LIBS `$KRB5_CONFIG --libs gssapi`"
-    AC_CHECK_HEADERS(gssapi/gssapi.h gssapi/gssapi_generic.h)
-    AC_CHECK_DECL(GSS_C_NT_HOSTBASED_SERVICE,,
-      [AC_DEFINE(GSS_C_NT_HOSTBASED_SERVICE, gss_nt_service_name,
-                 [Work around buggy MIT library])], [
-#ifdef HAVE_GSSAPI_GSSAPI_H
-# include <gssapi/gssapi.h>
-#endif
-#ifdef HAVE_GSSAPI_GSSAPI_GENERIC_H
-# include <gssapi/gssapi_generic.h>
-#endif
-])
   else
     AC_MSG_WARN([MIT Kerberos krb5-config not found, disabling GSSAPI])
     gssapi_impl=no
@@ -225,7 +214,6 @@ elif test "$gssapi_impl" = "heimdal"; then
   if test "$KRB5_CONFIG" != "no" ; then
     CPPFLAGS="$CPPFLAGS `$KRB5_CONFIG --cflags`"
     LIBS="$LIBS `$KRB5_CONFIG --libs gssapi`"
-    AC_CHECK_HEADERS(gssapi.h)
   else
     AC_MSG_WARN([Heimdal krb5-config not found, disabling GSSAPI])
     gssapi_impl=no
@@ -249,29 +237,7 @@ elif test "$gssapi_impl" != "no" ; then
       AC_MSG_NOTICE([MIT/Heimdal found])
       CPPFLAGS="$CPPFLAGS `$KRB5_CONFIG --cflags`"
       LIBS="$LIBS `$KRB5_CONFIG --libs gssapi`"
-      AC_CHECK_HEADERS(gssapi.h gssapi/gssapi.h gssapi/gssapi_generic.h)
-      if test "$ac_cv_header_gssapi_h" = "yes" &&
-         test "$ac_cv_header_gssapi_gssapi_h" = "yes"; then
-        AC_MSG_WARN([Both Heimdal and MIT GSSAPI header files found.  Will use 
Heimdal.])
-        AC_MSG_WARN([Use --with-gssapi-impl=mit to override.])
-      fi
-      if test "$ac_cv_header_gssapi_h" != "no"; then
-        AC_MSG_NOTICE([Heimdal found])
-        gssapi_impl=heimdal
-      else
-        AC_MSG_NOTICE([MIT found])
-        AC_CHECK_DECL(GSS_C_NT_HOSTBASED_SERVICE,,
-          [AC_DEFINE(GSS_C_NT_HOSTBASED_SERVICE, gss_nt_service_name,
-            [Work around buggy MIT library])], [
-#ifdef HAVE_GSSAPI_GSSAPI_H
-# include <gssapi/gssapi.h>
-#endif
-#ifdef HAVE_GSSAPI_GSSAPI_GENERIC_H
-# include <gssapi/gssapi_generic.h>
-#endif
-])
-        gssapi_impl=mit
-      fi
+      gssapi_impl=mitheimdal
     else
       gssapi_impl=no
       AC_MSG_WARN([krb5-config not found, disabling GSSAPI])
@@ -285,7 +251,7 @@ if test "$gssapi_impl" = "no"; then
   gssapi=no
 fi
 
-# GSSAPI, second part
+# GS2, second part
 if test "$gs2" != "no" ; then
   AC_DEFINE(USE_GS2, 1, [Define to 1 if you want GS2.])
 fi
@@ -293,7 +259,7 @@ AC_MSG_CHECKING([if GS2 should be used])
 AC_MSG_RESULT($gs2)
 AM_CONDITIONAL(GS2, test x$gs2 = xyes)
 
-# GS2, second part
+# GSSAPI, second part
 if test "$gssapi" != "no" ; then
   AC_DEFINE(USE_GSSAPI, 1, [Define to 1 if you want GSSAPI.])
 fi
diff --git a/lib/gs2/Makefile.am b/lib/gs2/Makefile.am
index 30ebf73..d4dd9ce 100644
--- a/lib/gs2/Makefile.am
+++ b/lib/gs2/Makefile.am
@@ -26,7 +26,8 @@ EXTRA_DIST = README
 
 noinst_LTLIBRARIES = libgsasl-gs2.la
 libgsasl_gs2_la_SOURCES = gs2.h mechinfo.c \
-       gs2parser.h gs2parser.c
+       gs2helper.h gs2helper.c \
+       gs2asn1.h gs2asn1.c
 
 if CLIENT
 libgsasl_gs2_la_SOURCES += client.c
@@ -35,9 +36,3 @@ endif
 if SERVER
 libgsasl_gs2_la_SOURCES += server.c
 endif
-
-LDADD = libgsasl-gs2.la ../gl/libgl.la
-
-ctests = test-parser
-TESTS = $(ctests)
-check_PROGRAMS = $(ctests)
diff --git a/lib/gs2/client.c b/lib/gs2/client.c
index 361d6ff..c0f2740 100644
--- a/lib/gs2/client.c
+++ b/lib/gs2/client.c
@@ -1,5 +1,5 @@
 /* client.c --- SASL mechanism GS2, client side.
- * Copyright (C) 2002, 2003, 2004, 2005, 2006, 2007  Simon Josefsson
+ * Copyright (C) 2002, 2003, 2004, 2005, 2006, 2007, 2010  Simon Josefsson
  *
  * This file is part of GNU SASL Library.
  *
@@ -35,25 +35,20 @@
 
 #ifdef HAVE_LIBGSS
 # include <gss.h>
-#elif HAVE_GSSAPI_H            /* Heimdal GSSAPI */
+#else
 # include <gssapi.h>
-#else /* MIT GSSAPI */
-# ifdef HAVE_GSSAPI_GSSAPI_H
-#  include <gssapi/gssapi.h>
-# endif
-# ifdef HAVE_GSSAPI_GSSAPI_GENERIC_H
-#  include <gssapi/gssapi_generic.h>
-# endif
 #endif
 
-#include "gs2parser.h"
+#include "gs2helper.h"
+#include "gs2asn1.h"
 
 struct _gsasl_gs2_client_state
 {
   int step;
   gss_name_t service;
   gss_ctx_id_t context;
-  gss_qop_t qop;
+  gss_OID mech_oid;
+  struct gss_channel_bindings_struct cb;
 };
 typedef struct _gsasl_gs2_client_state _gsasl_gs2_client_state;
 
@@ -61,6 +56,8 @@ int
 _gsasl_gs2_client_start (Gsasl_session * sctx, void **mech_data)
 {
   _gsasl_gs2_client_state *state;
+  OM_uint32 maj_stat, min_stat;
+  gss_buffer_desc sasl_mech_name;
 
   state = (_gsasl_gs2_client_state *) malloc (sizeof (*state));
   if (state == NULL)
@@ -69,7 +66,29 @@ _gsasl_gs2_client_start (Gsasl_session * sctx, void 
**mech_data)
   state->context = GSS_C_NO_CONTEXT;
   state->service = GSS_C_NO_NAME;
   state->step = 0;
-  state->qop = GSASL_QOP_AUTH; /* FIXME: Should be GSASL_QOP_AUTH_CONF. */
+
+  /* The initiator-address-type and acceptor-address-type fields of
+     the GSS-CHANNEL-BINDINGS structure MUST be set to 0.  The
+     initiator-address and acceptor-address fields MUST be the empty
+     string. */
+  state->cb.initiator_addrtype = 0;
+  state->cb.initiator_address.length = 0;
+  state->cb.initiator_address.value = NULL;
+  state->cb.acceptor_addrtype = 0;
+  state->cb.acceptor_address.length = 0;
+  state->cb.acceptor_address.value = NULL;
+  state->cb.application_data.length = 0;
+  state->cb.application_data.value = NULL;
+
+  sasl_mech_name.value = (void *) gsasl_mechanism_name (sctx);
+  if (!sasl_mech_name.value)
+    return GSASL_AUTHENTICATION_ERROR;
+  sasl_mech_name.length = strlen (sasl_mech_name.value);
+
+  maj_stat = gss_inquiry_mech_for_saslname (&min_stat, &sasl_mech_name,
+                                           &state->mech_oid);
+  if (GSS_ERROR (maj_stat))
+    return GSASL_AUTHENTICATION_ERROR;
 
   *mech_data = state;
 
@@ -83,20 +102,16 @@ _gsasl_gs2_client_step (Gsasl_session * sctx,
                        char **output, size_t * output_len)
 {
   _gsasl_gs2_client_state *state = mech_data;
-  char clientwrap[4];
-  gss_qop_t serverqop;
   gss_buffer_desc bufdesc, bufdesc2;
   gss_buffer_t buf = GSS_C_NO_BUFFER;
   OM_uint32 maj_stat, min_stat;
-  int conf_state;
+  gss_OID actual_mech_type;
   int res;
-  const char *p;
-  OM_uint32 ret_flags;
-  struct gs2_token tok = { NULL, 0, NULL, 0 };
 
-  if (state->service == NULL)
+  if (state->step == 0)
     {
       const char *service, *hostname;
+      const char *authzid = gsasl_property_get (sctx, GSASL_AUTHZID);
 
       service = gsasl_property_get (sctx, GSASL_SERVICE);
       if (!service)
@@ -106,164 +121,134 @@ _gsasl_gs2_client_step (Gsasl_session * sctx,
       if (!hostname)
        return GSASL_NO_HOSTNAME;
 
-      /* FIXME: Use asprintf. */
-
-      bufdesc.length = strlen (service) + 1 + strlen (hostname) + 1;
-      bufdesc.value = malloc (bufdesc.length);
-      if (bufdesc.value == NULL)
+      bufdesc.length = asprintf ((char**) &bufdesc.value, "address@hidden",
+                                service, hostname);
+      if (bufdesc.length <= 0 || bufdesc.value == NULL)
        return GSASL_MALLOC_ERROR;
 
-      sprintf (bufdesc.value, "address@hidden", service, hostname);
-
       maj_stat = gss_import_name (&min_stat, &bufdesc,
                                  GSS_C_NT_HOSTBASED_SERVICE,
                                  &state->service);
       free (bufdesc.value);
       if (GSS_ERROR (maj_stat))
        return GSASL_GSSAPI_IMPORT_NAME_ERROR;
+
+      /* FIXME escape '=' and ',' in authzid to '=3D' and '=2C'
+        respectively. */
+
+      if (authzid)
+       state->cb.application_data.length
+         = asprintf ((char**) &state->cb.application_data.value,
+                     "n,a=%s,", authzid);
+      else
+       {
+         state->cb.application_data.value = strdup ("n,,");
+         state->cb.application_data.length = 3;
+       }
+
+      if (state->cb.application_data.length <= 0
+         || state->cb.application_data.value == NULL)
+       return GSASL_MALLOC_ERROR;
     }
 
   switch (state->step)
     {
     case 1:
-      res = gs2_parser (input, input_len, &tok);
-      if (res < 0)
-       return GSASL_MECHANISM_PARSE_ERROR;
-
-      bufdesc.length = tok.context_length;
-      bufdesc.value = (void *) tok.context_token;
+      bufdesc.length = input_len;
+      bufdesc.value = (void *) input;
       buf = &bufdesc;
       /* fall through */
 
     case 0:
       bufdesc2.length = 0;
       bufdesc2.value = NULL;
+
       maj_stat = gss_init_sec_context (&min_stat,
                                       GSS_C_NO_CREDENTIAL,
                                       &state->context,
                                       state->service,
-                                      GSS_C_NO_OID,
+                                      state->mech_oid,
                                       GSS_C_MUTUAL_FLAG |
-                                      GSS_C_REPLAY_FLAG |
-                                      GSS_C_SEQUENCE_FLAG |
                                       GSS_C_INTEG_FLAG |
                                       GSS_C_CONF_FLAG,
                                       0,
-                                      GSS_C_NO_CHANNEL_BINDINGS,
-                                      buf, NULL, &bufdesc2,
-                                      &ret_flags, NULL);
+                                      &state->cb,
+                                      buf,
+                                      &actual_mech_type,
+                                      &bufdesc2,
+                                      NULL, /* ret_flags irrelevant */
+                                      NULL);
       if (maj_stat != GSS_S_COMPLETE && maj_stat != GSS_S_CONTINUE_NEEDED)
        return GSASL_GSSAPI_INIT_SEC_CONTEXT_ERROR;
 
-      if ((ret_flags & GSS_C_PROT_READY_FLAG) || (maj_stat == GSS_S_COMPLETE))
+      if (state->mech_oid->length != actual_mech_type->length ||
+         memcmp (state->mech_oid->elements, actual_mech_type->elements,
+                 state->mech_oid->length) != 0)
+       return GSASL_AUTHENTICATION_ERROR;
+
+      if (buf == GSS_C_NO_BUFFER)
        {
-         puts ("prot_ready");
-         /* Deal with wrap token here. */
-         /* Generate wrap token here. */
+         const char *der = bufdesc2.value;
+         size_t derlen = bufdesc2.length;
+         size_t l, ll;
+
+         /* Strip off RFC 2743 section 3.1 token header. */
+
+         if (derlen-- == 0)
+           return GSASL_GSSAPI_INIT_SEC_CONTEXT_ERROR;
+         if (*der++ != '\x60')
+           return GSASL_GSSAPI_INIT_SEC_CONTEXT_ERROR;
+         l = gs2_asn1_get_length_der (der, derlen, &ll);
+         if (l <= 0 || derlen <= ll)
+           return GSASL_GSSAPI_INIT_SEC_CONTEXT_ERROR;
+         derlen -= ll;
+         der += ll;
+         if (derlen != l)
+           return GSASL_GSSAPI_INIT_SEC_CONTEXT_ERROR;
+         if (derlen-- == 0)
+           return GSASL_GSSAPI_INIT_SEC_CONTEXT_ERROR;
+         if (*der++ != '\x06')
+           return GSASL_GSSAPI_INIT_SEC_CONTEXT_ERROR;
+         l = gs2_asn1_get_length_der (der, derlen, &ll);
+         if (l <= 0 || derlen <= ll)
+           return GSASL_GSSAPI_INIT_SEC_CONTEXT_ERROR;
+         derlen -= ll;
+         der += ll;
+         if (l != state->mech_oid->length)
+           return GSASL_GSSAPI_INIT_SEC_CONTEXT_ERROR;
+         if (memcmp (state->mech_oid->elements, der, l) != 0)
+           return GSASL_GSSAPI_INIT_SEC_CONTEXT_ERROR;
+         derlen -= l;
+         der += l;
+
+         *output_len = state->cb.application_data.length + derlen;
+         *output = malloc (*output_len);
+         if (!*output)
+           return GSASL_MALLOC_ERROR;
+         memcpy (*output, state->cb.application_data.value,
+                 state->cb.application_data.length);
+         memcpy (*output + state->cb.application_data.length, der, derlen);
        }
-      else if (tok.wrap_length > 0)
+      else
        {
-         /* Server provided wrap token but we are not ready for it.
-            Server error. */
-         return GSASL_MECHANISM_PARSE_ERROR;
+         *output_len = bufdesc2.length;
+         *output = malloc (*output_len);
+         if (!*output)
+           return GSASL_MALLOC_ERROR;
+         memcpy (*output, bufdesc2.value, bufdesc2.length);
        }
 
-      res = gs2_encode (bufdesc2.value, bufdesc2.length,
-                       NULL, 0, output, output_len);
-      if (res < 0)
-       return GSASL_GSSAPI_INIT_SEC_CONTEXT_ERROR;
-
       if (maj_stat == GSS_S_COMPLETE)
-       state->step = 2;
+       {
+         state->step++;
+         res = GSASL_OK;
+       }
       else
-       state->step = 1;
+       res = GSASL_NEEDS_MORE;
 
       maj_stat = gss_release_buffer (&min_stat, &bufdesc2);
       if (GSS_ERROR (maj_stat))
        return GSASL_GSSAPI_RELEASE_BUFFER_ERROR;
-
-      res = GSASL_NEEDS_MORE;
-      break;
-
-    case 2:
-      /* [RFC 2222 section 7.2.1]:
-         The client passes this token to GSS_Unwrap and interprets the
-         first octet of resulting cleartext as a bit-mask specifying
-         the security layers supported by the server and the second
-         through fourth octets as the maximum size output_message to
-         send to the server.  The client then constructs data, with
-         the first octet containing the bit-mask specifying the
-         selected security layer, the second through fourth octets
-         containing in network byte order the maximum size
-         output_message the client is able to receive, and the
-         remaining octets containing the authorization identity.  The
-         client passes the data to GSS_Wrap with conf_flag set to
-         FALSE, and responds with the generated output_message.  The
-         client can then consider the server authenticated. */
-
-      bufdesc.length = input_len;
-      bufdesc.value = (void *) input;
-      maj_stat = gss_unwrap (&min_stat, state->context, &bufdesc,
-                            &bufdesc2, &conf_state, &serverqop);
-      if (GSS_ERROR (maj_stat))
-       return GSASL_GSSAPI_UNWRAP_ERROR;
-
-      if (bufdesc2.length != 4)
-       return GSASL_MECHANISM_PARSE_ERROR;
-
-      memcpy (clientwrap, bufdesc2.value, 4);
-
-      maj_stat = gss_release_buffer (&min_stat, &bufdesc2);
-      if (GSS_ERROR (maj_stat))
-       return GSASL_GSSAPI_RELEASE_BUFFER_ERROR;
-
-#if 0
-      /* FIXME: Fix qop. */
-      if (cb_qop)
-       state->qop = cb_qop (sctx, serverqop);
-
-      if ((state->qop & serverqop) == 0)
-       /*  Server does not support what user wanted. */
-       return GSASL_GSSAPI_UNSUPPORTED_PROTECTION_ERROR;
-#endif
-
-      /* FIXME: Fix maxbuf. */
-
-      p = gsasl_property_get (sctx, GSASL_AUTHID);
-      if (!p)
-       return GSASL_NO_AUTHID;
-
-      bufdesc.length = 4 + strlen (p);
-      bufdesc.value = malloc (bufdesc.length);
-      if (!bufdesc.value)
-       return GSASL_MALLOC_ERROR;
-
-      {
-       char *q = bufdesc.value;
-       q[0] = state->qop;
-       memcpy (q + 1, clientwrap + 1, 3);
-       memcpy (q + 4, p, strlen (p));
-      }
-
-      maj_stat = gss_wrap (&min_stat, state->context, 0, GSS_C_QOP_DEFAULT,
-                          &bufdesc, &conf_state, &bufdesc2);
-      free (bufdesc.value);
-      if (GSS_ERROR (maj_stat))
-       return GSASL_GSSAPI_WRAP_ERROR;
-
-      *output_len = bufdesc2.length;
-      *output = malloc (bufdesc2.length);
-      if (!*output)
-       return GSASL_MALLOC_ERROR;
-
-      memcpy (*output, bufdesc2.value, bufdesc2.length);
-
-      maj_stat = gss_release_buffer (&min_stat, &bufdesc2);
-      if (GSS_ERROR (maj_stat))
-       return GSASL_GSSAPI_RELEASE_BUFFER_ERROR;
-
-      state->step++;
-      res = GSASL_OK;
       break;
 
     default:
@@ -289,113 +274,6 @@ _gsasl_gs2_client_finish (Gsasl_session * sctx, void 
*mech_data)
     maj_stat = gss_delete_sec_context (&min_stat, &state->context,
                                       GSS_C_NO_BUFFER);
 
+  free (state->cb.application_data.value);
   free (state);
 }
-
-int
-_gsasl_gs2_client_encode (Gsasl_session * sctx,
-                         void *mech_data,
-                         const char *input, size_t input_len,
-                         char **output, size_t * output_len)
-{
-  _gsasl_gs2_client_state *state = mech_data;
-  OM_uint32 min_stat, maj_stat;
-  gss_buffer_desc foo;
-  gss_buffer_t input_message_buffer = &foo;
-  gss_buffer_desc output_message_buffer;
-
-  foo.length = input_len;
-  foo.value = (void *) input;
-
-  if (state && state->step == 3 &&
-      state->qop & (GSASL_QOP_AUTH_INT | GSASL_QOP_AUTH_CONF))
-    {
-      maj_stat = gss_wrap (&min_stat,
-                          state->context,
-                          state->qop & GSASL_QOP_AUTH_CONF ? 1 : 0,
-                          GSS_C_QOP_DEFAULT,
-                          input_message_buffer,
-                          NULL, &output_message_buffer);
-      if (GSS_ERROR (maj_stat))
-       return GSASL_GSSAPI_WRAP_ERROR;
-      *output_len = output_message_buffer.length;
-      *output = malloc (input_len);
-      if (!*output)
-       {
-         maj_stat = gss_release_buffer (&min_stat, &output_message_buffer);
-         return GSASL_MALLOC_ERROR;
-       }
-      memcpy (*output, output_message_buffer.value,
-             output_message_buffer.length);
-
-      maj_stat = gss_release_buffer (&min_stat, &output_message_buffer);
-      if (GSS_ERROR (maj_stat))
-       {
-         free (*output);
-         return GSASL_GSSAPI_RELEASE_BUFFER_ERROR;
-       }
-    }
-  else
-    {
-      *output_len = input_len;
-      *output = malloc (input_len);
-      if (!*output)
-       return GSASL_MALLOC_ERROR;
-      memcpy (*output, input, input_len);
-    }
-
-  return GSASL_OK;
-}
-
-int
-_gsasl_gs2_client_decode (Gsasl_session * sctx,
-                         void *mech_data,
-                         const char *input, size_t input_len,
-                         char **output, size_t * output_len)
-{
-  _gsasl_gs2_client_state *state = mech_data;
-  OM_uint32 min_stat, maj_stat;
-  gss_buffer_desc foo;
-  gss_buffer_t input_message_buffer = &foo;
-  gss_buffer_desc output_message_buffer;
-
-  foo.length = input_len;
-  foo.value = (void *) input;
-
-  if (state && state->step == 3 &&
-      state->qop & (GSASL_QOP_AUTH_INT | GSASL_QOP_AUTH_CONF))
-    {
-      maj_stat = gss_unwrap (&min_stat,
-                            state->context,
-                            input_message_buffer,
-                            &output_message_buffer, NULL, NULL);
-      if (GSS_ERROR (maj_stat))
-       return GSASL_GSSAPI_UNWRAP_ERROR;
-      *output_len = output_message_buffer.length;
-      *output = malloc (input_len);
-      if (!*output)
-       {
-         maj_stat = gss_release_buffer (&min_stat, &output_message_buffer);
-         return GSASL_MALLOC_ERROR;
-       }
-      memcpy (*output, output_message_buffer.value,
-             output_message_buffer.length);
-
-      maj_stat = gss_release_buffer (&min_stat, &output_message_buffer);
-      if (GSS_ERROR (maj_stat))
-       {
-         free (*output);
-         return GSASL_GSSAPI_RELEASE_BUFFER_ERROR;
-       }
-    }
-  else
-    {
-      *output_len = input_len;
-      *output = malloc (input_len);
-      if (!*output)
-       return GSASL_MALLOC_ERROR;
-      memcpy (*output, input, input_len);
-    }
-
-  return GSASL_OK;
-}
diff --git a/lib/gs2/gs2.h b/lib/gs2/gs2.h
index 1098402..22012c8 100644
--- a/lib/gs2/gs2.h
+++ b/lib/gs2/gs2.h
@@ -1,5 +1,5 @@
 /* gs2.h --- Prototypes for SASL mechanism GS2.
- * Copyright (C) 2006  Simon Josefsson
+ * Copyright (C) 2006, 2010  Simon Josefsson
  *
  * This file is part of GNU SASL Library.
  *
@@ -25,7 +25,7 @@
 
 #include <gsasl.h>
 
-#define GSASL_GS2_KRB5_NAME "GS2-FNUO57PLKGM5XHGE"
+#define GSASL_GS2_KRB5_NAME "GS2-KRB5"
 
 extern Gsasl_mechanism gsasl_gs2_krb5_mechanism;
 
@@ -35,14 +35,6 @@ extern int _gsasl_gs2_client_step (Gsasl_session * sctx,
                                   const char *input, size_t input_len,
                                   char **output, size_t * output_len);
 extern void _gsasl_gs2_client_finish (Gsasl_session * sctx, void *mech_data);
-extern int _gsasl_gs2_client_encode (Gsasl_session * sctx,
-                                    void *mech_data,
-                                    const char *input, size_t input_len,
-                                    char **output, size_t * output_len);
-extern int _gsasl_gs2_client_decode (Gsasl_session * sctx,
-                                    void *mech_data,
-                                    const char *input, size_t input_len,
-                                    char **output, size_t * output_len);
 
 extern int _gsasl_gs2_server_start (Gsasl_session * sctx, void **mech_data);
 extern int _gsasl_gs2_server_step (Gsasl_session * sctx,
diff --git a/lib/anonymous/client.c b/lib/gs2/gs2helper.c
similarity index 56%
copy from lib/anonymous/client.c
copy to lib/gs2/gs2helper.c
index 5119bc1..2e370f4 100644
--- a/lib/anonymous/client.c
+++ b/lib/gs2/gs2helper.c
@@ -1,5 +1,5 @@
-/* client.c --- ANONYMOUS mechanism as defined in RFC 2245, client side.
- * Copyright (C) 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009  Simon 
Josefsson
+/* gs2helper.h --- GS2 helper functions for missing GSS-API interface.
+ * Copyright (C) 2010  Simon Josefsson
  *
  * This file is part of GNU SASL Library.
  *
@@ -24,28 +24,37 @@
 # include "config.h"
 #endif
 
-/* Get specification. */
-#include "anonymous.h"
-
-/* Get strdup, strlen. */
+/* Get strcmp. */
 #include <string.h>
 
-int
-_gsasl_anonymous_client_step (Gsasl_session * sctx,
-                             void *mech_data,
-                             const char *input, size_t input_len,
-                             char **output, size_t * output_len)
+#ifdef HAVE_LIBGSS
+# include <gss.h>
+#else
+# include <gssapi.h>
+#endif
+
+/* Get specification. */
+#include "gs2helper.h"
+
+OM_uint32
+gss_inquiry_mech_for_saslname (OM_uint32 *minor_status,
+                              const gss_buffer_t sasl_mech_name,
+                              gss_OID *mech_type)
 {
-  const char *p;
+  static const gss_OID_desc krb5oid_static = {
+    9, "\x2a\x86\x48\x86\xf7\x12\x01\x02\x02"
+  };
 
-  p = gsasl_property_get (sctx, GSASL_ANONYMOUS_TOKEN);
-  if (!p)
-    return GSASL_NO_ANONYMOUS_TOKEN;
+  if (sasl_mech_name->value == NULL ||
+      strcmp (sasl_mech_name->value, "GS2-KRB5") != 0)
+    {
+      if (minor_status)
+       *minor_status = 0;
+      return GSS_S_BAD_MECH;
+    }
 
-  *output = strdup (p);
-  if (!*output)
-    return GSASL_MALLOC_ERROR;
-  *output_len = strlen (p);
+  if (mech_type)
+    *mech_type = &krb5oid_static;
 
-  return GSASL_OK;
+  return GSS_S_COMPLETE;
 }
diff --git a/lib/digest-md5/qop.h b/lib/gs2/gs2helper.h
similarity index 72%
copy from lib/digest-md5/qop.h
copy to lib/gs2/gs2helper.h
index 418f998..ec0b604 100644
--- a/lib/digest-md5/qop.h
+++ b/lib/gs2/gs2helper.h
@@ -1,5 +1,5 @@
-/* qop.h --- Prototypes for DIGEST-MD5 qop handling.
- * Copyright (C) 2009  Simon Josefsson
+/* gs2helper.h --- GS2 helper functions for missing GSS-API interface.
+ * Copyright (C) 2010  Simon Josefsson
  *
  * This file is part of GNU SASL Library.
  *
@@ -20,10 +20,12 @@
  *
  */
 
-#ifndef DIGEST_MD5_QOP_H
-# define DIGEST_MD5_QOP_H
+#ifndef GS2_HELPER_H
+# define GS2_HELPER_H
 
-extern int digest_md5_qopstr2qops (const char *qopstr);
-extern const char *digest_md5_qops2qopstr (int qops);
+extern OM_uint32
+gss_inquiry_mech_for_saslname (OM_uint32 *minor_status,
+                              const gss_buffer_t sasl_mech_name,
+                              gss_OID *mech_type);
 
-#endif /* DIGEST_MD5_QOP_H */
+#endif
diff --git a/lib/gs2/gs2parser.c b/lib/gs2/gs2parser.c
deleted file mode 100644
index 9a6cf44..0000000
--- a/lib/gs2/gs2parser.c
+++ /dev/null
@@ -1,121 +0,0 @@
-/* gs2parser.h --- GS2 parser.
- * Copyright (C) 2006, 2007  Simon Josefsson
- *
- * This file is part of GNU SASL Library.
- *
- * GNU SASL Library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public License
- * as published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * GNU SASL Library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with GNU SASL Library; if not, write to the Free
- * Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
- * Boston, MA 02110-1301, USA.
- *
- */
-
-#include "gs2parser.h"
-
-#include <stdint.h>
-
-/* Parse a GS2 token in TOKEN of TOKLEN length, check the length
-   field, and set the appropriate values in OUT, if OUT is non-NULL.
-   The values in OUT that are set points into the TOKEN buffer, so
-   they must not be deallocated.  On success, the function sets all
-   values in OUT.  Returns 0 on success, or negative on failures
-   (i.e., the input is invalid).  */
-int
-gs2_parser (const char *token, size_t toklen, struct gs2_token *out)
-{
-  uint32_t context_length, wrap_length;
-
-  if (!out)
-    return -1;
-
-  /* Messages shorter than or equal to 8 octets are invalid. */
-  if (toklen <= 8)
-    return -1;
-
-  context_length =
-    (token[0] << 24) & 0xFF000000 |
-    (token[1] << 16) & 0xFF0000 |
-    (token[2] << 8) & 0xFF00 | (token[3]) & 0xFF;
-
-  wrap_length =
-    (token[4] << 24) & 0xFF000000 |
-    (token[5] << 16) & 0xFF0000 |
-    (token[6] << 8) & 0xFF00 | (token[7]) & 0xFF;
-
-  /* Check that lengths are not out of bounds. */
-  if (context_length > toklen || wrap_length > toklen ||
-      context_length + wrap_length + 8 != toklen)
-    return -1;
-
-  out->context_length = context_length;
-  if (context_length > 0)
-    out->context_token = token + 8;
-  else
-    out->context_token = NULL;
-
-  out->wrap_length = wrap_length;
-  if (wrap_length > 0)
-    out->wrap_token = token + 8 + context_length;
-  else
-    out->wrap_token = NULL;
-
-  return 0;
-}
-
-/* Encode a GS2 token into newly allocated OUT buffer.  CONTEXT is the
-   context token, of length CONTEXT_LENGTH.  WRAP is the wrap token,
-   of length WRAP_LENGTH.  If OUTLEN is non-NULL, the length of the
-   output token is written to it on successful exit.  If OUT is NULL,
-   no data is written, but the input lengths are verified, and the
-   OUTLEN variable is written (if applicable).  This can be used to
-   determine how large the output will be.  Returns 0 on success, or
-   negative on failures (i.e., the input is invalid). */
-int
-gs2_encode (const char *context, size_t context_length,
-           const char *wrap, size_t wrap_length, char **out, size_t * outlen)
-{
-  size_t totlen = 4 + context_length + wrap_length;
-  uint32_t ctxlen;
-
-  /* Reject out of bounds conditions. */
-  if (totlen > UINT32_MAX || totlen < context_length || totlen < wrap_length)
-    return -1;
-
-  /* Only time we accept NULL inputs is for zero-length inputs. */
-  if (context == NULL && context_length != 0)
-    return -2;
-  if (wrap == NULL && wrap_length != 0)
-    return -3;
-
-  if (outlen)
-    *outlen = totlen;
-
-  if (!out)
-    return 0;
-
-  *out = malloc (*outlen);
-  if (!*out)
-    return -4;
-
-  (*out)[0] = (context_length >> 24) & 0xFF;
-  (*out)[1] = (context_length >> 16) & 0xFF;
-  (*out)[2] = (context_length >> 8) & 0xFF;
-  (*out)[3] = context_length & 0xFF;
-
-  if (context)
-    memcpy (*out + 4, context, context_length);
-  if (wrap)
-    memcpy (*out + 4 + context_length, wrap, wrap_length);
-
-  return 0;
-}
diff --git a/lib/gs2/gs2parser.h b/lib/gs2/gs2parser.h
deleted file mode 100644
index 76b85e5..0000000
--- a/lib/gs2/gs2parser.h
+++ /dev/null
@@ -1,43 +0,0 @@
-/* gs2parser.h --- GS2 parser.
- * Copyright (C) 2006  Simon Josefsson
- *
- * This file is part of GNU SASL Library.
- *
- * GNU SASL Library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public License
- * as published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * GNU SASL Library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with GNU SASL Library; if not, write to the Free
- * Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
- * Boston, MA 02110-1301, USA.
- *
- */
-
-#ifndef GS2_PARSER_H
-# define GS2_PARSER_H
-
-#include <string.h>
-
-struct gs2_token
-{
-  const char *context_token;
-  size_t context_length;
-  const char *wrap_token;
-  size_t wrap_length;
-};
-
-extern int gs2_parser (const char *token, size_t toklen,
-                      struct gs2_token *out);
-
-extern int gs2_encode (const char *context, size_t context_length,
-                      const char *wrap, size_t wrap_length,
-                      char **out, size_t * outlen);
-
-#endif /* GS2_PARSER_H */
diff --git a/lib/gs2/gs2wrap.c b/lib/gs2/gs2wrap.c
deleted file mode 100644
index c81fa75..0000000
--- a/lib/gs2/gs2wrap.c
+++ /dev/null
@@ -1,91 +0,0 @@
-/* gs2parser.h --- GS2 parser.
- * Copyright (C) 2006  Simon Josefsson
- *
- * This file is part of GNU SASL Library.
- *
- * GNU SASL Library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public License
- * as published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * GNU SASL Library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with GNU SASL Library; if not, write to the Free
- * Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
- * Boston, MA 02110-1301, USA.
- *
- */
-
-#include "gs2parser.h"
-
-#include <stdint.h>
-
-/*
- *
- *  1 1 1 1 1 1 1 1 1 1 2 2 2 2 2 2 2 2 2 2 3 3
- *  0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
- *  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- *  |  client_qops  |               client_maxbuf                   |
- *  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- *  |                   channel_binding_length                      |
- *  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- *  |[client_cbqops]|          [channel_binding_data]               /
- *  /                                                               /
- *  /                         /      [authzid]                      /
- *  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- *
- */
-int
-gs2_parse_request (const char *request, size_t reqlen,
-                  int clientp,
-                  int *qop, size_t * maxbuf, size_t * cblen,
-                  int *cbqops, char **cbdata, char **authzid)
-{
-  size_t l;
-
-  if (reqlen < 8)
-    return -1;
-
-  if (qop)
-    *qop = request[0];
-
-  if (maxbuf)
-    *maxbuf =
-      (request[1] << 16) & 0xFF0000 |
-      (request[2] << 8) & 0xFF00 | (request[3]) & 0xFF;
-
-  l = (request[4] << 24) & 0xFF000000 |
-    (request[5] << 16) & 0xFF0000 |
-    (request[6] << 8) & 0xFF00 | (request[7]) & 0xFF;
-
-  if (l > 0 && reqlen == 8)
-    return -2;
-
-  if (cblen)
-    *cblen = l;
-
-  if (l > 0)
-    {
-      if (cbqops)
-       *cbqops = request[8];
-      if (cbdata)
-       *cbdata = &request[9];
-      if (authzid)
-       *authzid = &request[9] + l;
-    }
-  else
-    {
-      if (cbqops)
-       *cbqops = 0;
-      if (cbdata)
-       *cbdata = NULL;
-      if (authzid)
-       *authzid = NULL;
-    }
-
-  return 0;
-}
diff --git a/lib/gs2/mechinfo.c b/lib/gs2/mechinfo.c
index 45064ca..d1a7a98 100644
--- a/lib/gs2/mechinfo.c
+++ b/lib/gs2/mechinfo.c
@@ -1,5 +1,5 @@
 /* mechinfo.c --- Definition of GS2 mechanism.
- * Copyright (C) 2006 Simon Josefsson
+ * Copyright (C) 2006, 2010 Simon Josefsson
  *
  * This file is part of GNU SASL Library.
  *
@@ -30,53 +30,45 @@
 Gsasl_mechanism gsasl_gs2_krb5_mechanism = {
   GSASL_GS2_KRB5_NAME,
   {
-   NULL,
-   NULL,
+    NULL,
+    NULL,
 #ifdef USE_CLIENT
-   _gsasl_gs2_client_start,
+    _gsasl_gs2_client_start,
 #else
-   NULL,
+    NULL,
 #endif
 #ifdef USE_CLIENT
-   _gsasl_gs2_client_step,
+    _gsasl_gs2_client_step,
 #else
-   NULL,
+    NULL,
 #endif
 #ifdef USE_CLIENT
-   _gsasl_gs2_client_finish,
+    _gsasl_gs2_client_finish,
 #else
-   NULL,
+    NULL,
 #endif
-#ifdef USE_CLIENT
-   _gsasl_gs2_client_encode,
-#else
-   NULL,
-#endif
-#ifdef USE_CLIENT
-   _gsasl_gs2_client_decode
-#else
-   NULL
-#endif
-   }
-  ,
+    NULL,
+    NULL
+  },
   {
-   NULL,
-   NULL,
+    NULL,
+    NULL,
 #ifdef USE_SERVER
-   _gsasl_gs2_server_start,
+    _gsasl_gs2_server_start,
 #else
-   NULL,
+    NULL,
 #endif
 #ifdef USE_SERVER
-   _gsasl_gs2_server_step,
+    _gsasl_gs2_server_step,
 #else
-   NULL,
+    NULL,
 #endif
 #ifdef USE_SERVER
-   _gsasl_gs2_server_finish,
+    _gsasl_gs2_server_finish,
 #else
-   NULL,
+    NULL,
 #endif
-   NULL,
-   NULL}
+    NULL,
+    NULL
+  }
 };
diff --git a/lib/gs2/server.c b/lib/gs2/server.c
index 5964216..5f0c494 100644
--- a/lib/gs2/server.c
+++ b/lib/gs2/server.c
@@ -1,5 +1,5 @@
 /* server.c --- SASL mechanism GS2, server side.
- * Copyright (C) 2002, 2003, 2004, 2005, 2006  Simon Josefsson
+ * Copyright (C) 2002, 2003, 2004, 2005, 2006, 2010  Simon Josefsson
  *
  * This file is part of GNU SASL Library.
  *
@@ -35,19 +35,10 @@
 
 #ifdef HAVE_LIBGSS
 # include <gss.h>
-#elif HAVE_GSSAPI_H            /* Heimdal GSSAPI */
+#else
 # include <gssapi.h>
-#else /* MIT GSSAPI */
-# ifdef HAVE_GSSAPI_GSSAPI_H
-#  include <gssapi/gssapi.h>
-# endif
-# ifdef HAVE_GSSAPI_GSSAPI_GENERIC_H
-#  include <gssapi/gssapi_generic.h>
-# endif
 #endif
 
-#include "gs2parser.h"
-
 struct _Gsasl_gs2_server_state
 {
   int step;
@@ -133,7 +124,6 @@ _gsasl_gs2_server_step (Gsasl_session * sctx,
   char tmp[4];
   int res;
   OM_uint32 ret_flags;
-  struct gs2_token tok;
 
   *output = NULL;
   *output_len = 0;
@@ -150,12 +140,8 @@ _gsasl_gs2_server_step (Gsasl_session * sctx,
       /* fall through */
 
     case 1:
-      res = gs2_parser (input, input_len, &tok);
-      if (res < 0)
-       return GSASL_MECHANISM_PARSE_ERROR;
-
-      bufdesc1.value = tok.context_token;
-      bufdesc1.length = tok.context_length;
+      bufdesc1.value = input;
+      bufdesc1.length = input_len;
       if (state->client)
        {
          gss_release_name (&min_stat, &state->client);
@@ -181,11 +167,6 @@ _gsasl_gs2_server_step (Gsasl_session * sctx,
          /* XXX gss_wrap token */
        }
 
-      res = gs2_encode (bufdesc2.value, bufdesc2.length,
-                       NULL, 0, output, output_len);
-      if (res < 0)
-       return GSASL_GSSAPI_INIT_SEC_CONTEXT_ERROR;
-
       maj_stat = gss_release_buffer (&min_stat, &bufdesc2);
       if (GSS_ERROR (maj_stat))
        return GSASL_GSSAPI_RELEASE_BUFFER_ERROR;
diff --git a/lib/gs2/test-parser.c b/lib/gs2/test-parser.c
deleted file mode 100644
index cf08e82..0000000
--- a/lib/gs2/test-parser.c
+++ /dev/null
@@ -1,106 +0,0 @@
-/* test-parser.c --- Self tests of GS2 parser & printer.
- * Copyright (C) 2006, 2007, 2008  Simon Josefsson
- *
- * This file is part of GNU SASL Library.
- *
- * GNU SASL Library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public License
- * as published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * GNU SASL Library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with GNU SASL Library; if not, write to the Free
- * Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
- * Boston, MA 02110-1301, USA.
- *
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-#include "gs2parser.h"
-
-#define ZERO "\x00\x00\x00\x00"
-#define ONE "\x00\x00\x00\x01"
-#define TWO "\x00\x00\x00\x02"
-#define DATA "\x41"
-#define DATA2 "\x42"
-
-struct
-{
-  char *name;
-  char *token;
-  size_t length;
-  int expected_rc;
-  char *expected_context;
-  size_t expected_context_length;
-  char *expected_wrap;
-  size_t expected_wrap_length;
-} tv[] =
-{
-  /* *INDENT-OFF* */
-  { "string0", "foobarbaz", 0, -1 },
-  { "string1", "foobarbaz", 1, -1 },
-  { "string2", "foobarbaz", 2, -1 },
-  { "string3", "foobarbaz", 3, -1 },
-  { "string4", "foobarbaz", 4, -1 },
-  { "string5", "foobarbaz", 5, -1 },
-  { "string6", "foobarbaz", 6, -1 },
-  { "string7", "foobarbaz", 7, -1 },
-  { "string8", "foobarbaz", 8, -1 },
-  { "string9", "foobarbaz", 9, -1 },
-  { "allzero", ZERO ZERO, 8, -1 },
-  { "allzero-overlong", ZERO ZERO DATA, 9, -1 },
-  { "one-empty", ONE ZERO, 8, -1 },
-  { "one-empty2", ZERO ONE, 8, -1 },
-  { "size-one", ONE ZERO DATA, 9, 0, DATA, 1, NULL, 0 },
-  { "size-one2", ZERO ONE DATA, 9, 0, NULL, 0, DATA, 1 },
-  { "size-one3", ONE ONE DATA DATA, 10, 0, DATA, 1, DATA, 1 },
-  { "size-one-overlong", ZERO ONE DATA DATA, 10, -1 },
-  { "size-one-overlong2", ONE ZERO DATA DATA, 10, -1 },
-  { "size-one-overlong3", ONE ONE DATA DATA DATA, 11, -1 },
-  { "size-two", TWO TWO DATA DATA2 DATA DATA2, 12, 0,
-    DATA DATA2, 2, DATA2 DATA, 2 },
-  /* *INDENT-ON* */
-};
-
-int
-main (int argc, char *argv[])
-{
-  struct gs2_token tok;
-  int rc;
-  size_t i;
-
-  for (i = 0; i < sizeof (tv) / sizeof (tv[0]); i++)
-    {
-      rc = gs2_parser (tv[i].token, tv[i].length, &tok);
-      if (rc != tv[i].expected_rc)
-       {
-         printf ("gs2 tv[%d] '%s': %.*s expected %d got %d\n",
-                 i, tv[i].name, tv[i].length,
-                 tv[i].token, tv[i].expected_rc, rc);
-       }
-      if (rc >= 0 &&
-         (tv[i].expected_context_length != tok.context_length ||
-          memcmp (tv[i].expected_context, tok.context_token,
-                  tok.context_length) != 0))
-       {
-         printf ("gs2 tv[%d] '%s': "
-                 "expected context %.*s (size %d) got %.*s (size %d)\n",
-                 i, tv[i].name,
-                 tv[i].expected_context_length,
-                 tv[i].expected_context,
-                 tv[i].expected_context_length,
-                 tok.context_length, tok.context_token, tok.context_length);
-         abort ();
-       }
-    }
-
-  return 0;
-}
diff --git a/lib/gssapi/client.c b/lib/gssapi/client.c
index 5af4a61..59c8f52 100644
--- a/lib/gssapi/client.c
+++ b/lib/gssapi/client.c
@@ -1,5 +1,5 @@
 /* client.c --- SASL mechanism GSSAPI as defined in RFC 2222, client side.
- * Copyright (C) 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009  Simon 
Josefsson
+ * Copyright (C) 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010  Simon 
Josefsson
  *
  * This file is part of GNU SASL Library.
  *
@@ -35,15 +35,8 @@
 
 #ifdef HAVE_LIBGSS
 # include <gss.h>
-#elif HAVE_GSSAPI_H            /* Heimdal GSSAPI */
+#else
 # include <gssapi.h>
-#else /* MIT GSSAPI */
-# ifdef HAVE_GSSAPI_GSSAPI_H
-#  include <gssapi/gssapi.h>
-# endif
-# ifdef HAVE_GSSAPI_GSSAPI_GENERIC_H
-#  include <gssapi/gssapi_generic.h>
-# endif
 #endif
 
 struct _Gsasl_gssapi_client_state
diff --git a/lib/gssapi/server.c b/lib/gssapi/server.c
index 12827c2..aafc8aa 100644
--- a/lib/gssapi/server.c
+++ b/lib/gssapi/server.c
@@ -1,5 +1,5 @@
 /* server.c --- SASL mechanism GSSAPI as defined in RFC 2222, server side.
- * Copyright (C) 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009  Simon 
Josefsson
+ * Copyright (C) 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010  Simon 
Josefsson
  *
  * This file is part of GNU SASL Library.
  *
@@ -35,15 +35,8 @@
 
 #ifdef HAVE_LIBGSS
 # include <gss.h>
-#elif HAVE_GSSAPI_H            /* Heimdal GSSAPI */
+#else
 # include <gssapi.h>
-#else /* MIT GSSAPI */
-# ifdef HAVE_GSSAPI_GSSAPI_H
-#  include <gssapi/gssapi.h>
-# endif
-# ifdef HAVE_GSSAPI_GSSAPI_GENERIC_H
-#  include <gssapi/gssapi_generic.h>
-# endif
 #endif
 
 struct _Gsasl_gssapi_server_state
diff --git a/lib/src/gsasl.h b/lib/src/gsasl.h
index ba84290..4da3ef9 100644
--- a/lib/src/gsasl.h
+++ b/lib/src/gsasl.h
@@ -51,7 +51,7 @@ extern "C"
    * version number.  Used together with gsasl_check_version() to
    * verify header file and run-time library consistency.
    */
-# define GSASL_VERSION "1.4.2"
+# define GSASL_VERSION "1.5.0"
 
   /**
    * GSASL_VERSION_MAJOR


hooks/post-receive
-- 
GNU gsasl




reply via email to

[Prev in Thread] Current Thread [Next in Thread]