[CalendarServer-changes] [3108] PyKerberos/trunk
source_changes at macosforge.org
source_changes at macosforge.org
Sat Oct 4 15:58:18 PDT 2008
Revision: 3108
http://trac.macosforge.org/projects/calendarserver/changeset/3108
Author: cdaboo at apple.com
Date: 2008-10-04 15:58:17 -0700 (Sat, 04 Oct 2008)
Log Message:
-----------
Copyright notice updates.
Modified Paths:
--------------
PyKerberos/trunk/README.txt
PyKerberos/trunk/pysrc/kerberos.py
PyKerberos/trunk/setup.py
PyKerberos/trunk/src/base64.c
PyKerberos/trunk/src/base64.h
PyKerberos/trunk/src/kerberos.c
PyKerberos/trunk/src/kerberosbasic.c
PyKerberos/trunk/src/kerberosbasic.h
PyKerberos/trunk/src/kerberosgss.c
PyKerberos/trunk/src/kerberosgss.h
PyKerberos/trunk/support/main.c
PyKerberos/trunk/test.py
Modified: PyKerberos/trunk/README.txt
===================================================================
--- PyKerberos/trunk/README.txt 2008-10-04 22:45:22 UTC (rev 3107)
+++ PyKerberos/trunk/README.txt 2008-10-04 22:58:17 UTC (rev 3108)
@@ -1,7 +1,7 @@
=========================================================
PyKerberos Package
-Copyright (c) 2006-2007 Apple Inc. All rights reserved.
+Copyright (c) 2006-2008 Apple Inc. All rights reserved.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
@@ -60,7 +60,7 @@
-u : user id for basic authenticate
-p : password for basic authenticate
- -s : service principal for GSSAPI authentication (defaults to 'caldav at caldav.apple.com')
+ -s : service principal for GSSAPI authentication (defaults to 'http at host.example.com')
===========
Python APIs
Modified: PyKerberos/trunk/pysrc/kerberos.py
===================================================================
--- PyKerberos/trunk/pysrc/kerberos.py 2008-10-04 22:45:22 UTC (rev 3107)
+++ PyKerberos/trunk/pysrc/kerberos.py 2008-10-04 22:58:17 UTC (rev 3108)
@@ -1,5 +1,5 @@
##
-# Copyright (c) 2006-2007 Apple Inc. All rights reserved.
+# Copyright (c) 2006-2008 Apple Inc. All rights reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -12,8 +12,6 @@
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
-#
-# DRI: Cyrus Daboo, cdaboo at apple.com
##
"""
Modified: PyKerberos/trunk/setup.py
===================================================================
--- PyKerberos/trunk/setup.py 2008-10-04 22:45:22 UTC (rev 3107)
+++ PyKerberos/trunk/setup.py 2008-10-04 22:58:17 UTC (rev 3108)
@@ -1,5 +1,5 @@
##
-# Copyright (c) 2006-2007 Apple Inc. All rights reserved.
+# Copyright (c) 2006-2008 Apple Inc. All rights reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -12,8 +12,6 @@
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
-#
-# DRI: Cyrus Daboo, cdaboo at apple.com
##
from distutils.core import setup, Extension
Modified: PyKerberos/trunk/src/base64.c
===================================================================
--- PyKerberos/trunk/src/base64.c 2008-10-04 22:45:22 UTC (rev 3107)
+++ PyKerberos/trunk/src/base64.c 2008-10-04 22:58:17 UTC (rev 3108)
@@ -1,5 +1,5 @@
/**
- * Copyright (c) 2006-2007 Apple Inc. All rights reserved.
+ * Copyright (c) 2006-2008 Apple Inc. All rights reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -12,8 +12,6 @@
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
- *
- * DRI: Cyrus Daboo, cdaboo at apple.com
**/
#include "base64.h"
@@ -65,7 +63,7 @@
*out++ = '=';
}
*out = '\0';
-
+
return result;
}
@@ -78,11 +76,11 @@
{
*rlen = 0;
int c1, c2, c3, c4;
-
+
int vlen = strlen(value);
unsigned char *result =(unsigned char *)malloc((vlen * 3) / 4 + 1);
unsigned char *out = result;
-
+
while (1)
{
if (value[0]==0)
@@ -99,7 +97,7 @@
c4 = value[3];
if ((c4 != '=') && (CHAR64(c4) == -1))
goto base64_decode_error;;
-
+
value += 4;
*out++ = (CHAR64(c1) << 2) | (CHAR64(c2) >> 4);
*rlen += 1;
@@ -114,7 +112,7 @@
}
}
}
-
+
base64_decode_error:
*result = 0;
*rlen = 0;
Modified: PyKerberos/trunk/src/base64.h
===================================================================
--- PyKerberos/trunk/src/base64.h 2008-10-04 22:45:22 UTC (rev 3107)
+++ PyKerberos/trunk/src/base64.h 2008-10-04 22:58:17 UTC (rev 3108)
@@ -1,5 +1,5 @@
/**
- * Copyright (c) 2006-2007 Apple Inc. All rights reserved.
+ * Copyright (c) 2006-2008 Apple Inc. All rights reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -12,8 +12,6 @@
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
- *
- * DRI: Cyrus Daboo, cdaboo at apple.com
**/
char *base64_encode(const unsigned char *value, int vlen);
Modified: PyKerberos/trunk/src/kerberos.c
===================================================================
--- PyKerberos/trunk/src/kerberos.c 2008-10-04 22:45:22 UTC (rev 3107)
+++ PyKerberos/trunk/src/kerberos.c 2008-10-04 22:58:17 UTC (rev 3108)
@@ -1,5 +1,5 @@
/**
- * Copyright (c) 2006-2007 Apple Inc. All rights reserved.
+ * Copyright (c) 2006-2008 Apple Inc. All rights reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -12,8 +12,6 @@
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
- *
- * DRI: Cyrus Daboo, cdaboo at apple.com
**/
#include <Python.h>
@@ -34,12 +32,12 @@
const char *service;
const char *default_realm;
int result = 0;
-
+
if (!PyArg_ParseTuple(args, "ssss", &user, &pswd, &service, &default_realm))
return NULL;
-
+
result = authenticate_user_krb5pwd(user, pswd, service, default_realm);
-
+
if (result)
return Py_INCREF(Py_True), Py_True;
else
@@ -56,7 +54,7 @@
return NULL;
result = change_user_krb5pwd(user, oldpswd, newpswd);
-
+
if (result)
return Py_INCREF(Py_True), Py_True;
else
@@ -68,12 +66,12 @@
const char *service;
const char *hostname;
char* result;
-
+
if (!PyArg_ParseTuple(args, "ss", &service, &hostname))
return NULL;
-
+
result = server_principal_details(service, hostname);
-
+
if (result != NULL)
{
PyObject* pyresult = Py_BuildValue("s", result);
@@ -90,17 +88,17 @@
gss_client_state *state;
PyObject *pystate;
int result = 0;
-
+
if (!PyArg_ParseTuple(args, "s", &service))
return NULL;
-
+
state = (gss_client_state *) malloc(sizeof(gss_client_state));
pystate = PyCObject_FromVoidPtr(state, NULL);
-
+
result = authenticate_gss_client_init(service, state);
if (result == AUTH_GSS_ERROR)
return NULL;
-
+
return Py_BuildValue("(iO)", result, pystate);
}
@@ -109,7 +107,7 @@
gss_client_state *state;
PyObject *pystate;
int result = 0;
-
+
if (!PyArg_ParseTuple(args, "O", &pystate))
return NULL;
@@ -117,16 +115,16 @@
PyErr_SetString(PyExc_TypeError, "Expected a context object");
return NULL;
}
-
+
state = (gss_client_state *)PyCObject_AsVoidPtr(pystate);
if (state != NULL)
{
result = authenticate_gss_client_clean(state);
-
+
free(state);
PyCObject_SetVoidPtr(pystate, NULL);
}
-
+
return Py_BuildValue("i", result);
}
@@ -136,7 +134,7 @@
PyObject *pystate;
char *challenge;
int result = 0;
-
+
if (!PyArg_ParseTuple(args, "Os", &pystate, &challenge))
return NULL;
@@ -144,7 +142,7 @@
PyErr_SetString(PyExc_TypeError, "Expected a context object");
return NULL;
}
-
+
state = (gss_client_state *)PyCObject_AsVoidPtr(pystate);
if (state == NULL)
return NULL;
@@ -152,7 +150,7 @@
result = authenticate_gss_client_step(state, challenge);
if (result == AUTH_GSS_ERROR)
return NULL;
-
+
return Py_BuildValue("i", result);
}
@@ -160,7 +158,7 @@
{
gss_client_state *state;
PyObject *pystate;
-
+
if (!PyArg_ParseTuple(args, "O", &pystate))
return NULL;
@@ -168,11 +166,11 @@
PyErr_SetString(PyExc_TypeError, "Expected a context object");
return NULL;
}
-
+
state = (gss_client_state *)PyCObject_AsVoidPtr(pystate);
if (state == NULL)
return NULL;
-
+
return Py_BuildValue("s", state->response);
}
@@ -180,7 +178,7 @@
{
gss_client_state *state;
PyObject *pystate;
-
+
if (!PyArg_ParseTuple(args, "O", &pystate))
return NULL;
@@ -188,11 +186,11 @@
PyErr_SetString(PyExc_TypeError, "Expected a context object");
return NULL;
}
-
+
state = (gss_client_state *)PyCObject_AsVoidPtr(pystate);
if (state == NULL)
return NULL;
-
+
return Py_BuildValue("s", state->username);
}
@@ -254,17 +252,17 @@
gss_server_state *state;
PyObject *pystate;
int result = 0;
-
+
if (!PyArg_ParseTuple(args, "s", &service))
return NULL;
-
+
state = (gss_server_state *) malloc(sizeof(gss_server_state));
pystate = PyCObject_FromVoidPtr(state, NULL);
-
+
result = authenticate_gss_server_init(service, state);
if (result == AUTH_GSS_ERROR)
return NULL;
-
+
return Py_BuildValue("(iO)", result, pystate);
}
@@ -273,7 +271,7 @@
gss_server_state *state;
PyObject *pystate;
int result = 0;
-
+
if (!PyArg_ParseTuple(args, "O", &pystate))
return NULL;
@@ -281,16 +279,16 @@
PyErr_SetString(PyExc_TypeError, "Expected a context object");
return NULL;
}
-
+
state = (gss_server_state *)PyCObject_AsVoidPtr(pystate);
if (state != NULL)
{
result = authenticate_gss_server_clean(state);
-
+
free(state);
PyCObject_SetVoidPtr(pystate, NULL);
}
-
+
return Py_BuildValue("i", result);
}
@@ -300,7 +298,7 @@
PyObject *pystate;
char *challenge;
int result = 0;
-
+
if (!PyArg_ParseTuple(args, "Os", &pystate, &challenge))
return NULL;
@@ -308,15 +306,15 @@
PyErr_SetString(PyExc_TypeError, "Expected a context object");
return NULL;
}
-
+
state = (gss_server_state *)PyCObject_AsVoidPtr(pystate);
if (state == NULL)
return NULL;
-
+
result = authenticate_gss_server_step(state, challenge);
if (result == AUTH_GSS_ERROR)
return NULL;
-
+
return Py_BuildValue("i", result);
}
@@ -324,7 +322,7 @@
{
gss_server_state *state;
PyObject *pystate;
-
+
if (!PyArg_ParseTuple(args, "O", &pystate))
return NULL;
@@ -332,11 +330,11 @@
PyErr_SetString(PyExc_TypeError, "Expected a context object");
return NULL;
}
-
+
state = (gss_server_state *)PyCObject_AsVoidPtr(pystate);
if (state == NULL)
return NULL;
-
+
return Py_BuildValue("s", state->response);
}
@@ -344,7 +342,7 @@
{
gss_server_state *state;
PyObject *pystate;
-
+
if (!PyArg_ParseTuple(args, "O", &pystate))
return NULL;
@@ -352,11 +350,11 @@
PyErr_SetString(PyExc_TypeError, "Expected a context object");
return NULL;
}
-
+
state = (gss_server_state *)PyCObject_AsVoidPtr(pystate);
if (state == NULL)
return NULL;
-
+
return Py_BuildValue("s", state->username);
}
@@ -417,15 +415,15 @@
if (!(PwdChangeException_class = PyErr_NewException("kerberos.PwdChangeError", KrbException_class, NULL)))
goto error;
Py_INCREF(PwdChangeException_class);
- PyDict_SetItemString(d, "PwdChangeError", PwdChangeException_class);
+ PyDict_SetItemString(d, "PwdChangeError", PwdChangeException_class);
if (!(GssException_class = PyErr_NewException("kerberos.GSSError", KrbException_class, NULL)))
goto error;
Py_INCREF(GssException_class);
PyDict_SetItemString(d, "GSSError", GssException_class);
- PyDict_SetItemString(d, "AUTH_GSS_COMPLETE", PyInt_FromLong(AUTH_GSS_COMPLETE));
- PyDict_SetItemString(d, "AUTH_GSS_CONTINUE", PyInt_FromLong(AUTH_GSS_CONTINUE));
+ PyDict_SetItemString(d, "AUTH_GSS_COMPLETE", PyInt_FromLong(AUTH_GSS_COMPLETE));
+ PyDict_SetItemString(d, "AUTH_GSS_CONTINUE", PyInt_FromLong(AUTH_GSS_CONTINUE));
error:
if (PyErr_Occurred())
Modified: PyKerberos/trunk/src/kerberosbasic.c
===================================================================
--- PyKerberos/trunk/src/kerberosbasic.c 2008-10-04 22:45:22 UTC (rev 3107)
+++ PyKerberos/trunk/src/kerberosbasic.c 2008-10-04 22:58:17 UTC (rev 3108)
@@ -1,5 +1,5 @@
/**
- * Copyright (c) 2006-2007 Apple Inc. All rights reserved.
+ * Copyright (c) 2006-2008 Apple Inc. All rights reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -12,8 +12,6 @@
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
- *
- * DRI: Cyrus Daboo, cdaboo at apple.com
**/
#include <Python.h>
@@ -39,7 +37,7 @@
int ret = 0;
char *name = NULL;
char *p = NULL;
-
+
code = krb5_init_context(&kcontext);
if (code)
{
@@ -47,16 +45,16 @@
"Cannot initialize Kerberos5 context", code));
return 0;
}
-
+
ret = krb5_parse_name (kcontext, service, &server);
-
+
if (ret)
{
set_basicauth_error(kcontext, ret);
ret = 0;
goto end;
}
-
+
code = krb5_unparse_name(kcontext, server, &name);
if (code)
{
@@ -69,7 +67,7 @@
#endif
free(name);
name = NULL;
-
+
name = (char *)malloc(256);
p = strchr(user, '@');
if (p == NULL)
@@ -80,7 +78,7 @@
{
snprintf(name, 256, "%s", user);
}
-
+
code = krb5_parse_name(kcontext, name, &client);
if (code)
{
@@ -88,9 +86,9 @@
ret = 0;
goto end;
}
-
+
code = verify_krb5_user(kcontext, client, pswd, server);
-
+
if (code)
{
ret = 0;
@@ -98,7 +96,7 @@
}
ret = 1;
-
+
end:
#ifdef PRINTFS
printf("kerb_authenticate_user_krb5pwd ret=%d user=%s authtype=%s\n", ret, user, "Basic");
@@ -110,7 +108,7 @@
if (server)
krb5_free_principal(kcontext, server);
krb5_free_context(kcontext);
-
+
return ret;
}
@@ -121,9 +119,9 @@
krb5_get_init_creds_opt gic_options;
krb5_error_code ret;
char *name = NULL;
-
+
memset(&creds, 0, sizeof(creds));
-
+
ret = krb5_unparse_name(context, principal, &name);
if (ret == 0)
{
@@ -132,7 +130,7 @@
#endif
free(name);
}
-
+
krb5_get_init_creds_opt_init(&gic_options);
ret = krb5_get_init_creds_password(context, &creds, principal, (char *)password, NULL, NULL, 0, NULL, &gic_options);
if (ret)
@@ -140,10 +138,10 @@
set_basicauth_error(context, ret);
goto end;
}
-
+
end:
krb5_free_cred_contents(context, &creds);
-
+
return ret;
}
Modified: PyKerberos/trunk/src/kerberosbasic.h
===================================================================
--- PyKerberos/trunk/src/kerberosbasic.h 2008-10-04 22:45:22 UTC (rev 3107)
+++ PyKerberos/trunk/src/kerberosbasic.h 2008-10-04 22:58:17 UTC (rev 3108)
@@ -1,5 +1,5 @@
/**
- * Copyright (c) 2006-2007 Apple Inc. All rights reserved.
+ * Copyright (c) 2006-2008 Apple Inc. All rights reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -12,8 +12,6 @@
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
- *
- * DRI: Cyrus Daboo, cdaboo at apple.com
**/
#include <gssapi/gssapi.h>
Modified: PyKerberos/trunk/src/kerberosgss.c
===================================================================
--- PyKerberos/trunk/src/kerberosgss.c 2008-10-04 22:45:22 UTC (rev 3107)
+++ PyKerberos/trunk/src/kerberosgss.c 2008-10-04 22:58:17 UTC (rev 3108)
@@ -1,5 +1,5 @@
/**
- * Copyright (c) 2006-2007 Apple Inc. All rights reserved.
+ * Copyright (c) 2006-2008 Apple Inc. All rights reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -12,8 +12,6 @@
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
- *
- * DRI: Cyrus Daboo, cdaboo at apple.com
**/
#include <Python.h>
@@ -24,7 +22,7 @@
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
-#include <arpa/inet.h>
+#include <arpa/inet.h>
static void set_gss_error(OM_uint32 err_maj, OM_uint32 err_min);
@@ -104,7 +102,7 @@
if (kt)
krb5_kt_close(kcontext, kt);
krb5_free_context(kcontext);
-
+
return result;
}
@@ -119,20 +117,20 @@
state->context = GSS_C_NO_CONTEXT;
state->username = NULL;
state->response = NULL;
-
+
// Import server name first
name_token.length = strlen(service);
name_token.value = (char *)service;
-
+
maj_stat = gss_import_name(&min_stat, &name_token, gss_krb5_nt_service_name, &state->server_name);
-
+
if (GSS_ERROR(maj_stat))
{
set_gss_error(maj_stat, min_stat);
ret = AUTH_GSS_ERROR;
goto end;
}
-
+
end:
return ret;
}
@@ -157,7 +155,7 @@
free(state->response);
state->response = NULL;
}
-
+
return ret;
}
@@ -168,14 +166,14 @@
gss_buffer_desc input_token = GSS_C_EMPTY_BUFFER;
gss_buffer_desc output_token = GSS_C_EMPTY_BUFFER;
int ret = AUTH_GSS_CONTINUE;
-
+
// Always clear out the old response
if (state->response != NULL)
{
free(state->response);
state->response = NULL;
}
-
+
// If there is a challenge (data from the server) we need to give it to GSS
if (challenge && *challenge)
{
@@ -183,7 +181,7 @@
input_token.value = base64_decode(challenge, &len);
input_token.length = len;
}
-
+
// Do GSSAPI step
maj_stat = gss_init_sec_context(&min_stat,
GSS_C_NO_CREDENTIAL,
@@ -198,7 +196,7 @@
&output_token,
NULL,
NULL);
-
+
if ((maj_stat != GSS_S_COMPLETE) && (maj_stat != GSS_S_CONTINUE_NEEDED))
{
set_gss_error(maj_stat, min_stat);
@@ -213,7 +211,7 @@
state->response = base64_encode((const unsigned char *)output_token.value, output_token.length);;
maj_stat = gss_release_buffer(&min_stat, &output_token);
}
-
+
// Try to get the user name if we have completed all GSS operations
if (ret == AUTH_GSS_COMPLETE)
{
@@ -225,7 +223,7 @@
ret = AUTH_GSS_ERROR;
goto end;
}
-
+
gss_buffer_desc name_token;
name_token.length = 0;
maj_stat = gss_display_name(&min_stat, gssuser, &name_token, NULL);
@@ -234,7 +232,7 @@
if (name_token.value)
gss_release_buffer(&min_stat, &name_token);
gss_release_name(&min_stat, &gssuser);
-
+
set_gss_error(maj_stat, min_stat);
ret = AUTH_GSS_ERROR;
goto end;
@@ -393,7 +391,7 @@
OM_uint32 min_stat;
gss_buffer_desc name_token = GSS_C_EMPTY_BUFFER;
int ret = AUTH_GSS_COMPLETE;
-
+
state->context = GSS_C_NO_CONTEXT;
state->server_name = GSS_C_NO_NAME;
state->client_name = GSS_C_NO_NAME;
@@ -401,13 +399,13 @@
state->client_creds = GSS_C_NO_CREDENTIAL;
state->username = NULL;
state->response = NULL;
-
+
// Import server name first
name_token.length = strlen(service);
name_token.value = (char *)service;
-
+
maj_stat = gss_import_name(&min_stat, &name_token, GSS_C_NT_HOSTBASED_SERVICE, &state->server_name);
-
+
if (GSS_ERROR(maj_stat))
{
set_gss_error(maj_stat, min_stat);
@@ -425,7 +423,7 @@
ret = AUTH_GSS_ERROR;
goto end;
}
-
+
end:
return ret;
}
@@ -435,7 +433,7 @@
OM_uint32 maj_stat;
OM_uint32 min_stat;
int ret = AUTH_GSS_COMPLETE;
-
+
if (state->context != GSS_C_NO_CONTEXT)
maj_stat = gss_delete_sec_context(&min_stat, &state->context, GSS_C_NO_BUFFER);
if (state->server_name != GSS_C_NO_NAME)
@@ -456,7 +454,7 @@
free(state->response);
state->response = NULL;
}
-
+
return ret;
}
@@ -467,7 +465,7 @@
gss_buffer_desc input_token = GSS_C_EMPTY_BUFFER;
gss_buffer_desc output_token = GSS_C_EMPTY_BUFFER;
int ret = AUTH_GSS_CONTINUE;
-
+
// Always clear out the old response
if (state->response != NULL)
{
@@ -500,7 +498,7 @@
NULL,
NULL,
&state->client_creds);
-
+
if (GSS_ERROR(maj_stat))
{
set_gss_error(maj_stat, min_stat);
@@ -514,7 +512,7 @@
state->response = base64_encode((const unsigned char *)output_token.value, output_token.length);;
maj_stat = gss_release_buffer(&min_stat, &output_token);
}
-
+
maj_stat = gss_display_name(&min_stat, state->client_name, &output_token, NULL);
if (GSS_ERROR(maj_stat))
{
@@ -525,11 +523,11 @@
state->username = (char *)malloc(output_token.length + 1);
strncpy(state->username, (char*) output_token.value, output_token.length);
state->username[output_token.length] = 0;
-
+
ret = AUTH_GSS_COMPLETE;
-
+
end:
- if (output_token.length)
+ if (output_token.length)
gss_release_buffer(&min_stat, &output_token);
if (input_token.value)
free(input_token.value);
@@ -539,12 +537,12 @@
static void set_gss_error(OM_uint32 err_maj, OM_uint32 err_min)
{
- OM_uint32 maj_stat, min_stat;
+ OM_uint32 maj_stat, min_stat;
OM_uint32 msg_ctx = 0;
gss_buffer_desc status_string;
char buf_maj[512];
char buf_min[512];
-
+
do
{
maj_stat = gss_display_status (&min_stat,
@@ -557,7 +555,7 @@
break;
strncpy(buf_maj, (char*) status_string.value, sizeof(buf_maj));
gss_release_buffer(&min_stat, &status_string);
-
+
maj_stat = gss_display_status (&min_stat,
err_min,
GSS_C_MECH_CODE,
@@ -570,6 +568,6 @@
gss_release_buffer(&min_stat, &status_string);
}
} while (!GSS_ERROR(maj_stat) && msg_ctx != 0);
-
+
PyErr_SetObject(GssException_class, Py_BuildValue("((s:i)(s:i))", buf_maj, err_maj, buf_min, err_min));
}
Modified: PyKerberos/trunk/src/kerberosgss.h
===================================================================
--- PyKerberos/trunk/src/kerberosgss.h 2008-10-04 22:45:22 UTC (rev 3107)
+++ PyKerberos/trunk/src/kerberosgss.h 2008-10-04 22:58:17 UTC (rev 3108)
@@ -1,5 +1,5 @@
/**
- * Copyright (c) 2006-2007 Apple Inc. All rights reserved.
+ * Copyright (c) 2006-2008 Apple Inc. All rights reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -12,8 +12,6 @@
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
- *
- * DRI: Cyrus Daboo, cdaboo at apple.com
**/
#include <gssapi/gssapi.h>
@@ -26,10 +24,10 @@
#define AUTH_GSS_COMPLETE 1
#define AUTH_GSS_CONTINUE 0
-#define GSS_AUTH_P_NONE 1
-#define GSS_AUTH_P_INTEGRITY 2
-#define GSS_AUTH_P_PRIVACY 4
-
+#define GSS_AUTH_P_NONE 1
+#define GSS_AUTH_P_INTEGRITY 2
+#define GSS_AUTH_P_PRIVACY 4
+
typedef struct {
gss_ctx_id_t context;
gss_name_t server_name;
@@ -52,7 +50,7 @@
int authenticate_gss_client_init(const char* service, gss_client_state* state);
int authenticate_gss_client_clean(gss_client_state *state);
int authenticate_gss_client_step(gss_client_state *state, const char *challenge);
-int authenticate_gss_client_unwrap(gss_client_state* state, const char* challenge);
+int authenticate_gss_client_unwrap(gss_client_state* state, const char* challenge);
int authenticate_gss_client_wrap(gss_client_state* state, const char* challenge, const char* user);
int authenticate_gss_server_init(const char* service, gss_server_state* state);
Modified: PyKerberos/trunk/support/main.c
===================================================================
--- PyKerberos/trunk/support/main.c 2008-10-04 22:45:22 UTC (rev 3107)
+++ PyKerberos/trunk/support/main.c 2008-10-04 22:58:17 UTC (rev 3108)
@@ -1,3 +1,18 @@
+/**
+ * Copyright (c) 2006-2008 Apple Inc. All rights reserved.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ **/
#include "kerberosgss.h"
@@ -4,15 +19,15 @@
#include "stdio.h"
int main (int argc, char * const argv[]) {
-
+
int code = 0;
char* service = 0L;
gss_server_state state;
-
+
service = server_principal_details("http", "caldav.corp.apple.com");
//printf("Got service principal: %s\n", result);
-
+
//code = authenticate_user_krb5pwd("x", "x", "http/caldav.corp.apple.com at CALDAV.CORP.APPLE.COM", "CALDAV.CORP.APPLE.COM");
code = authenticate_gss_server_init("http at CALDAV.CORP.APPLE.COM", &state);
Modified: PyKerberos/trunk/test.py
===================================================================
--- PyKerberos/trunk/test.py 2008-10-04 22:45:22 UTC (rev 3107)
+++ PyKerberos/trunk/test.py 2008-10-04 22:58:17 UTC (rev 3108)
@@ -25,9 +25,9 @@
# Extract arguments
user = ""
pswd = ""
- service = "http at CALDAV.CORP.APPLE.COM"
- host = "caldav.corp.apple.com"
- realm ="CALDAV.CORP.APPLE.COM"
+ service = "http at EXAMPLE.COM"
+ host = "host.example.com"
+ realm ="HOST.EXAMPLE.COM"
port = 8008
ssl = False
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.macosforge.org/pipermail/calendarserver-changes/attachments/20081004/8792f726/attachment-0001.html
More information about the calendarserver-changes
mailing list