generic-library/curl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

curl_gssapi: Add macros for common mechs and pass them appropriately

Browse Source 
Macros defined: KRB5_MECHANISM and SPNEGO_MECHANISM called from
HTTP, FTP and SOCKS on Unix
This commit is contained in:
Michael Osipov
2014-07-21 09:53:43 +02:00
committed by Daniel Stenberg
parent a4cece3d47
commit eda12bcff8
5 changed files with 25 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
lib/curl_gssapi.c
View File

@@ -27,22 +27,21 @@
#include "curl_gssapi.h" #include "curl_gssapi.h"
#include "sendf.h" #include "sendf.h"
static const char spnego_OID[] = "\x2b\x06\x01\x05\x05\x02"; static const char spengo_oid_bytes[] = "\x2b\x06\x01\x05\x05\x02";
static const gss_OID_desc gss_mech_spnego = { gss_OID_desc spnego_mech_oid = { 6, &spengo_oid_bytes };
6, static const char krb5_oid_bytes[] = "\x2a\x86\x48\x86\xf7\x12\x01\x02\x02";
&spnego_OID gss_OID_desc krb5_mech_oid = { 9, &krb5_oid_bytes };
};
OM_uint32 Curl_gss_init_sec_context( OM_uint32 Curl_gss_init_sec_context(
struct SessionHandle *data, struct SessionHandle *data,
OM_uint32 * minor_status, OM_uint32 *minor_status,
gss_ctx_id_t * context, gss_ctx_id_t *context,
gss_name_t target_name, gss_name_t target_name,
bool use_spnego, gss_OID mech_type,
gss_channel_bindings_t input_chan_bindings, gss_channel_bindings_t input_chan_bindings,
gss_buffer_t input_token, gss_buffer_t input_token,
gss_buffer_t output_token, gss_buffer_t output_token,
OM_uint32 * ret_flags) OM_uint32 *ret_flags)
{ {
OM_uint32 req_flags = GSS_C_MUTUAL_FLAG | GSS_C_REPLAY_FLAG; OM_uint32 req_flags = GSS_C_MUTUAL_FLAG | GSS_C_REPLAY_FLAG;
@@ -62,8 +61,7 @@ OM_uint32 Curl_gss_init_sec_context(
GSS_C_NO_CREDENTIAL, /* cred_handle */ GSS_C_NO_CREDENTIAL, /* cred_handle */
context, context,
target_name, target_name,
use_spnego ? (gss_OID)&gss_mech_spnego : mech_type,
GSS_C_NO_OID,
req_flags, req_flags,
0, /* time_req */ 0, /* time_req */
input_chan_bindings, input_chan_bindings,

18
lib/curl_gssapi.h
View File

@@ -39,19 +39,27 @@
# include <gssapi.h> # include <gssapi.h>
#endif #endif
#ifndef SPNEGO_MECHANISM
CURL_EXTERN gss_OID_desc spnego_mech_oid;
#define SPNEGO_MECHANISM &spnego_mech_oid
#endif
#ifndef KRB5_MECHANISM
CURL_EXTERN gss_OID_desc krb5_mech_oid;
#define KRB5_MECHANISM &krb5_mech_oid
#endif
/* Common method for using gss api */ /* Common method for using GSS-API */
OM_uint32 Curl_gss_init_sec_context( OM_uint32 Curl_gss_init_sec_context(
struct SessionHandle *data, struct SessionHandle *data,
OM_uint32 * minor_status, OM_uint32 *minor_status,
gss_ctx_id_t * context, gss_ctx_id_t *context,
gss_name_t target_name, gss_name_t target_name,
bool use_spnego, gss_OID mech_type,
gss_channel_bindings_t input_chan_bindings, gss_channel_bindings_t input_chan_bindings,
gss_buffer_t input_token, gss_buffer_t input_token,
gss_buffer_t output_token, gss_buffer_t output_token,
OM_uint32 * ret_flags); OM_uint32 *ret_flags);
#endif /* HAVE_GSSAPI */ #endif /* HAVE_GSSAPI */

2
lib/http_negotiate.c
View File

@@ -184,7 +184,7 @@ int Curl_input_negotiate(struct connectdata *conn, bool proxy,
&minor_status, &minor_status,
&neg_ctx->context, &neg_ctx->context,
neg_ctx->server_name, neg_ctx->server_name,
TRUE, SPNEGO_MECHANISM,
GSS_C_NO_CHANNEL_BINDINGS, GSS_C_NO_CHANNEL_BINDINGS,
&input_token, &input_token,
&output_token, &output_token,

2
lib/krb5.c
View File

@@ -236,7 +236,7 @@ krb5_auth(void *app_data, struct connectdata *conn)
&min, &min,
context, context,
gssname, gssname,
FALSE, KRB5_MECHANISM,
&chan, &chan,
gssresp, gssresp,
&output_buffer, &output_buffer,

2
lib/socks_gssapi.c
View File

@@ -181,7 +181,7 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(int sockindex,
&gss_minor_status, &gss_minor_status,
&gss_context, &gss_context,
server, server,
FALSE, KRB5_MECHANISM,
NULL, NULL,
gss_token, gss_token,
&gss_send_token, &gss_send_token,