Merge from branches/mechglue. Initial integration of Sun-donated

mechglue and SPNEGO implementations.  Additional changes outside of
src/lib/gssapi:

	* src/configure.in: Add lib/gssapi/mechglue and lib/gssapi/spnego
	to list of directories to output Makefile in.

	* src/lib/rpc/unit-test/rpc_test.0/expire.exp (expired): Update
	regexp for mechglue.

	* src/tests/dejagnu/krb-standalone/v4gssftp.exp (v4ftp_test):
	Update "Miscellaneous failure" regexp for mechglue.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18131 dc483132-0cff-0310-8789-dd5450dbe970

6 files changed, 13 insertions, 479 deletions

diff --git a/src/lib/gssapi/generic/Makefile.in b/src/lib/gssapi/generic/Makefile.in
index 9dfa68e6f..38b55e1b4 100644
--- a/src/lib/gssapi/generic/Makefile.in
+++ b/src/lib/gssapi/generic/Makefile.in
@@ -67,11 +67,9 @@ SRCS = \
 	$(srcdir)/disp_com_err_status.c \
 	$(srcdir)/disp_major_status.c \
 	$(srcdir)/gssapi_generic.c \
-	$(srcdir)/oid_ops.c \
 	$(srcdir)/rel_buffer.c \
 	$(srcdir)/rel_oid_set.c \
 	$(srcdir)/util_buffer.c \
-	$(srcdir)/util_oid.c \
 	$(srcdir)/util_ordering.c \
 	$(srcdir)/util_set.c \
 	$(srcdir)/util_token.c \
@@ -82,11 +80,9 @@ OBJS = \
 	$(OUTPRE)disp_com_err_status.$(OBJEXT) \
 	$(OUTPRE)disp_major_status.$(OBJEXT) \
 	$(OUTPRE)gssapi_generic.$(OBJEXT) \
-	$(OUTPRE)oid_ops.$(OBJEXT) \
 	$(OUTPRE)rel_buffer.$(OBJEXT) \
 	$(OUTPRE)rel_oid_set.$(OBJEXT) \
 	$(OUTPRE)util_buffer.$(OBJEXT) \
-	$(OUTPRE)util_oid.$(OBJEXT) \
 	$(OUTPRE)util_ordering.$(OBJEXT) \
 	$(OUTPRE)util_set.$(OBJEXT) \
 	$(OUTPRE)util_token.$(OBJEXT) \
@@ -97,11 +93,9 @@ STLIBOBJS = \
 	disp_com_err_status.o \
 	disp_major_status.o \
 	gssapi_generic.o \
-	oid_ops.o \
 	rel_buffer.o \
 	rel_oid_set.o \
 	util_buffer.o \
-	util_oid.o \
 	util_ordering.o \
 	util_set.o \
 	util_token.o \
diff --git a/src/lib/gssapi/generic/gssapi.hin b/src/lib/gssapi/generic/gssapi.hin
index 37b79e807..28b5b1123 100644
--- a/src/lib/gssapi/generic/gssapi.hin
+++ b/src/lib/gssapi/generic/gssapi.hin
@@ -691,6 +691,13 @@ OM_uint32 KRB5_CALLCONV gss_inquire_names_for_mech
 	    gss_OID_set *		/* name_types */
 	   );
 
+/* New for V2 */
+OM_uint32 KRB5_CALLCONV gss_inquire_mechs_for_name(
+    OM_uint32 *,		/* minor_status */
+    const gss_name_t,		/* input_name */
+    gss_OID_set *		/* mech_types */
+);
+
 /*
  * The following routines are obsolete variants of gss_get_mic, gss_wrap,
  * gss_verify_mic and gss_unwrap.  They should be provided by GSSAPI V2
diff --git a/src/lib/gssapi/generic/gssapiP_generic.h b/src/lib/gssapi/generic/gssapiP_generic.h
index ca19b1891..2752f1dfa 100644
--- a/src/lib/gssapi/generic/gssapiP_generic.h
+++ b/src/lib/gssapi/generic/gssapiP_generic.h
@@ -48,9 +48,9 @@ typedef UINT64_TYPE gssint_uint64;
 
 /** helper macros **/
 
-#define g_OID_equal(o1,o2) \
-   (((o1)->length == (o2)->length) && \
-    (memcmp((o1)->elements,(o2)->elements,(unsigned int) (o1)->length) == 0))
+#define	g_OID_equal(o1, o2) \
+	(((o1)->length == (o2)->length) && \
+	(memcmp((o1)->elements, (o2)->elements, (o1)->length) == 0))
 
 /* this code knows that an int on the wire is 32 bits.  The type of
    num should be at least this big, or the extra shifts may do weird
@@ -122,7 +122,6 @@ typedef UINT64_TYPE gssint_uint64;
 #define	g_delete_ctx_id		gssint_g_delete_ctx_id
 #define	g_delete_lucidctx_id	gssint_g_delete_lucidctx_id
 #define	g_make_string_buffer	gssint_g_make_string_buffer
-#define	g_copy_OID_set		gssint_g_copy_OID_set
 #define	g_token_size		gssint_g_token_size
 #define	g_make_token_header	gssint_g_make_token_header
 #define	g_verify_token_header	gssint_g_verify_token_header
@@ -168,8 +167,6 @@ int g_delete_lucidctx_id (g_set *vdb, void *lctx);
 
 int g_make_string_buffer (const char *str, gss_buffer_t buffer);
 
-int g_copy_OID_set (const gss_OID_set_desc * const in, gss_OID_set *out);
-
 unsigned int g_token_size (const gss_OID_desc * mech, unsigned int body_size);
 
 void g_make_token_header (const gss_OID_desc * mech, unsigned int body_size,
diff --git a/src/lib/gssapi/generic/gssapi_err_generic.et b/src/lib/gssapi/generic/gssapi_err_generic.et
index 99ba45fe3..3e976e3db 100644
--- a/src/lib/gssapi/generic/gssapi_err_generic.et
+++ b/src/lib/gssapi/generic/gssapi_err_generic.et
@@ -43,4 +43,7 @@ error_code G_BAD_DIRECTION, "Packet was replayed in wrong direction"
 error_code G_TOK_TRUNC, "Token is missing data"
 error_code G_REFLECT, "Token was reflected"
 error_code G_WRONG_TOKID, "Received token ID does not match expected token ID"
+error_code G_CRED_USAGE_MISMATCH, "The given credential's usage does not match the requested usage"
+error_code G_STORE_ACCEPTOR_CRED_NOSUPP, "Storing of acceptor credentials is not supported by the mechanism"
+error_code G_STORE_NON_DEFAULT_CRED_NOSUPP, "Storing of non-default credentials is not supported by the mechanism"
 end
diff --git a/src/lib/gssapi/generic/oid_ops.c b/src/lib/gssapi/generic/oid_ops.c
deleted file mode 100644
index 1234f2ee7..000000000
--- a/src/lib/gssapi/generic/oid_ops.c
+++ /dev/null
@@ -1,389 +0,0 @@
-/*
- * lib/gssapi/generic/oid_ops.c
- *
- * Copyright 1995 by the Massachusetts Institute of Technology.
- * All Rights Reserved.
- *
- * Export of this software from the United States of America may
- *   require a specific license from the United States Government.
- *   It is the responsibility of any person or organization contemplating
- *   export to obtain such a license before exporting.
- *
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
- * distribute this software and its documentation for any purpose and
- * without fee is hereby granted, provided that the above copyright
- * notice appear in all copies and that both that copyright notice and
- * this permission notice appear in supporting documentation, and that
- * the name of M.I.T. not be used in advertising or publicity pertaining
- * to distribution of the software without specific, written prior
- * permission.  Furthermore if you modify this software you must label
- * your software as modified software and not distribute it in such a
- * fashion that it might be confused with the original M.I.T. software.
- * M.I.T. makes no representations about the suitability of
- * this software for any purpose.  It is provided "as is" without express
- * or implied warranty.
- *
- */
-
-/*
- * oid_ops.c - GSS-API V2 interfaces to manipulate OIDs
- */
-
-#include "gssapiP_generic.h"
-
-#ifdef HAVE_UNISTD_H
-#include <unistd.h>
-#endif
-#include <stdlib.h>
-#include <string.h>
-#include <stdio.h>
-#include <errno.h>
-#include <ctype.h>
-
-OM_uint32
-generic_gss_release_oid(minor_status, oid)
-    OM_uint32	*minor_status;
-    gss_OID	*oid;
-{
-    *minor_status = 0;
-
-    if (*oid == GSS_C_NO_OID)
-	return(GSS_S_COMPLETE);
-
-    /*
-     * The V2 API says the following!
-     *
-     * gss_release_oid[()] will recognize any of the GSSAPI's own OID values,
-     * and will silently ignore attempts to free these OIDs; for other OIDs
-     * it will call the C free() routine for both the OID data and the
-     * descriptor.  This allows applications to freely mix their own heap-
-     * allocated OID values with OIDs returned by GSS-API.
-     */
-    if ((*oid != gss_nt_user_name) &&
-	(*oid != gss_nt_machine_uid_name) &&
-	(*oid != gss_nt_string_uid_name) &&
-	(*oid != gss_nt_service_name) &&
-	(*oid != gss_nt_exported_name) &&
-	(*oid != gss_nt_service_name_v2)) {
-	free((*oid)->elements);
-	free(*oid);
-    }
-    *oid = GSS_C_NO_OID;
-    return(GSS_S_COMPLETE);
-}
-
-OM_uint32
-generic_gss_copy_oid(minor_status, oid, new_oid)
-	OM_uint32	*minor_status;
-	const gss_OID_desc * const oid;
-	gss_OID         *new_oid;
-{
-	gss_OID		p;
-
-	p = (gss_OID) malloc(sizeof(gss_OID_desc));
-	if (!p) {
-		*minor_status = ENOMEM;
-		return GSS_S_FAILURE;
-	}
-	p->length = oid->length;
-	p->elements = malloc(p->length);
-	if (!p->elements) {
-		free(p);
-		*minor_status = ENOMEM;
-		return GSS_S_FAILURE;
-	}
-	memcpy(p->elements, oid->elements, p->length);
-	*new_oid = p;
-	return(GSS_S_COMPLETE);
-}
-
-
-OM_uint32
-generic_gss_create_empty_oid_set(minor_status, oid_set)
-    OM_uint32	*minor_status;
-    gss_OID_set	*oid_set;
-{
-    if ((*oid_set = (gss_OID_set) malloc(sizeof(gss_OID_set_desc)))) {
-	memset(*oid_set, 0, sizeof(gss_OID_set_desc));
-	*minor_status = 0;
-	return(GSS_S_COMPLETE);
-    }
-    else {
-	*minor_status = ENOMEM;
-	return(GSS_S_FAILURE);
-    }
-}
-
-OM_uint32
-generic_gss_add_oid_set_member(minor_status, member_oid, oid_set)
-    OM_uint32	*minor_status;
-    const gss_OID_desc * const	member_oid;
-    gss_OID_set	*oid_set;
-{
-    gss_OID	elist;
-    gss_OID	lastel;
-
-    elist = (*oid_set)->elements;
-    /* Get an enlarged copy of the array */
-    if (((*oid_set)->elements = (gss_OID) malloc(((*oid_set)->count+1) *
-						  sizeof(gss_OID_desc)))) {
-	/* Copy in the old junk */
-	if (elist)
-	    memcpy((*oid_set)->elements,
-		   elist,
-		   ((*oid_set)->count * sizeof(gss_OID_desc)));
-
-	/* Duplicate the input element */
-	lastel = &(*oid_set)->elements[(*oid_set)->count];
-	if ((lastel->elements =
-	     (void *) malloc((size_t) member_oid->length))) {
-	    /* Success - copy elements */
-	    memcpy(lastel->elements, member_oid->elements,
-		   (size_t) member_oid->length);
-	    /* Set length */
-	    lastel->length = member_oid->length;
-
-	    /* Update count */
-	    (*oid_set)->count++;
-	    if (elist)
-		free(elist);
-	    *minor_status = 0;
-	    return(GSS_S_COMPLETE);
-	}
-	else
-	    free((*oid_set)->elements);
-    }
-    /* Failure - restore old contents of list */
-    (*oid_set)->elements = elist;
-    *minor_status = ENOMEM;
-    return(GSS_S_FAILURE);
-}
-
-OM_uint32
-generic_gss_test_oid_set_member(minor_status, member, set, present)
-    OM_uint32	*minor_status;
-    const gss_OID_desc * const	member;
-    gss_OID_set	set;
-    int		*present;
-{
-    size_t	i;
-    int		result;
-
-    result = 0;
-    for (i=0; i<set->count; i++) {
-	if ((set->elements[i].length == member->length) &&
-	    !memcmp(set->elements[i].elements,
-		    member->elements,
-		    (size_t) member->length)) {
-	    result = 1;
-	    break;
-	}
-    }
-    *present = result;
-    *minor_status = 0;
-    return(GSS_S_COMPLETE);
-}
-
-/*
- * OID<->string routines.  These are uuuuugly.
- */
-OM_uint32
-generic_gss_oid_to_str(minor_status, oid, oid_str)
-    OM_uint32		*minor_status;
-    const gss_OID_desc * const	oid;
-    gss_buffer_t	oid_str;
-{
-    char		numstr[128];
-    unsigned long	number;
-    int			numshift;
-    size_t		string_length;
-    size_t		i;
-    unsigned char	*cp;
-    char		*bp;
-
-    /* Decoded according to krb5/gssapi_krb5.c */
-
-    /* First determine the size of the string */
-    string_length = 0;
-    number = 0;
-    numshift = 0;
-    cp = (unsigned char *) oid->elements;
-    number = (unsigned long) cp[0];
-    sprintf(numstr, "%ld ", number/40);
-    string_length += strlen(numstr);
-    sprintf(numstr, "%ld ", number%40);
-    string_length += strlen(numstr);
-    for (i=1; i<oid->length; i++) {
-	if ( (size_t) (numshift+7) < (sizeof(unsigned long)*8)) {
-	    number = (number << 7) | (cp[i] & 0x7f);
-	    numshift += 7;
-	}
-	else {
-	    *minor_status = EINVAL;
-	    return(GSS_S_FAILURE);
-	}
-	if ((cp[i] & 0x80) == 0) {
-	    sprintf(numstr, "%ld ", number);
-	    string_length += strlen(numstr);
-	    number = 0;
-	    numshift = 0;
-	}
-    }
-    /*
-     * If we get here, we've calculated the length of "n n n ... n ".  Add 4
-     * here for "{ " and "}\0".
-     */
-    string_length += 4;
-    if ((bp = (char *) malloc(string_length))) {
-	strcpy(bp, "{ ");
-	number = (unsigned long) cp[0];
-	sprintf(numstr, "%ld ", number/40);
-	strcat(bp, numstr);
-	sprintf(numstr, "%ld ", number%40);
-	strcat(bp, numstr);
-	number = 0;
-	cp = (unsigned char *) oid->elements;
-	for (i=1; i<oid->length; i++) {
-	    number = (number << 7) | (cp[i] & 0x7f);
-	    if ((cp[i] & 0x80) == 0) {
-		sprintf(numstr, "%ld ", number);
-		strcat(bp, numstr);
-		number = 0;
-	    }
-	}
-	strcat(bp, "}");
-	oid_str->length = strlen(bp)+1;
-	oid_str->value = (void *) bp;
-	*minor_status = 0;
-	return(GSS_S_COMPLETE);
-    }
-    *minor_status = ENOMEM;
-    return(GSS_S_FAILURE);
-}
-
-OM_uint32
-generic_gss_str_to_oid(minor_status, oid_str, oid)
-    OM_uint32		*minor_status;
-    gss_buffer_t	oid_str;
-    gss_OID		*oid;
-{
-    char	*cp, *bp, *startp;
-    int		brace;
-    long	numbuf;
-    long	onumbuf;
-    OM_uint32	nbytes;
-    int		idx;
-    unsigned char *op;
-
-    brace = 0;
-    bp = (char *) oid_str->value;
-    cp = bp;
-    /* Skip over leading space */
-    while ((bp < &cp[oid_str->length]) && isspace((int) *bp))
-	bp++;
-    if (*bp == '{') {
-	brace = 1;
-	bp++;
-    }
-    while ((bp < &cp[oid_str->length]) && isspace((int) *bp))
-	bp++;
-    startp = bp;
-    nbytes = 0;
-
-    /*
-     * The first two numbers are chewed up by the first octet.
-     */
-    if (sscanf(bp, "%ld", &numbuf) != 1) {
-	*minor_status = EINVAL;
-	return(GSS_S_FAILURE);
-    }
-    while ((bp < &cp[oid_str->length]) && isdigit((int) *bp))
-	bp++;
-    while ((bp < &cp[oid_str->length]) && isspace((int) *bp))
-	bp++;
-    if (sscanf(bp, "%ld", &numbuf) != 1) {
-	*minor_status = EINVAL;
-	return(GSS_S_FAILURE);
-    }
-    while ((bp < &cp[oid_str->length]) && isdigit((int) *bp))
-	bp++;
-    while ((bp < &cp[oid_str->length]) && isspace((int) *bp))
-	bp++;
-    nbytes++;
-    while (isdigit((int) *bp)) {
-	if (sscanf(bp, "%ld", &numbuf) != 1) {
-	    *minor_status = EINVAL;
-	    return(GSS_S_FAILURE);
-	}
-	while (numbuf) {
-	    nbytes++;
-	    numbuf >>= 7;
-	}
-	while ((bp < &cp[oid_str->length]) && isdigit((int) *bp))
-	    bp++;
-	while ((bp < &cp[oid_str->length]) && isspace((int) *bp))
-	    bp++;
-    }
-    if (brace && (*bp != '}')) {
-	*minor_status = EINVAL;
-	return(GSS_S_FAILURE);
-    }
-
-    /*
-     * Phew!  We've come this far, so the syntax is good.
-     */
-    if ((*oid = (gss_OID) malloc(sizeof(gss_OID_desc)))) {
-	if (((*oid)->elements = (void *) malloc((size_t) nbytes))) {
-	    (*oid)->length = nbytes;
-	    op = (unsigned char *) (*oid)->elements;
-	    bp = startp;
-	    sscanf(bp, "%ld", &numbuf);
-	    while (isdigit((int) *bp))
-		bp++;
-	    while (isspace((int) *bp))
-		bp++;
-	    onumbuf = 40*numbuf;
-	    sscanf(bp, "%ld", &numbuf);
-	    onumbuf += numbuf;
-	    *op = (unsigned char) onumbuf;
-	    op++;
-	    while (isdigit((int) *bp))
-		bp++;
-	    while (isspace((int) *bp))
-		bp++;
-	    while (isdigit((int) *bp)) {
-		sscanf(bp, "%ld", &numbuf);
-		nbytes = 0;
-		/* Have to fill in the bytes msb-first */
-		onumbuf = numbuf;
-		while (numbuf) {
-		    nbytes++;
-		    numbuf >>= 7;
-		}
-		numbuf = onumbuf;
-		op += nbytes;
-		idx = -1;
-		while (numbuf) {
-		    op[idx] = (unsigned char) numbuf & 0x7f;
-		    if (idx != -1)
-			op[idx] |= 0x80;
-		    idx--;
-		    numbuf >>= 7;
-		}
-		while (isdigit((int) *bp))
-		    bp++;
-		while (isspace((int) *bp))
-		    bp++;
-	    }
-	    *minor_status = 0;
-	    return(GSS_S_COMPLETE);
-	}
-	else {
-	    free(*oid);
-	    *oid = GSS_C_NO_OID;
-	}
-    }
-    *minor_status = ENOMEM;
-    return(GSS_S_FAILURE);
-}
-
diff --git a/src/lib/gssapi/generic/util_oid.c b/src/lib/gssapi/generic/util_oid.c
deleted file mode 100644
index 60b1e157e..000000000
--- a/src/lib/gssapi/generic/util_oid.c
+++ /dev/null
@@ -1,78 +0,0 @@
-/*
- * Copyright 1993 by OpenVision Technologies, Inc.
- * 
- * Permission to use, copy, modify, distribute, and sell this software
- * and its documentation for any purpose is hereby granted without fee,
- * provided that the above copyright notice appears in all copies and
- * that both that copyright notice and this permission notice appear in
- * supporting documentation, and that the name of OpenVision not be used
- * in advertising or publicity pertaining to distribution of the software
- * without specific, written prior permission. OpenVision makes no
- * representations about the suitability of this software for any
- * purpose.  It is provided "as is" without express or implied warranty.
- * 
- * OPENVISION DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE,
- * INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO
- * EVENT SHALL OPENVISION BE LIABLE FOR ANY SPECIAL, INDIRECT OR
- * CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF
- * USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR
- * OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
- * PERFORMANCE OF THIS SOFTWARE.
- */
-
-#include "gssapiP_generic.h"
-#include "string.h"
-
-/*
- * $Id$
- */
-
-int
-g_copy_OID_set(in, out)
-     const gss_OID_set_desc * const in;
-     gss_OID_set *out;
-{
-   gss_OID_set copy;
-   gss_OID     new_oid;
-   size_t      i;
-   size_t      len;
-
-   *out = NULL;
-
-   if ((copy =
-	(gss_OID_set_desc *) xmalloc(sizeof(gss_OID_set_desc))) == NULL)
-      return(0);
-
-   copy->count = in->count;
-   len = sizeof(gss_OID_desc) * copy->count;
-
-   if ((copy->elements = 
-	(gss_OID_desc *) xmalloc( len )) == NULL) {
-      xfree(copy);
-      return(0);
-   }
-
-   memset( copy->elements, 0, len );
-   
-   for (i=0; i<in->count; i++) {
-      len = in->elements[i].length;
-      new_oid = &(copy->elements[i]);
-      new_oid->elements = xmalloc( len );
-      if ( new_oid->elements == NULL ) {
-         while( i>0 ) {
-            i--;
-            new_oid = &(copy->elements[i]);
-            if ( new_oid->elements!=NULL )
-               xfree( new_oid->elements );
-         }
-         xfree( copy->elements );
-         xfree( copy );
-         return( 0 );
-      }
-      memcpy( new_oid->elements, in->elements[i].elements, len );
-      new_oid->length = len;
-   }
-
-   *out = copy;
-   return(1);
-}