Skip to content

Commit c27ce83

Browse files
committed
Heimdal/Mac support for the examples
1 parent 550f57d commit c27ce83

File tree

7 files changed

+153
-9
lines changed

7 files changed

+153
-9
lines changed

.gitignore

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -6,6 +6,7 @@
66
*.dylib
77
*.o
88
*.class
9+
*.swp
910

1011
examples/c/gss-client-c
1112
examples/c/gss-server-c

examples/c/Makefile

Lines changed: 5 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -6,8 +6,11 @@ OBJS = $(SRC:.c=.o)
66

77
all: $(BINS)
88

9+
export CPPFLAGS = -I/usr/local/opt/heimdal/include
10+
export LDFLAGS = -L/usr/local/opt/heimdal/lib -lgssapi
11+
912
gss-server-c: gss-server.o gss-misc.o
10-
$(CC) -g -o $@ $^ -lgssapi_krb5
13+
$(CC) -g -o $@ $^ ${LDFLAGS}
1114

1215
gss-client-c: gss-client.o gss-misc.o
13-
$(CC) -g -o $@ $^ -lgssapi_krb5
16+
$(CC) -g -o $@ $^ ${LDFLAGS}

examples/c/gss-client.c

Lines changed: 127 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -35,10 +35,20 @@
3535
#include <sys/stat.h>
3636
#include <fcntl.h>
3737
#include <stdbool.h>
38+
#include <limits.h>
39+
#include <assert.h>
3840

3941
#include <gssapi/gssapi.h>
4042
#include "gss-misc.h"
4143

44+
#if !defined (GSS_EMPTY_BUFFER)
45+
#define GSS_EMPTY_BUFFER(buf) ((buf) == NULL || \
46+
(buf)->value == NULL || (buf)->length == 0)
47+
#endif
48+
49+
OM_uint32 gss_str_to_oid(OM_uint32 *minor_status, gss_buffer_t oid_str, gss_OID *oid_out);
50+
51+
4252
void usage()
4353
{
4454
fprintf(stderr, "Usage: gss-client [-port port] [-d] [-seal] [-mutual] host service \
@@ -559,4 +569,120 @@ int main(argc, argv)
559569
(void) gss_release_oid(&min_stat, &oid);
560570

561571
return 0;
562-
}
572+
}
573+
574+
/* Return the length of a DER OID subidentifier encoding. */
575+
static size_t
576+
arc_encoded_length(unsigned long arc)
577+
{
578+
size_t len = 1;
579+
580+
for (arc >>= 7; arc; arc >>= 7)
581+
len++;
582+
return len;
583+
}
584+
585+
/* Encode a subidentifier into *bufp and advance it to the encoding's end. */
586+
static void
587+
arc_encode(unsigned long arc, unsigned char **bufp)
588+
{
589+
unsigned char *p;
590+
591+
/* Advance to the end and encode backwards. */
592+
p = *bufp = *bufp + arc_encoded_length(arc);
593+
*--p = arc & 0x7f;
594+
for (arc >>= 7; arc; arc >>= 7)
595+
*--p = (arc & 0x7f) | 0x80;
596+
}
597+
598+
599+
static int
600+
get_arc(const unsigned char **bufp, const unsigned char *end,
601+
unsigned long *arc_out)
602+
{
603+
const unsigned char *p = *bufp;
604+
unsigned long arc = 0, newval;
605+
606+
if (p == end || !isdigit(*p))
607+
return 0;
608+
for (; p < end && isdigit(*p); p++) {
609+
newval = arc * 10 + (*p - '0');
610+
if (newval < arc)
611+
return 0;
612+
arc = newval;
613+
}
614+
while (p < end && (isspace(*p) || *p == '.'))
615+
p++;
616+
*bufp = p;
617+
*arc_out = arc;
618+
return 1;
619+
}
620+
621+
OM_uint32 gss_str_to_oid(OM_uint32 *minor_status, gss_buffer_t oid_str, gss_OID *oid_out)
622+
{
623+
const unsigned char *p, *end, *arc3_start;
624+
unsigned char *out;
625+
unsigned long arc, arc1, arc2;
626+
size_t nbytes;
627+
int brace = 0;
628+
gss_OID oid;
629+
630+
if (minor_status != NULL)
631+
*minor_status = 0;
632+
633+
if (oid_out != NULL)
634+
*oid_out = GSS_C_NO_OID;
635+
636+
if (GSS_EMPTY_BUFFER(oid_str))
637+
return (GSS_S_CALL_INACCESSIBLE_READ);
638+
639+
if (oid_out == NULL)
640+
return (GSS_S_CALL_INACCESSIBLE_WRITE);
641+
642+
/* Skip past initial spaces and, optionally, an open brace. */
643+
brace = 0;
644+
p = oid_str->value;
645+
end = p + oid_str->length;
646+
while (p < end && isspace(*p))
647+
p++;
648+
if (p < end && *p == '{') {
649+
brace = 1;
650+
p++;
651+
}
652+
while (p < end && isspace(*p))
653+
p++;
654+
655+
/* Get the first two arc values, to be encoded as one subidentifier. */
656+
if (!get_arc(&p, end, &arc1) || !get_arc(&p, end, &arc2))
657+
return (GSS_S_FAILURE);
658+
if (arc1 > 2 || (arc1 < 2 && arc2 > 39) || arc2 > ULONG_MAX - 80)
659+
return (GSS_S_FAILURE);
660+
arc3_start = p;
661+
662+
/* Compute the total length of the encoding while checking syntax. */
663+
nbytes = arc_encoded_length(arc1 * 40 + arc2);
664+
while (get_arc(&p, end, &arc))
665+
nbytes += arc_encoded_length(arc);
666+
if (brace && (p == end || *p != '}'))
667+
return (GSS_S_FAILURE);
668+
669+
/* Allocate an oid structure. */
670+
oid = malloc(sizeof(*oid));
671+
if (oid == NULL)
672+
return (GSS_S_FAILURE);
673+
oid->elements = malloc(nbytes);
674+
if (oid->elements == NULL) {
675+
free(oid);
676+
return (GSS_S_FAILURE);
677+
}
678+
oid->length = nbytes;
679+
680+
out = oid->elements;
681+
arc_encode(arc1 * 40 + arc2, &out);
682+
p = arc3_start;
683+
while (get_arc(&p, end, &arc))
684+
arc_encode(arc, &out);
685+
assert(out - nbytes == oid->elements);
686+
*oid_out = oid;
687+
return(GSS_S_COMPLETE);
688+
}

examples/go/go.mod

Lines changed: 4 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,9 +1,11 @@
11
module examples
22

3-
go 1.22.4
3+
go 1.21
44

55
replace github.com/golang-auth/go-gssapi/v3 => ../../v3
66

7-
require github.com/golang-auth/go-gssapi/v3 v3.0.0-alpha
7+
replace github.com/golang-auth/go-gssapi-c => ../../../go-gssapi-c
8+
9+
require github.com/golang-auth/go-gssapi/v3 v3.0.0-alpha.1
810

911
require github.com/golang-auth/go-gssapi-c v0.0.0-20240828194135-955ba90d4511

examples/go/go.sum

Lines changed: 0 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -1,9 +1,5 @@
11
github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
22
github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
3-
github.com/golang-auth/go-gssapi-c v0.0.0-20240827133603-e7af9f04586a h1:qdMspd9EVKyHD4PqzYpCDpWaBwdm4oBY1u631biS/3U=
4-
github.com/golang-auth/go-gssapi-c v0.0.0-20240827133603-e7af9f04586a/go.mod h1:7+YbBfLmM3gMF6DoCfjZFQBx1SXj1Uru6Y2tl77nhJ8=
5-
github.com/golang-auth/go-gssapi-c v0.0.0-20240828194135-955ba90d4511 h1:k9cgAxS+AYKwAN7/moi03LK3EjTFUKeMRh9Cu2j4/D0=
6-
github.com/golang-auth/go-gssapi-c v0.0.0-20240828194135-955ba90d4511/go.mod h1:rb9NLAgRMfr732Kvm1mOH5J6eIx/WULl8rAFNXSzGqY=
73
github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
84
github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
95
github.com/stretchr/testify v1.9.0 h1:HtqpIVDClZ4nwg75+f6Lvsy/wHu+3BoSGCbBAcpTsTg=

examples/testvectors/krb5.conf

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -6,3 +6,5 @@ dns_lookup_kdc = false
66
dns_uri_lookup = false
77
rdns = false
88

9+
supported_enctypes = aes256-cts-hmac-sha384-192,aes256-cts-hmac-sha1-96,aes128-cts-hmac-sha256-128,aes128-cts-hmac-sha1-96
10+

examples/testvectors/openssl.conf

Lines changed: 14 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,14 @@
1+
openssl_conf = openssl_init
2+
3+
[openssl_init]
4+
providers = provider_sect
5+
6+
[provider_sect]
7+
default = default_sect
8+
legacy = legacy_sect
9+
10+
[default_sect]
11+
activate = 1
12+
13+
[legacy_sect]
14+
activate = 1

0 commit comments

Comments
 (0)