uint32_t
sapgss_inquire_names_for_mech(
uint32_t *minor_status,
sapgss_OID mechanism,
sapgss_OID_set *name_types)
{
gss_OID mechanism_loc;
gss_OID_set name_types_loc;
uint32_t major_status;
int ret;
ret = gss_OID_sap_to_loc(mechanism, &mechanism_loc);
if (ret != 0) {
*minor_status = ret;
return GSS_S_FAILURE;
}
major_status = gss_inquire_names_for_mech(minor_status, mechanism_loc,
&name_types_loc);
/* Comply with the gss_OID_sap_to_loc contract and free mechanism_loc */
gss_OID_loc_release(&mechanism_loc);
ret = gss_OID_set_loc_to_sap(name_types_loc, name_types);
if (ret != 0) {
*minor_status = ret;
return GSS_S_FAILURE;
}
return major_status;
}
OM_uint32 GSSAPI_CALLCONV _gss_spnego_inquire_names_for_mech (
OM_uint32 * minor_status,
const gss_OID mechanism,
gss_OID_set * name_types
)
{
gss_OID_set mechs, names, n;
OM_uint32 ret, junk;
size_t i, j;
*name_types = NULL;
ret = spnego_supported_mechs(minor_status, &mechs);
if (ret != GSS_S_COMPLETE)
return ret;
ret = gss_create_empty_oid_set(minor_status, &names);
if (ret != GSS_S_COMPLETE)
goto out;
for (i = 0; i < mechs->count; i++) {
ret = gss_inquire_names_for_mech(minor_status,
&mechs->elements[i],
&n);
if (ret)
continue;
for (j = 0; j < n->count; j++)
gss_add_oid_set_member(minor_status,
&n->elements[j],
&names);
gss_release_oid_set(&junk, &n);
}
ret = GSS_S_COMPLETE;
*name_types = names;
out:
gss_release_oid_set(&junk, &mechs);
return ret;
}
static
void
import_names()
{
OM_uint32 major_status, minor_status;
globus_gsi_cred_handle_t handle;
gss_buffer_desc buffer;
X509 * cert;
gss_OID_set name_types;
globus_result_t result;
globus_list_t *i, *j;
compare_name_test_case_t * test_case;
int present;
major_status = gss_inquire_names_for_mech(
&minor_status,
(gss_OID) globus_i_gss_mech_globus_gssapi_openssl,
&name_types);
if (major_status == GSS_S_COMPLETE)
{
major_status = gss_test_oid_set_member(
&minor_status,
GLOBUS_GSS_C_NT_X509,
name_types,
&present);
if (major_status == GSS_S_COMPLETE && present)
{
gss_l_x509_support = GLOBUS_TRUE;
}
major_status = gss_test_oid_set_member(
&minor_status,
GLOBUS_GSS_C_NT_HOST_IP,
name_types,
&present);
if (major_status == GSS_S_COMPLETE && present)
{
gss_l_host_ip_support = GLOBUS_TRUE;
}
major_status = gss_release_oid_set(&minor_status, &name_types);
}
for (i = test_cases; !globus_list_empty(i); i = globus_list_rest(i))
{
test_case = globus_list_first(i);
if (test_case->name1 == GSS_C_NO_NAME)
{
switch (test_case->name_type1)
{
case GSS_L_ANONYMOUS:
major_status = gss_import_name(&minor_status, &buffer, GSS_C_NT_ANONYMOUS, &test_case->name1);
if (major_status != GSS_S_COMPLETE)
{
fprintf(stderr, "Error importing <anonymous>\n");
globus_gsi_gssapi_test_print_error(stderr, major_status, minor_status);
exit(-1);
}
break;
case GSS_L_NO_OID:
buffer.value = test_case->name_token1;
buffer.length = strlen(buffer.value);
major_status = gss_import_name(&minor_status, &buffer, GSS_C_NO_OID, &test_case->name1);
if (major_status != GSS_S_COMPLETE)
{
fprintf(stderr, "Error importing %s\n", test_case->name_token1);
globus_gsi_gssapi_test_print_error(stderr, major_status, minor_status);
exit(-1);
}
break;
case GSS_L_HOSTBASED_SERVICE:
buffer.value = test_case->name_token1;
buffer.length = strlen(buffer.value);
major_status = gss_import_name(&minor_status, &buffer, GSS_C_NT_HOSTBASED_SERVICE, &test_case->name1);
if (major_status != GSS_S_COMPLETE)
{
fprintf(stderr, "Error importing %s\n", test_case->name_token1);
globus_gsi_gssapi_test_print_error(stderr, major_status, minor_status);
exit(-1);
}
break;
case GSS_L_HOST_IP:
if (gss_l_host_ip_support)
{
buffer.value = test_case->name_token1;
buffer.length = strlen(buffer.value);
major_status = gss_import_name(&minor_status, &buffer, GLOBUS_GSS_C_NT_HOST_IP, &test_case->name1);
if (major_status != GSS_S_COMPLETE)
{
fprintf(stderr, "Error importing %s\n", test_case->name_token1);
globus_gsi_gssapi_test_print_error(stderr, major_status, minor_status);
exit(-1);
}
}
break;
case GSS_L_X509:
if (gss_l_x509_support)
{
result = globus_gsi_cred_handle_init(&handle, NULL);
if (result != GLOBUS_SUCCESS)
{
globus_gsi_gssapi_test_print_result(stderr, result);
exit(-1);
}
result = globus_gsi_cred_read_cert(handle, test_case->name_token1);
if (result != GLOBUS_SUCCESS)
{
globus_gsi_gssapi_test_print_result(stderr, result);
exit(-2);
}
result = globus_gsi_cred_get_cert(handle, &cert);
buffer.value = cert;
buffer.length = sizeof(X509);
major_status = gss_import_name(&minor_status, &buffer, GLOBUS_GSS_C_NT_X509, &test_case->name1);
if (major_status != GSS_S_COMPLETE)
{
fprintf(stderr, "Error importing %s\n", test_case->name_token1);
globus_gsi_gssapi_test_print_error(stderr, major_status, minor_status);
exit(-1);
}
X509_free(cert);
globus_gsi_cred_handle_destroy(handle);
}
break;
}
for (j = i; !globus_list_empty(j); j = globus_list_rest(j))
{
compare_name_test_case_t *test_case2 = globus_list_first(j);
if (test_case->name_type1 == test_case2->name_type1 &&
test_case->name_token1 && test_case2->name_token1 &&
strcmp(test_case->name_token1, test_case2->name_token1) == 0 &&
test_case2->name1 == GSS_C_NO_NAME)
{
test_case2->name1 = test_case->name1;
}
if (test_case->name_type1 == test_case2->name_type2 &&
test_case->name_token1 && test_case2->name_token2 &&
strcmp(test_case->name_token1, test_case2->name_token2) == 0 &&
test_case2->name2 == GSS_C_NO_NAME)
{
test_case2->name2 = test_case->name1;
}
}
}
if (test_case->name2 == GSS_C_NO_NAME)
{
switch (test_case->name_type2)
{
case GSS_L_ANONYMOUS:
major_status = gss_import_name(&minor_status, &buffer, GSS_C_NT_ANONYMOUS, &test_case->name2);
if (major_status != GSS_S_COMPLETE)
{
fprintf(stderr, "Error importing <anonymous>\n");
globus_gsi_gssapi_test_print_error(stderr, major_status, minor_status);
exit(-1);
}
break;
case GSS_L_NO_OID:
buffer.value = test_case->name_token2;
buffer.length = strlen(buffer.value);
major_status = gss_import_name(&minor_status, &buffer, GSS_C_NO_OID, &test_case->name2);
if (major_status != GSS_S_COMPLETE)
{
fprintf(stderr, "Error importing %s\n", test_case->name_token2);
globus_gsi_gssapi_test_print_error(stderr, major_status, minor_status);
exit(-1);
}
break;
case GSS_L_HOSTBASED_SERVICE:
buffer.value = test_case->name_token2;
buffer.length = strlen(buffer.value);
major_status = gss_import_name(&minor_status, &buffer, GSS_C_NT_HOSTBASED_SERVICE, &test_case->name2);
if (major_status != GSS_S_COMPLETE)
{
fprintf(stderr, "Error importing %s\n", test_case->name_token2);
globus_gsi_gssapi_test_print_error(stderr, major_status, minor_status);
exit(-1);
}
break;
case GSS_L_HOST_IP:
if (gss_l_host_ip_support)
{
buffer.value = test_case->name_token2;
buffer.length = strlen(buffer.value);
major_status = gss_import_name(&minor_status, &buffer, GLOBUS_GSS_C_NT_HOST_IP, &test_case->name2);
if (major_status != GSS_S_COMPLETE)
{
fprintf(stderr, "Error importing %s\n", test_case->name_token2);
globus_gsi_gssapi_test_print_error(stderr, major_status, minor_status);
exit(-1);
}
}
break;
case GSS_L_X509:
if (gss_l_x509_support)
{
result = globus_gsi_cred_handle_init(&handle, NULL);
if (result != GLOBUS_SUCCESS)
{
globus_gsi_gssapi_test_print_result(stderr, result);
exit(-1);
}
result = globus_gsi_cred_read_cert(handle, test_case->name_token2);
if (result != GLOBUS_SUCCESS)
{
globus_gsi_gssapi_test_print_result(stderr, result);
exit(-2);
}
result = globus_gsi_cred_get_cert(handle, &cert);
buffer.value = cert;
buffer.length = sizeof(X509);
major_status = gss_import_name(&minor_status, &buffer, GLOBUS_GSS_C_NT_X509, &test_case->name2);
if (major_status != GSS_S_COMPLETE)
{
fprintf(stderr, "Error importing %s\n", test_case->name_token2);
globus_gsi_gssapi_test_print_error(stderr, major_status, minor_status);
exit(-1);
}
X509_free(cert);
globus_gsi_cred_handle_destroy(handle);
}
break;
}
for (j = i; !globus_list_empty(j); j = globus_list_rest(j))
{
compare_name_test_case_t *test_case2 = globus_list_first(j);
if (test_case->name_type2 == test_case2->name_type1 &&
test_case->name_token2 && test_case2->name_token1 &&
strcmp(test_case->name_token2, test_case2->name_token1) == 0 &&
test_case2->name1 == GSS_C_NO_NAME)
{
test_case2->name1 = test_case->name2;
}
if (test_case->name_type2 == test_case2->name_type2 &&
test_case->name_token2 && test_case2->name_token2 &&
strcmp(test_case->name_token2, test_case2->name_token2) == 0 &&
test_case2->name2 == GSS_C_NO_NAME)
{
test_case2->name2 = test_case->name2;
}
}
}
}
}
