/* Return true if mech should be accepted with no acceptor credential. */ static int allow_mech_by_default(gss_OID mech) { OM_uint32 status, minor; gss_OID_set attrs; int reject = 0, p; /* Whether we accept an interposer mech depends on whether we accept the * mech it interposes. */ mech = gssint_get_public_oid(mech); if (mech == GSS_C_NO_OID) return 0; status = gss_inquire_attrs_for_mech(&minor, mech, &attrs, NULL); if (status) return 0; /* Check for each attribute which would cause us to exclude this mech from * the default credential. */ if (generic_gss_test_oid_set_member(&minor, GSS_C_MA_DEPRECATED, attrs, &p) != GSS_S_COMPLETE || p) reject = 1; else if (generic_gss_test_oid_set_member(&minor, GSS_C_MA_NOT_DFLT_MECH, attrs, &p) != GSS_S_COMPLETE || p) reject = 1; (void) gss_release_oid_set(&minor, &attrs); return !reject; }
int attrs_for_mech(struct attrs_for_mech_options *opt, int argc, char **argv) { gss_OID_set mech_attr = NULL, known_mech_attrs = NULL; gss_OID mech = GSS_C_NO_OID; OM_uint32 major, minor; if (opt->mech_string) { mech = gss_name_to_oid(opt->mech_string); if (mech == NULL) errx(1, "mech %s is unknown", opt->mech_string); } major = gss_inquire_attrs_for_mech(&minor, mech, &mech_attr, &known_mech_attrs); if (major) errx(1, "gss_inquire_attrs_for_mech"); if (mech) { print_mech_attr(opt->mech_string, mech, mech_attr); } if (opt->all_flag) { print_mech_attr("all mechs", NULL, known_mech_attrs); } gss_release_oid_set(&minor, &mech_attr); gss_release_oid_set(&minor, &known_mech_attrs); return 0; }
static OM_uint32 dumpMechAttrs(OM_uint32 *minor, gss_OID mech) { OM_uint32 major, tmpMinor; gss_OID_set mech_attrs = GSS_C_NO_OID_SET; gss_OID_set known_attrs = GSS_C_NO_OID_SET; size_t i; major = gss_inquire_attrs_for_mech(minor, mech, &mech_attrs, &known_attrs); if (GSS_ERROR(major)) { displayStatus("gss_inquire_attrs_for_mech", major, *minor); return major; } printf("Mech attrs: "); for (i = 0; i < mech_attrs->count; i++) { gss_buffer_desc name = GSS_C_EMPTY_BUFFER; gss_buffer_desc short_desc = GSS_C_EMPTY_BUFFER; gss_buffer_desc long_desc = GSS_C_EMPTY_BUFFER; major = gss_display_mech_attr(minor, &mech_attrs->elements[i], &name, &short_desc, &long_desc); if (GSS_ERROR(major)) { displayStatus("gss_display_mech_attr", major, *minor); continue; } printf("%.*s ", (int)name.length, (char *)name.value); gss_release_buffer(minor, &name); gss_release_buffer(minor, &short_desc); gss_release_buffer(minor, &long_desc); } printf("\n"); printf("Known attrs: "); for (i = 0; i < known_attrs->count; i++) { gss_buffer_desc name = GSS_C_EMPTY_BUFFER; gss_buffer_desc short_desc = GSS_C_EMPTY_BUFFER; gss_buffer_desc long_desc = GSS_C_EMPTY_BUFFER; major = gss_display_mech_attr(minor, &known_attrs->elements[i], &name, &short_desc, &long_desc); if (GSS_ERROR(major)) { displayStatus("gss_display_mech_attr", major, *minor); continue; } printf("%.*s ", (int)name.length, (char *)name.value); gss_release_buffer(minor, &name); gss_release_buffer(minor, &short_desc); gss_release_buffer(minor, &long_desc); } printf("\n"); gss_release_oid_set(&tmpMinor, &mech_attrs); gss_release_oid_set(&tmpMinor, &known_attrs); return GSS_S_COMPLETE; }