3 files changed, 62 insertions, 0 deletions

diff --git a/proxy/src/mechglue/gpm_common.c b/proxy/src/mechglue/gpm_common.c
index 16ea7d6..8bd04d1 100644
--- a/proxy/src/mechglue/gpm_common.c
+++ b/proxy/src/mechglue/gpm_common.c
@@ -518,3 +518,4 @@ void gpm_free_xdrs(int proc, union gp_rpc_arg *arg, union gp_rpc_res *res)
     xdr_free(gpm_xdr_set[proc].arg_fn, (char *)arg);
     xdr_free(gpm_xdr_set[proc].res_fn, (char *)res);
 }
+
diff --git a/proxy/src/mechglue/gss_plugin.c b/proxy/src/mechglue/gss_plugin.c
index ba41e80..a0a0aab 100644
--- a/proxy/src/mechglue/gss_plugin.c
+++ b/proxy/src/mechglue/gss_plugin.c
@@ -113,6 +113,66 @@ done:
     return interposed_mechs;
 }
 
+
+#define SP_KRB5_OID_LEN (KRB5_OID_LEN + 1)
+#define SP_KRB5_OID "\377" KRB5_OID
+
+#define SP_KRB5_OLD_OID_LEN  (KRB5_OLD_OID_LEN + 1)
+#define SP_KRB5_OLD_OID "\377" KRB5_OLD_OID
+
+#define SP_KRB5_WRONG_OID_LEN (KRB5_WRONG_OID_LEN + 1)
+#define SP_KRB5_WRONG_OID "\377" KRB5_WRONG_OID
+
+#define SP_IAKERB_OID_LEN (IAKERB_OID_LEN + 1)
+#define SP_IAKERB_OID "\377" IAKERB_OID
+
+const gss_OID_desc gpoid_sp_krb5 = {
+    .length = SP_KRB5_OID_LEN,
+    .elements = SP_KRB5_OID
+};
+const gss_OID_desc gpoid_sp_krb5_old = {
+    .length = SP_KRB5_OLD_OID_LEN,
+    .elements = SP_KRB5_OLD_OID
+};
+const gss_OID_desc gpoid_sp_krb5_wrong = {
+    .length = SP_KRB5_WRONG_OID_LEN,
+    .elements = SP_KRB5_WRONG_OID
+};
+const gss_OID_desc gpoid_sp_iakerb = {
+    .length = SP_IAKERB_OID_LEN,
+    .elements = SP_IAKERB_OID
+};
+/* In future we may want to make this structure dynamic so we can proxy
+ * arbitrary mechanisms based on what the server returns. */
+struct gpm_mechs {
+    gss_OID_desc const * real;
+    gss_OID_desc const * special;
+} gpm_mechs[] = {
+    { &gpoid_krb5, &gpoid_sp_krb5, },
+    { &gpoid_krb5_old, &gpoid_sp_krb5_old, },
+    { &gpoid_krb5_wrong, &gpoid_sp_krb5_wrong, },
+    { &gpoid_iakerb, &gpoid_sp_iakerb, },
+    { NULL, NULL }
+};
+
+const gss_OID gpm_special_mech(const gss_OID mech_type)
+{
+    int i;
+
+    if (mech_type == GSS_C_NO_OID) {
+        /* return the first special one if none specified */
+        return (const gss_OID)gpm_mechs[0].special;
+    }
+
+    for (i = 0; gpm_mechs[i].real != NULL; i++) {
+        if (gss_oid_equal(gpm_mechs[i].real, mech_type)) {
+            return (const gss_OID)gpm_mechs[i].special;
+        }
+    }
+
+    return mech_type;
+}
+
 /*
 gssi_acquire_cred
 gssi_release_cred
diff --git a/proxy/src/mechglue/gss_plugin.h b/proxy/src/mechglue/gss_plugin.h
index 7aef566..ab39d08 100644
--- a/proxy/src/mechglue/gss_plugin.h
+++ b/proxy/src/mechglue/gss_plugin.h
@@ -31,5 +31,6 @@
 extern const gss_OID_desc gssproxy_mech_interposer;
 
 gss_OID_set gss_mech_interposer(gss_OID mech_type);
+const gss_OID gpm_special_mech(const gss_OID mech_type);
 
 #endif /* _GGS_PLUGIN_H_ */