#include <config.h>
#if defined(AUTH_GSS_NEGOTIATE) && AUTH_GSS_NEGOTIATE
#include <gssauth.h>
INTERNAL unsigned32 rpc_g_gssauth_alloc_count = 0;
INTERNAL unsigned32 rpc_g_gssauth_free_count = 0;
INTERNAL rpc_auth_rpc_prot_epv_p_t rpc_g_gssauth_negotiate_rpc_prot_epv[RPC_C_PROTOCOL_ID_MAX];
INTERNAL rpc_auth_rpc_prot_epv_p_t rpc_g_gssauth_mskrb_rpc_prot_epv[RPC_C_PROTOCOL_ID_MAX];
INTERNAL rpc_auth_rpc_prot_epv_p_t rpc_g_gssauth_winnt_rpc_prot_epv[RPC_C_PROTOCOL_ID_MAX];
INTERNAL rpc_auth_rpc_prot_epv_p_t rpc_g_gssauth_netlogon_rpc_prot_epv[RPC_C_PROTOCOL_ID_MAX];
INTERNAL void rpc__gssauth_negotiate_bnd_set_auth (
unsigned_char_p_t ,
rpc_authn_level_t ,
rpc_auth_identity_handle_t ,
rpc_authz_protocol_id_t ,
rpc_binding_handle_t ,
rpc_auth_info_p_t * ,
unsigned32 *
);
INTERNAL void rpc__gssauth_mskrb_bnd_set_auth (
unsigned_char_p_t ,
rpc_authn_level_t ,
rpc_auth_identity_handle_t ,
rpc_authz_protocol_id_t ,
rpc_binding_handle_t ,
rpc_auth_info_p_t * ,
unsigned32 *
);
INTERNAL void rpc__gssauth_winnt_bnd_set_auth (
unsigned_char_p_t ,
rpc_authn_level_t ,
rpc_auth_identity_handle_t ,
rpc_authz_protocol_id_t ,
rpc_binding_handle_t ,
rpc_auth_info_p_t * ,
unsigned32 *
);
INTERNAL void rpc__gssauth_netlogon_bnd_set_auth (
unsigned_char_p_t ,
rpc_authn_level_t ,
rpc_auth_identity_handle_t ,
rpc_authz_protocol_id_t ,
rpc_binding_handle_t ,
rpc_auth_info_p_t * ,
unsigned32 *
);
INTERNAL void rpc__gssauth_srv_reg_auth (
unsigned_char_p_t ,
rpc_auth_key_retrieval_fn_t ,
dce_pointer_t ,
unsigned32 *
);
INTERNAL void rpc__gssauth_mgt_inq_def (
unsigned32 * ,
unsigned32 *
);
INTERNAL void rpc__gssauth_inq_my_princ_name (
unsigned32 ,
unsigned_char_p_t ,
unsigned32 *
);
INTERNAL void rpc__gssauth_free_info (
rpc_auth_info_p_t *
);
INTERNAL void rpc__gssauth_free_key (
rpc_key_info_p_t *
);
INTERNAL error_status_t rpc__gssauth_resolve_identity (
rpc_auth_identity_handle_t ,
rpc_auth_identity_handle_t *
);
INTERNAL void rpc__gssauth_release_identity (
rpc_auth_identity_handle_t *
);
INTERNAL void rpc__gssauth_inq_sec_context (
rpc_auth_info_p_t ,
void ** ,
unsigned32 *
);
INTERNAL void rpc__gssauth_inq_access_token(
rpc_auth_info_p_t auth_info,
rpc_access_token_p_t* token,
unsigned32 *stp
);
INTERNAL rpc_auth_epv_t rpc_g_gssauth_negotiate_epv =
{
rpc__gssauth_negotiate_bnd_set_auth,
rpc__gssauth_srv_reg_auth,
rpc__gssauth_mgt_inq_def,
rpc__gssauth_inq_my_princ_name,
rpc__gssauth_free_info,
rpc__gssauth_free_key,
rpc__gssauth_resolve_identity,
rpc__gssauth_release_identity,
rpc__gssauth_inq_sec_context,
rpc__gssauth_inq_access_token
};
INTERNAL rpc_auth_epv_t rpc_g_gssauth_mskrb_epv =
{
rpc__gssauth_mskrb_bnd_set_auth,
rpc__gssauth_srv_reg_auth,
rpc__gssauth_mgt_inq_def,
rpc__gssauth_inq_my_princ_name,
rpc__gssauth_free_info,
rpc__gssauth_free_key,
rpc__gssauth_resolve_identity,
rpc__gssauth_release_identity,
rpc__gssauth_inq_sec_context,
rpc__gssauth_inq_access_token
};
INTERNAL rpc_auth_epv_t rpc_g_gssauth_winnt_epv =
{
rpc__gssauth_winnt_bnd_set_auth,
rpc__gssauth_srv_reg_auth,
rpc__gssauth_mgt_inq_def,
rpc__gssauth_inq_my_princ_name,
rpc__gssauth_free_info,
rpc__gssauth_free_key,
rpc__gssauth_resolve_identity,
rpc__gssauth_release_identity,
rpc__gssauth_inq_sec_context,
rpc__gssauth_inq_access_token
};
INTERNAL rpc_auth_epv_t rpc_g_gssauth_netlogon_epv =
{
rpc__gssauth_netlogon_bnd_set_auth,
rpc__gssauth_srv_reg_auth,
rpc__gssauth_mgt_inq_def,
rpc__gssauth_inq_my_princ_name,
rpc__gssauth_free_info,
rpc__gssauth_free_key,
rpc__gssauth_resolve_identity,
rpc__gssauth_release_identity,
rpc__gssauth_inq_sec_context,
rpc__gssauth_inq_access_token
};
INTERNAL void rpc__gssauth_bnd_set_auth
(
unsigned_char_p_t server_name,
rpc_authn_level_t level,
rpc_authn_protocol_id_t authn_protocol,
rpc_auth_identity_handle_t auth_ident,
rpc_authz_protocol_id_t authz_prot,
rpc_binding_handle_t binding_h,
rpc_auth_info_p_t *infop,
unsigned32 *stp
)
{
unsigned32 st;
rpc_gssauth_info_p_t gssauth_info;
unsigned_char_p_t str_server_name;
gss_name_t gss_server_name;
OM_uint32 maj_stat;
OM_uint32 min_stat;
RPC_DBG_PRINTF(rpc_e_dbg_auth, RPC_C_CN_DBG_AUTH_ROUTINE_TRACE,
("(rpc__gssauth_bnd_set_auth)\n"));
rpc_g_gssauth_alloc_count++;
RPC_MEM_ALLOC(gssauth_info,
rpc_gssauth_info_p_t,
sizeof (*gssauth_info),
RPC_C_MEM_GSSAUTH_INFO,
RPC_C_MEM_WAITOK);
memset (gssauth_info, 0, sizeof(*gssauth_info));
if ((authz_prot != rpc_c_authz_name) &&
(authz_prot != rpc_c_authz_gss_name)) {
st = rpc_s_authn_authz_mismatch;
goto poison;
}
if ((level != rpc_c_authn_level_connect) &&
(level != rpc_c_authn_level_pkt_integrity) &&
(level != rpc_c_authn_level_pkt_privacy)) {
st = rpc_s_unsupported_authn_level;
goto poison;
}
if (authz_prot == rpc_c_authz_name) {
gss_buffer_desc input_name;
if (server_name == NULL) {
rpc_mgmt_inq_server_princ_name(binding_h,
authn_protocol,
&str_server_name,
&st);
if (st != rpc_s_ok) {
goto poison;
}
} else {
str_server_name = rpc_stralloc(server_name);
}
input_name.value = (void *)str_server_name;
input_name.length = strlen((char *)str_server_name);
maj_stat = gss_import_name(&min_stat,
&input_name,
GSS_KRB5_NT_PRINCIPAL_NAME,
&gss_server_name);
if (GSS_ERROR(maj_stat)) {
char msg[256];
rpc__gssauth_error_map(maj_stat, min_stat, GSS_C_NO_OID,
msg, sizeof(msg), &st);
RPC_DBG_PRINTF(rpc_e_dbg_auth, RPC_C_CN_DBG_AUTH_GENERAL,
("(rpc__gssauth_bnd_set_auth): import: %s\n", msg));
goto poison;
}
} else if (authz_prot == rpc_c_authz_gss_name) {
gss_buffer_desc output_name;
gss_server_name = (gss_name_t)server_name;
server_name = NULL;
if (gss_server_name == GSS_C_NO_NAME) {
gss_server_name = GSS_C_NO_NAME;
str_server_name = NULL;
} else {
maj_stat = gss_duplicate_name(&min_stat,
gss_server_name,
&gss_server_name);
if (maj_stat != GSS_S_COMPLETE) {
char msg[256];
rpc__gssauth_error_map(maj_stat, min_stat, GSS_C_NO_OID,
msg, sizeof(msg), &st);
RPC_DBG_PRINTF(rpc_e_dbg_auth, RPC_C_CN_DBG_AUTH_GENERAL,
("(rpc__gssauth_bnd_set_auth): duplicate: %s\n", msg));
goto poison;
}
maj_stat = gss_display_name(&min_stat,
gss_server_name,
&output_name,
NULL);
if (maj_stat != GSS_S_COMPLETE) {
char msg[256];
rpc__gssauth_error_map(maj_stat, min_stat, GSS_C_NO_OID,
msg, sizeof(msg), &st);
RPC_DBG_PRINTF(rpc_e_dbg_auth, RPC_C_CN_DBG_AUTH_GENERAL,
("(rpc__gssauth_bnd_set_auth): display: %s\n", msg));
goto poison;
}
RPC_MEM_ALLOC(str_server_name,
unsigned_char_p_t,
output_name.length + 1,
RPC_C_MEM_STRING,
RPC_C_MEM_WAITOK);
rpc__strncpy(str_server_name,
output_name.value,
output_name.length);
gss_release_buffer(&min_stat, &output_name);
}
}
RPC_DBG_PRINTF(rpc_e_dbg_auth, RPC_C_CN_DBG_AUTH_GENERAL,
("(rpc__gssauth_bnd_set_auth) %p created (now %d active)\n",
gssauth_info, rpc_g_gssauth_alloc_count - rpc_g_gssauth_free_count));
if (auth_ident != NULL) {
gss_OID desired_mech = GSS_C_NO_OID;
rpc__gssauth_select_mech(&min_stat, authn_protocol, &desired_mech);
assert(gssauth_info->gss_creds == GSS_C_NO_CREDENTIAL);
maj_stat = gss_add_cred(&min_stat,
(const gss_cred_id_t)auth_ident,
GSS_C_NO_NAME,
desired_mech,
GSS_C_INITIATE,
GSS_C_INDEFINITE,
GSS_C_INDEFINITE,
&gssauth_info->gss_creds,
NULL,
NULL,
NULL);
if (GSS_ERROR(maj_stat)) {
char msg[256];
rpc__gssauth_error_map(maj_stat, min_stat, GSS_C_NO_OID,
msg, sizeof(msg), &st);
RPC_DBG_PRINTF(rpc_e_dbg_auth, RPC_C_CN_DBG_AUTH_GENERAL,
("(rpc__gssauth_bnd_set_auth): add_cred: %s\n", msg));
goto poison;
}
}
gssauth_info->gss_server_name = gss_server_name;
gssauth_info->auth_info.server_princ_name = str_server_name;
gssauth_info->auth_info.authn_level = level;
gssauth_info->auth_info.authn_protocol = authn_protocol;
gssauth_info->auth_info.authz_protocol = authz_prot;
gssauth_info->auth_info.is_server = false;
gssauth_info->auth_info.u.auth_identity = (rpc_auth_identity_handle_t)gssauth_info->gss_creds;
gssauth_info->auth_info.refcount = 1;
*infop = &gssauth_info->auth_info;
*stp = rpc_s_ok;
return;
poison:
*infop = &gssauth_info->auth_info;
*stp = st;
return;
}
INTERNAL void rpc__gssauth_negotiate_bnd_set_auth
(
unsigned_char_p_t server_name,
rpc_authn_level_t level,
rpc_auth_identity_handle_t auth_ident,
rpc_authz_protocol_id_t authz_prot,
rpc_binding_handle_t binding_h,
rpc_auth_info_p_t *infop,
unsigned32 *stp
)
{
RPC_DBG_PRINTF(rpc_e_dbg_auth, RPC_C_CN_DBG_AUTH_ROUTINE_TRACE,
("(rpc__gssauth_negotiate_bnd_set_auth)\n"));
rpc__gssauth_bnd_set_auth(server_name,
level,
rpc_c_authn_gss_negotiate,
auth_ident,
authz_prot,
binding_h,
infop,
stp);
}
INTERNAL void rpc__gssauth_mskrb_bnd_set_auth
(
unsigned_char_p_t server_name,
rpc_authn_level_t level,
rpc_auth_identity_handle_t auth_ident,
rpc_authz_protocol_id_t authz_prot,
rpc_binding_handle_t binding_h,
rpc_auth_info_p_t *infop,
unsigned32 *stp
)
{
RPC_DBG_PRINTF(rpc_e_dbg_auth, RPC_C_CN_DBG_AUTH_ROUTINE_TRACE,
("(rpc__gssauth_mskrb_bnd_set_auth)\n"));
rpc__gssauth_bnd_set_auth(server_name,
level,
rpc_c_authn_gss_mskrb,
auth_ident,
authz_prot,
binding_h,
infop,
stp);
}
INTERNAL void rpc__gssauth_winnt_bnd_set_auth
(
unsigned_char_p_t server_name,
rpc_authn_level_t level,
rpc_auth_identity_handle_t auth_ident,
rpc_authz_protocol_id_t authz_prot,
rpc_binding_handle_t binding_h,
rpc_auth_info_p_t *infop,
unsigned32 *stp
)
{
RPC_DBG_PRINTF(rpc_e_dbg_auth, RPC_C_CN_DBG_AUTH_ROUTINE_TRACE,
("(rpc__gssauth_winntmskrb_bnd_set_auth)\n"));
rpc__gssauth_bnd_set_auth(server_name,
level,
rpc_c_authn_winnt,
auth_ident,
authz_prot,
binding_h,
infop,
stp);
}
INTERNAL void rpc__gssauth_netlogon_bnd_set_auth
(
unsigned_char_p_t server_name,
rpc_authn_level_t level,
rpc_auth_identity_handle_t auth_ident,
rpc_authz_protocol_id_t authz_prot,
rpc_binding_handle_t binding_h,
rpc_auth_info_p_t *infop,
unsigned32 *stp
)
{
RPC_DBG_PRINTF(rpc_e_dbg_auth, RPC_C_CN_DBG_AUTH_ROUTINE_TRACE,
("(rpc__gssauth_netlogon_bnd_set_auth)\n"));
rpc__gssauth_bnd_set_auth(server_name,
level,
rpc_c_authn_netlogon,
auth_ident,
authz_prot,
binding_h,
infop,
stp);
}
INTERNAL void rpc__gssauth_negotiate_init
(
rpc_auth_epv_p_t *epv,
rpc_auth_rpc_prot_epv_tbl_t *rpc_prot_epv,
unsigned32 *st
)
{
unsigned32 prot_id;
rpc_auth_rpc_prot_epv_t *prot_epv;
RPC_DBG_PRINTF(rpc_e_dbg_auth, RPC_C_CN_DBG_AUTH_ROUTINE_TRACE,
("(rpc__gssauth_negotiate_init)\n"));
prot_id = rpc__gssauth_negotiate_cn_init (&prot_epv, st);
if (*st == rpc_s_ok) {
rpc_g_gssauth_negotiate_rpc_prot_epv[prot_id] = prot_epv;
}
*epv = &rpc_g_gssauth_negotiate_epv;
*rpc_prot_epv = rpc_g_gssauth_negotiate_rpc_prot_epv;
*st = 0;
}
INTERNAL void rpc__gssauth_mskrb_init
(
rpc_auth_epv_p_t *epv,
rpc_auth_rpc_prot_epv_tbl_t *rpc_prot_epv,
unsigned32 *st
)
{
unsigned32 prot_id;
rpc_auth_rpc_prot_epv_t *prot_epv;
RPC_DBG_PRINTF(rpc_e_dbg_auth, RPC_C_CN_DBG_AUTH_ROUTINE_TRACE,
("(rpc__gssauth_mskrb_init)\n"));
prot_id = rpc__gssauth_mskrb_cn_init (&prot_epv, st);
if (*st == rpc_s_ok) {
rpc_g_gssauth_mskrb_rpc_prot_epv[prot_id] = prot_epv;
}
*epv = &rpc_g_gssauth_mskrb_epv;
*rpc_prot_epv = rpc_g_gssauth_mskrb_rpc_prot_epv;
*st = 0;
}
INTERNAL void rpc__gssauth_winnt_init
(
rpc_auth_epv_p_t *epv,
rpc_auth_rpc_prot_epv_tbl_t *rpc_prot_epv,
unsigned32 *st
)
{
unsigned32 prot_id;
rpc_auth_rpc_prot_epv_t *prot_epv;
RPC_DBG_PRINTF(rpc_e_dbg_auth, RPC_C_CN_DBG_AUTH_ROUTINE_TRACE,
("(rpc__gssauth_winnt_init)\n"));
prot_id = rpc__gssauth_winnt_cn_init (&prot_epv, st);
if (*st == rpc_s_ok) {
rpc_g_gssauth_winnt_rpc_prot_epv[prot_id] = prot_epv;
}
*epv = &rpc_g_gssauth_winnt_epv;
*rpc_prot_epv = rpc_g_gssauth_winnt_rpc_prot_epv;
*st = 0;
}
INTERNAL void rpc__gssauth_netlogon_init
(
rpc_auth_epv_p_t *epv,
rpc_auth_rpc_prot_epv_tbl_t *rpc_prot_epv,
unsigned32 *st
)
{
unsigned32 prot_id;
rpc_auth_rpc_prot_epv_t *prot_epv;
RPC_DBG_PRINTF(rpc_e_dbg_auth, RPC_C_CN_DBG_AUTH_ROUTINE_TRACE,
("(rpc__gssauth_netlogon_init)\n"));
prot_id = rpc__gssauth_netlogon_cn_init (&prot_epv, st);
if (*st == rpc_s_ok) {
rpc_g_gssauth_netlogon_rpc_prot_epv[prot_id] = prot_epv;
}
*epv = &rpc_g_gssauth_netlogon_epv;
*rpc_prot_epv = rpc_g_gssauth_netlogon_rpc_prot_epv;
*st = 0;
}
INTERNAL void rpc__gssauth_free_info
(
rpc_auth_info_p_t *info
)
{
rpc_gssauth_info_p_t gssauth_info = (rpc_gssauth_info_p_t)*info ;
const char *info_type;
RPC_DBG_PRINTF(rpc_e_dbg_auth, RPC_C_CN_DBG_AUTH_ROUTINE_TRACE,
("(rpc__gssauth_free_info)\n"));
info_type = (*info)->is_server?"server":"client";
if (gssauth_info->auth_info.server_princ_name != NULL) {
unsigned32 st;
rpc_string_free(&gssauth_info->auth_info.server_princ_name, &st);
}
if (gssauth_info->gss_server_name != GSS_C_NO_NAME) {
OM_uint32 min_stat;
gss_release_name(&min_stat, &gssauth_info->gss_server_name);
gssauth_info->gss_server_name = GSS_C_NO_NAME;
}
if (gssauth_info->gss_creds != GSS_C_NO_CREDENTIAL) {
OM_uint32 min_stat;
gss_release_cred(&min_stat, &gssauth_info->gss_creds);
gssauth_info->gss_creds = GSS_C_NO_CREDENTIAL;
}
memset(gssauth_info, 0x69, sizeof(*gssauth_info));
RPC_MEM_FREE(gssauth_info, RPC_C_MEM_GSSAUTH_INFO);
rpc_g_gssauth_free_count++;
RPC_DBG_PRINTF(rpc_e_dbg_auth, RPC_C_CN_DBG_AUTH_GENERAL,
("(rpc__gssauth_free_info) freeing %s auth_info (now %d active).\n",
info_type, rpc_g_gssauth_alloc_count - rpc_g_gssauth_free_count));
*info = NULL;
}
INTERNAL void rpc__gssauth_mgt_inq_def
(
unsigned32 *authn_level,
unsigned32 *stp
)
{
RPC_DBG_PRINTF(rpc_e_dbg_auth, RPC_C_CN_DBG_AUTH_ROUTINE_TRACE,
("(rpc__gssauth_mgt_inq_def)\n"));
*authn_level = rpc_c_authn_level_pkt_privacy;
*stp = rpc_s_ok;
}
INTERNAL void rpc__gssauth_srv_reg_auth
(
unsigned_char_p_t server_name ATTRIBUTE_UNUSED,
rpc_auth_key_retrieval_fn_t get_key_func ATTRIBUTE_UNUSED,
dce_pointer_t arg ATTRIBUTE_UNUSED,
unsigned32 *stp
)
{
RPC_DBG_PRINTF(rpc_e_dbg_auth, RPC_C_CN_DBG_AUTH_ROUTINE_TRACE,
("(rpc__gssauth_srv_reg_auth)\n"));
*stp = rpc_s_ok;
}
INTERNAL void rpc__gssauth_inq_my_princ_name
(
unsigned32 name_size,
unsigned_char_p_t name,
unsigned32 *stp
)
{
RPC_DBG_PRINTF(rpc_e_dbg_auth, RPC_C_CN_DBG_AUTH_ROUTINE_TRACE,
("(rpc__gssauth_inq_my_princ_name)\n"));
if (name_size > 0) {
rpc__strncpy(name, (unsigned char *)"", name_size - 1);
}
*stp = rpc_s_ok;
}
INTERNAL void rpc__gssauth_free_key
(
rpc_key_info_p_t *info ATTRIBUTE_UNUSED
)
{
RPC_DBG_PRINTF(rpc_e_dbg_auth, RPC_C_CN_DBG_AUTH_ROUTINE_TRACE,
("(rpc__gssauth_free_key)\n"));
}
INTERNAL error_status_t rpc__gssauth_resolve_identity
(
rpc_auth_identity_handle_t in_identity,
rpc_auth_identity_handle_t *out_identity
)
{
RPC_DBG_PRINTF(rpc_e_dbg_auth, RPC_C_CN_DBG_AUTH_ROUTINE_TRACE,
("(rpc__gssauth_resolve_identity)\n"));
*out_identity = in_identity;
return 0;
}
INTERNAL void rpc__gssauth_release_identity
(
rpc_auth_identity_handle_t *identity ATTRIBUTE_UNUSED
)
{
RPC_DBG_PRINTF(rpc_e_dbg_auth, RPC_C_CN_DBG_AUTH_ROUTINE_TRACE,
("(rpc__gssauth_release_identity)\n"));
}
void rpc__gssauth_init_func(void)
{
static rpc_authn_protocol_id_elt_t auth[4] = {
{
rpc__gssauth_negotiate_init,
rpc_c_authn_gss_negotiate,
dce_c_rpc_authn_protocol_gss_negotiate,
NULL,
rpc_g_gssauth_negotiate_rpc_prot_epv
},
{
rpc__gssauth_mskrb_init,
rpc_c_authn_gss_mskrb,
dce_c_rpc_authn_protocol_gss_mskrb,
NULL,
rpc_g_gssauth_mskrb_rpc_prot_epv
},
{
rpc__gssauth_winnt_init,
rpc_c_authn_winnt,
dce_c_rpc_authn_protocol_winnt,
NULL,
rpc_g_gssauth_winnt_rpc_prot_epv
},
{
rpc__gssauth_netlogon_init,
rpc_c_authn_netlogon,
dce_c_rpc_authn_protocol_netlogon,
NULL,
rpc_g_gssauth_netlogon_rpc_prot_epv
}
};
RPC_DBG_PRINTF(rpc_e_dbg_auth, RPC_C_CN_DBG_AUTH_ROUTINE_TRACE,
("(rpc__module_init_func)\n"));
rpc__register_authn_protocol(auth, sizeof(auth)/sizeof(auth[0]));
}
INTERNAL void rpc__gssauth_inq_sec_context
(
rpc_auth_info_p_t auth_info,
void **mech_context,
unsigned32 *stp
)
{
rpc_gssauth_info_p_t gssauth_info = NULL;
rpc_gssauth_cn_info_p_t gssauth_cn_info = NULL;
RPC_DBG_PRINTF(rpc_e_dbg_auth, RPC_C_CN_DBG_AUTH_ROUTINE_TRACE,
("(rpc__gssauth_inq_sec_context)\n"));
gssauth_info = (rpc_gssauth_info_p_t)auth_info;
gssauth_cn_info = gssauth_info->cn_info;
*mech_context = (void*)gssauth_cn_info->gss_ctx;
*stp = rpc_s_ok;
}
INTERNAL void rpc__gssauth_inq_access_token(
rpc_auth_info_p_t auth_info ATTRIBUTE_UNUSED,
rpc_access_token_p_t* token,
unsigned32 *stp
)
{
*token = NULL;
*stp = rpc_s_not_supported;
}
static struct {
rpc_authn_protocol_id_t authn_protocol;
gss_OID_desc gss_oid;
} rpc__gssauth_mechanisms[] = {
{
rpc_c_authn_gss_negotiate,
{ 6, (void *)"\053\006\001\005\005\002" },
},
{
rpc_c_authn_gss_mskrb,
{ 9, (void *)"\052\206\110\206\367\022\001\002\002" },
},
{
rpc_c_authn_winnt,
{ 10, (void *)"\x2b\x06\x01\x04\x01\x82\x37\x02\x02\x0a" },
},
{
rpc_c_authn_netlogon,
{ 6, (void *)"\x2a\x85\x70\x2b\x0e\x02" },
},
};
PRIVATE OM_uint32 rpc__gssauth_select_mech
(
OM_uint32 *min_stat,
rpc_authn_protocol_id_t authn_protocol,
gss_OID *req_mech
)
{
gss_OID selected_mech = GSS_C_NO_OID;
size_t i;
*min_stat = 0;
for (i = 0;
i < sizeof(rpc__gssauth_mechanisms)/sizeof(rpc__gssauth_mechanisms[0]);
i++)
{
if (rpc__gssauth_mechanisms[i].authn_protocol == authn_protocol) {
selected_mech = &rpc__gssauth_mechanisms[i].gss_oid;
break;
}
}
if (selected_mech == GSS_C_NO_OID)
return GSS_S_UNAVAILABLE;
*req_mech = selected_mech;
return GSS_S_COMPLETE;
}
#endif