From eda12bcff8bc47380d6e997d785464f858c1d140 Mon Sep 17 00:00:00 2001 From: Michael Osipov <1983-01-06@gmx.net> Date: Mon, 21 Jul 2014 09:53:43 +0200 Subject: curl_gssapi: Add macros for common mechs and pass them appropriately Macros defined: KRB5_MECHANISM and SPNEGO_MECHANISM called from HTTP, FTP and SOCKS on Unix --- lib/curl_gssapi.c | 20 +++++++++----------- lib/curl_gssapi.h | 18 +++++++++++++----- lib/http_negotiate.c | 2 +- lib/krb5.c | 2 +- lib/socks_gssapi.c | 2 +- 5 files changed, 25 insertions(+), 19 deletions(-) (limited to 'lib') diff --git a/lib/curl_gssapi.c b/lib/curl_gssapi.c index a86762ab0..7a2f84a7d 100644 --- a/lib/curl_gssapi.c +++ b/lib/curl_gssapi.c @@ -27,22 +27,21 @@ #include "curl_gssapi.h" #include "sendf.h" -static const char spnego_OID[] = "\x2b\x06\x01\x05\x05\x02"; -static const gss_OID_desc gss_mech_spnego = { - 6, - &spnego_OID -}; +static const char spengo_oid_bytes[] = "\x2b\x06\x01\x05\x05\x02"; +gss_OID_desc spnego_mech_oid = { 6, &spengo_oid_bytes }; +static const char krb5_oid_bytes[] = "\x2a\x86\x48\x86\xf7\x12\x01\x02\x02"; +gss_OID_desc krb5_mech_oid = { 9, &krb5_oid_bytes }; OM_uint32 Curl_gss_init_sec_context( struct SessionHandle *data, - OM_uint32 * minor_status, - gss_ctx_id_t * context, + OM_uint32 *minor_status, + gss_ctx_id_t *context, gss_name_t target_name, - bool use_spnego, + gss_OID mech_type, gss_channel_bindings_t input_chan_bindings, gss_buffer_t input_token, gss_buffer_t output_token, - OM_uint32 * ret_flags) + OM_uint32 *ret_flags) { OM_uint32 req_flags = GSS_C_MUTUAL_FLAG | GSS_C_REPLAY_FLAG; @@ -62,8 +61,7 @@ OM_uint32 Curl_gss_init_sec_context( GSS_C_NO_CREDENTIAL, /* cred_handle */ context, target_name, - use_spnego ? (gss_OID)&gss_mech_spnego : - GSS_C_NO_OID, + mech_type, req_flags, 0, /* time_req */ input_chan_bindings, diff --git a/lib/curl_gssapi.h b/lib/curl_gssapi.h index 5af7a0261..ff752d552 100644 --- a/lib/curl_gssapi.h +++ b/lib/curl_gssapi.h @@ -39,19 +39,27 @@ # include #endif +#ifndef SPNEGO_MECHANISM +CURL_EXTERN gss_OID_desc spnego_mech_oid; +#define SPNEGO_MECHANISM &spnego_mech_oid +#endif +#ifndef KRB5_MECHANISM +CURL_EXTERN gss_OID_desc krb5_mech_oid; +#define KRB5_MECHANISM &krb5_mech_oid +#endif -/* Common method for using gss api */ +/* Common method for using GSS-API */ OM_uint32 Curl_gss_init_sec_context( struct SessionHandle *data, - OM_uint32 * minor_status, - gss_ctx_id_t * context, + OM_uint32 *minor_status, + gss_ctx_id_t *context, gss_name_t target_name, - bool use_spnego, + gss_OID mech_type, gss_channel_bindings_t input_chan_bindings, gss_buffer_t input_token, gss_buffer_t output_token, - OM_uint32 * ret_flags); + OM_uint32 *ret_flags); #endif /* HAVE_GSSAPI */ diff --git a/lib/http_negotiate.c b/lib/http_negotiate.c index bbad0b459..dc2bb383d 100644 --- a/lib/http_negotiate.c +++ b/lib/http_negotiate.c @@ -184,7 +184,7 @@ int Curl_input_negotiate(struct connectdata *conn, bool proxy, &minor_status, &neg_ctx->context, neg_ctx->server_name, - TRUE, + SPNEGO_MECHANISM, GSS_C_NO_CHANNEL_BINDINGS, &input_token, &output_token, diff --git a/lib/krb5.c b/lib/krb5.c index 9a36af1db..10a79aaa4 100644 --- a/lib/krb5.c +++ b/lib/krb5.c @@ -236,7 +236,7 @@ krb5_auth(void *app_data, struct connectdata *conn) &min, context, gssname, - FALSE, + KRB5_MECHANISM, &chan, gssresp, &output_buffer, diff --git a/lib/socks_gssapi.c b/lib/socks_gssapi.c index 0a35dfa09..dd955d6ff 100644 --- a/lib/socks_gssapi.c +++ b/lib/socks_gssapi.c @@ -181,7 +181,7 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(int sockindex, &gss_minor_status, &gss_context, server, - FALSE, + KRB5_MECHANISM, NULL, gss_token, &gss_send_token, -- cgit v1.2.3