49#include <netinet/in.h>
50#include <gssapi/gssapi.h>
95 p = (
char *)
ptr->mech->elements;
104 else if (40 <= *
p && *
p < 80) {
108 else if (80 <= *
p && *
p < 127) {
143#define AUTH_PRIVATE(auth) ((struct rpc_gss_data *)auth->ah_private)
150 AUTH *auth, *save_auth;
152 OM_uint32 min_stat = 0;
158 if ((auth =
calloc(
sizeof(*auth), 1)) ==
NULL) {
172 if (
name != GSS_C_NO_NAME) {
173 if (gss_duplicate_name(&min_stat,
name, &gd->
name)
188 gd->
ctx = GSS_C_NO_CONTEXT;
193 gd->
gc.gc_svc = gd->
sec.svc;
213 OM_uint32 maj_stat = 0, min_stat = 0;
214 gss_buffer_desc sname;
215 gss_name_t
name = GSS_C_NO_NAME;
217 log_debug(
"in authgss_create_default()");
220 sname.value = service;
221 sname.length =
strlen(service);
223 maj_stat = gss_import_name(&min_stat, &sname,
224 (gss_OID)GSS_C_NT_HOSTBASED_SERVICE,
227 if (maj_stat != GSS_S_COMPLETE) {
228 log_status(
"gss_import_name", maj_stat, min_stat);
235 if (
name != GSS_C_NO_NAME) {
239 gss_release_name(&min_stat, &
name);
250 log_debug(
"in authgss_get_private_data()");
281 OM_uint32 maj_stat, min_stat;
313 rpcbuf.value =
XDR_INLINE(xdrs, rpcbuf.length);
315 maj_stat = gss_get_mic(&min_stat, gd->
ctx, gd->
sec.qop,
318 if (maj_stat != GSS_S_COMPLETE) {
319 log_status(
"gss_get_mic", maj_stat, min_stat);
320 if (maj_stat == GSS_S_CONTEXT_EXPIRED) {
331 gss_release_buffer(&min_stat, &
checksum);
342 OM_uint32 maj_stat, min_stat;
371 signbuf.value = &
num;
372 signbuf.length =
sizeof(
num);
377 maj_stat = gss_verify_mic(&min_stat, gd->
ctx, &signbuf,
379 if (maj_stat != GSS_S_COMPLETE || qop_state != gd->
sec.qop) {
380 log_status(
"gss_verify_mic", maj_stat, min_stat);
381 if (maj_stat == GSS_S_CONTEXT_EXPIRED) {
395 gss_buffer_desc *recv_tokenp, send_token;
396 OM_uint32 maj_stat, min_stat, call_stat, ret_flags;
406 memset(&gr, 0,
sizeof(gr));
407 recv_tokenp = GSS_C_NO_BUFFER;
416 if (recv_tokenp != GSS_C_NO_BUFFER) {
417 log_debug(
"The token we just received (length %d):",
418 recv_tokenp->length);
419 log_hexdump(recv_tokenp->value, recv_tokenp->length, 0);
422 maj_stat = gss_init_sec_context(&min_stat,
436 if (recv_tokenp != GSS_C_NO_BUFFER) {
437 gss_release_buffer(&min_stat, &gr.
gr_token);
438 recv_tokenp = GSS_C_NO_BUFFER;
440 if (maj_stat != GSS_S_COMPLETE &&
441 maj_stat != GSS_S_CONTINUE_NEEDED) {
442 log_status(
"gss_init_sec_context", maj_stat, min_stat);
445 if (send_token.length != 0) {
446 memset(&gr, 0,
sizeof(gr));
450 log_debug(
"The token being sent (length %d):",
452 log_hexdump(send_token.value, send_token.length, 0);
461 gss_release_buffer(&min_stat, &send_token);
464 (gr.gr_major != GSS_S_COMPLETE &&
465 gr.gr_major != GSS_S_CONTINUE_NEEDED))
468 if (gr.gr_ctx.length != 0) {
469 if (gd->
gc.gc_ctx.value)
470 gss_release_buffer(&min_stat,
472 gd->
gc.gc_ctx = gr.gr_ctx;
474 if (gr.gr_token.length != 0) {
475 if (maj_stat != GSS_S_CONTINUE_NEEDED)
477 recv_tokenp = &gr.gr_token;
485 if (maj_stat == GSS_S_COMPLETE) {
486 gss_buffer_desc bufin;
487 gss_buffer_desc bufout;
488 u_int seq, qop_state = 0;
491 bufin.value = (
unsigned char *)&seq;
492 bufin.length =
sizeof(seq);
496 maj_stat = gss_verify_mic(&min_stat, gd->
ctx,
497 &bufin, &bufout, &qop_state);
499 if (maj_stat != GSS_S_COMPLETE
500 || qop_state != gd->
sec.qop) {
501 log_status(
"gss_verify_mic", maj_stat, min_stat);
502 if (maj_stat == GSS_S_CONTEXT_EXPIRED) {
518 gss_release_buffer(&min_stat, &gr.
gr_token);
552 log_debug(
"in authgss_destroy_context()");
556 if (gd->
gc.gc_ctx.length != 0) {
562 gss_release_buffer(&min_stat, &gd->
gc.gc_ctx);
564 memset(&gd->
gc.gc_ctx, 0,
sizeof(gd->
gc.gc_ctx));
566 if (gd->
ctx != GSS_C_NO_CONTEXT) {
567 gss_delete_sec_context(&min_stat, &gd->
ctx,
NULL);
568 gd->
ctx = GSS_C_NO_CONTEXT;
594 if (gd->
name != GSS_C_NO_NAME)
595 gss_release_name(&min_stat, &gd->
name);
611 return ((*xdr_func)(xdrs, xdr_ptr));
615 gd->
sec.svc, gd->
gc.gc_seq));
628 return ((*xdr_func)(xdrs, xdr_ptr));
632 gd->
sec.svc, gd->
gc.gc_seq));
ACPI_SIZE strlen(const char *String)
AUTH * authgss_create(CLIENT *clnt, gss_name_t name, struct rpc_gss_sec *sec)
static struct timeval AUTH_TIMEOUT
static struct auth_ops authgss_ops
bool_t authgss_service(AUTH *auth, int svc)
static void authgss_nextverf()
struct gss_union_ctx_id_t * gss_union_ctx_id_t
struct gss_union_ctx_id_t gss_union_ctx_id_desc
bool_t authgss_get_private_data(AUTH *auth, struct authgss_private_data *pd)
static bool_t authgss_validate()
static bool_t authgss_unwrap()
static bool_t authgss_refresh()
static bool_t authgss_marshal()
static void authgss_destroy_context()
static bool_t authgss_wrap()
AUTH * authgss_create_default(CLIENT *clnt, char *service, struct rpc_gss_sec *sec)
static void authgss_destroy()
#define AUTH_PRIVATE(auth)
#define RPCSEC_GSS_VERSION
@ RPCSEC_GSS_CONTINUE_INIT
void log_hexdump(bool_t on, const u_char *title, const u_char *buf, int len, int offset)
void print_rpc_gss_sec(struct rpc_sspi_sec *ptr)
void log_debug(const char *fmt,...)
bool_t xdr_rpc_gss_data(XDR *xdrs, xdrproc_t xdr_func, caddr_t xdr_ptr, gss_ctx_id_t ctx, gss_qop_t qop, rpc_gss_svc_t svc, u_int seq)
bool_t xdr_rpc_gss_init_res(XDR *xdrs, struct rpc_gss_init_res *p)
bool_t xdr_rpc_gss_cred(XDR *xdrs, struct rpc_gss_cred *p)
void log_status(char *m, OM_uint32 maj_stat, OM_uint32 min_stat)
bool_t xdr_rpc_gss_init_args(XDR *xdrs, gss_buffer_desc *p)
#define clnt_call(rh, proc, xargs, argsp, xres, resp, secs)
#define mem_free(ptr, bsize)
static cab_ULONG checksum(const cab_UBYTE *data, cab_UWORD bytes, cab_ULONG csum)
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
_Check_return_opt_ _CRTIMP int __cdecl fprintf(_Inout_ FILE *_File, _In_z_ _Printf_format_string_ const char *_Format,...)
#define memcpy(s1, s2, n)
struct opaque_auth _null_auth
struct opaque_auth ah_cred
struct __auth::auth_ops * ah_ops
struct opaque_auth ah_verf
gss_buffer_desc pd_ctx_hndl
gss_ctx_id_t internal_ctx_id
gss_buffer_desc gc_wire_verf
#define XDR_INLINE(xdrs, len)
#define XDR_SETPOS(xdrs, pos)
#define XDR_DESTROY(xdrs)
bool_t(* xdrproc_t)(XDR *,...)
void xdrmem_create(XDR *xdrs, char *addr, u_int size, enum xdr_op op)