made imgssapi work with new netstrm driver model

there were a couple of things where imgssapi was not compatible
with the new encapsulation. I did a somewhat dirty fix. The real
solution would be to turn gssapi functionality into a netstream
driver, which is too much for now (after all, we want to release
some time AND we need to have the code mature in practice
before we go for the next target...).

3 files changed, 29 insertions, 2 deletions

diff --git a/runtime/netstrm.c b/runtime/netstrm.c
index e270335c..47c67a53 100644
--- a/runtime/netstrm.c
+++ b/runtime/netstrm.c
@@ -239,6 +239,22 @@ Connect(netstrm_t *pThis, int family, uchar *port, uchar *host)
 }
 
 
+/* Provide access to the underlying OS socket. This is dirty
+ * and scheduled to be removed. Does not work with all nsd drivers.
+ * See comment in netstrm interface for details.
+ * rgerhards, 2008-05-05
+ */
+static rsRetVal
+GetSock(netstrm_t *pThis, int *pSock)
+{
+	DEFiRet;
+	ISOBJ_TYPE_assert(pThis, netstrm);
+	assert(pSock != NULL);
+	iRet = pThis->Drvr.GetSock(pThis->pDrvrData, pSock);
+	RETiRet;
+}
+
+
 /* queryInterface function
  */
 BEGINobjQueryInterface(netstrm)
@@ -264,6 +280,7 @@ CODESTARTobjQueryInterface(netstrm)
 	pIf->GetRemoteHName = GetRemoteHName;
 	pIf->GetRemoteIP = GetRemoteIP;
 	pIf->SetDrvrMode = SetDrvrMode;
+	pIf->GetSock = GetSock;
 finalize_it:
 ENDobjQueryInterface(netstrm)
 
diff --git a/runtime/netstrm.h b/runtime/netstrm.h
index b2131ff7..a15c1d9b 100644
--- a/runtime/netstrm.h
+++ b/runtime/netstrm.h
@@ -31,7 +31,6 @@ struct netstrm_s {
 	BEGINobjInstance;	/* Data to implement generic object - MUST be the first data element! */
 	nsd_t *pDrvrData;	/**< the driver's data elements (at most other places, this is called pNsd) */
 	nsd_if_t Drvr;		/**< our stream driver */
-	//int iDrvrMode;		/**< mode to be used for our driver */
 	netstrms_t *pNS;	/**< pointer to our netstream subsystem object */
 };
 
@@ -51,6 +50,14 @@ BEGINinterface(netstrm) /* name must also be changed in ENDinterface macro! */
 	rsRetVal (*GetRemoteHName)(netstrm_t *pThis, uchar **pszName);
 	rsRetVal (*GetRemoteIP)(netstrm_t *pThis, uchar **pszIP);
 	rsRetVal (*SetDrvrMode)(netstrm_t *pThis, int iMode);
+	/* the GetSock() below is a hack to make imgssapi work. In the long term,
+	 * we should migrate imgssapi to a stream driver, which will relieve us of
+	 * this problem. Please note that nobody else should use GetSock(). Using it 
+	 * will also tie the caller to nsd_ptcp, because other drivers may not support
+	 * it at all. Once the imgssapi problem is solved, GetSock should be removed from
+	 * this interface. -- rgerhards, 2008-05-05
+	 */
+	rsRetVal (*GetSock)(netstrm_t *pThis, int *pSock);
 ENDinterface(netstrm)
 #define netstrmCURR_IF_VERSION 1 /* increment whenever you change the interface structure! */
 
diff --git a/runtime/nsd_gtls.c b/runtime/nsd_gtls.c
index b1713240..630c751b 100644
--- a/runtime/nsd_gtls.c
+++ b/runtime/nsd_gtls.c
@@ -155,7 +155,10 @@ gtlsGlblInitLstn(void)
 	DEFiRet;
 
 	if(bGlblSrvrInitDone == 0) {
-		//CHKgnutls(gnutls_certificate_set_x509_crl_file(xcred, CRLFILE, GNUTLS_X509_FMT_PEM));
+		/* we do not use CRLs right now, and I doubt we'll ever do. This functionality is
+		 * considered legacy. -- rgerhards, 2008-05-05
+		 */
+		/*CHKgnutls(gnutls_certificate_set_x509_crl_file(xcred, CRLFILE, GNUTLS_X509_FMT_PEM));*/
 		CHKgnutls(gnutls_certificate_set_x509_key_file(xcred, CERTFILE, KEYFILE, GNUTLS_X509_FMT_PEM));
 		CHKiRet(generate_dh_params());
 		gnutls_certificate_set_dh_params(xcred, dh_params); /* this is void */