Doc improvements; make GssNameType an interface

Author: jake-desco

build-tools/gen-gss-name-oids.go

@@ -43,7 +43,7 @@ package gssapi
 // GENERATED CODE: DO NOT EDIT
 
 var nameTypes = []struct {
-	id        GssNameType
+	id        gssNameTypeImpl
 	name      string
 	oidString string
 	oid       Oid

v3/cred.go

@@ -39,7 +39,7 @@ type Credential interface {
 	// This method corresponds to GSS_Release_cred from RFC 2743 § 2.1.2.
 	//
 	// Returns:
-	//   - err: error if one occurred, otherwise nil
+	//   - error if one occurred, otherwise nil
 	Release() error // RFC 2743 § 2.1.2
 
 	// Inquire returns information about the credential, implementing the GSS_Inquire_cred call
@@ -56,7 +56,7 @@ type Credential interface {
 	// Returns:
 	//   - info: information about the credential
 	//   - err: error if one occurred, otherwise nil
-	Inquire() (*CredInfo, error) // RFC 2743 § 2.1.3
+	Inquire() (info *CredInfo, err error) // RFC 2743 § 2.1.3
 
 	// Add adds a credential element to the Credential. This method implements the GSS_Add_cred call
 	// described in RFC 2743 § 2.1.4.
@@ -78,7 +78,7 @@ type Credential interface {
 	//     CredUsageAcceptOnly or CredUsageInitiateAndAccept, or the zero value for a default value
 	//
 	// Returns:
-	//   - err: error if one occurred, otherwise nil
+	//   - error if one occurred, otherwise nil
 	Add(name GssName, mech GssMech, usage CredUsage, initiatorLifetime time.Duration, acceptorLifetime time.Duration) error // RFC 2743 § 2.1.4
 
 	// InquireByMech returns information about the credential element related to mech, implementing the
@@ -98,5 +98,5 @@ type Credential interface {
 	// Returns:
 	//   - info: information about the credential element
 	//   - err: error if one occurred, otherwise nil
-	InquireByMech(mech GssMech) (*CredInfo, error) // RFC 2743 § 2.1.5
+	InquireByMech(mech GssMech) (info *CredInfo, err error) // RFC 2743 § 2.1.5
 }

v3/names.go

@@ -8,9 +8,20 @@ import (
 
 //go:generate  go run ../build-tools/gen-gss-name-oids.go -o names_gen.go
 
-// GssNameType defines the name types in a mech-independent fashion,
-// as described in RFC 2743 § 4
-type GssNameType int
+// GssNameType describes an available GSSAPI Name Type (NT) as described in
+// RFC 2743 § 4.
+type GssNameType interface {
+	// Oid returns the object identifier corresponding to the name type.
+	Oid() Oid
+	// OidString returns a printable version of the object identifier associated with the mechanism.
+	OidString() string
+	// String returns a printable version of the mechanism name.
+	String() string
+}
+
+// gssNameTypeImpl is an internal type that implements the GssNameType interface for the
+// well-known name types.  It supports well known name types.
+type gssNameTypeImpl int
 
 // GssName represents GSSAPI names (types INTERNAL NAME and MN) as described in RFC 2743 § 4.
 // This interface includes support for name-related calls: GSS_Compare_name, GSS_Display_name,
@@ -29,7 +40,7 @@ type GssName interface {
 	// Returns:
 	//   - equal: boolean value indicating whether the two names are equal
 	//   - err: error if one occurred, otherwise nil
-	Compare(other GssName) (bool, error) // RFC 2743 § 2.4.3
+	Compare(other GssName) (equal bool, err error) // RFC 2743 § 2.4.3
 
 	// Display implements GSS_Display_Name from RFC 2743 § 2.4.4.
 	// It returns a string representation of the name and its type.
@@ -38,13 +49,13 @@ type GssName interface {
 	//   - disp: string representation of the name
 	//   - nt: type of the name
 	//   - err: error if one occurred, otherwise nil
-	Display() (string, GssNameType, error) // RFC 2743 § 2.4.4
+	Display() (disp string, nt GssNameType, err error) // RFC 2743 § 2.4.4
 
 	// Release implements GSS_Release_Name from RFC 2743 § 2.4.6.
 	// It releases the name when it is no longer required.
 	//
 	// Returns:
-	//   - err: error if one occurred, otherwise nil
+	//   - error if one occurred, otherwise nil
 	Release() error // RFC 2743 § 2.4.6
 
 	// InquireMechs implements GSS_Inquire_mechs_for_name from RFC 2743 § 2.4.13.
@@ -53,7 +64,7 @@ type GssName interface {
 	// Returns:
 	//   - mechs: set of mechanisms that support the name
 	//   - err: error if one occurred, otherwise nil
-	InquireMechs() ([]GssMech, error) // RFC 2743 § 2.4.13
+	InquireMechs() (mechs []GssMech, err error) // RFC 2743 § 2.4.13
 
 	// Canonicalize implements GSS_Canonicalize_name from RFC 2743 § 2.4.14.
 	// It converts the name to a mechanism-specific form (MN).
@@ -64,7 +75,7 @@ type GssName interface {
 	// Returns:
 	//   - name: the canonical GssName. This must be released using GssName.Release()
 	//   - err: error if one occurred, otherwise nil
-	Canonicalize(GssMech) (GssName, error) // RFC 2743 § 2.4.14
+	Canonicalize(mech GssMech) (name GssName, err error) // RFC 2743 § 2.4.14
 
 	// Export creates an exported byte representation of a mechanism name (MN) that is the result of
 	// a call to CanonicalizeName() or Provider.AcceptSecContext().
@@ -76,23 +87,23 @@ type GssName interface {
 	// Returns:
 	//   - exp: the exported name representation
 	//   - err: error if one occurred, otherwise nil
-	Export() ([]byte, error) // RFC 2743 § 2.4.15
+	Export() (exp []byte, err error) // RFC 2743 § 2.4.15
 
 	// Duplicate implements GSS_Duplicate_name from RFC 2743 § 2.4.16.
 	// It creates a copy of the name that remains valid even if the source name is released.
 	//
 	// Returns:
 	//   - name: the duplicated name. This must be released using GssName.Release()
 	//   - err: error if one occurred, otherwise nil
-	Duplicate() (GssName, error) // RFC 2743 § 2.4.16
+	Duplicate() (name GssName, err error) // RFC 2743 § 2.4.16
 }
 
 // NOTE: if the order here changes also change
 // gen-gss-name-oids.go!
 
 const (
 	// Host-based name form (RFC 2743 § 4.1),      "service@host" or just "service"
-	GSS_NT_HOSTBASED_SERVICE GssNameType = iota
+	GSS_NT_HOSTBASED_SERVICE gssNameTypeImpl = iota
 
 	// User name form (RFC 2743 § 4.2),            "username" : named local user
 	GSS_NT_USER_NAME
@@ -136,48 +147,56 @@ const (
 	_GSS_NAME_TYPE_LAST
 )
 
-func (nt GssNameType) Oid() Oid {
+func (nt gssNameTypeImpl) Oid() Oid {
 	if nt >= _GSS_NAME_TYPE_LAST {
 		panic(ErrBadNameType)
 	}
 
 	return nameTypes[nt].oid
 }
 
-func (nt GssNameType) OidString() string {
+func (nt gssNameTypeImpl) OidString() string {
 	if nt >= _GSS_NAME_TYPE_LAST {
 		panic(ErrBadNameType)
 	}
 
 	return nameTypes[nt].oidString
 }
 
-func (nt GssNameType) String() string {
+func (nt gssNameTypeImpl) String() string {
 	if nt >= _GSS_NAME_TYPE_LAST {
 		panic(ErrBadNameType)
 	}
 
 	return nameTypes[nt].name
 }
 
-// NameFromOid returns the name type associated with an OID, or an error if the OID is unknown.
+// NameTypeFromOid returns the name type associated with an OID.
+//
+// The standard implementation offers this function for use with the gssNameTypeImpl
+// internal type for a standard set of well known name types.
+//
+// If a provider needs to support a different name type, it can be added to gssNameTypeImpl via a pull
+// request to the go-gssapi repository. Alternatively, a new implementation of GssNameType can be
+// created for use by that GSSAPI implementation. Depending on the requirements, a replacement for
+// NameTypeFromOid may also need to be provided by the provider.
 // This function is provided to map a name OID to a name type.
 //
 // Parameters:
 //   - oid: the object identifier to look up
 //
 // Returns:
-//   - GssNameType: the corresponding name type
+//   - gssNameTypeImpl: the corresponding name type
 //   - error: ErrBadNameType if the OID is not recognized
-func NameFromOid(oid Oid) (GssNameType, error) {
+func NameTypeFromOid(oid Oid) (gssNameTypeImpl, error) {
 	for i, nt := range nameTypes {
 		if slices.Equal(nt.oid, oid) {
-			return GssNameType(i), nil
+			return gssNameTypeImpl(i), nil
 		}
 
 		for _, alt := range nt.altOids {
 			if slices.Equal(alt, oid) {
-				return GssNameType(i), nil
+				return gssNameTypeImpl(i), nil
 			}
 		}
 	}

v3/names_gen.go

@@ -5,7 +5,7 @@ package gssapi
 // GENERATED CODE: DO NOT EDIT
 
 var nameTypes = []struct {
-	id        GssNameType
+	id        gssNameTypeImpl
 	name      string
 	oidString string
 	oid       Oid

v3/names_test.go

@@ -20,7 +20,7 @@ func TestNtOid(t *testing.T) {
 	oid = GSS_NT_USER_NAME.Oid()
 	assert.Equal(Oid{0x2a, 0x86, 0x48, 0x86, 0xf7, 0x12, 0x01, 0x02, 0x01, 0x01}, oid)
 
-	badNt := GssNameType(100)
+	badNt := gssNameTypeImpl(100)
 	assert.PanicsWithValue(ErrBadNameType, func() { _ = badNt.Oid() })
 }
 
@@ -36,7 +36,7 @@ func TestNtOidString(t *testing.T) {
 	oid = GSS_NT_USER_NAME.OidString()
 	assert.Equal("1.2.840.113554.1.2.1.1", oid)
 
-	badNt := GssNameType(100)
+	badNt := gssNameTypeImpl(100)
 	assert.PanicsWithValue(ErrBadNameType, func() { _ = badNt.OidString() })
 }
 
@@ -52,33 +52,33 @@ func TestNtString(t *testing.T) {
 	oid = GSS_NT_USER_NAME.String()
 	assert.Equal("GSS_NT_USER_NAME", oid)
 
-	badNt := GssNameType(100)
+	badNt := gssNameTypeImpl(100)
 	assert.PanicsWithValue(ErrBadNameType, func() { _ = badNt.String() })
 }
 
 func TestNameFromOid(t *testing.T) {
 	assert := assert.New(t)
 
 	// from a good primary OID
-	nt, err := NameFromOid(Oid{0x2a, 0x86, 0x48, 0x86, 0xf7, 0x12, 0x01, 0x02, 0x01, 0x01})
+	nt, err := NameTypeFromOid(Oid{0x2a, 0x86, 0x48, 0x86, 0xf7, 0x12, 0x01, 0x02, 0x01, 0x01})
 	assert.NoError(err)
 	assert.Equal(GSS_NT_USER_NAME, nt)
 
 	// from a secondary OID
-	nt, err = NameFromOid(Oid{0x2B, 0x06, 0x01, 0x05, 0x06, 0x02})
+	nt, err = NameTypeFromOid(Oid{0x2B, 0x06, 0x01, 0x05, 0x06, 0x02})
 	assert.NoError(err)
 	assert.Equal(GSS_NT_HOSTBASED_SERVICE, nt)
 
-	nt, err = NameFromOid(Oid{0x2a, 0x86, 0x48, 0x82, 0xf7, 0x12, 0x01, 0x02, 0x02})
+	nt, err = NameTypeFromOid(Oid{0x2a, 0x86, 0x48, 0x82, 0xf7, 0x12, 0x01, 0x02, 0x02})
 	assert.NoError(err)
 	assert.Equal(GSS_KRB5_NT_PRINCIPAL_NAME, nt)
 
 	// from a bad oid
-	_, err = NameFromOid(Oid{0x00})
+	_, err = NameTypeFromOid(Oid{0x00})
 	assert.ErrorIs(err, ErrBadNameType)
 
 	// from a nil oid
-	nt, err = NameFromOid(nil)
+	nt, err = NameTypeFromOid(nil)
 	assert.NoError(err)
 	assert.Equal(GSS_NO_OID, nt)
 }