diff options
Diffstat (limited to 'src/lib/gssapi/generic')
| -rw-r--r-- | src/lib/gssapi/generic/gssapiP_generic.h | 32 | ||||
| -rw-r--r-- | src/lib/gssapi/generic/gssapi_generic.c | 28 | ||||
| -rw-r--r-- | src/lib/gssapi/generic/gssapi_generic_err.et | 1 | ||||
| -rw-r--r-- | src/lib/gssapi/generic/util_canonhost.c | 13 | ||||
| -rw-r--r-- | src/lib/gssapi/generic/util_validate.c | 1 |
5 files changed, 60 insertions, 15 deletions
diff --git a/src/lib/gssapi/generic/gssapiP_generic.h b/src/lib/gssapi/generic/gssapiP_generic.h index 5d8275568..7626ce411 100644 --- a/src/lib/gssapi/generic/gssapiP_generic.h +++ b/src/lib/gssapi/generic/gssapiP_generic.h @@ -31,6 +31,8 @@ #include "gssapi_generic_err.h" #include <errno.h> +#include <sys/types.h> +#include <netinet/in.h> /** helper macros **/ @@ -38,15 +40,23 @@ (((o1)->length == (o2)->length) && \ (memcmp((o1)->elements,(o2)->elements,(o1)->length) == 0)) -#define TWRITE_INT(ptr, tmp, num) \ - (tmp) = htonl(num); \ - memcpy(ptr, (char *) &(tmp), sizeof(tmp)); \ - (ptr) += sizeof(tmp); - -#define TREAD_INT(ptr, num) \ - memcpy((char *) &(num), (char *) (ptr), sizeof(num)); \ - (num) = ntohl(num); \ - (ptr) += sizeof(num); +/* this code knows that an int on the wire is 32 bits. The type of + num should be at least this big, or the extra shifts may do weird + things */ + +#define TWRITE_INT(ptr, num, bigend) \ + (ptr)[0] = (bigend)?((num)>>24):((num)&0xff); \ + (ptr)[1] = (bigend)?(((num)>>16)&0xff):(((num)>>8)&0xff); \ + (ptr)[2] = (bigend)?(((num)>>8)&0xff):(((num)>>16)&0xff); \ + (ptr)[3] = (bigend)?((num)&0xff):((num)>>24); \ + (ptr) += 4; + +#define TREAD_INT(ptr, num, bigend) \ + (num) = (((ptr)[0]<<((bigend)?24: 0)) | \ + ((ptr)[1]<<((bigend)?16: 8)) | \ + ((ptr)[2]<<((bigend)? 8:16)) | \ + ((ptr)[3]<<((bigend)? 0:24))); \ + (ptr) += 4; #define TWRITE_STR(ptr, str, len) \ memcpy((ptr), (char *) (str), (len)); \ @@ -56,8 +66,8 @@ (str) = (ptr); \ (ptr) += (len); -#define TWRITE_BUF(ptr, tmp, buf) \ - TWRITE_INT((ptr), (tmp), (buf).length); \ +#define TWRITE_BUF(ptr, buf, bigend) \ + TWRITE_INT((ptr), (buf).length, (bigend)); \ TWRITE_STR((ptr), (buf).value, (buf).length); /** malloc wrappers; these may actually do something later */ diff --git a/src/lib/gssapi/generic/gssapi_generic.c b/src/lib/gssapi/generic/gssapi_generic.c index 26d7eebf6..97adfdd8f 100644 --- a/src/lib/gssapi/generic/gssapi_generic.c +++ b/src/lib/gssapi/generic/gssapi_generic.c @@ -26,11 +26,31 @@ #include "gssapiP_generic.h" +/* + * See krb5/gssapi_krb5.c for a description of the algorithm for + * encoding an object identifier. + */ + +/* + * The OID of user_name is: + * iso(1) member-body(2) US(840) mit(113554) infosys(2) gssapi(1) + * generic(1) user_name(1) = 1.2.840.113554.2.1.1.1 + * machine_uid_name: + * iso(1) member-body(2) US(840) mit(113554) infosys(2) gssapi(1) + * generic(1) machine_uid_name(2) = 1.2.840.113554.2.1.1.2 + * string_uid_name: + * iso(1) member-body(2) US(840) mit(113554) infosys(2) gssapi(1) + * generic(1) string_uid_name(3) = 1.2.840.113554.2.1.1.3 + * service_name: + * iso(1) member-body(2) US(840) mit(113554) infosys(2) gssapi(1) + * generic(1) service_name(4) = 1.2.840.113554.2.1.1.4 + */ + static const gss_OID_desc oids[] = { - {2, "\001\001"}, - {2, "\001\002"}, - {2, "\001\003"}, - {2, "\001\004"}, + {10, "\052\206\110\206\367\022\002\001\001\001"}, + {10, "\052\206\110\206\367\022\002\001\001\002"}, + {10, "\052\206\110\206\367\022\002\001\001\003"}, + {10, "\052\206\110\206\367\022\002\001\001\004"}, }; const_gss_OID gss_nt_user_name = oids+0; diff --git a/src/lib/gssapi/generic/gssapi_generic_err.et b/src/lib/gssapi/generic/gssapi_generic_err.et index fed788c29..cc5ce7c19 100644 --- a/src/lib/gssapi/generic/gssapi_generic_err.et +++ b/src/lib/gssapi/generic/gssapi_generic_err.et @@ -35,4 +35,5 @@ error_code G_BAD_MSG_CTX, "Message context invalid" error_code G_WRONG_SIZE, "Buffer is the wrong size" error_code G_BAD_USAGE, "Credential usage type is unknown" error_code G_UNKNOWN_QOP, "Unknown quality of protection specified" +error_code G_BAD_HOSTNAME, "Hostname in SERVICE-NAME string could not be canonicalized" end diff --git a/src/lib/gssapi/generic/util_canonhost.c b/src/lib/gssapi/generic/util_canonhost.c index 8fb7a03fe..277c07836 100644 --- a/src/lib/gssapi/generic/util_canonhost.c +++ b/src/lib/gssapi/generic/util_canonhost.c @@ -36,11 +36,24 @@ char *g_canonicalize_host(char *hostname) { struct hostent *hent; + char *haddr; char *canon, *str; if ((hent = gethostbyname(hostname)) == NULL) return(NULL); + if (! (haddr = xmalloc(hent->h_length))) { + return(NULL); + } + + memcpy(haddr, hent->h_addr_list[0], hent->h_length); + + if (! (hent = gethostbyaddr(haddr, hent->h_length, hent->h_addrtype))) { + return(NULL); + } + + xfree(haddr); + if ((canon = xmalloc(strlen(hent->h_name)+1)) == NULL) return(NULL); diff --git a/src/lib/gssapi/generic/util_validate.c b/src/lib/gssapi/generic/util_validate.c index 0c25c2644..8c5e72219 100644 --- a/src/lib/gssapi/generic/util_validate.c +++ b/src/lib/gssapi/generic/util_validate.c @@ -32,6 +32,7 @@ #include <sys/types.h> #include <sys/file.h> +#include <fcntl.h> #include <limits.h> #include <db.h> |