svn rev #21664: branches/mskrb-integ/src/lib/gssapi/ krb5/ mechglue/ spnego/
lhoward@MIT.EDU
lhoward at MIT.EDU
Fri Jan 2 03:16:29 EST 2009
http://src.mit.edu/fisheye/changelog/krb5/?cs=21664
Commit By: lhoward
Log Message:
Layer gss_sign() on top of gss_get_mic(), gss_verify() on top of
gss_verify_mic(), rather than the other way around. Mechanisms should
export a V2 interface.
Changed Files:
U branches/mskrb-integ/src/lib/gssapi/krb5/gssapiP_krb5.h
U branches/mskrb-integ/src/lib/gssapi/krb5/gssapi_krb5.c
U branches/mskrb-integ/src/lib/gssapi/krb5/k5seal.c
U branches/mskrb-integ/src/lib/gssapi/krb5/k5sealv3.c
U branches/mskrb-integ/src/lib/gssapi/krb5/k5unseal.c
U branches/mskrb-integ/src/lib/gssapi/krb5/seal.c
U branches/mskrb-integ/src/lib/gssapi/krb5/sign.c
U branches/mskrb-integ/src/lib/gssapi/krb5/unseal.c
U branches/mskrb-integ/src/lib/gssapi/krb5/verify.c
U branches/mskrb-integ/src/lib/gssapi/mechglue/g_initialize.c
U branches/mskrb-integ/src/lib/gssapi/mechglue/g_sign.c
U branches/mskrb-integ/src/lib/gssapi/mechglue/g_verify.c
U branches/mskrb-integ/src/lib/gssapi/mechglue/mglueP.h
U branches/mskrb-integ/src/lib/gssapi/spnego/gssapiP_spnego.h
U branches/mskrb-integ/src/lib/gssapi/spnego/spnego_mech.c
Modified: branches/mskrb-integ/src/lib/gssapi/krb5/gssapiP_krb5.h
===================================================================
--- branches/mskrb-integ/src/lib/gssapi/krb5/gssapiP_krb5.h 2009-01-02 07:47:40 UTC (rev 21663)
+++ branches/mskrb-integ/src/lib/gssapi/krb5/gssapiP_krb5.h 2009-01-02 08:16:27 UTC (rev 21664)
@@ -319,7 +319,7 @@
OM_uint32 kg_seal (OM_uint32 *minor_status,
gss_ctx_id_t context_handle,
int conf_req_flag,
- int qop_req,
+ gss_qop_t qop_req,
gss_buffer_t input_message_buffer,
int *conf_state,
gss_buffer_t output_message_buffer,
@@ -330,7 +330,7 @@
gss_buffer_t input_token_buffer,
gss_buffer_t message_buffer,
int *conf_state,
- int *qop_state,
+ gss_qop_t *qop_state,
int toktype);
OM_uint32 kg_seal_size (OM_uint32 *minor_status,
@@ -531,22 +531,6 @@
OM_uint32* /* time_rec */
);
-OM_uint32 krb5_gss_sign
-(OM_uint32*, /* minor_status */
- gss_ctx_id_t, /* context_handle */
- int, /* qop_req */
- gss_buffer_t, /* message_buffer */
- gss_buffer_t /* message_token */
-);
-
-OM_uint32 krb5_gss_verify
-(OM_uint32*, /* minor_status */
- gss_ctx_id_t, /* context_handle */
- gss_buffer_t, /* message_buffer */
- gss_buffer_t, /* token_buffer */
- int* /* qop_state */
-);
-
OM_uint32 krb5_gss_display_status
(OM_uint32*, /* minor_status */
OM_uint32, /* status_value */
@@ -796,7 +780,7 @@
unsigned char *ptr,
unsigned int bodysize,
gss_buffer_t message_buffer,
- int *conf_state, int *qop_state,
+ int *conf_state, gss_qop_t *qop_state,
int toktype);
int gss_krb5int_rotate_left (void *ptr, size_t bufsiz, size_t rc);
Modified: branches/mskrb-integ/src/lib/gssapi/krb5/gssapi_krb5.c
===================================================================
--- branches/mskrb-integ/src/lib/gssapi/krb5/gssapi_krb5.c 2009-01-02 07:47:40 UTC (rev 21663)
+++ branches/mskrb-integ/src/lib/gssapi/krb5/gssapi_krb5.c 2009-01-02 08:16:27 UTC (rev 21664)
@@ -630,8 +630,8 @@
krb5_gss_process_context_token,
krb5_gss_delete_sec_context,
krb5_gss_context_time,
- krb5_gss_sign,
- krb5_gss_verify,
+ krb5_gss_get_mic,
+ krb5_gss_verify_mic,
#ifdef IOV_SHIM_EXERCISE
NULL,
NULL,
Modified: branches/mskrb-integ/src/lib/gssapi/krb5/k5seal.c
===================================================================
--- branches/mskrb-integ/src/lib/gssapi/krb5/k5seal.c 2009-01-02 07:47:40 UTC (rev 21663)
+++ branches/mskrb-integ/src/lib/gssapi/krb5/k5seal.c 2009-01-02 08:16:27 UTC (rev 21664)
@@ -324,7 +324,7 @@
OM_uint32 *minor_status;
gss_ctx_id_t context_handle;
int conf_req_flag;
- int qop_req;
+ gss_qop_t qop_req;
gss_buffer_t input_message_buffer;
int *conf_state;
gss_buffer_t output_message_buffer;
Modified: branches/mskrb-integ/src/lib/gssapi/krb5/k5sealv3.c
===================================================================
--- branches/mskrb-integ/src/lib/gssapi/krb5/k5sealv3.c 2009-01-02 07:47:40 UTC (rev 21663)
+++ branches/mskrb-integ/src/lib/gssapi/krb5/k5sealv3.c 2009-01-02 08:16:27 UTC (rev 21664)
@@ -306,7 +306,7 @@
krb5_gss_ctx_id_rec *ctx,
unsigned char *ptr, unsigned int bodysize,
gss_buffer_t message_buffer,
- int *conf_state, int *qop_state, int toktype)
+ int *conf_state, gss_qop_t *qop_state, int toktype)
{
krb5_context context = *contextptr;
krb5_data plain;
Modified: branches/mskrb-integ/src/lib/gssapi/krb5/k5unseal.c
===================================================================
--- branches/mskrb-integ/src/lib/gssapi/krb5/k5unseal.c 2009-01-02 07:47:40 UTC (rev 21663)
+++ branches/mskrb-integ/src/lib/gssapi/krb5/k5unseal.c 2009-01-02 08:16:27 UTC (rev 21664)
@@ -486,7 +486,7 @@
gss_buffer_t input_token_buffer;
gss_buffer_t message_buffer;
int *conf_state;
- int *qop_state;
+ gss_qop_t *qop_state;
int toktype;
{
krb5_gss_ctx_id_rec *ctx;
Modified: branches/mskrb-integ/src/lib/gssapi/krb5/seal.c
===================================================================
--- branches/mskrb-integ/src/lib/gssapi/krb5/seal.c 2009-01-02 07:47:40 UTC (rev 21663)
+++ branches/mskrb-integ/src/lib/gssapi/krb5/seal.c 2009-01-02 08:16:27 UTC (rev 21664)
@@ -41,7 +41,7 @@
gss_buffer_t output_message_buffer;
{
return(kg_seal(minor_status, context_handle, conf_req_flag,
- (int) qop_req, input_message_buffer, conf_state,
+ qop_req, input_message_buffer, conf_state,
output_message_buffer, KG_TOK_WRAP_MSG));
}
@@ -58,7 +58,8 @@
OM_uint32 major_status;
major_status = kg_seal_iov(minor_status, context_handle, conf_req_flag,
- qop_req, conf_state, iov, iov_count, KG_TOK_WRAP_MSG);
+ qop_req, conf_state,
+ iov, iov_count, KG_TOK_WRAP_MSG);
return major_status;
}
Modified: branches/mskrb-integ/src/lib/gssapi/krb5/sign.c
===================================================================
--- branches/mskrb-integ/src/lib/gssapi/krb5/sign.c 2009-01-02 07:47:40 UTC (rev 21663)
+++ branches/mskrb-integ/src/lib/gssapi/krb5/sign.c 2009-01-02 08:16:27 UTC (rev 21664)
@@ -27,21 +27,6 @@
* $Id$
*/
-OM_uint32
-krb5_gss_sign(minor_status, context_handle,
- qop_req, message_buffer,
- message_token)
- OM_uint32 *minor_status;
- gss_ctx_id_t context_handle;
- int qop_req;
- gss_buffer_t message_buffer;
- gss_buffer_t message_token;
-{
- return(kg_seal(minor_status, context_handle, 0,
- qop_req, message_buffer, NULL,
- message_token, KG_TOK_SIGN_MSG));
-}
-
/* V2 interface */
OM_uint32
krb5_gss_get_mic(minor_status, context_handle, qop_req,
@@ -53,7 +38,7 @@
gss_buffer_t message_token;
{
return(kg_seal(minor_status, context_handle, 0,
- (int) qop_req, message_buffer, NULL,
+ qop_req, message_buffer, NULL,
message_token, KG_TOK_MIC_MSG));
}
Modified: branches/mskrb-integ/src/lib/gssapi/krb5/unseal.c
===================================================================
--- branches/mskrb-integ/src/lib/gssapi/krb5/unseal.c 2009-01-02 07:47:40 UTC (rev 21663)
+++ branches/mskrb-integ/src/lib/gssapi/krb5/unseal.c 2009-01-02 08:16:27 UTC (rev 21664)
@@ -40,13 +40,10 @@
gss_qop_t *qop_state;
{
OM_uint32 rstat;
- int qstate;
rstat = kg_unseal(minor_status, context_handle,
input_message_buffer, output_message_buffer,
- conf_state, &qstate, KG_TOK_WRAP_MSG);
- if (!rstat && qop_state)
- *qop_state = (gss_qop_t) qstate;
+ conf_state, qop_state, KG_TOK_WRAP_MSG);
return(rstat);
}
@@ -62,7 +59,8 @@
OM_uint32 major_status;
major_status = kg_unseal_iov(minor_status, context_handle,
- conf_state, qop_state, iov, iov_count, KG_TOK_WRAP_MSG);
+ conf_state, qop_state,
+ iov, iov_count, KG_TOK_WRAP_MSG);
return major_status;
}
Modified: branches/mskrb-integ/src/lib/gssapi/krb5/verify.c
===================================================================
--- branches/mskrb-integ/src/lib/gssapi/krb5/verify.c 2009-01-02 07:47:40 UTC (rev 21663)
+++ branches/mskrb-integ/src/lib/gssapi/krb5/verify.c 2009-01-02 08:16:27 UTC (rev 21664)
@@ -27,21 +27,6 @@
* $Id$
*/
-OM_uint32
-krb5_gss_verify(minor_status, context_handle,
- message_buffer, token_buffer,
- qop_state)
- OM_uint32 *minor_status;
- gss_ctx_id_t context_handle;
- gss_buffer_t message_buffer;
- gss_buffer_t token_buffer;
- int *qop_state;
-{
- return(kg_unseal(minor_status, context_handle,
- token_buffer, message_buffer,
- NULL, qop_state, KG_TOK_SIGN_MSG));
-}
-
/* V2 interface */
OM_uint32
krb5_gss_verify_mic(minor_status, context_handle,
@@ -54,13 +39,10 @@
gss_qop_t *qop_state;
{
OM_uint32 rstat;
- int qstate;
rstat = kg_unseal(minor_status, context_handle,
token_buffer, message_buffer,
- NULL, &qstate, KG_TOK_MIC_MSG);
- if (!rstat && qop_state)
- *qop_state = (gss_qop_t) qstate;
+ NULL, qop_state, KG_TOK_MIC_MSG);
return(rstat);
}
Modified: branches/mskrb-integ/src/lib/gssapi/mechglue/g_initialize.c
===================================================================
--- branches/mskrb-integ/src/lib/gssapi/mechglue/g_initialize.c 2009-01-02 07:47:40 UTC (rev 21663)
+++ branches/mskrb-integ/src/lib/gssapi/mechglue/g_initialize.c 2009-01-02 08:16:27 UTC (rev 21664)
@@ -729,8 +729,8 @@
GSS_ADD_DYNAMIC_METHOD(dl, mech, gss_process_context_token);
GSS_ADD_DYNAMIC_METHOD(dl, mech, gss_delete_sec_context);
GSS_ADD_DYNAMIC_METHOD(dl, mech, gss_context_time);
- GSS_ADD_DYNAMIC_METHOD(dl, mech, gss_sign);
- GSS_ADD_DYNAMIC_METHOD(dl, mech, gss_verify);
+ GSS_ADD_DYNAMIC_METHOD(dl, mech, gss_get_mic);
+ GSS_ADD_DYNAMIC_METHOD(dl, mech, gss_verify_mic);
GSS_ADD_DYNAMIC_METHOD(dl, mech, gss_wrap);
GSS_ADD_DYNAMIC_METHOD(dl, mech, gss_unwrap);
GSS_ADD_DYNAMIC_METHOD(dl, mech, gss_display_status);
Modified: branches/mskrb-integ/src/lib/gssapi/mechglue/g_sign.c
===================================================================
--- branches/mskrb-integ/src/lib/gssapi/mechglue/g_sign.c 2009-01-02 07:47:40 UTC (rev 21663)
+++ branches/mskrb-integ/src/lib/gssapi/mechglue/g_sign.c 2009-01-02 08:16:27 UTC (rev 21664)
@@ -23,16 +23,16 @@
*/
/*
- * glue routine gss_sign
+ * glue routine gss_get_mic
*/
#include "mglueP.h"
static OM_uint32
-val_sign_args(
+val_get_mic_args(
OM_uint32 *minor_status,
gss_ctx_id_t context_handle,
- int qop_req,
+ gss_qop_t qop_req,
gss_buffer_t message_buffer,
gss_buffer_t msg_token)
{
@@ -66,15 +66,15 @@
OM_uint32 KRB5_CALLCONV
-gss_sign (minor_status,
- context_handle,
- qop_req,
- message_buffer,
- msg_token)
+gss_get_mic (minor_status,
+ context_handle,
+ qop_req,
+ message_buffer,
+ msg_token)
OM_uint32 * minor_status;
gss_ctx_id_t context_handle;
-int qop_req;
+gss_qop_t qop_req;
gss_buffer_t message_buffer;
gss_buffer_t msg_token;
@@ -83,8 +83,8 @@
gss_union_ctx_id_t ctx;
gss_mechanism mech;
- status = val_sign_args(minor_status, context_handle,
- qop_req, message_buffer, msg_token);
+ status = val_get_mic_args(minor_status, context_handle,
+ qop_req, message_buffer, msg_token);
if (status != GSS_S_COMPLETE)
return (status);
@@ -97,8 +97,8 @@
mech = gssint_get_mechanism (ctx->mech_type);
if (mech) {
- if (mech->gss_sign) {
- status = mech->gss_sign(
+ if (mech->gss_get_mic) {
+ status = mech->gss_get_mic(
minor_status,
ctx->internal_ctx_id,
qop_req,
@@ -116,7 +116,7 @@
}
OM_uint32 KRB5_CALLCONV
-gss_get_mic (minor_status,
+gss_sign (minor_status,
context_handle,
qop_req,
message_buffer,
@@ -124,12 +124,12 @@
OM_uint32 * minor_status;
gss_ctx_id_t context_handle;
-gss_qop_t qop_req;
+int qop_req;
gss_buffer_t message_buffer;
gss_buffer_t msg_token;
{
- return (gss_sign(minor_status, context_handle, (int) qop_req,
- message_buffer, msg_token));
+ return (gss_get_mic(minor_status, context_handle, (gss_qop_t) qop_req,
+ message_buffer, msg_token));
}
Modified: branches/mskrb-integ/src/lib/gssapi/mechglue/g_verify.c
===================================================================
--- branches/mskrb-integ/src/lib/gssapi/mechglue/g_verify.c 2009-01-02 07:47:40 UTC (rev 21663)
+++ branches/mskrb-integ/src/lib/gssapi/mechglue/g_verify.c 2009-01-02 08:16:27 UTC (rev 21664)
@@ -23,23 +23,23 @@
*/
/*
- * glue routine for gss_verify
+ * glue routine for gss_verify_mic
*/
#include "mglueP.h"
OM_uint32 KRB5_CALLCONV
-gss_verify (minor_status,
- context_handle,
- message_buffer,
- token_buffer,
- qop_state)
+gss_verify_mic (minor_status,
+ context_handle,
+ message_buffer,
+ token_buffer,
+ qop_state)
OM_uint32 * minor_status;
gss_ctx_id_t context_handle;
gss_buffer_t message_buffer;
gss_buffer_t token_buffer;
-int * qop_state;
+gss_qop_t * qop_state;
{
OM_uint32 status;
@@ -68,13 +68,13 @@
mech = gssint_get_mechanism (ctx->mech_type);
if (mech) {
- if (mech->gss_verify) {
- status = mech->gss_verify(
- minor_status,
- ctx->internal_ctx_id,
- message_buffer,
- token_buffer,
- qop_state);
+ if (mech->gss_verify_mic) {
+ status = mech->gss_verify_mic(
+ minor_status,
+ ctx->internal_ctx_id,
+ message_buffer,
+ token_buffer,
+ qop_state);
if (status != GSS_S_COMPLETE)
map_error(minor_status, mech);
} else
@@ -87,7 +87,7 @@
}
OM_uint32 KRB5_CALLCONV
-gss_verify_mic (minor_status,
+gss_verify (minor_status,
context_handle,
message_buffer,
token_buffer,
@@ -97,9 +97,10 @@
gss_ctx_id_t context_handle;
gss_buffer_t message_buffer;
gss_buffer_t token_buffer;
-gss_qop_t * qop_state;
+int * qop_state;
{
- return (gss_verify(minor_status, context_handle,
- message_buffer, token_buffer, (int *) qop_state));
+ return (gss_verify_mic(minor_status, context_handle,
+ message_buffer, token_buffer,
+ (gss_qop_t *) qop_state));
}
Modified: branches/mskrb-integ/src/lib/gssapi/mechglue/mglueP.h
===================================================================
--- branches/mskrb-integ/src/lib/gssapi/mechglue/mglueP.h 2009-01-02 07:47:40 UTC (rev 21663)
+++ branches/mskrb-integ/src/lib/gssapi/mechglue/mglueP.h 2009-01-02 08:16:27 UTC (rev 21664)
@@ -184,21 +184,21 @@
gss_ctx_id_t, /* context_handle */
OM_uint32* /* time_rec */
);
- OM_uint32 (*gss_sign)
+ OM_uint32 (*gss_get_mic)
(
OM_uint32*, /* minor_status */
gss_ctx_id_t, /* context_handle */
- int, /* qop_req */
+ gss_qop_t, /* qop_req */
gss_buffer_t, /* message_buffer */
gss_buffer_t /* message_token */
);
- OM_uint32 (*gss_verify)
+ OM_uint32 (*gss_verify_mic)
(
OM_uint32*, /* minor_status */
gss_ctx_id_t, /* context_handle */
gss_buffer_t, /* message_buffer */
gss_buffer_t, /* token_buffer */
- int* /* qop_state */
+ gss_qop_t* /* qop_state */
);
OM_uint32 (*gss_wrap)
(
Modified: branches/mskrb-integ/src/lib/gssapi/spnego/gssapiP_spnego.h
===================================================================
--- branches/mskrb-integ/src/lib/gssapi/spnego/gssapiP_spnego.h 2009-01-02 07:47:40 UTC (rev 21663)
+++ branches/mskrb-integ/src/lib/gssapi/spnego/gssapiP_spnego.h 2009-01-02 08:16:27 UTC (rev 21664)
@@ -305,22 +305,22 @@
OM_uint32 *max_input_size
);
-OM_uint32 spnego_gss_sign
+OM_uint32 spnego_gss_get_mic
(
OM_uint32 *minor_status,
const gss_ctx_id_t context_handle,
- int qop_req,
+ gss_qop_t qop_req,
const gss_buffer_t message_buffer,
gss_buffer_t message_token
);
-OM_uint32 spnego_gss_verify
+OM_uint32 spnego_gss_verify_mic
(
OM_uint32 *minor_status,
const gss_ctx_id_t context_handle,
const gss_buffer_t msg_buffer,
const gss_buffer_t token_buffer,
- int *qop_state
+ gss_qop_t *qop_state
);
OM_uint32
Modified: branches/mskrb-integ/src/lib/gssapi/spnego/spnego_mech.c
===================================================================
--- branches/mskrb-integ/src/lib/gssapi/spnego/spnego_mech.c 2009-01-02 07:47:40 UTC (rev 21663)
+++ branches/mskrb-integ/src/lib/gssapi/spnego/spnego_mech.c 2009-01-02 08:16:27 UTC (rev 21664)
@@ -221,8 +221,8 @@
NULL, /* gss_process_context_token */
spnego_gss_delete_sec_context, /* gss_delete_sec_context */
spnego_gss_context_time, /* gss_context_time */
- spnego_gss_sign, /* gss_sign */
- spnego_gss_verify, /* gss_verify */
+ spnego_gss_get_mic, /* gss_get_mic */
+ spnego_gss_verify_mic, /* gss_verify_mic */
spnego_gss_wrap, /* gss_wrap */
spnego_gss_unwrap, /* gss_unwrap */
spnego_gss_display_status,
@@ -2033,15 +2033,15 @@
}
OM_uint32
-spnego_gss_sign(
+spnego_gss_get_mic(
OM_uint32 *minor_status,
const gss_ctx_id_t context_handle,
- int qop_req,
+ gss_qop_t qop_req,
const gss_buffer_t message_buffer,
gss_buffer_t message_token)
{
OM_uint32 ret;
- ret = gss_sign(minor_status,
+ ret = gss_get_mic(minor_status,
context_handle,
qop_req,
message_buffer,
@@ -2050,19 +2050,19 @@
}
OM_uint32
-spnego_gss_verify(
+spnego_gss_verify_mic(
OM_uint32 *minor_status,
const gss_ctx_id_t context_handle,
const gss_buffer_t msg_buffer,
const gss_buffer_t token_buffer,
- int *qop_state)
+ gss_qop_t *qop_state)
{
OM_uint32 ret;
ret = gss_verify_mic(minor_status,
context_handle,
msg_buffer,
token_buffer,
- (gss_qop_t *)qop_state); /* XXX */
+ qop_state);
return (ret);
}
More information about the cvs-krb5
mailing list