mglueP.h: For MS-DOS, add #include of malloc.h

g_acquire_cred.c (gss_acquire_cred): Fix so that the call works when
	desired_name is NULL (meaning use the default credentials).

g_imp_sec_context.c (gss_import_sec_context):
g_exp_sec_context.c (gss_export_sec_context): Fix to import/export the
	framing security context (so that this call actually works!).

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7574 dc483132-0cff-0310-8789-dd5450dbe970

5 files changed, 180 insertions, 62 deletions

diff --git a/src/lib/gssapi/mechglue/ChangeLog b/src/lib/gssapi/mechglue/ChangeLog
index 47c69a62d5..d944aecd95 100644
--- a/src/lib/gssapi/mechglue/ChangeLog
+++ b/src/lib/gssapi/mechglue/ChangeLog
@@ -1,3 +1,16 @@
+Wed Feb 28 20:33:47 1996  Theodore Y. Ts'o  <tytso@dcl>
+
+	* mglueP.h: For MS-DOS, add #include of malloc.h
+
+	* g_acquire_cred.c (gss_acquire_cred): Fix so that the call works
+		when desired_name is NULL (meaning use the default
+		credentials).
+
+	* g_imp_sec_context.c (gss_import_sec_context): 
+	* g_exp_sec_context.c (gss_export_sec_context): Fix to 
+		import/export the framing security context (so that this
+		call actually works!).
+
 Tue Feb 27 18:44:51 1996  Theodore Y. Ts'o  <tytso@dcl>
 
 	* g_initialize.c (gss_initialize): Don't fprintf to stderr on
diff --git a/src/lib/gssapi/mechglue/g_acquire_cred.c b/src/lib/gssapi/mechglue/g_acquire_cred.c
index b9763c9506..f6bd7743c1 100644
--- a/src/lib/gssapi/mechglue/g_acquire_cred.c
+++ b/src/lib/gssapi/mechglue/g_acquire_cred.c
@@ -98,6 +98,7 @@ OM_uint32 *		time_rec;
     gss_union_cred_t	creds;
     gss_OID_set_desc	default_OID_set;
     gss_OID_desc	default_OID;
+    gss_OID		specific_mech_type = 0;
     gss_mechanism	mech;
     
     /*
@@ -124,9 +125,6 @@ OM_uint32 *		time_rec;
     if (minor_status)
 	*minor_status = 0;
     
-    if (desired_name == 0)
-	return GSS_S_BAD_NAME;
-
     /* No need to continue if we don't have a place to store the creds */
     if (output_cred_handle == NULL)
 	return GSS_S_COMPLETE;
@@ -134,6 +132,9 @@ OM_uint32 *		time_rec;
     /* get desired_name cast as a union_name type */
     
     union_name = (gss_union_name_t) desired_name;
+
+    if (union_name)
+	    specific_mech_type = union_name->mech_type;
     
     /*
      * if desired_mechs equals GSS_C_NULL_OID_SET, then pick an
@@ -145,7 +146,7 @@ OM_uint32 *		time_rec;
 	 * mechanism; otherwise, we get the mechanism for the
 	 * mechanism-specific name.
 	 */
-	mech = __gss_get_mechanism(union_name->mech_type);
+	mech = __gss_get_mechanism(specific_mech_type);
 	if (mech == NULL)
 	    return (GSS_S_BAD_MECH);
 
@@ -184,14 +185,16 @@ OM_uint32 *		time_rec;
 	 * If this is a mechanism-specific name, then only use the
 	 * mechanism of the name.
 	 */
-	if (union_name->mech_type && !g_OID_equal(union_name->mech_type,
-						  &mech->mech_type))
+	if (specific_mech_type && !g_OID_equal(specific_mech_type,
+					       &mech->mech_type))
 	    continue;
 	/*
 	 * If this is not a mechanism-specific name, then we need to
 	 * do an import the external name in union_name first.
 	 */
-	if (!union_name->mech_type) {
+	if (union_name == 0)
+	    internal_name = (gss_name_t) 0;
+	else if (!union_name->mech_type) {
 	    if (__gss_import_internal_name(&temp_minor_status,
 					   &mech->mech_type,
 					   union_name, &internal_name)) {
@@ -219,11 +222,27 @@ OM_uint32 *		time_rec;
 	    creds_returned[j].available = 1;
 	    creds_acquired++;
 	}
-	
-	if (!union_name->mech_type) {
-	    (void) __gss_release_internal_name(&temp_minor_status,
-					       &mech->mech_type,
-					       &internal_name);
+
+	if (union_name == 0) {
+	    /*
+	     * If desired_name was NULL, then do an inquire
+	     * credentials from the first mechanism that suceeds and
+	     * use that as the union name.
+	     *
+	     * XXX status returns?
+	     */
+	    status = mech->gss_inquire_cred(mech->context, &temp_minor_status,
+					    creds_returned[j].cred,
+					    &internal_name, 0, 0, 0);
+	    status = __gss_convert_name_to_union_name(&temp_minor_status,
+						      mech, internal_name,
+					     (gss_name_t *) &union_name);
+	} else {
+	    if (!union_name->mech_type) {
+		(void) __gss_release_internal_name(&temp_minor_status,
+						   &mech->mech_type,
+						   &internal_name);
+	    }
 	}
     }
     
@@ -307,32 +326,44 @@ OM_uint32 *		time_rec;
      * gss_inquire_name() is called, we must then call gss_import_name()
      * to get the internal name that is required at that point.
      */
-    if (gss_display_name(&temp_minor_status, desired_name,
-			 &creds->auxinfo.name, &creds->auxinfo.name_type)
-	!= GSS_S_COMPLETE) {
-	
-	/* This really shouldn't ever fail, but just in case.... */
-
-	for (k=0; k < creds->count; k++) {
-	    free(creds->mechs_array[k].elements);
-	    if (actual_mechs)
-		free((*actual_mechs)->elements[k].elements);
+    if (desired_name) {
+	status = gss_display_name(&temp_minor_status, desired_name,
+				  &creds->auxinfo.name,
+				  &creds->auxinfo.name_type);
+	if (status) {
+	    status = GSS_S_BAD_NAME;
+	    goto error_out;
 	}
-	
-	if (actual_mechs) {
-		free((*actual_mechs)->elements);
-		free(*actual_mechs);
-		*actual_mechs = GSS_C_NULL_OID_SET;
+    } else {
+	status = gss_display_name(&temp_minor_status, union_name,
+				  &creds->auxinfo.name,
+				  &creds->auxinfo.name_type);
+	if (status) {
+	    status = GSS_S_BAD_NAME;
+	    goto error_out;
 	}
-	free(creds->cred_array);
-	free(creds->mechs_array);
-	free(creds);
-	
-	return(GSS_S_BAD_NAME);
     }
     
     *output_cred_handle = (gss_cred_id_t) creds;
     return(GSS_S_COMPLETE);
+
+error_out:
+    for (k=0; k < creds->count; k++) {
+	free(creds->mechs_array[k].elements);
+	if (actual_mechs)
+	    free((*actual_mechs)->elements[k].elements);
+    }
+	
+    if (actual_mechs) {
+	free((*actual_mechs)->elements);
+	free(*actual_mechs);
+	*actual_mechs = GSS_C_NULL_OID_SET;
+    }
+    free(creds->cred_array);
+    free(creds->mechs_array);
+    free(creds);
+	
+    return(status);
 }
 
 /* V2 interface */
diff --git a/src/lib/gssapi/mechglue/g_exp_sec_context.c b/src/lib/gssapi/mechglue/g_exp_sec_context.c
index adb1354b40..51ab428e62 100644
--- a/src/lib/gssapi/mechglue/g_exp_sec_context.c
+++ b/src/lib/gssapi/mechglue/g_exp_sec_context.c
@@ -29,6 +29,7 @@
 
 #include "mglueP.h"
 #include <stdio.h>
+#include <errno.h>
 #ifdef HAVE_STDLIB_H
 #include <stdlib.h>
 #endif
@@ -44,8 +45,11 @@ gss_buffer_t		interprocess_token;
 
 {
     OM_uint32		status;
+    OM_uint32		length;
     gss_union_ctx_id_t	ctx;
     gss_mechanism	mech;
+    gss_buffer_desc	token;
+    char		*buf;
     
     gss_initialize();
 
@@ -59,20 +63,42 @@ gss_buffer_t		interprocess_token;
     
     ctx = (gss_union_ctx_id_t) *context_handle;
     mech = __gss_get_mechanism (ctx->mech_type);
+    if (!mech)
+	return GSS_S_BAD_MECH;
+    if (!mech->gss_export_sec_context)
+	return GSS_S_BAD_BINDINGS;
+    
+    status = mech->gss_export_sec_context(mech->context, minor_status,
+					  &ctx->internal_ctx_id, &token);
+    if (status != GSS_S_COMPLETE)
+	return (status);
 
-    if (mech) {
+    length = token.length + 4 + ctx->mech_type->length;
+    interprocess_token->length = length;
+    interprocess_token->value = malloc(length);
+    if (interprocess_token->value == 0) {
+	(void) gss_release_buffer(minor_status, &token);
+	*minor_status = ENOMEM;
+	return (GSS_S_FAILURE);
+    }
+    buf = interprocess_token->value;
+    length = ctx->mech_type->length;
+    buf[3] = (unsigned char) (length & 0xFF);
+    length >>= 8;
+    buf[2] = (unsigned char) (length & 0xFF);
+    length >>= 8;
+    buf[1] = (unsigned char) (length & 0xFF);
+    length >>= 8;
+    buf[0] = (unsigned char) (length & 0xFF);
+    memcpy(buf+4, ctx->mech_type->elements, ctx->mech_type->length);
+    memcpy(buf+4+ctx->mech_type->length, token.value, token.length);
 
-	if (mech->gss_export_sec_context)
-	    status = mech->gss_export_sec_context(
-						    mech->context,
-						    minor_status,
-						    &ctx->internal_ctx_id,
-						    interprocess_token);
-	else
-	    status = GSS_S_BAD_BINDINGS;
+    (void) gss_release_buffer(minor_status, &token);
 
-	return(status);
-    }
+    free(ctx->mech_type->elements);
+    free(ctx->mech_type);
+    free(ctx);
+    *context_handle = 0;
     
-    return(GSS_S_NO_CONTEXT);
+    return(GSS_S_COMPLETE);
 }
diff --git a/src/lib/gssapi/mechglue/g_imp_sec_context.c b/src/lib/gssapi/mechglue/g_imp_sec_context.c
index c8d95f98b1..177142b4e5 100644
--- a/src/lib/gssapi/mechglue/g_imp_sec_context.c
+++ b/src/lib/gssapi/mechglue/g_imp_sec_context.c
@@ -29,6 +29,7 @@
 
 #include "mglueP.h"
 #include <stdio.h>
+#include <errno.h>
 #ifdef HAVE_STDLIB_H
 #include <stdlib.h>
 #endif
@@ -43,37 +44,80 @@ gss_buffer_t		interprocess_token;
 gss_ctx_id_t *		context_handle;
 
 {
-    OM_uint32		status;
+    OM_uint32		length, status;
+    char		*p;
     gss_union_ctx_id_t	ctx;
+    gss_buffer_desc	token;
     gss_mechanism	mech;
     
     gss_initialize();
 
-    if (context_handle == NULL || *context_handle==GSS_C_NO_CONTEXT)
-	return GSS_S_NO_CONTEXT;
+    *minor_status = 0;
+    
+    if (interprocess_token->length == 0 || interprocess_token->value == 0)
+	return (GSS_S_DEFECTIVE_TOKEN);
+
+    status = GSS_S_FAILURE;
+
+    ctx = (gss_union_ctx_id_t) malloc(sizeof(gss_union_ctx_id_desc));
+    if (!ctx) {
+	*minor_status = ENOMEM;
+	goto error_out;
+    }
+    ctx->mech_type = (gss_OID) malloc(sizeof(gss_OID_desc));
+    if (!ctx->mech_type) {
+	*minor_status = ENOMEM;
+	goto error_out;
+    }
+    p = interprocess_token->value;
+    length = *p++;
+    length = (length << 8) + *p++;
+    length = (length << 8) + *p++;
+    length = (length << 8) + *p++;
+
+    ctx->mech_type->length = length;
+    ctx->mech_type->elements = malloc((size_t) length);
+    if (!ctx->mech_type->elements) {
+	*minor_status = ENOMEM;
+	goto error_out;
+    }
+    memcpy(ctx->mech_type->elements, p, length);
+    p += length;
+
+    token.length = interprocess_token->length - 4 - length;
+    token.value = p;
 
     /*
      * select the approprate underlying mechanism routine and
      * call it.
      */
     
-    ctx = (gss_union_ctx_id_t) *context_handle;
     mech = __gss_get_mechanism (ctx->mech_type);
+    if (!mech) {
+	status = GSS_S_BAD_MECH;
+	goto error_out;
+    }
+    if (!mech->gss_import_sec_context) {
+	status = GSS_S_BAD_BINDINGS;
+	goto error_out;
+    }
+    
+    status = mech->gss_import_sec_context(mech->context, minor_status,
+					  &token, &ctx->internal_ctx_id);
 
-    if (mech) {
-
-	if (mech->gss_import_sec_context)
-	   status = mech->gss_import_sec_context(
-						    mech->context,
-						    minor_status,
-						    interprocess_token,
-						    &ctx->internal_ctx_id);
-
-	else
-	    status = GSS_S_BAD_BINDINGS;
-
-	return(status);
+    if (status == GSS_S_COMPLETE) {
+	*context_handle = ctx;
+	return (GSS_S_COMPLETE);
     }
     
-    return(GSS_S_NO_CONTEXT);
+error_out:
+    if (ctx) {
+	if (ctx->mech_type) {
+	    if (ctx->mech_type->elements)
+		free(ctx->mech_type->elements);
+	    free(ctx->mech_type);
+	}
+	free(ctx);
+    }
+    return status;
 }
diff --git a/src/lib/gssapi/mechglue/mglueP.h b/src/lib/gssapi/mechglue/mglueP.h
index bd0fe68a58..60c94eefe8 100644
--- a/src/lib/gssapi/mechglue/mglueP.h
+++ b/src/lib/gssapi/mechglue/mglueP.h
@@ -12,6 +12,10 @@
 #include "mechglue.h"
 #include <sys/types.h>
 
+#ifdef _MSDOS
+#include <malloc.h>
+#endif
+
 /*
  * Array of context IDs typed by mechanism OID
  */