/* Return true if mech should be accepted with no acceptor credential. */
static int
allow_mech_by_default(gss_OID mech)
{
OM_uint32 status, minor;
gss_OID_set attrs;
int reject = 0, p;
/* Whether we accept an interposer mech depends on whether we accept the
* mech it interposes. */
mech = gssint_get_public_oid(mech);
if (mech == GSS_C_NO_OID)
return 0;
status = gss_inquire_attrs_for_mech(&minor, mech, &attrs, NULL);
if (status)
return 0;
/* Check for each attribute which would cause us to exclude this mech from
* the default credential. */
if (generic_gss_test_oid_set_member(&minor, GSS_C_MA_DEPRECATED,
attrs, &p) != GSS_S_COMPLETE || p)
reject = 1;
else if (generic_gss_test_oid_set_member(&minor, GSS_C_MA_NOT_DFLT_MECH,
attrs, &p) != GSS_S_COMPLETE || p)
reject = 1;
(void) gss_release_oid_set(&minor, &attrs);
return !reject;
}
int
attrs_for_mech(struct attrs_for_mech_options *opt, int argc, char **argv)
{
gss_OID_set mech_attr = NULL, known_mech_attrs = NULL;
gss_OID mech = GSS_C_NO_OID;
OM_uint32 major, minor;
if (opt->mech_string) {
mech = gss_name_to_oid(opt->mech_string);
if (mech == NULL)
errx(1, "mech %s is unknown", opt->mech_string);
}
major = gss_inquire_attrs_for_mech(&minor, mech, &mech_attr, &known_mech_attrs);
if (major)
errx(1, "gss_inquire_attrs_for_mech");
if (mech) {
print_mech_attr(opt->mech_string, mech, mech_attr);
}
if (opt->all_flag) {
print_mech_attr("all mechs", NULL, known_mech_attrs);
}
gss_release_oid_set(&minor, &mech_attr);
gss_release_oid_set(&minor, &known_mech_attrs);
return 0;
}
static
OM_uint32 dumpMechAttrs(OM_uint32 *minor, gss_OID mech)
{
OM_uint32 major, tmpMinor;
gss_OID_set mech_attrs = GSS_C_NO_OID_SET;
gss_OID_set known_attrs = GSS_C_NO_OID_SET;
size_t i;
major = gss_inquire_attrs_for_mech(minor, mech, &mech_attrs, &known_attrs);
if (GSS_ERROR(major)) {
displayStatus("gss_inquire_attrs_for_mech", major, *minor);
return major;
}
printf("Mech attrs: ");
for (i = 0; i < mech_attrs->count; i++) {
gss_buffer_desc name = GSS_C_EMPTY_BUFFER;
gss_buffer_desc short_desc = GSS_C_EMPTY_BUFFER;
gss_buffer_desc long_desc = GSS_C_EMPTY_BUFFER;
major = gss_display_mech_attr(minor, &mech_attrs->elements[i],
&name, &short_desc, &long_desc);
if (GSS_ERROR(major)) {
displayStatus("gss_display_mech_attr", major, *minor);
continue;
}
printf("%.*s ", (int)name.length, (char *)name.value);
gss_release_buffer(minor, &name);
gss_release_buffer(minor, &short_desc);
gss_release_buffer(minor, &long_desc);
}
printf("\n");
printf("Known attrs: ");
for (i = 0; i < known_attrs->count; i++) {
gss_buffer_desc name = GSS_C_EMPTY_BUFFER;
gss_buffer_desc short_desc = GSS_C_EMPTY_BUFFER;
gss_buffer_desc long_desc = GSS_C_EMPTY_BUFFER;
major = gss_display_mech_attr(minor, &known_attrs->elements[i],
&name, &short_desc, &long_desc);
if (GSS_ERROR(major)) {
displayStatus("gss_display_mech_attr", major, *minor);
continue;
}
printf("%.*s ", (int)name.length, (char *)name.value);
gss_release_buffer(minor, &name);
gss_release_buffer(minor, &short_desc);
gss_release_buffer(minor, &long_desc);
}
printf("\n");
gss_release_oid_set(&tmpMinor, &mech_attrs);
gss_release_oid_set(&tmpMinor, &known_attrs);
return GSS_S_COMPLETE;
}
