[CalendarServer-changes] [2321] PyKerberos/trunk/src
source_changes at macosforge.org
source_changes at macosforge.org
Wed Apr 16 12:53:29 PDT 2008
Revision: 2321
http://trac.macosforge.org/projects/calendarserver/changeset/2321
Author: wsanchez at apple.com
Date: 2008-04-16 12:53:28 -0700 (Wed, 16 Apr 2008)
Log Message:
-----------
Get rid of tabs, small indent cleanup
Modified Paths:
--------------
PyKerberos/trunk/src/base64.c
PyKerberos/trunk/src/kerberos.c
PyKerberos/trunk/src/kerberosbasic.c
PyKerberos/trunk/src/kerberosgss.c
PyKerberos/trunk/src/kerberosgss.h
Modified: PyKerberos/trunk/src/base64.c
===================================================================
--- PyKerberos/trunk/src/base64.c 2008-04-16 19:21:39 UTC (rev 2320)
+++ PyKerberos/trunk/src/base64.c 2008-04-16 19:53:28 UTC (rev 2321)
@@ -37,86 +37,86 @@
};
#define CHAR64(c) (((c) < 0 || (c) > 127) ? -1 : index_64[(c)])
-// base64_encode : base64 encode
+// base64_encode : base64 encode
//
-// value : data to encode
-// vlen : length of data
-// (result) : new char[] - c-str of result
+// value : data to encode
+// vlen : length of data
+// (result) : new char[] - c-str of result
char *base64_encode(const unsigned char *value, int vlen)
{
- char *result = (char *)malloc((vlen * 4) / 3 + 5);
- char *out = result;
+ char *result = (char *)malloc((vlen * 4) / 3 + 5);
+ char *out = result;
while (vlen >= 3)
{
- *out++ = basis_64[value[0] >> 2];
- *out++ = basis_64[((value[0] << 4) & 0x30) | (value[1] >> 4)];
- *out++ = basis_64[((value[1] << 2) & 0x3C) | (value[2] >> 6)];
- *out++ = basis_64[value[2] & 0x3F];
- value += 3;
- vlen -= 3;
+ *out++ = basis_64[value[0] >> 2];
+ *out++ = basis_64[((value[0] << 4) & 0x30) | (value[1] >> 4)];
+ *out++ = basis_64[((value[1] << 2) & 0x3C) | (value[2] >> 6)];
+ *out++ = basis_64[value[2] & 0x3F];
+ value += 3;
+ vlen -= 3;
}
if (vlen > 0)
{
- *out++ = basis_64[value[0] >> 2];
- unsigned char oval = (value[0] << 4) & 0x30;
- if (vlen > 1) oval |= value[1] >> 4;
- *out++ = basis_64[oval];
- *out++ = (vlen < 2) ? '=' : basis_64[(value[1] << 2) & 0x3C];
- *out++ = '=';
+ *out++ = basis_64[value[0] >> 2];
+ unsigned char oval = (value[0] << 4) & 0x30;
+ if (vlen > 1) oval |= value[1] >> 4;
+ *out++ = basis_64[oval];
+ *out++ = (vlen < 2) ? '=' : basis_64[(value[1] << 2) & 0x3C];
+ *out++ = '=';
}
*out = '\0';
-
+
return result;
}
-// base64_decode : base64 decode
+// base64_decode : base64 decode
//
-// value : c-str to decode
-// rlen : length of decoded result
-// (result) : new unsigned char[] - decoded result
+// value : c-str to decode
+// rlen : length of decoded result
+// (result) : new unsigned char[] - decoded result
unsigned char *base64_decode(const char *value, int *rlen)
{
*rlen = 0;
int c1, c2, c3, c4;
-
- int vlen = strlen(value);
- unsigned char *result =(unsigned char *)malloc((vlen * 3) / 4 + 1);
- unsigned char *out = result;
-
- while (1)
+
+ int vlen = strlen(value);
+ unsigned char *result =(unsigned char *)malloc((vlen * 3) / 4 + 1);
+ unsigned char *out = result;
+
+ while (1)
{
- if (value[0]==0)
- return result;
- c1 = value[0];
- if (CHAR64(c1) == -1)
- goto base64_decode_error;;
- c2 = value[1];
- if (CHAR64(c2) == -1)
- goto base64_decode_error;;
- c3 = value[2];
- if ((c3 != '=') && (CHAR64(c3) == -1))
- goto base64_decode_error;;
- c4 = value[3];
- if ((c4 != '=') && (CHAR64(c4) == -1))
- goto base64_decode_error;;
-
- value += 4;
- *out++ = (CHAR64(c1) << 2) | (CHAR64(c2) >> 4);
- *rlen += 1;
- if (c3 != '=')
- {
- *out++ = ((CHAR64(c2) << 4) & 0xf0) | (CHAR64(c3) >> 2);
- *rlen += 1;
- if (c4 != '=')
- {
- *out++ = ((CHAR64(c3) << 6) & 0xc0) | CHAR64(c4);
- *rlen += 1;
- }
- }
+ if (value[0]==0)
+ return result;
+ c1 = value[0];
+ if (CHAR64(c1) == -1)
+ goto base64_decode_error;;
+ c2 = value[1];
+ if (CHAR64(c2) == -1)
+ goto base64_decode_error;;
+ c3 = value[2];
+ if ((c3 != '=') && (CHAR64(c3) == -1))
+ goto base64_decode_error;;
+ c4 = value[3];
+ if ((c4 != '=') && (CHAR64(c4) == -1))
+ goto base64_decode_error;;
+
+ value += 4;
+ *out++ = (CHAR64(c1) << 2) | (CHAR64(c2) >> 4);
+ *rlen += 1;
+ if (c3 != '=')
+ {
+ *out++ = ((CHAR64(c2) << 4) & 0xf0) | (CHAR64(c3) >> 2);
+ *rlen += 1;
+ if (c4 != '=')
+ {
+ *out++ = ((CHAR64(c3) << 6) & 0xc0) | CHAR64(c4);
+ *rlen += 1;
+ }
+ }
}
-
+
base64_decode_error:
- *result = 0;
- *rlen = 0;
- return result;
+ *result = 0;
+ *rlen = 0;
+ return result;
}
Modified: PyKerberos/trunk/src/kerberos.c
===================================================================
--- PyKerberos/trunk/src/kerberos.c 2008-04-16 19:21:39 UTC (rev 2320)
+++ PyKerberos/trunk/src/kerberos.c 2008-04-16 19:53:28 UTC (rev 2321)
@@ -32,16 +32,16 @@
const char *service;
const char *default_realm;
int result = 0;
-
+
if (!PyArg_ParseTuple(args, "ssss", &user, &pswd, &service, &default_realm))
return NULL;
-
- result = authenticate_user_krb5pwd(user, pswd, service, default_realm);
-
- if (result)
- return Py_INCREF(Py_True), Py_True;
- else
- return NULL;
+
+ result = authenticate_user_krb5pwd(user, pswd, service, default_realm);
+
+ if (result)
+ return Py_INCREF(Py_True), Py_True;
+ else
+ return NULL;
}
static PyObject *getServerPrincipalDetails(PyObject *self, PyObject *args)
@@ -49,111 +49,111 @@
const char *service;
const char *hostname;
char* result;
-
+
if (!PyArg_ParseTuple(args, "ss", &service, &hostname))
return NULL;
-
- result = server_principal_details(service, hostname);
-
+
+ result = server_principal_details(service, hostname);
+
if (result != NULL)
{
- PyObject* pyresult = Py_BuildValue("s", result);
- free(result);
- return pyresult;
+ PyObject* pyresult = Py_BuildValue("s", result);
+ free(result);
+ return pyresult;
}
- else
- return NULL;
+ else
+ return NULL;
}
static PyObject *authGSSClientInit(PyObject *self, PyObject *args)
{
const char *service;
gss_client_state *state;
- PyObject *pystate;
+ PyObject *pystate;
int result = 0;
-
+
if (!PyArg_ParseTuple(args, "s", &service))
return NULL;
-
- state = (gss_client_state *) malloc(sizeof(gss_client_state));
- pystate = PyCObject_FromVoidPtr(state, NULL);
-
- result = authenticate_gss_client_init(service, state);
- if (result == AUTH_GSS_ERROR)
- return NULL;
-
+
+ state = (gss_client_state *) malloc(sizeof(gss_client_state));
+ pystate = PyCObject_FromVoidPtr(state, NULL);
+
+ result = authenticate_gss_client_init(service, state);
+ if (result == AUTH_GSS_ERROR)
+ return NULL;
+
return Py_BuildValue("(iO)", result, pystate);
}
static PyObject *authGSSClientClean(PyObject *self, PyObject *args)
{
gss_client_state *state;
- PyObject *pystate;
+ PyObject *pystate;
int result = 0;
-
+
if (!PyArg_ParseTuple(args, "O", &pystate) || !PyCObject_Check(pystate))
return NULL;
-
- state = (gss_client_state *)PyCObject_AsVoidPtr(pystate);
- if (state != NULL)
- {
- result = authenticate_gss_client_clean(state);
-
- free(state);
- PyCObject_SetVoidPtr(pystate, NULL);
- }
-
+
+ state = (gss_client_state *)PyCObject_AsVoidPtr(pystate);
+ if (state != NULL)
+ {
+ result = authenticate_gss_client_clean(state);
+
+ free(state);
+ PyCObject_SetVoidPtr(pystate, NULL);
+ }
+
return Py_BuildValue("i", result);
}
static PyObject *authGSSClientStep(PyObject *self, PyObject *args)
{
gss_client_state *state;
- PyObject *pystate;
- char *challenge;
+ PyObject *pystate;
+ char *challenge;
int result = 0;
-
+
if (!PyArg_ParseTuple(args, "Os", &pystate, &challenge) || !PyCObject_Check(pystate))
return NULL;
-
- state = (gss_client_state *)PyCObject_AsVoidPtr(pystate);
- if (state == NULL)
- return NULL;
+
+ state = (gss_client_state *)PyCObject_AsVoidPtr(pystate);
+ if (state == NULL)
+ return NULL;
- result = authenticate_gss_client_step(state, challenge);
- if (result == AUTH_GSS_ERROR)
- return NULL;
-
+ result = authenticate_gss_client_step(state, challenge);
+ if (result == AUTH_GSS_ERROR)
+ return NULL;
+
return Py_BuildValue("i", result);
}
static PyObject *authGSSClientResponse(PyObject *self, PyObject *args)
{
gss_client_state *state;
- PyObject *pystate;
-
+ PyObject *pystate;
+
if (!PyArg_ParseTuple(args, "O", &pystate) || !PyCObject_Check(pystate))
return NULL;
-
- state = (gss_client_state *)PyCObject_AsVoidPtr(pystate);
- if (state == NULL)
- return NULL;
-
+
+ state = (gss_client_state *)PyCObject_AsVoidPtr(pystate);
+ if (state == NULL)
+ return NULL;
+
return Py_BuildValue("s", state->response);
}
static PyObject *authGSSClientUserName(PyObject *self, PyObject *args)
{
gss_client_state *state;
- PyObject *pystate;
-
+ PyObject *pystate;
+
if (!PyArg_ParseTuple(args, "O", &pystate) || !PyCObject_Check(pystate))
return NULL;
-
- state = (gss_client_state *)PyCObject_AsVoidPtr(pystate);
- if (state == NULL)
- return NULL;
-
+
+ state = (gss_client_state *)PyCObject_AsVoidPtr(pystate);
+ if (state == NULL)
+ return NULL;
+
return Py_BuildValue("s", state->username);
}
@@ -161,119 +161,119 @@
{
const char *service;
gss_server_state *state;
- PyObject *pystate;
+ PyObject *pystate;
int result = 0;
-
+
if (!PyArg_ParseTuple(args, "s", &service))
return NULL;
-
- state = (gss_server_state *) malloc(sizeof(gss_server_state));
- pystate = PyCObject_FromVoidPtr(state, NULL);
-
- result = authenticate_gss_server_init(service, state);
- if (result == AUTH_GSS_ERROR)
- return NULL;
-
+
+ state = (gss_server_state *) malloc(sizeof(gss_server_state));
+ pystate = PyCObject_FromVoidPtr(state, NULL);
+
+ result = authenticate_gss_server_init(service, state);
+ if (result == AUTH_GSS_ERROR)
+ return NULL;
+
return Py_BuildValue("(iO)", result, pystate);
}
static PyObject *authGSSServerClean(PyObject *self, PyObject *args)
{
gss_server_state *state;
- PyObject *pystate;
+ PyObject *pystate;
int result = 0;
-
+
if (!PyArg_ParseTuple(args, "O", &pystate) || !PyCObject_Check(pystate))
return NULL;
-
- state = (gss_server_state *)PyCObject_AsVoidPtr(pystate);
- if (state != NULL)
- {
- result = authenticate_gss_server_clean(state);
-
- free(state);
- PyCObject_SetVoidPtr(pystate, NULL);
- }
-
+
+ state = (gss_server_state *)PyCObject_AsVoidPtr(pystate);
+ if (state != NULL)
+ {
+ result = authenticate_gss_server_clean(state);
+
+ free(state);
+ PyCObject_SetVoidPtr(pystate, NULL);
+ }
+
return Py_BuildValue("i", result);
}
static PyObject *authGSSServerStep(PyObject *self, PyObject *args)
{
gss_server_state *state;
- PyObject *pystate;
- char *challenge;
+ PyObject *pystate;
+ char *challenge;
int result = 0;
-
+
if (!PyArg_ParseTuple(args, "Os", &pystate, &challenge) || !PyCObject_Check(pystate))
return NULL;
-
- state = (gss_server_state *)PyCObject_AsVoidPtr(pystate);
- if (state == NULL)
- return NULL;
-
- result = authenticate_gss_server_step(state, challenge);
- if (result == AUTH_GSS_ERROR)
- return NULL;
-
+
+ state = (gss_server_state *)PyCObject_AsVoidPtr(pystate);
+ if (state == NULL)
+ return NULL;
+
+ result = authenticate_gss_server_step(state, challenge);
+ if (result == AUTH_GSS_ERROR)
+ return NULL;
+
return Py_BuildValue("i", result);
}
static PyObject *authGSSServerResponse(PyObject *self, PyObject *args)
{
gss_server_state *state;
- PyObject *pystate;
-
+ PyObject *pystate;
+
if (!PyArg_ParseTuple(args, "O", &pystate) || !PyCObject_Check(pystate))
return NULL;
-
- state = (gss_server_state *)PyCObject_AsVoidPtr(pystate);
- if (state == NULL)
- return NULL;
-
+
+ state = (gss_server_state *)PyCObject_AsVoidPtr(pystate);
+ if (state == NULL)
+ return NULL;
+
return Py_BuildValue("s", state->response);
}
static PyObject *authGSSServerUserName(PyObject *self, PyObject *args)
{
gss_server_state *state;
- PyObject *pystate;
-
+ PyObject *pystate;
+
if (!PyArg_ParseTuple(args, "O", &pystate) || !PyCObject_Check(pystate))
return NULL;
-
- state = (gss_server_state *)PyCObject_AsVoidPtr(pystate);
- if (state == NULL)
- return NULL;
-
+
+ state = (gss_server_state *)PyCObject_AsVoidPtr(pystate);
+ if (state == NULL)
+ return NULL;
+
return Py_BuildValue("s", state->username);
}
static PyMethodDef KerberosMethods[] = {
{"checkPassword", checkPassword, METH_VARARGS,
- "Check the supplied user/password against Kerberos KDC."},
+ "Check the supplied user/password against Kerberos KDC."},
{"getServerPrincipalDetails", getServerPrincipalDetails, METH_VARARGS,
- "Return the service principal for a given service and hostname."},
+ "Return the service principal for a given service and hostname."},
{"authGSSClientInit", authGSSClientInit, METH_VARARGS,
- "Initialize client-side GSSAPI operations."},
+ "Initialize client-side GSSAPI operations."},
{"authGSSClientClean", authGSSClientClean, METH_VARARGS,
- "Terminate client-side GSSAPI operations."},
+ "Terminate client-side GSSAPI operations."},
{"authGSSClientStep", authGSSClientStep, METH_VARARGS,
- "Do a client-side GSSAPI step."},
+ "Do a client-side GSSAPI step."},
{"authGSSClientResponse", authGSSClientResponse, METH_VARARGS,
- "Get the response from the last client-side GSSAPI step."},
+ "Get the response from the last client-side GSSAPI step."},
{"authGSSClientUserName", authGSSClientUserName, METH_VARARGS,
- "Get the user name from the last client-side GSSAPI step."},
+ "Get the user name from the last client-side GSSAPI step."},
{"authGSSServerInit", authGSSServerInit, METH_VARARGS,
- "Initialize server-side GSSAPI operations."},
+ "Initialize server-side GSSAPI operations."},
{"authGSSServerClean", authGSSServerClean, METH_VARARGS,
- "Terminate server-side GSSAPI operations."},
+ "Terminate server-side GSSAPI operations."},
{"authGSSServerStep", authGSSServerStep, METH_VARARGS,
- "Do a server-side GSSAPI step."},
+ "Do a server-side GSSAPI step."},
{"authGSSServerResponse", authGSSServerResponse, METH_VARARGS,
- "Get the response from the last server-side GSSAPI step."},
+ "Get the response from the last server-side GSSAPI step."},
{"authGSSServerUserName", authGSSServerUserName, METH_VARARGS,
- "Get the user name from the last server-side GSSAPI step."},
+ "Get the user name from the last server-side GSSAPI step."},
{NULL, NULL, 0, NULL} /* Sentinel */
};
@@ -293,16 +293,16 @@
/* ...and the derived exceptions */
if (!(BasicAuthException_class = PyErr_NewException("kerberos.BasicAuthError", KrbException_class, NULL)))
- goto error;
+ goto error;
Py_INCREF(BasicAuthException_class);
PyDict_SetItemString(d, "BasicAuthError", BasicAuthException_class);
if (!(GssException_class = PyErr_NewException("kerberos.GSSError", KrbException_class, NULL)))
- goto error;
+ goto error;
Py_INCREF(GssException_class);
PyDict_SetItemString(d, "GSSError", GssException_class);
error:
if (PyErr_Occurred())
- PyErr_SetString(PyExc_ImportError, "kerberos: init failed");
+ PyErr_SetString(PyExc_ImportError, "kerberos: init failed");
}
Modified: PyKerberos/trunk/src/kerberosbasic.c
===================================================================
--- PyKerberos/trunk/src/kerberosbasic.c 2008-04-16 19:21:39 UTC (rev 2320)
+++ PyKerberos/trunk/src/kerberosbasic.c 2008-04-16 19:53:28 UTC (rev 2321)
@@ -32,122 +32,122 @@
int authenticate_user_krb5pwd(const char *user, const char *pswd, const char *service, const char *default_realm)
{
- krb5_context kcontext = NULL;
- krb5_error_code code;
- krb5_principal client = NULL;
- krb5_principal server = NULL;
- int ret = 0;
- char *name = NULL;
- char *p = NULL;
-
- code = krb5_init_context(&kcontext);
- if (code)
- {
- PyErr_SetObject(BasicAuthException_class, Py_BuildValue("((s:i))",
- "Cannot initialize Kerberos5 context", code));
- return 0;
- }
-
- ret = krb5_parse_name (kcontext, service, &server);
-
- if (ret)
- {
- set_basicauth_error(kcontext, ret);
- ret = 0;
- goto end;
- }
-
- code = krb5_unparse_name(kcontext, server, &name);
- if (code)
- {
- set_basicauth_error(kcontext, code);
- ret = 0;
- goto end;
- }
+ krb5_context kcontext = NULL;
+ krb5_error_code code;
+ krb5_principal client = NULL;
+ krb5_principal server = NULL;
+ int ret = 0;
+ char *name = NULL;
+ char *p = NULL;
+
+ code = krb5_init_context(&kcontext);
+ if (code)
+ {
+ PyErr_SetObject(BasicAuthException_class, Py_BuildValue("((s:i))",
+ "Cannot initialize Kerberos5 context", code));
+ return 0;
+ }
+
+ ret = krb5_parse_name (kcontext, service, &server);
+
+ if (ret)
+ {
+ set_basicauth_error(kcontext, ret);
+ ret = 0;
+ goto end;
+ }
+
+ code = krb5_unparse_name(kcontext, server, &name);
+ if (code)
+ {
+ set_basicauth_error(kcontext, code);
+ ret = 0;
+ goto end;
+ }
#ifdef PRINTFS
- printf("Using %s as server principal for password verification\n", name);
+ printf("Using %s as server principal for password verification\n", name);
#endif
- free(name);
- name = NULL;
-
- name = (char *)malloc(256);
- p = strchr(user, '@');
- if (p == NULL)
- {
- snprintf(name, 256, "%s@%s", user, default_realm);
- }
- else
- {
- snprintf(name, 256, "%s", user);
- }
-
- code = krb5_parse_name(kcontext, name, &client);
- if (code)
- {
- set_basicauth_error(kcontext, code);
- ret = 0;
- goto end;
- }
-
- code = verify_krb5_user(kcontext, client, pswd, server);
-
- if (code)
- {
- ret = 0;
- goto end;
- }
+ free(name);
+ name = NULL;
+
+ name = (char *)malloc(256);
+ p = strchr(user, '@');
+ if (p == NULL)
+ {
+ snprintf(name, 256, "%s@%s", user, default_realm);
+ }
+ else
+ {
+ snprintf(name, 256, "%s", user);
+ }
+
+ code = krb5_parse_name(kcontext, name, &client);
+ if (code)
+ {
+ set_basicauth_error(kcontext, code);
+ ret = 0;
+ goto end;
+ }
+
+ code = verify_krb5_user(kcontext, client, pswd, server);
+
+ if (code)
+ {
+ ret = 0;
+ goto end;
+ }
- ret = 1;
-
+ ret = 1;
+
end:
#ifdef PRINTFS
- printf("kerb_authenticate_user_krb5pwd ret=%d user=%s authtype=%s\n", ret, user, "Basic");
+ printf("kerb_authenticate_user_krb5pwd ret=%d user=%s authtype=%s\n", ret, user, "Basic");
#endif
- if (name)
- free(name);
- if (client)
- krb5_free_principal(kcontext, client);
- if (server)
- krb5_free_principal(kcontext, server);
- krb5_free_context(kcontext);
-
- return ret;
+ if (name)
+ free(name);
+ if (client)
+ krb5_free_principal(kcontext, client);
+ if (server)
+ krb5_free_principal(kcontext, server);
+ krb5_free_context(kcontext);
+
+ return ret;
}
/* Inspired by krb5_verify_user from Heimdal */
static krb5_error_code verify_krb5_user(krb5_context context, krb5_principal principal, const char *password, krb5_principal server)
{
- krb5_creds creds;
- krb5_get_init_creds_opt gic_options;
- krb5_error_code ret;
- char *name = NULL;
-
- memset(&creds, 0, sizeof(creds));
-
- ret = krb5_unparse_name(context, principal, &name);
- if (ret == 0)
- {
+ krb5_creds creds;
+ krb5_get_init_creds_opt gic_options;
+ krb5_error_code ret;
+ char *name = NULL;
+
+ memset(&creds, 0, sizeof(creds));
+
+ ret = krb5_unparse_name(context, principal, &name);
+ if (ret == 0)
+ {
#ifdef PRINTFS
- printf("Trying to get TGT for user %s\n", name);
+ printf("Trying to get TGT for user %s\n", name);
#endif
- free(name);
- }
-
- krb5_get_init_creds_opt_init(&gic_options);
- ret = krb5_get_init_creds_password(context, &creds, principal, (char *)password, NULL, NULL, 0, NULL, &gic_options);
- if (ret)
- {
- set_basicauth_error(context, ret);
- goto end;
- }
-
+ free(name);
+ }
+
+ krb5_get_init_creds_opt_init(&gic_options);
+ ret = krb5_get_init_creds_password(context, &creds, principal, (char *)password, NULL, NULL, 0, NULL, &gic_options);
+ if (ret)
+ {
+ set_basicauth_error(context, ret);
+ goto end;
+ }
+
end:
- krb5_free_cred_contents(context, &creds);
-
- return ret;
+ krb5_free_cred_contents(context, &creds);
+
+ return ret;
}
static void set_basicauth_error(krb5_context context, krb5_error_code code)
{
- PyErr_SetObject(BasicAuthException_class, Py_BuildValue("(s:i)", krb5_get_err_text(context, code), code));
+ PyErr_SetObject(BasicAuthException_class, Py_BuildValue("(s:i)", krb5_get_err_text(context, code), code));
}
Modified: PyKerberos/trunk/src/kerberosgss.c
===================================================================
--- PyKerberos/trunk/src/kerberosgss.c 2008-04-16 19:21:39 UTC (rev 2320)
+++ PyKerberos/trunk/src/kerberosgss.c 2008-04-16 19:53:28 UTC (rev 2321)
@@ -32,59 +32,59 @@
char* server_principal_details(const char* service, const char* hostname)
{
- char match[1024];
- int match_len = 0;
- char* result = NULL;
+ char match[1024];
+ int match_len = 0;
+ char* result = NULL;
- int code;
+ int code;
krb5_context kcontext;
krb5_keytab kt = NULL;
krb5_kt_cursor cursor = NULL;
krb5_keytab_entry entry;
char* pname = NULL;
- // Generate the principal prefix we want to match
- snprintf(match, 1024, "%s/%s@", service, hostname);
- match_len = strlen(match);
+ // Generate the principal prefix we want to match
+ snprintf(match, 1024, "%s/%s@", service, hostname);
+ match_len = strlen(match);
- code = krb5_init_context(&kcontext);
- if (code)
- {
- PyErr_SetObject(KrbException_class, Py_BuildValue("((s:i))",
- "Cannot initialize Kerberos5 context", code));
- return NULL;
- }
+ code = krb5_init_context(&kcontext);
+ if (code)
+ {
+ PyErr_SetObject(KrbException_class, Py_BuildValue("((s:i))",
+ "Cannot initialize Kerberos5 context", code));
+ return NULL;
+ }
if ((code = krb5_kt_default(kcontext, &kt)))
{
- PyErr_SetObject(KrbException_class, Py_BuildValue("((s:i))",
- "Cannot get default keytab", code));
- goto end;
+ PyErr_SetObject(KrbException_class, Py_BuildValue("((s:i))",
+ "Cannot get default keytab", code));
+ goto end;
}
if ((code = krb5_kt_start_seq_get(kcontext, kt, &cursor)))
{
- PyErr_SetObject(KrbException_class, Py_BuildValue("((s:i))",
- "Cannot get sequence cursor from keytab", code));
- goto end;
+ PyErr_SetObject(KrbException_class, Py_BuildValue("((s:i))",
+ "Cannot get sequence cursor from keytab", code));
+ goto end;
}
while ((code = krb5_kt_next_entry(kcontext, kt, &entry, &cursor)) == 0)
{
if ((code = krb5_unparse_name(kcontext, entry.principal, &pname)))
{
- PyErr_SetObject(KrbException_class, Py_BuildValue("((s:i))",
- "Cannot parse principal name from keytab", code));
- goto end;
+ PyErr_SetObject(KrbException_class, Py_BuildValue("((s:i))",
+ "Cannot parse principal name from keytab", code));
+ goto end;
}
- if (strncmp(pname, match, match_len) == 0)
- {
- result = malloc(strlen(pname) + 1);
- strcpy(result, pname);
+ if (strncmp(pname, match, match_len) == 0)
+ {
+ result = malloc(strlen(pname) + 1);
+ strcpy(result, pname);
krb5_free_unparsed_name(kcontext, pname);
- break;
- }
+ break;
+ }
krb5_free_unparsed_name(kcontext, pname);
krb5_free_keytab_entry_contents(kcontext, &entry);
@@ -92,352 +92,352 @@
if (result == NULL)
{
- PyErr_SetObject(KrbException_class, Py_BuildValue("((s:i))",
- "Principal not found in keytab", -1));
+ PyErr_SetObject(KrbException_class, Py_BuildValue("((s:i))",
+ "Principal not found in keytab", -1));
}
end:
- if (cursor)
- krb5_kt_end_seq_get(kcontext, kt, &cursor);
- if (kt)
- krb5_kt_close(kcontext, kt);
- krb5_free_context(kcontext);
-
- return result;
+ if (cursor)
+ krb5_kt_end_seq_get(kcontext, kt, &cursor);
+ if (kt)
+ krb5_kt_close(kcontext, kt);
+ krb5_free_context(kcontext);
+
+ return result;
}
int authenticate_gss_client_init(const char* service, gss_client_state *state)
{
- OM_uint32 maj_stat;
- OM_uint32 min_stat;
- gss_buffer_desc name_token = GSS_C_EMPTY_BUFFER;
- int ret = AUTH_GSS_COMPLETE;
+ OM_uint32 maj_stat;
+ OM_uint32 min_stat;
+ gss_buffer_desc name_token = GSS_C_EMPTY_BUFFER;
+ int ret = AUTH_GSS_COMPLETE;
- state->server_name = GSS_C_NO_NAME;
- state->context = GSS_C_NO_CONTEXT;
- state->username = NULL;
- state->response = NULL;
-
- // Import server name first
- name_token.length = strlen(service);
- name_token.value = (char *)service;
-
- maj_stat = gss_import_name(&min_stat, &name_token, gss_krb5_nt_service_name, &state->server_name);
-
- if (GSS_ERROR(maj_stat))
- {
- set_gss_error(maj_stat, min_stat);
- ret = AUTH_GSS_ERROR;
- goto end;
- }
-
+ state->server_name = GSS_C_NO_NAME;
+ state->context = GSS_C_NO_CONTEXT;
+ state->username = NULL;
+ state->response = NULL;
+
+ // Import server name first
+ name_token.length = strlen(service);
+ name_token.value = (char *)service;
+
+ maj_stat = gss_import_name(&min_stat, &name_token, gss_krb5_nt_service_name, &state->server_name);
+
+ if (GSS_ERROR(maj_stat))
+ {
+ set_gss_error(maj_stat, min_stat);
+ ret = AUTH_GSS_ERROR;
+ goto end;
+ }
+
end:
- return ret;
+ return ret;
}
int authenticate_gss_client_clean(gss_client_state *state)
{
- OM_uint32 maj_stat;
- OM_uint32 min_stat;
- int ret = AUTH_GSS_COMPLETE;
+ OM_uint32 maj_stat;
+ OM_uint32 min_stat;
+ int ret = AUTH_GSS_COMPLETE;
- if (state->context != GSS_C_NO_CONTEXT)
- maj_stat = gss_delete_sec_context(&min_stat, &state->context, GSS_C_NO_BUFFER);
- if (state->server_name != GSS_C_NO_NAME)
- maj_stat = gss_release_name(&min_stat, &state->server_name);
- if (state->username != NULL)
- {
- free(state->username);
- state->username = NULL;
- }
- if (state->response != NULL)
- {
- free(state->response);
- state->response = NULL;
- }
-
- return ret;
+ if (state->context != GSS_C_NO_CONTEXT)
+ maj_stat = gss_delete_sec_context(&min_stat, &state->context, GSS_C_NO_BUFFER);
+ if (state->server_name != GSS_C_NO_NAME)
+ maj_stat = gss_release_name(&min_stat, &state->server_name);
+ if (state->username != NULL)
+ {
+ free(state->username);
+ state->username = NULL;
+ }
+ if (state->response != NULL)
+ {
+ free(state->response);
+ state->response = NULL;
+ }
+
+ return ret;
}
int authenticate_gss_client_step(gss_client_state *state, const char* challenge)
{
- OM_uint32 maj_stat;
- OM_uint32 min_stat;
- gss_buffer_desc input_token = GSS_C_EMPTY_BUFFER;
- gss_buffer_desc output_token = GSS_C_EMPTY_BUFFER;
- int ret = AUTH_GSS_CONTINUE;
+ OM_uint32 maj_stat;
+ OM_uint32 min_stat;
+ gss_buffer_desc input_token = GSS_C_EMPTY_BUFFER;
+ gss_buffer_desc output_token = GSS_C_EMPTY_BUFFER;
+ int ret = AUTH_GSS_CONTINUE;
- // Always clear out the old response
- if (state->response != NULL)
- {
- free(state->response);
- state->response = NULL;
- }
-
- // If there is a challenge (data from the server) we need to give it to GSS
- if (challenge && *challenge)
- {
- int len;
- input_token.value = base64_decode(challenge, &len);
- input_token.length = len;
- }
-
- // Do GSSAPI step
- maj_stat = gss_init_sec_context(&min_stat,
- GSS_C_NO_CREDENTIAL,
- &state->context,
- state->server_name,
- GSS_C_NO_OID,
- GSS_C_MUTUAL_FLAG | GSS_C_SEQUENCE_FLAG,
- 0,
- GSS_C_NO_CHANNEL_BINDINGS,
- &input_token,
- NULL,
- &output_token,
- NULL,
- NULL);
-
- if ((maj_stat != GSS_S_COMPLETE) && (maj_stat != GSS_S_CONTINUE_NEEDED))
- {
- set_gss_error(maj_stat, min_stat);
- ret = AUTH_GSS_ERROR;
- goto end;
- }
+ // Always clear out the old response
+ if (state->response != NULL)
+ {
+ free(state->response);
+ state->response = NULL;
+ }
+
+ // If there is a challenge (data from the server) we need to give it to GSS
+ if (challenge && *challenge)
+ {
+ int len;
+ input_token.value = base64_decode(challenge, &len);
+ input_token.length = len;
+ }
+
+ // Do GSSAPI step
+ maj_stat = gss_init_sec_context(&min_stat,
+ GSS_C_NO_CREDENTIAL,
+ &state->context,
+ state->server_name,
+ GSS_C_NO_OID,
+ GSS_C_MUTUAL_FLAG | GSS_C_SEQUENCE_FLAG,
+ 0,
+ GSS_C_NO_CHANNEL_BINDINGS,
+ &input_token,
+ NULL,
+ &output_token,
+ NULL,
+ NULL);
+
+ if ((maj_stat != GSS_S_COMPLETE) && (maj_stat != GSS_S_CONTINUE_NEEDED))
+ {
+ set_gss_error(maj_stat, min_stat);
+ ret = AUTH_GSS_ERROR;
+ goto end;
+ }
- ret = (maj_stat == GSS_S_COMPLETE) ? AUTH_GSS_COMPLETE : AUTH_GSS_CONTINUE;
- // Grab the client response to send back to the server
- if (output_token.length)
- {
- state->response = base64_encode((const unsigned char *)output_token.value, output_token.length);;
- maj_stat = gss_release_buffer(&min_stat, &output_token);
- }
-
- // Try to get the user name if we have completed all GSS operations
- if (ret == AUTH_GSS_COMPLETE)
- {
- gss_name_t gssuser = GSS_C_NO_NAME;
- maj_stat = gss_inquire_context(&min_stat, state->context, &gssuser, NULL, NULL, NULL, NULL, NULL, NULL);
- if (GSS_ERROR(maj_stat))
- {
- set_gss_error(maj_stat, min_stat);
- ret = AUTH_GSS_ERROR;
- goto end;
- }
-
- gss_buffer_desc name_token;
- name_token.length = 0;
- maj_stat = gss_display_name(&min_stat, gssuser, &name_token, NULL);
- if (GSS_ERROR(maj_stat))
- {
- if (name_token.value)
- gss_release_buffer(&min_stat, &name_token);
- gss_release_name(&min_stat, &gssuser);
-
- set_gss_error(maj_stat, min_stat);
- ret = AUTH_GSS_ERROR;
- goto end;
- }
- else
- {
- state->username = (char *)malloc(name_token.length + 1);
- strncpy(state->username, (char*) name_token.value, name_token.length);
- state->username[name_token.length] = 0;
- gss_release_buffer(&min_stat, &name_token);
- gss_release_name(&min_stat, &gssuser);
- }
- }
+ ret = (maj_stat == GSS_S_COMPLETE) ? AUTH_GSS_COMPLETE : AUTH_GSS_CONTINUE;
+ // Grab the client response to send back to the server
+ if (output_token.length)
+ {
+ state->response = base64_encode((const unsigned char *)output_token.value, output_token.length);;
+ maj_stat = gss_release_buffer(&min_stat, &output_token);
+ }
+
+ // Try to get the user name if we have completed all GSS operations
+ if (ret == AUTH_GSS_COMPLETE)
+ {
+ gss_name_t gssuser = GSS_C_NO_NAME;
+ maj_stat = gss_inquire_context(&min_stat, state->context, &gssuser, NULL, NULL, NULL, NULL, NULL, NULL);
+ if (GSS_ERROR(maj_stat))
+ {
+ set_gss_error(maj_stat, min_stat);
+ ret = AUTH_GSS_ERROR;
+ goto end;
+ }
+
+ gss_buffer_desc name_token;
+ name_token.length = 0;
+ maj_stat = gss_display_name(&min_stat, gssuser, &name_token, NULL);
+ if (GSS_ERROR(maj_stat))
+ {
+ if (name_token.value)
+ gss_release_buffer(&min_stat, &name_token);
+ gss_release_name(&min_stat, &gssuser);
+
+ set_gss_error(maj_stat, min_stat);
+ ret = AUTH_GSS_ERROR;
+ goto end;
+ }
+ else
+ {
+ state->username = (char *)malloc(name_token.length + 1);
+ strncpy(state->username, (char*) name_token.value, name_token.length);
+ state->username[name_token.length] = 0;
+ gss_release_buffer(&min_stat, &name_token);
+ gss_release_name(&min_stat, &gssuser);
+ }
+ }
end:
- if (output_token.value)
- gss_release_buffer(&min_stat, &output_token);
- if (input_token.value)
- free(input_token.value);
- return ret;
+ if (output_token.value)
+ gss_release_buffer(&min_stat, &output_token);
+ if (input_token.value)
+ free(input_token.value);
+ return ret;
}
int authenticate_gss_server_init(const char* service, gss_server_state *state)
{
- OM_uint32 maj_stat;
- OM_uint32 min_stat;
- gss_buffer_desc name_token = GSS_C_EMPTY_BUFFER;
- int ret = AUTH_GSS_COMPLETE;
-
- state->context = GSS_C_NO_CONTEXT;
- state->server_name = GSS_C_NO_NAME;
- state->client_name = GSS_C_NO_NAME;
- state->server_creds = GSS_C_NO_CREDENTIAL;
- state->client_creds = GSS_C_NO_CREDENTIAL;
- state->username = NULL;
- state->response = NULL;
-
- // Import server name first
- name_token.length = strlen(service);
+ OM_uint32 maj_stat;
+ OM_uint32 min_stat;
+ gss_buffer_desc name_token = GSS_C_EMPTY_BUFFER;
+ int ret = AUTH_GSS_COMPLETE;
+
+ state->context = GSS_C_NO_CONTEXT;
+ state->server_name = GSS_C_NO_NAME;
+ state->client_name = GSS_C_NO_NAME;
+ state->server_creds = GSS_C_NO_CREDENTIAL;
+ state->client_creds = GSS_C_NO_CREDENTIAL;
+ state->username = NULL;
+ state->response = NULL;
+
+ // Import server name first
+ name_token.length = strlen(service);
name_token.value = (char *)service;
-
- maj_stat = gss_import_name(&min_stat, &name_token, GSS_C_NT_HOSTBASED_SERVICE, &state->server_name);
-
- if (GSS_ERROR(maj_stat))
- {
- set_gss_error(maj_stat, min_stat);
- ret = AUTH_GSS_ERROR;
- goto end;
- }
+
+ maj_stat = gss_import_name(&min_stat, &name_token, GSS_C_NT_HOSTBASED_SERVICE, &state->server_name);
+
+ if (GSS_ERROR(maj_stat))
+ {
+ set_gss_error(maj_stat, min_stat);
+ ret = AUTH_GSS_ERROR;
+ goto end;
+ }
- // Get credentials
- maj_stat = gss_acquire_cred(&min_stat, state->server_name, GSS_C_INDEFINITE,
- GSS_C_NO_OID_SET, GSS_C_ACCEPT, &state->server_creds, NULL, NULL);
+ // Get credentials
+ maj_stat = gss_acquire_cred(&min_stat, state->server_name, GSS_C_INDEFINITE,
+ GSS_C_NO_OID_SET, GSS_C_ACCEPT, &state->server_creds, NULL, NULL);
- if (GSS_ERROR(maj_stat))
- {
- set_gss_error(maj_stat, min_stat);
- ret = AUTH_GSS_ERROR;
- goto end;
- }
-
+ if (GSS_ERROR(maj_stat))
+ {
+ set_gss_error(maj_stat, min_stat);
+ ret = AUTH_GSS_ERROR;
+ goto end;
+ }
+
end:
- return ret;
+ return ret;
}
int authenticate_gss_server_clean(gss_server_state *state)
{
- OM_uint32 maj_stat;
- OM_uint32 min_stat;
- int ret = AUTH_GSS_COMPLETE;
-
- if (state->context != GSS_C_NO_CONTEXT)
- maj_stat = gss_delete_sec_context(&min_stat, &state->context, GSS_C_NO_BUFFER);
- if (state->server_name != GSS_C_NO_NAME)
- maj_stat = gss_release_name(&min_stat, &state->server_name);
- if (state->client_name != GSS_C_NO_NAME)
- maj_stat = gss_release_name(&min_stat, &state->client_name);
- if (state->server_creds != GSS_C_NO_CREDENTIAL)
- maj_stat = gss_release_cred(&min_stat, &state->server_creds);
- if (state->client_creds != GSS_C_NO_CREDENTIAL)
- maj_stat = gss_release_cred(&min_stat, &state->client_creds);
- if (state->username != NULL)
- {
- free(state->username);
- state->username = NULL;
- }
- if (state->response != NULL)
- {
- free(state->response);
- state->response = NULL;
- }
-
- return ret;
+ OM_uint32 maj_stat;
+ OM_uint32 min_stat;
+ int ret = AUTH_GSS_COMPLETE;
+
+ if (state->context != GSS_C_NO_CONTEXT)
+ maj_stat = gss_delete_sec_context(&min_stat, &state->context, GSS_C_NO_BUFFER);
+ if (state->server_name != GSS_C_NO_NAME)
+ maj_stat = gss_release_name(&min_stat, &state->server_name);
+ if (state->client_name != GSS_C_NO_NAME)
+ maj_stat = gss_release_name(&min_stat, &state->client_name);
+ if (state->server_creds != GSS_C_NO_CREDENTIAL)
+ maj_stat = gss_release_cred(&min_stat, &state->server_creds);
+ if (state->client_creds != GSS_C_NO_CREDENTIAL)
+ maj_stat = gss_release_cred(&min_stat, &state->client_creds);
+ if (state->username != NULL)
+ {
+ free(state->username);
+ state->username = NULL;
+ }
+ if (state->response != NULL)
+ {
+ free(state->response);
+ state->response = NULL;
+ }
+
+ return ret;
}
int authenticate_gss_server_step(gss_server_state *state, const char *challenge)
{
- OM_uint32 maj_stat;
- OM_uint32 min_stat;
- gss_buffer_desc input_token = GSS_C_EMPTY_BUFFER;
- gss_buffer_desc output_token = GSS_C_EMPTY_BUFFER;
- int ret = AUTH_GSS_CONTINUE;
-
- // Always clear out the old response
- if (state->response != NULL)
- {
- free(state->response);
- state->response = NULL;
- }
+ OM_uint32 maj_stat;
+ OM_uint32 min_stat;
+ gss_buffer_desc input_token = GSS_C_EMPTY_BUFFER;
+ gss_buffer_desc output_token = GSS_C_EMPTY_BUFFER;
+ int ret = AUTH_GSS_CONTINUE;
+
+ // Always clear out the old response
+ if (state->response != NULL)
+ {
+ free(state->response);
+ state->response = NULL;
+ }
- // If there is a challenge (data from the server) we need to give it to GSS
- if (challenge && *challenge)
- {
- int len;
- input_token.value = base64_decode(challenge, &len);
- input_token.length = len;
- }
- else
- {
- PyErr_SetString(KrbException_class, "No challenge parameter in request from client");
- ret = AUTH_GSS_ERROR;
- goto end;
- }
+ // If there is a challenge (data from the server) we need to give it to GSS
+ if (challenge && *challenge)
+ {
+ int len;
+ input_token.value = base64_decode(challenge, &len);
+ input_token.length = len;
+ }
+ else
+ {
+ PyErr_SetString(KrbException_class, "No challenge parameter in request from client");
+ ret = AUTH_GSS_ERROR;
+ goto end;
+ }
- maj_stat = gss_accept_sec_context(&min_stat,
- &state->context,
- state->server_creds,
- &input_token,
- GSS_C_NO_CHANNEL_BINDINGS,
- &state->client_name,
- NULL,
- &output_token,
- NULL,
- NULL,
- &state->client_creds);
-
- if (GSS_ERROR(maj_stat))
- {
- set_gss_error(maj_stat, min_stat);
- ret = AUTH_GSS_ERROR;
- goto end;
- }
+ maj_stat = gss_accept_sec_context(&min_stat,
+ &state->context,
+ state->server_creds,
+ &input_token,
+ GSS_C_NO_CHANNEL_BINDINGS,
+ &state->client_name,
+ NULL,
+ &output_token,
+ NULL,
+ NULL,
+ &state->client_creds);
+
+ if (GSS_ERROR(maj_stat))
+ {
+ set_gss_error(maj_stat, min_stat);
+ ret = AUTH_GSS_ERROR;
+ goto end;
+ }
- // Grab the server response to send back to the client
- if (output_token.length)
- {
- state->response = base64_encode((const unsigned char *)output_token.value, output_token.length);;
- maj_stat = gss_release_buffer(&min_stat, &output_token);
- }
-
- maj_stat = gss_display_name(&min_stat, state->client_name, &output_token, NULL);
- if (GSS_ERROR(maj_stat))
- {
- set_gss_error(maj_stat, min_stat);
- ret = AUTH_GSS_ERROR;
- goto end;
- }
- state->username = (char *)malloc(output_token.length + 1);
- strncpy(state->username, (char*) output_token.value, output_token.length);
- state->username[output_token.length] = 0;
-
- ret = AUTH_GSS_COMPLETE;
-
+ // Grab the server response to send back to the client
+ if (output_token.length)
+ {
+ state->response = base64_encode((const unsigned char *)output_token.value, output_token.length);;
+ maj_stat = gss_release_buffer(&min_stat, &output_token);
+ }
+
+ maj_stat = gss_display_name(&min_stat, state->client_name, &output_token, NULL);
+ if (GSS_ERROR(maj_stat))
+ {
+ set_gss_error(maj_stat, min_stat);
+ ret = AUTH_GSS_ERROR;
+ goto end;
+ }
+ state->username = (char *)malloc(output_token.length + 1);
+ strncpy(state->username, (char*) output_token.value, output_token.length);
+ state->username[output_token.length] = 0;
+
+ ret = AUTH_GSS_COMPLETE;
+
end:
- if (output_token.length)
- gss_release_buffer(&min_stat, &output_token);
- if (input_token.value)
- free(input_token.value);
- return ret;
+ if (output_token.length)
+ gss_release_buffer(&min_stat, &output_token);
+ if (input_token.value)
+ free(input_token.value);
+ return ret;
}
static void set_gss_error(OM_uint32 err_maj, OM_uint32 err_min)
{
- OM_uint32 maj_stat, min_stat;
- OM_uint32 msg_ctx = 0;
- gss_buffer_desc status_string;
- char buf_maj[512];
- char buf_min[512];
-
- do
- {
- maj_stat = gss_display_status (&min_stat,
- err_maj,
- GSS_C_GSS_CODE,
- GSS_C_NO_OID,
- &msg_ctx,
- &status_string);
- if (GSS_ERROR(maj_stat))
- break;
- strncpy(buf_maj, (char*) status_string.value, sizeof(buf_maj));
- gss_release_buffer(&min_stat, &status_string);
-
- maj_stat = gss_display_status (&min_stat,
- err_min,
- GSS_C_MECH_CODE,
- GSS_C_NULL_OID,
- &msg_ctx,
- &status_string);
- if (!GSS_ERROR(maj_stat))
- {
- strncpy(buf_min, (char*) status_string.value, sizeof(buf_min));
- gss_release_buffer(&min_stat, &status_string);
- }
- } while (!GSS_ERROR(maj_stat) && msg_ctx != 0);
-
- PyErr_SetObject(GssException_class, Py_BuildValue("((s:i)(s:i))", buf_maj, err_maj, buf_min, err_min));
+ OM_uint32 maj_stat, min_stat;
+ OM_uint32 msg_ctx = 0;
+ gss_buffer_desc status_string;
+ char buf_maj[512];
+ char buf_min[512];
+
+ do
+ {
+ maj_stat = gss_display_status (&min_stat,
+ err_maj,
+ GSS_C_GSS_CODE,
+ GSS_C_NO_OID,
+ &msg_ctx,
+ &status_string);
+ if (GSS_ERROR(maj_stat))
+ break;
+ strncpy(buf_maj, (char*) status_string.value, sizeof(buf_maj));
+ gss_release_buffer(&min_stat, &status_string);
+
+ maj_stat = gss_display_status (&min_stat,
+ err_min,
+ GSS_C_MECH_CODE,
+ GSS_C_NULL_OID,
+ &msg_ctx,
+ &status_string);
+ if (!GSS_ERROR(maj_stat))
+ {
+ strncpy(buf_min, (char*) status_string.value, sizeof(buf_min));
+ gss_release_buffer(&min_stat, &status_string);
+ }
+ } while (!GSS_ERROR(maj_stat) && msg_ctx != 0);
+
+ PyErr_SetObject(GssException_class, Py_BuildValue("((s:i)(s:i))", buf_maj, err_maj, buf_min, err_min));
}
Modified: PyKerberos/trunk/src/kerberosgss.h
===================================================================
--- PyKerberos/trunk/src/kerberosgss.h 2008-04-16 19:21:39 UTC (rev 2320)
+++ PyKerberos/trunk/src/kerberosgss.h 2008-04-16 19:53:28 UTC (rev 2321)
@@ -22,25 +22,25 @@
#define krb5_get_err_text(context,code) error_message(code)
-#define AUTH_GSS_ERROR -1
-#define AUTH_GSS_COMPLETE 1
-#define AUTH_GSS_CONTINUE 0
+#define AUTH_GSS_ERROR -1
+#define AUTH_GSS_COMPLETE 1
+#define AUTH_GSS_CONTINUE 0
typedef struct {
- gss_ctx_id_t context;
- gss_name_t server_name;
- char* username;
- char* response;
+ gss_ctx_id_t context;
+ gss_name_t server_name;
+ char* username;
+ char* response;
} gss_client_state;
typedef struct {
- gss_ctx_id_t context;
- gss_name_t server_name;
- gss_name_t client_name;
- gss_cred_id_t server_creds;
- gss_cred_id_t client_creds;
- char* username;
- char* response;
+ gss_ctx_id_t context;
+ gss_name_t server_name;
+ gss_name_t client_name;
+ gss_cred_id_t server_creds;
+ gss_cred_id_t client_creds;
+ char* username;
+ char* response;
} gss_server_state;
char* server_principal_details(const char* service, const char* hostname);
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.macosforge.org/pipermail/calendarserver-changes/attachments/20080416/7cf8eb3c/attachment-0001.html
More information about the calendarserver-changes
mailing list