2004-02-06 Jeffrey Altman <jaltman@mit.edu>

    * Add new UI components to the gss.exe client
      to support the use of GSS_C_SEQUENCE_FLAG or to
      disable the use of either GSS_C_MUTUAL_FLAG or
      GSS_C_REPLAY_FLAG

ticket: new
target_version: 1.3.2
tags: pullup

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16024 dc483132-0cff-0310-8789-dd5450dbe970

6 files changed, 80 insertions, 25 deletions

diff --git a/src/windows/gss/ChangeLog b/src/windows/gss/ChangeLog
index 2b66b030a2..df98326ac9 100644
--- a/src/windows/gss/ChangeLog
+++ b/src/windows/gss/ChangeLog
@@ -1,3 +1,11 @@
+2004-02-06  Jeffrey Altman <jaltman@mit.edu>
+
+    * resource.h: add new component id values for replay, mutual, sequence
+
+    * gss.rc: add new components for replay, mutual, sequence
+
+    * gss.h, gss.c, gss-client.c: add support for replay, mutual, and sequence
+
 2004-02-04  Jeffrey Altman <jaltman@mit.edu>
 
     * resource.h: add new component id values for ccache
diff --git a/src/windows/gss/gss-client.c b/src/windows/gss/gss-client.c
index e014c35d88..51928214a3 100644
--- a/src/windows/gss/gss-client.c
+++ b/src/windows/gss/gss-client.c
@@ -90,7 +90,7 @@ static int connect_to_server(host, port)
  *
  * 	s		(r) an established TCP connection to the service
  * 	service_name	(r) the ASCII service name of the service
- *	deleg_flag	(r) GSS-API delegation flag (if any)
+ *	gss_flags	(r) GSS-API delegation flag (if any)
  *	auth_flag	(r) whether to actually do authentication
  *	oid		(r) OID of the mechanism to use
  * 	context		(w) the established GSS-API context
@@ -112,7 +112,7 @@ static int connect_to_server(host, port)
  */
 int client_establish_context( int s, 
                               char *service_name,
-                              OM_uint32 deleg_flag, 
+                              OM_uint32 gss_flags, 
                               int auth_flag,
                               int v1_format, 
                               gss_OID oid, 
@@ -171,8 +171,7 @@ int client_establish_context( int s,
                                       gss_context,
                                       target_name,
                                       oid,
-                                      GSS_C_MUTUAL_FLAG | GSS_C_REPLAY_FLAG |
-                                      deleg_flag,
+                                      gss_flags,
                                       0,
                                       NULL,	/* no channel bindings */
                                       token_ptr,
@@ -281,7 +280,7 @@ static void read_file(file_name, in_buf)
  * 	host		(r) the host providing the service
  * 	port		(r) the port to connect to on host
  * 	service_name	(r) the GSS-API service name to authenticate to
- *	deleg_flag	(r) GSS-API delegation flag (if any)
+ *	gss_flags	(r) GSS-API delegation flag (if any)
  *	auth_flag	(r) whether to do authentication
  *	wrap_flag	(r) whether to do message wrapping at all
  *	encrypt_flag	(r) whether to do encryption while wrapping
@@ -301,7 +300,7 @@ static void read_file(file_name, in_buf)
  * verifies it with gss_verify.  -1 is returned if any step fails,
  * otherwise 0 is returned.  */
 int call_server(char *host, u_short port, gss_OID oid, char *service_name, 
-                OM_uint32 deleg_flag, int auth_flag,
+                OM_uint32 gss_flags, int auth_flag,
 		        int wrap_flag, int encrypt_flag, int mic_flag, int v1_format, 
                 char *msg, int use_file, int mcount)
 {
@@ -328,7 +327,7 @@ int call_server(char *host, u_short port, gss_OID oid, char *service_name,
 	  return -1;
 
      /* Establish context */
-     if (client_establish_context(s, service_name, deleg_flag, auth_flag,
+     if (client_establish_context(s, service_name, gss_flags, auth_flag,
 				  v1_format, oid, &context,
 				  &ret_flags) < 0) {
 	  (void) closesocket(s);
@@ -546,11 +545,12 @@ static void parse_oid(char *mechanism, gss_OID *oid)
 
 int
 gss (char *server_host, char *service_name, char *mechanism, char *msg, int port,
-     int verbose, int delegate, int v1_format, int auth_flag, int wrap_flag,
+     int verbose, int delegate, int mutual, int replay, int sequence, 
+     int v1_format, int auth_flag, int wrap_flag,
      int encrypt_flag, int mic_flag, int ccount, int mcount, char *ccache)
 {
     int use_file = 0;
-    OM_uint32 deleg_flag = (delegate ? GSS_C_DELEG_FLAG : 0), min_stat;
+    OM_uint32 gss_flags = 0, min_stat;
     gss_OID oid = GSS_C_NULL_OID;
     OM_uint32     minor_status;
     int i;
@@ -562,6 +562,15 @@ gss (char *server_host, char *service_name, char *mechanism, char *msg, int port
     if (mechanism && mechanism[0])
         parse_oid(mechanism, &oid);
 
+    if ( delegate )
+        gss_flags |= GSS_C_DELEG_FLAG;
+    if ( mutual )
+        gss_flags |= GSS_C_MUTUAL_FLAG;
+    if ( replay )
+        gss_flags |= GSS_C_REPLAY_FLAG;
+    if ( sequence )
+        gss_flags |= GSS_C_SEQUENCE_FLAG;
+
     /* By using this function the independence between the application and
      * the underlying authentication system is broken
      */
@@ -570,7 +579,7 @@ gss (char *server_host, char *service_name, char *mechanism, char *msg, int port
 
     for (i = 0; i < ccount; i++) {
         if (call_server(server_host, port, oid, service_name,
-                         deleg_flag, auth_flag, wrap_flag, encrypt_flag, mic_flag,
+                         gss_flags, auth_flag, wrap_flag, encrypt_flag, mic_flag,
                          v1_format, msg, use_file, mcount) < 0)
             rc = -1;
         break;
diff --git a/src/windows/gss/gss.c b/src/windows/gss/gss.c
index 6d9ac469b5..e7254648b8 100644
--- a/src/windows/gss/gss.c
+++ b/src/windows/gss/gss.c
@@ -34,6 +34,9 @@
 #define INI_LAST_MECH "Mechanism"
 #define INI_LAST_MSG  "Message"
 #define INI_LAST_DELEGATE  "Delegation"
+#define INI_LAST_SEQUENCE  "Sequence"
+#define INI_LAST_MUTUAL    "Mutual"
+#define INI_LAST_REPLAY    "Replay"
 #define INI_LAST_VERBOSE   "Verbose"
 #define INI_LAST_CCOUNT    "Call Count"
 #define INI_LAST_MCOUNT    "Message Count"
@@ -56,6 +59,9 @@ char szMech[256];			// OID to use
 char szCCache[256];         // CCache to use
 int port = 0;				// Which port to use
 int delegate = 0;           // Delegate?
+int replay = 1;             // Replay?
+int mutual = 1;             // Mutual?
+int sequence = 0;           // Sequence?
 int verbose = 1;            // Verbose?
 int ccount = 1;             // Call Count
 int mcount = 1;             // Message Count
@@ -124,7 +130,8 @@ do_gssapi_test (void) {
 
 	hcursor = SetCursor(LoadCursor(NULL, IDC_WAIT));
 	n = gss (szHost, szService, szMech, szMessage[0] ? szMessage : "Test Gssapi Message", port,
-             verbose, delegate, gssv1, !noauth, !nowrap, !nocrypt, !nomic, ccount, mcount, 
+             verbose, delegate, mutual, replay, sequence, 
+             gssv1, !noauth, !nowrap, !nocrypt, !nomic, ccount, mcount,
              szCCache);
 	SetCursor(hcursor);
 
@@ -262,6 +269,9 @@ OpenGssapiDlg(
 
             verbose = IsDlgButtonChecked(hDlg, GSS_VERBOSE);
             delegate = IsDlgButtonChecked(hDlg, GSS_DELEGATION);
+            mutual = IsDlgButtonChecked(hDlg, GSS_MUTUAL);
+            replay = IsDlgButtonChecked(hDlg, GSS_REPLAY);
+            sequence = IsDlgButtonChecked(hDlg, GSS_SEQUENCE);
             gssv1 = IsDlgButtonChecked(hDlg, GSS_VERSION_ONE);
 
             noauth = IsDlgButtonChecked(hDlg, GSS_NO_AUTH);
@@ -397,6 +407,15 @@ read_saved (void) {
     GetPrivateProfileString(INI_LAST, INI_LAST_DELEGATE, "", buff, 32, GSSAPI_INI);
     if ( buff[0] )  
         delegate = atoi(buff);
+    GetPrivateProfileString(INI_LAST, INI_LAST_MUTUAL, "", buff, 32, GSSAPI_INI);
+    if ( buff[0] )  
+        mutual = atoi(buff);
+    GetPrivateProfileString(INI_LAST, INI_LAST_REPLAY, "", buff, 32, GSSAPI_INI);
+    if ( buff[0] )  
+        replay = atoi(buff);
+    GetPrivateProfileString(INI_LAST, INI_LAST_SEQUENCE, "", buff, 32, GSSAPI_INI);
+    if ( buff[0] )  
+        sequence = atoi(buff);
     GetPrivateProfileString(INI_LAST, INI_LAST_VERBOSE, "", buff, 32, GSSAPI_INI);
     if ( buff[0] )  
         verbose = atoi(buff);
@@ -468,6 +487,12 @@ write_saved () {
     WritePrivateProfileString(INI_LAST, INI_LAST_MSG, szMessage, GSSAPI_INI);
     wsprintf(buff, "%d", delegate);
     WritePrivateProfileString(INI_LAST, INI_LAST_DELEGATE, buff, GSSAPI_INI);
+    wsprintf(buff, "%d", mutual);
+    WritePrivateProfileString(INI_LAST, INI_LAST_MUTUAL, buff, GSSAPI_INI);
+    wsprintf(buff, "%d", replay);
+    WritePrivateProfileString(INI_LAST, INI_LAST_REPLAY, buff, GSSAPI_INI);
+    wsprintf(buff, "%d", sequence);
+    WritePrivateProfileString(INI_LAST, INI_LAST_SEQUENCE, buff, GSSAPI_INI);
     wsprintf(buff, "%d", verbose);
     WritePrivateProfileString(INI_LAST, INI_LAST_VERBOSE, buff, GSSAPI_INI);
     wsprintf(buff, "%d", ccount);
@@ -624,6 +649,9 @@ fill_combo (HWND hDlg) {
 
     CheckDlgButton(hDlg, GSS_VERBOSE, verbose);
     CheckDlgButton(hDlg, GSS_DELEGATION, delegate);
+    CheckDlgButton(hDlg, GSS_MUTUAL, mutual);
+    CheckDlgButton(hDlg, GSS_REPLAY, replay);
+    CheckDlgButton(hDlg, GSS_SEQUENCE, sequence);
     CheckDlgButton(hDlg, GSS_VERSION_ONE, gssv1);
     CheckDlgButton(hDlg, GSS_NO_AUTH, noauth);
     CheckDlgButton(hDlg, GSS_NO_WRAP, nowrap);
diff --git a/src/windows/gss/gss.h b/src/windows/gss/gss.h
index 8eec4a73c3..60d91bf6b5 100644
--- a/src/windows/gss/gss.h
+++ b/src/windows/gss/gss.h
@@ -26,7 +26,8 @@ void my_perror (char *msg);
 // gss-client.c
 int
 gss (char *server_host, char *service_name, char *mechanism, char *msg, int port,
-     int verbose, int delegate, int v1_format, int auth_flag, int wrap_flag,
+     int verbose, int delegate, int mutual, int replay, int sequence, 
+     int v1_format, int auth_flag, int wrap_flag,
      int encrypt_flag, int mic_flag, int ccount, int mcount, char * ccache);
 int call_server(char *host, u_short port, gss_OID oid, char *service_name, 
                 OM_uint32 deleg_flag, int auth_flag,
diff --git a/src/windows/gss/gss.rc b/src/windows/gss/gss.rc
index e3c1e9056c..46cf6424ed 100644
--- a/src/windows/gss/gss.rc
+++ b/src/windows/gss/gss.rc
@@ -66,29 +66,35 @@ BEGIN
     LTEXT           "The following items are optional and should only be altered by those who understand their implications.",
                     IDC_STATIC_OPTIONS,10,85,305,20
     CONTROL         "Verbose Output",GSS_VERBOSE,"Button",BS_AUTOCHECKBOX | 
-                    WS_TABSTOP,70,135,65,10
+                    WS_TABSTOP,72,138,65,10
     CONTROL         "Delegation",GSS_DELEGATION,"Button",BS_AUTOCHECKBOX | 
-                    WS_TABSTOP,170,135,50,10
+                    WS_TABSTOP,72,150,50,10
     CONTROL         "Version 1",GSS_VERSION_ONE,"Button",BS_AUTOCHECKBOX | 
-                    WS_TABSTOP,270,135,45,10
+                    WS_TABSTOP,150,138,45,10
     CONTROL         "No Auth",GSS_NO_AUTH,"Button",BS_AUTOCHECKBOX | 
-                    WS_TABSTOP,70,155,42,10
+                    WS_TABSTOP,72,162,42,10
     CONTROL         "No Wrap",GSS_NO_WRAP,"Button",BS_AUTOCHECKBOX | 
-                    WS_TABSTOP,135,155,45,10
+                    WS_TABSTOP,132,162,45,10
     CONTROL         "No Encrypt",GSS_NO_ENCRYPT,"Button",BS_AUTOCHECKBOX | 
-                    WS_TABSTOP,205,155,51,10
+                    WS_TABSTOP,198,162,51,10
     CONTROL         "No Mic",GSS_NO_MIC,"Button",BS_AUTOCHECKBOX | 
-                    WS_TABSTOP,275,155,39,10
+                    WS_TABSTOP,270,162,39,10
     CONTROL         "Slider1",GSS_CALL_COUNT,"msctls_trackbar32",TBS_BOTH | 
-                    WS_TABSTOP,70,170,100,15
+                    WS_TABSTOP,66,174,100,15
     CONTROL         "Slider2",GSS_MESSAGE_COUNT,"msctls_trackbar32",TBS_BOTH | 
-                    WS_TABSTOP,205,170,100,15
-    CTEXT           "Call Count",IDC_STATIC_CCOUNT,75,185,90,8
-    CTEXT           "Message Count",IDC_STATIC_MSG_COUNT,210,185,90,8
+                    WS_TABSTOP,204,174,100,15
+    CTEXT           "Call Count",IDC_STATIC_CCOUNT,72,192,90,8
+    CTEXT           "Message Count",IDC_STATIC_MSG_COUNT,210,192,90,8
     GROUPBOX        "Output",IDC_GROUP_OUTPUT,0,210,325,75
     GROUPBOX        "Configuration Options",IDC_GROUP_OPTIONS,0,0,325,205
     EDITTEXT        GSS_OUTPUT,0,220,320,60,ES_MULTILINE | ES_AUTOVSCROLL | 
                     ES_AUTOHSCROLL | ES_READONLY | WS_VSCROLL | WS_HSCROLL
+    CONTROL         "Mutual",GSS_MUTUAL,"Button",BS_AUTOCHECKBOX | 
+                    WS_TABSTOP,132,150,37,10
+    CONTROL         "Replay",GSS_REPLAY,"Button",BS_AUTOCHECKBOX | 
+                    WS_TABSTOP,198,150,38,10
+    CONTROL         "Sequence",GSS_SEQUENCE,"Button",BS_AUTOCHECKBOX | 
+                    WS_TABSTOP,270,150,49,10
 END
 
 
@@ -135,8 +141,8 @@ END
 /////////////////////////////////////////////////////////////////////////////
 #endif    // not APSTUDIO_INVOKED
 
+
 #include <winver.h>
 #include "..\version.rc"
 
 TestTrackerMOTD TEXT ver_serv.txt
-
diff --git a/src/windows/gss/resource.h b/src/windows/gss/resource.h
index 5de4525fca..de7b2c127c 100644
--- a/src/windows/gss/resource.h
+++ b/src/windows/gss/resource.h
@@ -31,6 +31,9 @@
 #define IDC_STATIC_HOST                 1027
 #define GSS_CCACHE_NAME                 1028
 #define IDC_STATIC_CCACHE               1029
+#define GSS_MUTUAL                      1030
+#define GSS_REPLAY                      1031
+#define GSS_SEQUENCE                    1032
 
 #define IDD_GSSAPIDLG                   101
 
@@ -41,7 +44,7 @@
 #define _APS_NO_MFC                     1
 #define _APS_NEXT_RESOURCE_VALUE        102
 #define _APS_NEXT_COMMAND_VALUE         40001
-#define _APS_NEXT_CONTROL_VALUE         1030
+#define _APS_NEXT_CONTROL_VALUE         1033
 #define _APS_NEXT_SYMED_VALUE           101
 #endif
 #endif