summaryrefslogtreecommitdiffstats
path: root/src/lib/gssapi/generic/gssapiP_generic.h
Commit message (Collapse)AuthorAgeFilesLines
* Improve internal API for GSS sequence numbersGreg Hudson2014-03-181-18/+17
| | | | | | | | | | Use an opaque structure type instead of a void pointer for the sequence number state. Rename all functions to use a g_seqstate prefix rather than a mix of g_order and g_queue. Remove the unneccessary indirection from the state object parameter in g_seqstate_check and g_seqstate_free. Return OM_uint32 where we return a GSS major code, long where we return an errno value, and void where we can't fail.
* Eliminate internal fixed-width type wrappersGreg Hudson2014-02-261-3/+2
| | | | | Directly use stdint.h names for integer types in preference to the various internal names we have made up for them.
* Get rid of G_VFY_TOKEN_HDR_IGNORE_SEQ_SIZEGreg Hudson2013-09-081-1/+0
| | | | | | | | | | This flag was introduced in the mskrb-integ merge but is not actually used after r21742--while kg_unseal_iov_token sets it in vfyflags for DCE-style contexts, it doesn't actually pass vfyflags to g_verify_token_header or otherwise use it. Moreover, the flag is not necessary there; we correctly set input_length to the header length (without data, padding, or trailer) for v1 tokens in a DCE-style context.
* Modernize k5bufGreg Hudson2013-02-141-3/+3
| | | | | | Rename the krb5int_buf_ family of functions to use the k5_ prefix for brevity. Reformat some k5buf implementation code to match current practices.
* Clean up k5buf_to_gss helperGreg Hudson2012-08-231-1/+1
| | | | | | | k5buf_to_gss was used in only one place (generic_gss_oid_to_str), where we want to include the terminating null byte in the GSS buffer. Remove that assumption from the helper, and instead explicitly append the null byte to the buffer before translating.
* Add debug mode to gssapi_alloc.hGreg Hudson2012-08-111-1/+1
| | | | | | | | | | Because the gssalloc macros are normally equivalent to malloc and free on Unix, we cannot use the full test suite to find cases where we allocate with malloc and free with gssalloc_free or vice versa. Provide a way to test for this kind of bug (if only in a special build configuration) by supporting a DEBUG_GSSALLOC symbol, which causes the gssalloc wrappers to be deliberately incompatible with malloc and free.
* Utility functions to move allocations from k5buf/krb5_data to gss_buffer_tSam Hartman2011-10-141-1/+38
| | | | | | | | | | | | On Unix, these simply move the buffer pointer, but on windows they need to reallocated with gssalloc_malloc and coied since the gss_buffer_t may need to be freed in a separate module with potentially mismatched c runtime. Also fix a mismatched parameter warning in generic_gss_copy_oid_set(). Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com> git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25331 dc483132-0cff-0310-8789-dd5450dbe970
* Remove pointer validation code from the gss krb5 mechGreg Hudson2011-04-131-12/+0
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24877 dc483132-0cff-0310-8789-dd5450dbe970
* Merge users/lhoward/sasl-gs2 to trunkGreg Hudson2010-10-061-0/+9
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24436 dc483132-0cff-0310-8789-dd5450dbe970
* Remove unnecessary pointer casts in args to free,memcpy,memset,memchr except ↵Ken Raeburn2009-02-021-1/+1
| | | | | | unicode, windows code git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21875 dc483132-0cff-0310-8789-dd5450dbe970
* Use 16/32-bit big/little-endian store functions in more placesKen Raeburn2009-01-261-14/+6
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21796 dc483132-0cff-0310-8789-dd5450dbe970
* whitespaceTom Yu2009-01-221-14/+14
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21778 dc483132-0cff-0310-8789-dd5450dbe970
* Merge mskrb-integ onto trunkSam Hartman2009-01-031-2/+40
| | | | | | | | | | | | | | | | | | | | | | | | The mskrb-integ branch includes support for the following projects: Projects/Aliases * Projects/PAC and principal APIs * Projects/AEAD encryption API * Projects/GSSAPI DCE * Projects/RFC 3244 In addition, it includes support for enctype negotiation, and a variety of GSS-API extensions. In the KDC it includes support for protocol transition, constrained delegation and a new authorization data interface. The old authorization data interface is also supported. This commit merges the mskrb-integ branch on to the trunk. Additional review and testing is required. Merge commit 'mskrb-integ' into trunk ticket: new status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21690 dc483132-0cff-0310-8789-dd5450dbe970
* Use the k5buf module instead of strcpy/strcat in several placesGreg Hudson2008-10-301-0/+1
| | | | | | | ticket: 6200 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20941 dc483132-0cff-0310-8789-dd5450dbe970
* Untabify. Normalize whitespace. Reindent. Fix some of the mostTom Yu2008-10-151-124/+125
| | | | | | | egregious formatting quirks. Add emacs mode settings to flag untabified source files. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20876 dc483132-0cff-0310-8789-dd5450dbe970
* Based on patch from lxs, with some changes:Ken Raeburn2008-08-271-0/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add several new gcc warning flags, used in the KfM build process. Put declarations before code. Fix a bunch of signed/unsigned type mixes, mostly by changing variable types to unsigned int. Fix constness in handling name of default ccache name. Make sure functions get declared with prototypes: krb5int_pthread_loaded krb5int_gmt_mktime krb5int_aes_encrypt krb5int_aes_decrypt gssint_mecherrmap_init gssint_mecherramp_get. Don't shadow global names: stat accept index open encrypt. Fix variable shadowing in LDAP ASN.1 support. Don't define unused krb5int_local_addresses. Don't export internal krb5_change_set_password. Fix error return indications from gssint_oid_to_mech. Create and use k5-gmt_mktime.h to provide one global declaration of krb5int_gmt_mktime, needed before we've generated krb5.h on some platforms. Not incorporated from initial patch: const changes in function signatures. ticket: 6096 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20697 dc483132-0cff-0310-8789-dd5450dbe970
* remap mechanism-specific status codes in mechglue/spnegoKen Raeburn2007-08-161-0/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This patch creates a mapping in the mechglue/spnego code to modify mechanism status codes when passing them back to the application, so that mechglue's display_status dispatcher can determine the correct mechanism to dispatch to. This is part of the "get enhanced error messages from gssapi applications" project; ticket 5590 has updates to the Kerberos 5 mechanism to extract enhanced error messages (when there are any) from the Kerberos library. util/gen.pl, util/t_*.pm: New code generation script and templates. lib/gssapi/generic: Add a new, global mapping that enumerates the {mechOID,status} pairs as they're seen, allowing a magic mechOID value to indicate com_err error codes from mechglue and spnego, and reserving status code 0 for unknown errors. Preload the Kerberos "wrong principal" error code once for each mechanism OID used for Kerberos, so the entries get fixed positions (1-3) in the table. lib/gssapi/gss_libinit.c: Call the initializer and destructor functions. lib/gssapi/mechglue, lib/gssapi/spnego: Enter all mechanism-generated or locally-generated status codes into the mapping table, and return the table index to the application. Do the reverse in display_status, to get the messages from the mechanism.. lib/rpc: Define new function gssrpcint_printf to use for debugging instead of printf, to redirect output away from dejagnu; add a couple more debugging calls. Check for minor status codes 1-3 now instead of KRB5KRB_AP_WRONG_PRINC. tests/dejagnu/krb-standalone/gssftp.exp: Test getting more detailed error messages back, by having the ftp client attempt to authenticate to a non-existent service, and examining the error message for the service principal name. ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19831 dc483132-0cff-0310-8789-dd5450dbe970
* Changed GSSAPI opaque types (gss_name_t, gss_cred_id_t, gss_ctx_id_t) fromAlexandra Ellwood2006-07-251-9/+9
| | | | | | | | | | | | | | void* to pointers to opaque structs. This change removed some casts and introduced or changed a bunch of other casts to suppress warnings. krb5_gss_accept_sec_context(): Fixed a bug found by the above changes where krb5_gss_release_cred() was being called with the wrong argument 2 (gss_cred_id_t instead of gss_cred_id_t*). ticket: 4057 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18396 dc483132-0cff-0310-8789-dd5450dbe970
* Merge from branches/mechglue. Initial integration of Sun-donatedTom Yu2006-06-141-6/+3
| | | | | | | | | | | | | | | | mechglue and SPNEGO implementations. Additional changes outside of src/lib/gssapi: * src/configure.in: Add lib/gssapi/mechglue and lib/gssapi/spnego to list of directories to output Makefile in. * src/lib/rpc/unit-test/rpc_test.0/expire.exp (expired): Update regexp for mechglue. * src/tests/dejagnu/krb-standalone/v4gssftp.exp (v4ftp_test): Update "Miscellaneous failure" regexp for mechglue. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18131 dc483132-0cff-0310-8789-dd5450dbe970
* Cleanup a number of cast away from const warnings in gssapiEzra Peisach2006-05-091-7/+8
| | | | | | | | | | | Change internal token handling and oid handling functions to take a const style gss_OID. In the krb5 dir remove casting. This is the start of fixes in this arena. ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17987 dc483132-0cff-0310-8789-dd5450dbe970
* Stop checking sizeof(type) at configure time.Ken Raeburn2006-03-311-0/+1
| | | | | | | Pull stdint.h and inttypes.h into gssapi.h if available. Don't use size/limit tests for choosing gss_[u]int32; just use [u]int32_t. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17813 dc483132-0cff-0310-8789-dd5450dbe970
* Patch from kwc@citi.umich.edu to supportSam Hartman2004-06-081-0/+6
| | | | | | | | | | | | gss_krb5_export_lucid_sec_context and other facilities for NFSv4 implementations. In order to apply this patch gss_krb5.h needs to be auto-generated so we can expose a 64-bit type for sequence numbers. Ticket: 2587 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16423 dc483132-0cff-0310-8789-dd5450dbe970
* Added support for library initialization and finalization, and verificationKen Raeburn2004-04-241-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | that the initializer completed successfully. Delay initialization on POSIX until the first "verification" call. Currently specific to a few platforms, but should still build on others without thread support enabled. Use it to finish creating (if necessary) and destroy mutexes, and free some other storage "permanently" allocated by libraries (currently, libkrb5 cache/keytab type registries only). Change initialization of static mutexes to a two-step operation, a static "partial" initializer and a "finish_init" routine called from a thread-safe environment like library initialization is assumed to be. POSIX will use the former, Windows will use the latter, and the debug support will check that *both* have been used. Added init/fini functions to com_err, profile, krb5, and gssapi libraries. (The profile library one may need to be removed later.) The existing ones, not thread-safe, are still around. Use weak symbol support if available to figure out if the pthread library has been linked in, and avoid calling certain routines if the C library stubs are known not to exist or work. Stub declarations for thread-specific data. Minor bugfixes, whitespace changes. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16268 dc483132-0cff-0310-8789-dd5450dbe970
* Add a mutex to protect the set manipulationsKen Raeburn2004-03-141-2/+4
| | | | | | | | | | * gssapiP_generic.h: Include k5-thread.h. (g_set): Add a mutex. (G_SET_INIT): Initialize it. * util_validate.c (g_save, g_validate, g_delete): Lock the mutex while working on the set. (BDB version untested.) git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16167 dc483132-0cff-0310-8789-dd5450dbe970
* Make the set type separate from the set-element (linked list node) typeKen Raeburn2004-03-141-9/+14
| | | | | | | | | | | | | | | | | * generic/gssapiP_generic.h (g_set): New struct type. (G_SET_INIT): New macro. * generic/util_validate.c (g_save, g_validate, g_delete): Change first argument to take a g_set * rather than void **; use the address of the void pointer from the structure. (g_save_name, g_save_cred_id, g_save_ctx_id, g_validate_name, g_validate_cred_id, g_validate_ctx_id, g_delete_name, g_delete_cred_id, g_delete_ctx_id): Updated first argument type. * genericgssapiP_generic.h: Declarations updated. * krb5/gssapi_krb5.c (kg_vdb): Change type to g_set and initialize. * krb5/gssapiP_krb5.h (kg_vdb): Declaration updated. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16166 dc483132-0cff-0310-8789-dd5450dbe970
* * gssapiP_generic.h (struct _g_set_elt, g_set_elt): Renamed from non-_eltKen Raeburn2004-03-141-6/+6
| | | | | | | versions. * util_set.c, util_validate.c: Uses updated. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16165 dc483132-0cff-0310-8789-dd5450dbe970
* Add 64-bit sequence number support. Do sequence number ordering tests relativeKen Raeburn2003-12-131-5/+9
| | | | | | | | | | | | | to the initial value rather than absolute. Support tokens without pseudo-ASN.1 wrappers. Don't restrict enctype lists. Implement CFX token support. With CFX_EXERCISE defined, use random padding, random rotates, and bogus initial tokens, to exercise the associated code paths. ticket: 2040 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15911 dc483132-0cff-0310-8789-dd5450dbe970
* * disp_com_err_status.c, gssapi_generic.h: Removed Mac header goober. * ↵Alexandra Ellwood2003-03-061-1/+1
| | | | | | gssapiP_generic.h, gssapi.hin: Removed macintosh check because we don't build on OS 9 anymore. * gssapi.hin: Removed enumsalwaysint because there are no typed enums in this header. Removed duplicate CFM-68K magic git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15252 dc483132-0cff-0310-8789-dd5450dbe970
* Have g_token_size return unsigned int for signed/unsigned cleanupEzra Peisach2003-02-091-1/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15171 dc483132-0cff-0310-8789-dd5450dbe970
* * gssapiP_generic.h, util_token.c: Change g_make_token_header andEzra Peisach2002-11-151-2/+3
| | | | | | g_verfy_token_header to take an unsigned length in. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15006 dc483132-0cff-0310-8789-dd5450dbe970
* * gssapiP_generic.h, util_token.c (g_verify_token_header): MakeEzra Peisach2002-07-151-1/+1
| | | | | | length argument a pointer to an unsigned int. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14653 dc483132-0cff-0310-8789-dd5450dbe970
* * gssapi_generic.h: allow inclusion by C++Tom Yu2002-07-131-1/+1
| | | | | | | | | | | | | | | | | | | | * gssapi.hin: Conditionalized pragmas for Metrowerks * gssapi.hin: Added check for CFM compiles. Removed dependency on PRAGMA_* macros. Moved check struct alignment check before struct declarations. * disp_com_err_status.c, gssapi.hin, gssapi_generic.h: Updated Mac OS X headers to new framework layout * gssapi_generic.h: Fixed check for Mac OS X includes. [pullups from 1-2-2-branch] * gssapiP_generic.h: use "" include for krb5.h [pullup from 1-2-2-branch] git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14635 dc483132-0cff-0310-8789-dd5450dbe970
* avoid name conflicts with glibKen Raeburn2001-10-201-0/+32
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@13827 dc483132-0cff-0310-8789-dd5450dbe970
* Don't conditionalize prototypes; delete macros supporting it. (Maybe overdone;Ken Raeburn2001-10-101-48/+48
| | | | | | don't worry about restoring them when importing new versions of code.) git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@13792 dc483132-0cff-0310-8789-dd5450dbe970
* Put back GSS_DLLIMP for variables, but define the macro here instead of inKen Raeburn2001-10-051-1/+1
| | | | | | win-mac.h. Drop far/near pointer specs, and _MSDOS (Win16) support. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@13780 dc483132-0cff-0310-8789-dd5450dbe970
* * gssapiP_generic.h (g_OID_equal): Instead of casting argument toEzra Peisach2000-10-031-1/+1
| | | | | | memcmp as int, cast to unsigned int to match prototype. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12717 dc483132-0cff-0310-8789-dd5450dbe970
* * Makefile.in (SRCS, OBJS, STLIBOBJS): Remove util_canonhost.Ken Raeburn2000-08-041-3/+0
| | | | | | | * gssapiP_generic (g_canonicalize_host, g_local_host_name): Delete declarations. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12604 dc483132-0cff-0310-8789-dd5450dbe970
* Replaced preprocessor symbol _MACINTOSH with macintosh, since macintosh is ↵Miro Jurisic1998-07-171-1/+1
| | | | | | the standard symbol defined by all Mac compiler (oh, sure, it doesn't have _. but at least it's always there) git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@10653 dc483132-0cff-0310-8789-dd5450dbe970
* util_ordering.c (g_queue_externalize, g_queue_internalize, g_queue_size):Theodore Tso1996-10-191-0/+6
| | | | | | | New routines which allow the serailizing routines to access the seqstate structure. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@9214 dc483132-0cff-0310-8789-dd5450dbe970
* * gssapiP_generic.h: If not on a Mac or under Dos, and stdlib.hEzra Peisach1996-08-021-0/+5
| | | | | | | | | | | | | | exists, include it. * configure.in: Check for stdlib.h This cleans up many warnings on the Alpha as malloc is not previously declared. In Beta-6, gssapiP_generic.h always included k5-int.h (which included stdlib.h). Now, only the DOS and Mac platforms include k5-int.h so we need to include stdlib.h if present. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@8895 dc483132-0cff-0310-8789-dd5450dbe970
* util_ordering.c (g_order_check):Theodore Tso1996-07-251-4/+9
| | | | | | | | | | | | | | | | | | | | | util_ordering.c (g_order_init): Changed return code to be an int 32, since we return a com_err error code. Change the type of the sequence number to be an uint32. gssapi.h: Define gss_int32 -- needed for error code returns. Makefile.in (EHDRDIR): Use $(S) instead of /, so that EHDRDIR is valid under windows. Fix how the header file is copied in under Windows. gssapiP_generic.h: Include gssapi_generic.h instead of gssapi.h, so that we get the definitions of the nametype oids. oid_ops.c (generic_gss_release_oid): Re-enable function. util_token.c (g_verify_token_header): Changed return code to be an int 32, since we return a com_err error code. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@8814 dc483132-0cff-0310-8789-dd5450dbe970
* util_token.c (g_verify_token_header): Changed return code to be anTheodore Tso1996-07-251-1/+1
| | | | | | unsigned int 32, since we return a com_err error code. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@8811 dc483132-0cff-0310-8789-dd5450dbe970
* Must include k5-int.h on Windows and Macintosh buildsTheodore Tso1996-07-241-0/+3
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@8791 dc483132-0cff-0310-8789-dd5450dbe970
* this commit includes all the changes on the OV_9510_INTEGRATION andMarc Horowitz1996-07-221-4/+71
| | | | | | | | | OV_MERGE branches. This includes, but is not limited to, the new openvision admin system, and major changes to gssapi to add functionality, and bring the implementation in line with rfc1964. before committing, the code was built and tested for netbsd and solaris. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@8774 dc483132-0cff-0310-8789-dd5450dbe970
* gssapiP_generic.h: Removed prototypes of functions that have beenTheodore Tso1996-01-231-47/+0
| | | | | | | | | moved to the mechglue layer. Makefile.in: Removed gssapi_generic.c, oid_ops.c, rel_buffer.c, and rel_oid_set.c --- these functions are now done in the mechglue layer. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7364 dc483132-0cff-0310-8789-dd5450dbe970
* gssapiP_generic.h (TWRITE_INT16, TREAD_INT16): Added new macrosTheodore Tso1996-01-051-0/+10
| | | | | | to read and write two byte integers from the wire. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7276 dc483132-0cff-0310-8789-dd5450dbe970
* gssapiP_generic.h: Don't include <sys/types.h> since it's alreadyTheodore Tso1996-01-051-3/+0
| | | | | | | | included by gssapi.h. gssapi.h: Add a #ifndef _MACINTOSH around include of <sys/types.h> git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7275 dc483132-0cff-0310-8789-dd5450dbe970
* Mac Beta 1 submissionKeith Vetter1995-09-111-0/+2
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@6749 dc483132-0cff-0310-8789-dd5450dbe970
* Update to GSSAPI-V2Paul Park1995-08-311-4/+39
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@6638 dc483132-0cff-0310-8789-dd5450dbe970
* Include k5-int.h instead of specific internal include filesPaul Park1995-07-271-5/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@6351 dc483132-0cff-0310-8789-dd5450dbe970
generated by cgit (git 2.34.1) at 2025-06-15 05:14:42 +0000