diff options
author | Greg Hudson <ghudson@mit.edu> | 2010-10-06 18:25:04 +0000 |
---|---|---|
committer | Greg Hudson <ghudson@mit.edu> | 2010-10-06 18:25:04 +0000 |
commit | 014f8057c5328b3e39b5d8660a1ea1a98409006f (patch) | |
tree | da9796d82a6d65d055f4762c411fbf395bb52f37 /src/lib/gssapi/generic/gssapi_generic.c | |
parent | 5f2826f6d598a4dd45a55e111a07c0086fe1e38a (diff) | |
download | krb5-014f8057c5328b3e39b5d8660a1ea1a98409006f.tar.gz krb5-014f8057c5328b3e39b5d8660a1ea1a98409006f.tar.xz krb5-014f8057c5328b3e39b5d8660a1ea1a98409006f.zip |
Merge users/lhoward/sasl-gs2 to trunk
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24436 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/lib/gssapi/generic/gssapi_generic.c')
-rw-r--r-- | src/lib/gssapi/generic/gssapi_generic.c | 260 |
1 files changed, 260 insertions, 0 deletions
diff --git a/src/lib/gssapi/generic/gssapi_generic.c b/src/lib/gssapi/generic/gssapi_generic.c index 1d77d3f815..f8d2c426c2 100644 --- a/src/lib/gssapi/generic/gssapi_generic.c +++ b/src/lib/gssapi/generic/gssapi_generic.c @@ -122,6 +122,35 @@ static const gss_OID_desc const_oids[] = { /* GSS_C_INQ_SSPI_SESSION_KEY 1.2.840.113554.1.2.2.5.5 */ {11, (void *)"\x2a\x86\x48\x86\xf7\x12\x01\x02\x02\x05\x05"}, + + /* RFC 5587 attributes, see below */ + {7, (void *)"\x2b\x06\x01\x05\x05\x0d\x01"}, + {7, (void *)"\x2b\x06\x01\x05\x05\x0d\x02"}, + {7, (void *)"\x2b\x06\x01\x05\x05\x0d\x03"}, + {7, (void *)"\x2b\x06\x01\x05\x05\x0d\x04"}, + {7, (void *)"\x2b\x06\x01\x05\x05\x0d\x05"}, + {7, (void *)"\x2b\x06\x01\x05\x05\x0d\x06"}, + {7, (void *)"\x2b\x06\x01\x05\x05\x0d\x07"}, + {7, (void *)"\x2b\x06\x01\x05\x05\x0d\x08"}, + {7, (void *)"\x2b\x06\x01\x05\x05\x0d\x09"}, + {7, (void *)"\x2b\x06\x01\x05\x05\x0d\x0a"}, + {7, (void *)"\x2b\x06\x01\x05\x05\x0d\x0b"}, + {7, (void *)"\x2b\x06\x01\x05\x05\x0d\x0c"}, + {7, (void *)"\x2b\x06\x01\x05\x05\x0d\x0d"}, + {7, (void *)"\x2b\x06\x01\x05\x05\x0d\x0e"}, + {7, (void *)"\x2b\x06\x01\x05\x05\x0d\x0f"}, + {7, (void *)"\x2b\x06\x01\x05\x05\x0d\x10"}, + {7, (void *)"\x2b\x06\x01\x05\x05\x0d\x11"}, + {7, (void *)"\x2b\x06\x01\x05\x05\x0d\x12"}, + {7, (void *)"\x2b\x06\x01\x05\x05\x0d\x13"}, + {7, (void *)"\x2b\x06\x01\x05\x05\x0d\x14"}, + {7, (void *)"\x2b\x06\x01\x05\x05\x0d\x15"}, + {7, (void *)"\x2b\x06\x01\x05\x05\x0d\x16"}, + {7, (void *)"\x2b\x06\x01\x05\x05\x0d\x17"}, + {7, (void *)"\x2b\x06\x01\x05\x05\x0d\x18"}, + {7, (void *)"\x2b\x06\x01\x05\x05\x0d\x19"}, + {7, (void *)"\x2b\x06\x01\x05\x05\x0d\x1a"}, + {7, (void *)"\x2b\x06\x01\x05\x05\x0d\x1b"}, }; /* Here are the constants which point to the static structure above. @@ -152,3 +181,234 @@ GSS_DLLIMP gss_OID GSS_C_NT_EXPORT_NAME = oids+6; gss_OID gss_nt_exported_name = oids+6; GSS_DLLIMP gss_OID GSS_C_INQ_SSPI_SESSION_KEY = oids+7; + +GSS_DLLIMP gss_const_OID GSS_C_MA_MECH_CONCRETE = oids+8; +GSS_DLLIMP gss_const_OID GSS_C_MA_MECH_PSEUDO = oids+9; +GSS_DLLIMP gss_const_OID GSS_C_MA_MECH_COMPOSITE = oids+10; +GSS_DLLIMP gss_const_OID GSS_C_MA_MECH_NEGO = oids+11; +GSS_DLLIMP gss_const_OID GSS_C_MA_MECH_GLUE = oids+12; +GSS_DLLIMP gss_const_OID GSS_C_MA_NOT_MECH = oids+13; +GSS_DLLIMP gss_const_OID GSS_C_MA_DEPRECATED = oids+14; +GSS_DLLIMP gss_const_OID GSS_C_MA_NOT_DFLT_MECH = oids+15; +GSS_DLLIMP gss_const_OID GSS_C_MA_ITOK_FRAMED = oids+16; +GSS_DLLIMP gss_const_OID GSS_C_MA_AUTH_INIT = oids+17; +GSS_DLLIMP gss_const_OID GSS_C_MA_AUTH_TARG = oids+18; +GSS_DLLIMP gss_const_OID GSS_C_MA_AUTH_INIT_INIT = oids+19; +GSS_DLLIMP gss_const_OID GSS_C_MA_AUTH_TARG_INIT = oids+20; +GSS_DLLIMP gss_const_OID GSS_C_MA_AUTH_INIT_ANON = oids+21; +GSS_DLLIMP gss_const_OID GSS_C_MA_AUTH_TARG_ANON = oids+22; +GSS_DLLIMP gss_const_OID GSS_C_MA_DELEG_CRED = oids+23; +GSS_DLLIMP gss_const_OID GSS_C_MA_INTEG_PROT = oids+24; +GSS_DLLIMP gss_const_OID GSS_C_MA_CONF_PROT = oids+25; +GSS_DLLIMP gss_const_OID GSS_C_MA_MIC = oids+26; +GSS_DLLIMP gss_const_OID GSS_C_MA_WRAP = oids+27; +GSS_DLLIMP gss_const_OID GSS_C_MA_PROT_READY = oids+28; +GSS_DLLIMP gss_const_OID GSS_C_MA_REPLAY_DET = oids+29; +GSS_DLLIMP gss_const_OID GSS_C_MA_OOS_DET = oids+30; +GSS_DLLIMP gss_const_OID GSS_C_MA_CBINDINGS = oids+31; +GSS_DLLIMP gss_const_OID GSS_C_MA_PFS = oids+32; +GSS_DLLIMP gss_const_OID GSS_C_MA_COMPRESS = oids+33; +GSS_DLLIMP gss_const_OID GSS_C_MA_CTX_TRANS = oids+34; + +static gss_OID_set_desc gss_ma_known_attrs_desc = { 27, oids+8 }; +gss_OID_set gss_ma_known_attrs = &gss_ma_known_attrs_desc; + +#define STRING_BUFFER(x) { sizeof((x) - 1), (x) } + +static struct mech_attr_info_desc { + gss_OID mech_attr; + gss_buffer_desc name; + gss_buffer_desc short_desc; + gss_buffer_desc long_desc; +} mech_attr_info[] = { + { + oids+8, + STRING_BUFFER("GSS_C_MA_MECH_CONCRETE"), + STRING_BUFFER("Mechanism is neither a pseudo-mechanism nor a " + "composite mechanism."), + }, + { + oids+9, + STRING_BUFFER("GSS_C_MA_MECH_PSEUDO"), + STRING_BUFFER("Mechanism is a pseudo-mechanism"), + }, + { + oids+10, + STRING_BUFFER("GSS_C_MA_MECH_COMPOSITE"), + STRING_BUFFER("Mechanism is a composite of other mechanisms."), + }, + { + oids+11, + STRING_BUFFER("GSS_C_MA_MECH_NEGO"), + STRING_BUFFER("Mechanism negotiates other mechanisms."), + }, + { + oids+12, + STRING_BUFFER("GSS_C_MA_MECH_GLUE"), + STRING_BUFFER("OID is not a mechanism but the GSS-API itself."), + }, + { + oids+13, + STRING_BUFFER("GSS_C_MA_NOT_MECH"), + STRING_BUFFER("Known OID but not a mechanism OID."), + }, + { + oids+14, + STRING_BUFFER("GSS_C_MA_DEPRECATED"), + STRING_BUFFER("Mechanism is deprecated."), + }, + { + oids+15, + STRING_BUFFER("GSS_C_MA_NOT_DFLT_MECH"), + STRING_BUFFER("Mechanism must not be used as a default mechanism."), + }, + { + oids+16, + STRING_BUFFER("GSS_C_MA_ITOK_FRAMED"), + STRING_BUFFER("Mechanism's initial contexts are properly framed."), + }, + { + oids+17, + STRING_BUFFER("GSS_C_MA_AUTH_INIT"), + STRING_BUFFER("Mechanism supports authentication of initiator to " + "acceptor."), + }, + { + oids+18, + STRING_BUFFER("GSS_C_MA_AUTH_TARG"), + STRING_BUFFER("Mechanism supports authentication of acceptor to " + "initiator."), + }, + { + oids+19, + STRING_BUFFER("GSS_C_MA_AUTH_INIT_INIT"), + STRING_BUFFER("Mechanism supports authentication of initiator using " + "initial credentials."), + }, + { + oids+20, + STRING_BUFFER("GSS_C_MA_AUTH_TARG_INIT"), + STRING_BUFFER("Mechanism supports authentication of acceptor using " + "initial credentials."), + }, + { + oids+21, + STRING_BUFFER("GSS_C_MA_AUTH_INIT_ANON"), + STRING_BUFFER("Mechanism supports GSS_C_NT_ANONYMOUS as an initiator " + "name."), + }, + { + oids+22, + STRING_BUFFER("GSS_C_MA_AUTH_TARG_ANON"), + STRING_BUFFER("Mechanism supports GSS_C_NT_ANONYMOUS as an acceptor " + "name."), + }, + { + oids+23, + STRING_BUFFER("GSS_C_MA_DELEG_CRED"), + STRING_BUFFER("Mechanism supports credential delegation."), + }, + { + oids+24, + STRING_BUFFER("GSS_C_MA_INTEG_PROT"), + STRING_BUFFER("Mechanism supports per-message integrity protection."), + }, + { + oids+25, + STRING_BUFFER("GSS_C_MA_CONF_PROT"), + STRING_BUFFER("Mechanism supports per-message confidentiality" + "protection."), + }, + { + oids+26, + STRING_BUFFER("GSS_C_MA_MIC"), + STRING_BUFFER("Mechanism supports Message Integrity Code (MIC) " + "tokens."), + }, + { + oids+27, + STRING_BUFFER("GSS_C_MA_WRAP"), + STRING_BUFFER("Mechanism supports wrap tokens."), + }, + { + oids+28, + STRING_BUFFER("GSS_C_MA_PROT_READY"), + STRING_BUFFER("Mechanism supports per-message proteciton prior to " + "full context establishment."), + }, + { + oids+29, + STRING_BUFFER("GSS_C_MA_REPLAY_DET"), + STRING_BUFFER("Mechanism supports replay detection."), + }, + { + oids+30, + STRING_BUFFER("GSS_C_MA_OOS_DET"), + STRING_BUFFER("Mechanism supports out-of-sequence detection."), + }, + { + oids+31, + STRING_BUFFER("GSS_C_MA_CBINDINGS"), + STRING_BUFFER("Mechanism supports channel bindings."), + }, + { + oids+32, + STRING_BUFFER("GSS_C_MA_PFS"), + STRING_BUFFER("Mechanism supports Perfect Forward Security."), + }, + { + oids+33, + STRING_BUFFER("GSS_C_MA_COMPRESS"), + STRING_BUFFER("Mechanism supports compression of data inputs to " + "gss_wrap()."), + }, + { + oids+34, + STRING_BUFFER("GSS_C_MA_CTX_TRANS"), + STRING_BUFFER("Mechanism supports security context export/import."), + }, +}; + +OM_uint32 +generic_gss_display_mech_attr( + OM_uint32 *minor_status, + gss_const_OID mech_attr, + gss_buffer_t name, + gss_buffer_t short_desc, + gss_buffer_t long_desc) +{ + size_t i; + + if (name != GSS_C_NO_BUFFER) { + name->length = 0; + name->value = NULL; + } + if (short_desc != GSS_C_NO_BUFFER) { + short_desc->length = 0; + short_desc->value = NULL; + } + if (long_desc != GSS_C_NO_BUFFER) { + long_desc->length = 0; + long_desc->value = NULL; + } + for (i = 0; i < sizeof(mech_attr_info)/sizeof(mech_attr_info[0]); i++) { + struct mech_attr_info_desc *mai = &mech_attr_info[i]; + + if (g_OID_equal(mech_attr, mai->mech_attr)) { + if (name != GSS_C_NO_BUFFER && + !g_make_string_buffer((char *)mai->name.value, name)) { + *minor_status = ENOMEM; + return GSS_S_FAILURE; + } + if (short_desc != GSS_C_NO_BUFFER && + !g_make_string_buffer((char *)mai->short_desc.value, + short_desc)) { + *minor_status = ENOMEM; + return GSS_S_FAILURE; + } + return GSS_S_COMPLETE; + } + } + + return GSS_S_BAD_MECH_ATTR; +} |