From 7392fdb8695c7f4b2f362e11cbdfe644fa571a9d Mon Sep 17 00:00:00 2001 From: Theodore Tso Date: Wed, 12 Jun 1996 04:19:23 +0000 Subject: gss-clie.c: Renamed to gss-client.c, for VFAT/NTFS filesystems makefile: Renamed to Makefile.in, so that we can do WIN16/WIN32 specializations. Remove /nologo option for Win32 RFLAGS, since RC apparently doesn't support it. changelo: Renamed to ChangeLog, to make life easier. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@8301 dc483132-0cff-0310-8789-dd5450dbe970 --- src/windows/gss/ChangeLog | 42 +++++++ src/windows/gss/Makefile.in | 59 +++++++++ src/windows/gss/changelo | 32 ----- src/windows/gss/gss-clie.c | 287 ------------------------------------------- src/windows/gss/gss-client.c | 287 +++++++++++++++++++++++++++++++++++++++++++ src/windows/gss/makefile | 58 --------- 6 files changed, 388 insertions(+), 377 deletions(-) create mode 100644 src/windows/gss/ChangeLog create mode 100644 src/windows/gss/Makefile.in delete mode 100644 src/windows/gss/changelo delete mode 100644 src/windows/gss/gss-clie.c create mode 100644 src/windows/gss/gss-client.c delete mode 100644 src/windows/gss/makefile (limited to 'src') diff --git a/src/windows/gss/ChangeLog b/src/windows/gss/ChangeLog new file mode 100644 index 000000000..24d655f33 --- /dev/null +++ b/src/windows/gss/ChangeLog @@ -0,0 +1,42 @@ +Wed Jun 12 00:16:46 1996 Theodore Ts'o + + * gss-clie.c: Renamed to gss-client.c, for VFAT/NTFS filesystems + + * makefile: Renamed to Makefile.in, so that we can do WIN16/WIN32 + specializations. Remove /nologo option for Win32 RFLAGS, + since RC apparently doesn't support it. + + * changelo: Renamed to ChangeLog, to make life easier. + +Thu Feb 29 13:25:07 1996 Theodore Y. Ts'o + + * gss.c: Add closeoscket() call so that program properly + cleans up the socket. + +Thu Feb 29 01:23:01 1996 Theodore Y. Ts'o + + * gss.rc: + * gss.c: Added support for users to enter the GSSAPI target + name into the combobox. The syntax is: + "host port gssapi_target_name" + +Wed Sep 13 11:07:45 1995 Keith Vetter (keithv@fusion.com) + + * gss-clie.c: turned const_gss_OID into const gss_OID. + * gss-misc.c: needed more includes. + * gss.c: needed more includes. + +Fri Apr 28 17:07:01 1995 Keith Vetter (keithv@fusion.com) + + * gss-misc.c: bug with reading 4 bytes into a 2 byte entity. + * *.c, *.h, *.rc: changed UI -- not great but better. + +Fri Apr 28 11:45:23 1995 Keith Vetter (keithv@fusion.com) + + * gss.rc: added an icon for the program. + +Fri Apr 28 11:20:38 1995 Keith Vetter (keithv@fusion.com) + + * Initial release + + diff --git a/src/windows/gss/Makefile.in b/src/windows/gss/Makefile.in new file mode 100644 index 000000000..540f24e99 --- /dev/null +++ b/src/windows/gss/Makefile.in @@ -0,0 +1,59 @@ +# makefile: Constructs the Kerberos for Windows ticket manager +# Works for both k4 and k5 releases. +# +NAME = gss +OBJS = gss.obj gss-client.obj gss-misc.obj + +##### Options +DEBUG = 1 +BUILDTOP =..\.. +LIBDIR = $(BUILDTOP)\lib +GLIB = $(LIBDIR)\gssapi.lib +WLIB = $(LIBDIR)\winsock.lib +INCLUDES = /I$(BUILDTOP)\include /I$(BUILDTOP)\include\krb5 + +##### C Compiler +CC = cl +CFLAGS_RELEASE = /nologo /W3 /AL /GAs /Gy /G2 /Zp /O2 /DNDEBUG=1 +CFLAGS_DEBUG = /nologo /W3 /AL /GAs /Gy /G2 /Zp /O2 /Od /Zi +!if $(DEBUG) +CFLAGS = $(CFLAGS_DEBUG) $(INCLUDES) +!else +CFLAGS = $(CFLAGS_RELEASE) $(INCLUDES) +!endif + +##### RC Compiler +RC = rc +##WIN16##RFLAGS = /nologo $(INCLUDES) +##WIN32##RFLAGS = $(INCLUDES) + +##### Linker +LINK = link +LIBS = $(GLIB) $(WLIB) +SYSLIBS = libw llibcew +!if $(DEBUG) +LFLAGS = /co /nologo /nod /nopackcode /map:full +!else +LFLAGS = /nologo /nod /nopackcode +!endif + +all:: makefile $(NAME).exe + +$(NAME).exe: $*.def $*.res $(OBJS) $(LIBS) + $(LINK) $(LFLAGS) $(OBJS), $@, $*.map, $(LIBS) $(SYSLIBS), $*.def + $(RC) $(RFLAGS) /k $*.res $@ + +$(OBJS) $(NAME).res: gss.h + +install: + copy gss.exe ..\floppy + +clean:: + if exist *.exe del *.exe + if exist ..\floppy\gss.exe del ..\floppy\gss.exe + if exist *.obj del *.obj + if exist *.res del *.res + if exist *.map del *.map + if exist *.pdb del *.pdb + if exist *.err del *.err + diff --git a/src/windows/gss/changelo b/src/windows/gss/changelo deleted file mode 100644 index 72ffb123e..000000000 --- a/src/windows/gss/changelo +++ /dev/null @@ -1,32 +0,0 @@ -Thu Feb 29 13:25:07 1996 Theodore Y. Ts'o - - * gss.c: Add closeoscket() call so that program properly - cleans up the socket. - -Thu Feb 29 01:23:01 1996 Theodore Y. Ts'o - - * gss.rc: - * gss.c: Added support for users to enter the GSSAPI target - name into the combobox. The syntax is: - "host port gssapi_target_name" - -Wed Sep 13 11:07:45 1995 Keith Vetter (keithv@fusion.com) - - * gss-clie.c: turned const_gss_OID into const gss_OID. - * gss-misc.c: needed more includes. - * gss.c: needed more includes. - -Fri Apr 28 17:07:01 1995 Keith Vetter (keithv@fusion.com) - - * gss-misc.c: bug with reading 4 bytes into a 2 byte entity. - * *.c, *.h, *.rc: changed UI -- not great but better. - -Fri Apr 28 11:45:23 1995 Keith Vetter (keithv@fusion.com) - - * gss.rc: added an icon for the program. - -Fri Apr 28 11:20:38 1995 Keith Vetter (keithv@fusion.com) - - * Initial release - - diff --git a/src/windows/gss/gss-clie.c b/src/windows/gss/gss-clie.c deleted file mode 100644 index 1dc4d8054..000000000 --- a/src/windows/gss/gss-clie.c +++ /dev/null @@ -1,287 +0,0 @@ -/* - * Copyright 1994 by OpenVision Technologies, Inc. - * - * Permission to use, copy, modify, distribute, and sell this software - * and its documentation for any purpose is hereby granted without fee, - * provided that the above copyright notice appears in all copies and - * that both that copyright notice and this permission notice appear in - * supporting documentation, and that the name of OpenVision not be used - * in advertising or publicity pertaining to distribution of the software - * without specific, written prior permission. OpenVision makes no - * representations about the suitability of this software for any - * purpose. It is provided "as is" without express or implied warranty. - * - * OPENVISION DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE, - * INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO - * EVENT SHALL OPENVISION BE LIABLE FOR ANY SPECIAL, INDIRECT OR - * CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF - * USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR - * OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - * PERFORMANCE OF THIS SOFTWARE. - */ - -#include "gss.h" - -static const gss_OID_desc oids[] = { - {10, "\052\206\110\206\367\022\001\002\001\001"}, - {10, "\052\206\110\206\367\022\001\002\001\002"}, - {10, "\052\206\110\206\367\022\001\002\001\003"}, - {10, "\052\206\110\206\367\022\001\002\001\004"}, -}; - -const gss_OID_desc * gss_nt_user_name = oids+0; -const gss_OID_desc * gss_nt_machine_uid_name = oids+1; -const gss_OID_desc * gss_nt_string_uid_name = oids+2; -const gss_OID_desc * gss_nt_service_name = oids+3; - -int -gss (char *host, char *name, char *msg, int port) -{ - if (port == 0 || port == -1) - port = 4444; - - if (call_server(host, port, name, msg) < 0) - return 1; - - return 0; -} - -/*+ - * Function: call_server - * - * Purpose: Call the "sign" service. - * - * Arguments: - * - * host (r) the host providing the service - * port (r) the port to connect to on host - * service_name (r) the GSS-API service name to authenticate to - * msg (r) the message to have "signed" - * - * Returns: 0 on success, -1 on failure - * - * Effects: - * - * call_server opens a TCP connection to and establishes a - * GSS-API context with service_name over the connection. It then - * seals msg in a GSS-API token with gss_seal, sends it to the server, - * reads back a GSS-API signature block for msg from the server, and - * verifies it with gss_verify. -1 is returned if any step fails, - * otherwise 0 is returned. - */ -int -call_server (char *host, u_short port, char *service_name, char *msg) -{ - gss_ctx_id_t context; - gss_buffer_desc in_buf, out_buf; - int s, state; - OM_uint32 maj_stat, min_stat; - - /* Open connection */ - if ((s = connect_to_server(host, port)) < 0) - return -1; - - /* Establish context */ - if (client_establish_context(s, service_name, &context) < 0) - return -1; - - /* Seal the message */ - in_buf.value = msg; - in_buf.length = strlen(msg) + 1; - maj_stat = gss_seal(&min_stat, context, 1, GSS_C_QOP_DEFAULT, - &in_buf, &state, &out_buf); - if (maj_stat != GSS_S_COMPLETE) { - display_status("sealing message", maj_stat, min_stat); - return -1; - } else if (! state) { - OkMsgBox ("Warning! Message not encrypted.\n"); - } - - /* Send to server */ - if (send_token(s, &out_buf) < 0) - return -1; - (void) gss_release_buffer(&min_stat, &out_buf); - - /* Read signature block into out_buf */ - if (recv_token(s, &out_buf) < 0) - return -1; - - /* Verify signature block */ - maj_stat = gss_verify(&min_stat, context, &in_buf, &out_buf, &state); - if (maj_stat != GSS_S_COMPLETE) { - display_status("verifying signature", maj_stat, min_stat); - return -1; - } - (void) gss_release_buffer(&min_stat, &out_buf); - - OkMsgBox ("Signature verified."); - - /* Delete context */ - maj_stat = gss_delete_sec_context(&min_stat, &context, &out_buf); - if (maj_stat != GSS_S_COMPLETE) { - display_status("deleting context", maj_stat, min_stat); - return -1; - } - (void) gss_release_buffer(&min_stat, &out_buf); - - closesocket(s); - - return 0; -} - -/*+ - * Function: connect_to_server - * - * Purpose: Opens a TCP connection to the name host and port. - * - * Arguments: - * - * host (r) the target host name - * port (r) the target port, in host byte order - * - * Returns: the established socket file desciptor, or -1 on failure - * - * Effects: - * - * The host name is resolved with gethostbyname(), and the socket is - * opened and connected. If an error occurs, an error message is - * displayed and -1 is returned. - */ -int -connect_to_server (char *host, u_short port) -{ - struct sockaddr_in saddr; - struct hostent *hp; - int s; - - if ((hp = gethostbyname(host)) == NULL) { - OkMsgBox ("Unknown host: %s\n", host); - return -1; - } - - saddr.sin_family = hp->h_addrtype; - memcpy((char *)&saddr.sin_addr, hp->h_addr, hp->h_length); - saddr.sin_port = htons(port); - - if ((s = socket(AF_INET, SOCK_STREAM, 0)) < 0) { - my_perror("creating socket"); - return -1; - } - if (connect(s, (struct sockaddr *)&saddr, sizeof(saddr)) < 0) { - my_perror("connecting to server"); - return -1; - } - return s; -} - -/*+ - * Function: client_establish_context - * - * Purpose: establishes a GSS-API context with a specified service and - * returns the context handle - * - * Arguments: - * - * s (r) an established TCP connection to the service - * sname (r) the ASCII service name of the service - * context (w) the established GSS-API context - * - * Returns: 0 on success, -1 on failure - * - * Effects: - * - * sname is imported as a GSS-API name and a GSS-API context is - * established with the corresponding service; the service should be - * listening on the TCP connection s. The default GSS-API mechanism - * is used, and mutual authentication and replay detection are - * requested. - * - * If successful, the context handle is returned in context. If - * unsuccessful, the GSS-API error messages are displayed on stderr - * and -1 is returned. - */ -int -client_establish_context (int s, char *sname, gss_ctx_id_t *gss_context) -{ - gss_buffer_desc send_tok, recv_tok, *token_ptr; - gss_name_t target_name; - OM_uint32 maj_stat, min_stat; - - /* - * Import the name into target_name. Use send_tok to save - * local variable space. - */ - send_tok.value = sname; - send_tok.length = strlen(sname) + 1; - maj_stat = gss_import_name(&min_stat, &send_tok, - (gss_OID) gss_nt_service_name, &target_name); - if (maj_stat != GSS_S_COMPLETE) { - display_status("parsing name", maj_stat, min_stat); - return -1; - } - - /* - * Perform the context-establishement loop. - * - * On each pass through the loop, token_ptr points to the token - * to send to the server (or GSS_C_NO_BUFFER on the first pass). - * Every generated token is stored in send_tok which is then - * transmitted to the server; every received token is stored in - * recv_tok, which token_ptr is then set to, to be processed by - * the next call to gss_init_sec_context. - * - * GSS-API guarantees that send_tok's length will be non-zero - * if and only if the server is expecting another token from us, - * and that gss_init_sec_context returns GSS_S_CONTINUE_NEEDED if - * and only if the server has another token to send us. - */ - - token_ptr = GSS_C_NO_BUFFER; - *gss_context = GSS_C_NO_CONTEXT; - - do { - maj_stat = - gss_init_sec_context(&min_stat, - GSS_C_NO_CREDENTIAL, - gss_context, - target_name, - GSS_C_NULL_OID, - GSS_C_MUTUAL_FLAG | GSS_C_REPLAY_FLAG, - 0, - NULL, /* no channel bindings */ - token_ptr, - NULL, /* ignore mech type */ - &send_tok, - NULL, /* ignore ret_flags */ - NULL); /* ignore time_rec */ - - if (token_ptr != GSS_C_NO_BUFFER) - (void) gss_release_buffer(&min_stat, &recv_tok); - - if (maj_stat!=GSS_S_COMPLETE && maj_stat!=GSS_S_CONTINUE_NEEDED) { - display_status("initializing context", maj_stat, min_stat); - (void) gss_release_name(&min_stat, &target_name); - return -1; - } - - if (send_tok.length != 0) { - if (send_token(s, &send_tok) < 0) { - (void) gss_release_buffer(&min_stat, &send_tok); - (void) gss_release_name(&min_stat, &target_name); - return -1; - } - } - (void) gss_release_buffer(&min_stat, &send_tok); - - if (maj_stat == GSS_S_CONTINUE_NEEDED) { - if (recv_token(s, &recv_tok) < 0) { - (void) gss_release_name(&min_stat, &target_name); - return -1; - } - token_ptr = &recv_tok; - } - } while (maj_stat == GSS_S_CONTINUE_NEEDED); - - (void) gss_release_name(&min_stat, &target_name); - return 0; -} diff --git a/src/windows/gss/gss-client.c b/src/windows/gss/gss-client.c new file mode 100644 index 000000000..1dc4d8054 --- /dev/null +++ b/src/windows/gss/gss-client.c @@ -0,0 +1,287 @@ +/* + * Copyright 1994 by OpenVision Technologies, Inc. + * + * Permission to use, copy, modify, distribute, and sell this software + * and its documentation for any purpose is hereby granted without fee, + * provided that the above copyright notice appears in all copies and + * that both that copyright notice and this permission notice appear in + * supporting documentation, and that the name of OpenVision not be used + * in advertising or publicity pertaining to distribution of the software + * without specific, written prior permission. OpenVision makes no + * representations about the suitability of this software for any + * purpose. It is provided "as is" without express or implied warranty. + * + * OPENVISION DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE, + * INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO + * EVENT SHALL OPENVISION BE LIABLE FOR ANY SPECIAL, INDIRECT OR + * CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF + * USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR + * OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + * PERFORMANCE OF THIS SOFTWARE. + */ + +#include "gss.h" + +static const gss_OID_desc oids[] = { + {10, "\052\206\110\206\367\022\001\002\001\001"}, + {10, "\052\206\110\206\367\022\001\002\001\002"}, + {10, "\052\206\110\206\367\022\001\002\001\003"}, + {10, "\052\206\110\206\367\022\001\002\001\004"}, +}; + +const gss_OID_desc * gss_nt_user_name = oids+0; +const gss_OID_desc * gss_nt_machine_uid_name = oids+1; +const gss_OID_desc * gss_nt_string_uid_name = oids+2; +const gss_OID_desc * gss_nt_service_name = oids+3; + +int +gss (char *host, char *name, char *msg, int port) +{ + if (port == 0 || port == -1) + port = 4444; + + if (call_server(host, port, name, msg) < 0) + return 1; + + return 0; +} + +/*+ + * Function: call_server + * + * Purpose: Call the "sign" service. + * + * Arguments: + * + * host (r) the host providing the service + * port (r) the port to connect to on host + * service_name (r) the GSS-API service name to authenticate to + * msg (r) the message to have "signed" + * + * Returns: 0 on success, -1 on failure + * + * Effects: + * + * call_server opens a TCP connection to and establishes a + * GSS-API context with service_name over the connection. It then + * seals msg in a GSS-API token with gss_seal, sends it to the server, + * reads back a GSS-API signature block for msg from the server, and + * verifies it with gss_verify. -1 is returned if any step fails, + * otherwise 0 is returned. + */ +int +call_server (char *host, u_short port, char *service_name, char *msg) +{ + gss_ctx_id_t context; + gss_buffer_desc in_buf, out_buf; + int s, state; + OM_uint32 maj_stat, min_stat; + + /* Open connection */ + if ((s = connect_to_server(host, port)) < 0) + return -1; + + /* Establish context */ + if (client_establish_context(s, service_name, &context) < 0) + return -1; + + /* Seal the message */ + in_buf.value = msg; + in_buf.length = strlen(msg) + 1; + maj_stat = gss_seal(&min_stat, context, 1, GSS_C_QOP_DEFAULT, + &in_buf, &state, &out_buf); + if (maj_stat != GSS_S_COMPLETE) { + display_status("sealing message", maj_stat, min_stat); + return -1; + } else if (! state) { + OkMsgBox ("Warning! Message not encrypted.\n"); + } + + /* Send to server */ + if (send_token(s, &out_buf) < 0) + return -1; + (void) gss_release_buffer(&min_stat, &out_buf); + + /* Read signature block into out_buf */ + if (recv_token(s, &out_buf) < 0) + return -1; + + /* Verify signature block */ + maj_stat = gss_verify(&min_stat, context, &in_buf, &out_buf, &state); + if (maj_stat != GSS_S_COMPLETE) { + display_status("verifying signature", maj_stat, min_stat); + return -1; + } + (void) gss_release_buffer(&min_stat, &out_buf); + + OkMsgBox ("Signature verified."); + + /* Delete context */ + maj_stat = gss_delete_sec_context(&min_stat, &context, &out_buf); + if (maj_stat != GSS_S_COMPLETE) { + display_status("deleting context", maj_stat, min_stat); + return -1; + } + (void) gss_release_buffer(&min_stat, &out_buf); + + closesocket(s); + + return 0; +} + +/*+ + * Function: connect_to_server + * + * Purpose: Opens a TCP connection to the name host and port. + * + * Arguments: + * + * host (r) the target host name + * port (r) the target port, in host byte order + * + * Returns: the established socket file desciptor, or -1 on failure + * + * Effects: + * + * The host name is resolved with gethostbyname(), and the socket is + * opened and connected. If an error occurs, an error message is + * displayed and -1 is returned. + */ +int +connect_to_server (char *host, u_short port) +{ + struct sockaddr_in saddr; + struct hostent *hp; + int s; + + if ((hp = gethostbyname(host)) == NULL) { + OkMsgBox ("Unknown host: %s\n", host); + return -1; + } + + saddr.sin_family = hp->h_addrtype; + memcpy((char *)&saddr.sin_addr, hp->h_addr, hp->h_length); + saddr.sin_port = htons(port); + + if ((s = socket(AF_INET, SOCK_STREAM, 0)) < 0) { + my_perror("creating socket"); + return -1; + } + if (connect(s, (struct sockaddr *)&saddr, sizeof(saddr)) < 0) { + my_perror("connecting to server"); + return -1; + } + return s; +} + +/*+ + * Function: client_establish_context + * + * Purpose: establishes a GSS-API context with a specified service and + * returns the context handle + * + * Arguments: + * + * s (r) an established TCP connection to the service + * sname (r) the ASCII service name of the service + * context (w) the established GSS-API context + * + * Returns: 0 on success, -1 on failure + * + * Effects: + * + * sname is imported as a GSS-API name and a GSS-API context is + * established with the corresponding service; the service should be + * listening on the TCP connection s. The default GSS-API mechanism + * is used, and mutual authentication and replay detection are + * requested. + * + * If successful, the context handle is returned in context. If + * unsuccessful, the GSS-API error messages are displayed on stderr + * and -1 is returned. + */ +int +client_establish_context (int s, char *sname, gss_ctx_id_t *gss_context) +{ + gss_buffer_desc send_tok, recv_tok, *token_ptr; + gss_name_t target_name; + OM_uint32 maj_stat, min_stat; + + /* + * Import the name into target_name. Use send_tok to save + * local variable space. + */ + send_tok.value = sname; + send_tok.length = strlen(sname) + 1; + maj_stat = gss_import_name(&min_stat, &send_tok, + (gss_OID) gss_nt_service_name, &target_name); + if (maj_stat != GSS_S_COMPLETE) { + display_status("parsing name", maj_stat, min_stat); + return -1; + } + + /* + * Perform the context-establishement loop. + * + * On each pass through the loop, token_ptr points to the token + * to send to the server (or GSS_C_NO_BUFFER on the first pass). + * Every generated token is stored in send_tok which is then + * transmitted to the server; every received token is stored in + * recv_tok, which token_ptr is then set to, to be processed by + * the next call to gss_init_sec_context. + * + * GSS-API guarantees that send_tok's length will be non-zero + * if and only if the server is expecting another token from us, + * and that gss_init_sec_context returns GSS_S_CONTINUE_NEEDED if + * and only if the server has another token to send us. + */ + + token_ptr = GSS_C_NO_BUFFER; + *gss_context = GSS_C_NO_CONTEXT; + + do { + maj_stat = + gss_init_sec_context(&min_stat, + GSS_C_NO_CREDENTIAL, + gss_context, + target_name, + GSS_C_NULL_OID, + GSS_C_MUTUAL_FLAG | GSS_C_REPLAY_FLAG, + 0, + NULL, /* no channel bindings */ + token_ptr, + NULL, /* ignore mech type */ + &send_tok, + NULL, /* ignore ret_flags */ + NULL); /* ignore time_rec */ + + if (token_ptr != GSS_C_NO_BUFFER) + (void) gss_release_buffer(&min_stat, &recv_tok); + + if (maj_stat!=GSS_S_COMPLETE && maj_stat!=GSS_S_CONTINUE_NEEDED) { + display_status("initializing context", maj_stat, min_stat); + (void) gss_release_name(&min_stat, &target_name); + return -1; + } + + if (send_tok.length != 0) { + if (send_token(s, &send_tok) < 0) { + (void) gss_release_buffer(&min_stat, &send_tok); + (void) gss_release_name(&min_stat, &target_name); + return -1; + } + } + (void) gss_release_buffer(&min_stat, &send_tok); + + if (maj_stat == GSS_S_CONTINUE_NEEDED) { + if (recv_token(s, &recv_tok) < 0) { + (void) gss_release_name(&min_stat, &target_name); + return -1; + } + token_ptr = &recv_tok; + } + } while (maj_stat == GSS_S_CONTINUE_NEEDED); + + (void) gss_release_name(&min_stat, &target_name); + return 0; +} diff --git a/src/windows/gss/makefile b/src/windows/gss/makefile deleted file mode 100644 index cf784e717..000000000 --- a/src/windows/gss/makefile +++ /dev/null @@ -1,58 +0,0 @@ -# makefile: Constructs the Kerberos for Windows ticket manager -# Works for both k4 and k5 releases. -# -NAME = gss -OBJS = gss.obj gss-client.obj gss-misc.obj - -##### Options -DEBUG = 1 -BUILDTOP =..\.. -LIBDIR = $(BUILDTOP)\lib -GLIB = $(LIBDIR)\gssapi.lib -WLIB = $(LIBDIR)\winsock.lib -INCLUDES = /I$(BUILDTOP)\include /I$(BUILDTOP)\include\krb5 - -##### C Compiler -CC = cl -CFLAGS_RELEASE = /nologo /W3 /AL /GAs /Gy /G2 /Zp /O2 /DNDEBUG=1 -CFLAGS_DEBUG = /nologo /W3 /AL /GAs /Gy /G2 /Zp /O2 /Od /Zi -!if $(DEBUG) -CFLAGS = $(CFLAGS_DEBUG) $(INCLUDES) -!else -CFLAGS = $(CFLAGS_RELEASE) $(INCLUDES) -!endif - -##### RC Compiler -RC = rc -RFLAGS = /nologo $(INCLUDES) - -##### Linker -LINK = link -LIBS = $(GLIB) $(WLIB) -SYSLIBS = libw llibcew -!if $(DEBUG) -LFLAGS = /co /nologo /nod /nopackcode /map:full -!else -LFLAGS = /nologo /nod /nopackcode -!endif - -all:: makefile $(NAME).exe - -$(NAME).exe: $*.def $*.res $(OBJS) $(LIBS) - $(LINK) $(LFLAGS) $(OBJS), $@, $*.map, $(LIBS) $(SYSLIBS), $*.def - $(RC) $(RFLAGS) /k $*.res $@ - -$(OBJS) $(NAME).res: gss.h - -install: - copy gss.exe ..\floppy - -clean:: - if exist *.exe del *.exe - if exist ..\floppy\gss.exe del ..\floppy\gss.exe - if exist *.obj del *.obj - if exist *.res del *.res - if exist *.map del *.map - if exist *.pdb del *.pdb - if exist *.err del *.err - -- cgit