-# generated automatically by aclocal 1.16.1 -*- Autoconf -*-
+# generated automatically by aclocal 1.16.3 -*- Autoconf -*-
-# Copyright (C) 1996-2018 Free Software Foundation, Inc.
+# Copyright (C) 1996-2020 Free Software Foundation, Inc.
# This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
# PARTICULAR PURPOSE.
m4_ifndef([AC_CONFIG_MACRO_DIRS], [m4_defun([_AM_CONFIG_MACRO_DIRS], [])m4_defun([AC_CONFIG_MACRO_DIRS], [_AM_CONFIG_MACRO_DIRS($@)])])
-dnl pkg.m4 - Macros to locate and utilise pkg-config. -*- Autoconf -*-
-dnl serial 11 (pkg-config-0.29)
-dnl
+# pkg.m4 - Macros to locate and utilise pkg-config. -*- Autoconf -*-
+# serial 12 (pkg-config-0.29.2)
+
dnl Copyright © 2004 Scott James Remnant <scott@netsplit.com>.
dnl Copyright © 2012-2015 Dan Nicholson <dbn.lists@gmail.com>
dnl
dnl See the "Since" comment for each macro you use to see what version
dnl of the macros you require.
m4_defun([PKG_PREREQ],
-[m4_define([PKG_MACROS_VERSION], [0.29])
+[m4_define([PKG_MACROS_VERSION], [0.29.2])
m4_if(m4_version_compare(PKG_MACROS_VERSION, [$1]), -1,
[m4_fatal([pkg.m4 version $1 or higher is required but ]PKG_MACROS_VERSION[ found])])
])dnl PKG_PREREQ
AC_ARG_VAR([$1][_LIBS], [linker flags for $1, overriding pkg-config])dnl
pkg_failed=no
-AC_MSG_CHECKING([for $1])
+AC_MSG_CHECKING([for $2])
_PKG_CONFIG([$1][_CFLAGS], [cflags], [$2])
_PKG_CONFIG([$1][_LIBS], [libs], [$2])
See the pkg-config man page for more details.])
if test $pkg_failed = yes; then
- AC_MSG_RESULT([no])
+ AC_MSG_RESULT([no])
_PKG_SHORT_ERRORS_SUPPORTED
if test $_pkg_short_errors_supported = yes; then
$1[]_PKG_ERRORS=`$PKG_CONFIG --short-errors --print-errors --cflags --libs "$2" 2>&1`
- else
+ else
$1[]_PKG_ERRORS=`$PKG_CONFIG --print-errors --cflags --libs "$2" 2>&1`
fi
# Put the nasty error message in config.log where it belongs
_PKG_TEXT])[]dnl
])
elif test $pkg_failed = untried; then
- AC_MSG_RESULT([no])
+ AC_MSG_RESULT([no])
m4_default([$4], [AC_MSG_FAILURE(
[The pkg-config script could not be found or is too old. Make sure it
is in your PATH or set the PKG_CONFIG environment variable to the full
ISC_PLATFORM_HAVESYSUNH
DST_EXTRA_SRCS
DST_EXTRA_OBJS
-USE_ISC_SPNEGO
ISC_EXTRA_SRCS
ISC_EXTRA_OBJS
LWRES_PLATFORM_NEEDVSNPRINTF
docdir
oldincludedir
includedir
+runstatedir
localstatedir
sharedstatedir
sysconfdir
enable_tcp_fastopen
enable_getifaddrs
with_readline
-enable_isc_spnego
enable_chroot
enable_linux_caps
with_rlimtype
sysconfdir='${prefix}/etc'
sharedstatedir='${prefix}/com'
localstatedir='${prefix}/var'
+runstatedir='${localstatedir}/run'
includedir='${prefix}/include'
oldincludedir='/usr/include'
docdir='${datarootdir}/doc/${PACKAGE_TARNAME}'
| -silent | --silent | --silen | --sile | --sil)
silent=yes ;;
+ -runstatedir | --runstatedir | --runstatedi | --runstated \
+ | --runstate | --runstat | --runsta | --runst | --runs \
+ | --run | --ru | --r)
+ ac_prev=runstatedir ;;
+ -runstatedir=* | --runstatedir=* | --runstatedi=* | --runstated=* \
+ | --runstate=* | --runstat=* | --runsta=* | --runst=* | --runs=* \
+ | --run=* | --ru=* | --r=*)
+ runstatedir=$ac_optarg ;;
+
-sbindir | --sbindir | --sbindi | --sbind | --sbin | --sbi | --sb)
ac_prev=sbindir ;;
-sbindir=* | --sbindir=* | --sbindi=* | --sbind=* | --sbin=* \
for ac_var in exec_prefix prefix bindir sbindir libexecdir datarootdir \
datadir sysconfdir sharedstatedir localstatedir includedir \
oldincludedir docdir infodir htmldir dvidir pdfdir psdir \
- libdir localedir mandir
+ libdir localedir mandir runstatedir
do
eval ac_val=\$$ac_var
# Remove trailing slashes.
--sysconfdir=DIR read-only single-machine data [PREFIX/etc]
--sharedstatedir=DIR modifiable architecture-independent data [PREFIX/com]
--localstatedir=DIR modifiable single-machine data [PREFIX/var]
+ --runstatedir=DIR modifiable per-process data [LOCALSTATEDIR/run]
--libdir=DIR object code libraries [EPREFIX/lib]
--includedir=DIR C header files [PREFIX/include]
--oldincludedir=DIR C header files for non-gcc [/usr/include]
--enable-ipv6 use IPv6 [default=autodetect]
--disable-tcp-fastopen disable TCP Fast Open support [default=autodetect]
--enable-getifaddrs enable the use of getifaddrs() [yes|no].
- --disable-isc-spnego use SPNEGO from GSSAPI library
--disable-chroot disable chroot
--disable-linux-caps disable linux capabilities
--enable-atomic enable machine specific atomic operations
fi
: ${AR=ar}
-: ${AR_FLAGS=cru}
+: ${AR_FLAGS=cr}
_LT_EOF
echo "$LTCC $LTCFLAGS -c -o conftest.o conftest.c" >&5
$LTCC $LTCFLAGS -c -o conftest.o conftest.c 2>&5
- echo "$AR cru libconftest.a conftest.o" >&5
- $AR cru libconftest.a conftest.o 2>&5
+ echo "$AR cr libconftest.a conftest.o" >&5
+ $AR cr libconftest.a conftest.o 2>&5
echo "$RANLIB libconftest.a" >&5
$RANLIB libconftest.a 2>&5
cat > conftest.c << _LT_EOF
# to the OS version, if on x86, and 10.4, the deployment
# target defaults to 10.4. Don't you love it?
case ${MACOSX_DEPLOYMENT_TARGET-10.0},$host in
- 10.0,*86*-darwin8*|10.0,*-darwin[91]*)
+ 10.0,*86*-darwin8*|10.0,*-darwin[912]*)
_lt_dar_allow_undefined='$wl-undefined ${wl}dynamic_lookup' ;;
10.[012][,.]*)
_lt_dar_allow_undefined='$wl-flat_namespace $wl-undefined ${wl}suppress' ;;
- 10.*)
+ 10.*|11.*)
_lt_dar_allow_undefined='$wl-undefined ${wl}dynamic_lookup' ;;
esac
;;
lt_prog_compiler_pic='-KPIC'
lt_prog_compiler_static='-static'
;;
+ # flang / f18. f95 an alias for gfortran or flang on Debian
+ flang* | f18* | f95*)
+ lt_prog_compiler_wl='-Wl,'
+ lt_prog_compiler_pic='-fPIC'
+ lt_prog_compiler_static='-static'
+ ;;
# icc used to be incompatible with GCC.
# ICC 10 doesn't accept -KPIC any more.
icc* | ifort*)
auto) :
pkg_failed=no
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for MAXMINDDB" >&5
-$as_echo_n "checking for MAXMINDDB... " >&6; }
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for libmaxminddb" >&5
+$as_echo_n "checking for libmaxminddb... " >&6; }
if test -n "$MAXMINDDB_CFLAGS"; then
pkg_cv_MAXMINDDB_CFLAGS="$MAXMINDDB_CFLAGS"
if test $pkg_failed = yes; then
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+ { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
$as_echo "no" >&6; }
if $PKG_CONFIG --atleast-pkgconfig-version 0.20; then
:
elif test $pkg_failed = untried; then
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+ { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
$as_echo "no" >&6; }
:
else
yes) :
pkg_failed=no
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for MAXMINDDB" >&5
-$as_echo_n "checking for MAXMINDDB... " >&6; }
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for libmaxminddb" >&5
+$as_echo_n "checking for libmaxminddb... " >&6; }
if test -n "$MAXMINDDB_CFLAGS"; then
pkg_cv_MAXMINDDB_CFLAGS="$MAXMINDDB_CFLAGS"
if test $pkg_failed = yes; then
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+ { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
$as_echo "no" >&6; }
if $PKG_CONFIG --atleast-pkgconfig-version 0.20; then
and MAXMINDDB_LIBS to avoid the need to call pkg-config.
See the pkg-config man page for more details." "$LINENO" 5
elif test $pkg_failed = untried; then
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+ { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
$as_echo "no" >&6; }
{ { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
$as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
auto) :
pkg_failed=no
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for LIBXML2" >&5
-$as_echo_n "checking for LIBXML2... " >&6; }
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for libxml-2.0 >= 2.6.0" >&5
+$as_echo_n "checking for libxml-2.0 >= 2.6.0... " >&6; }
if test -n "$LIBXML2_CFLAGS"; then
pkg_cv_LIBXML2_CFLAGS="$LIBXML2_CFLAGS"
if test $pkg_failed = yes; then
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+ { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
$as_echo "no" >&6; }
if $PKG_CONFIG --atleast-pkgconfig-version 0.20; then
:
elif test $pkg_failed = untried; then
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+ { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
$as_echo "no" >&6; }
:
else
yes) :
pkg_failed=no
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for LIBXML2" >&5
-$as_echo_n "checking for LIBXML2... " >&6; }
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for libxml-2.0 >= 2.6.0" >&5
+$as_echo_n "checking for libxml-2.0 >= 2.6.0... " >&6; }
if test -n "$LIBXML2_CFLAGS"; then
pkg_cv_LIBXML2_CFLAGS="$LIBXML2_CFLAGS"
if test $pkg_failed = yes; then
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+ { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
$as_echo "no" >&6; }
if $PKG_CONFIG --atleast-pkgconfig-version 0.20; then
and LIBXML2_LIBS to avoid the need to call pkg-config.
See the pkg-config man page for more details." "$LINENO" 5
elif test $pkg_failed = untried; then
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+ { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
$as_echo "no" >&6; }
{ { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
$as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
fi
-#
-# Use our own SPNEGO implementation?
-#
-# [pairwise: --enable-isc-spnego, --disable-isc-spnego]
-# Check whether --enable-isc-spnego was given.
-if test "${enable_isc_spnego+set}" = set; then :
- enableval=$enable_isc_spnego;
-fi
-
-
-if test -n "$USE_GSSAPI"
-then
- case "$enable_isc_spnego" in
- yes|'')
- USE_ISC_SPNEGO='-DUSE_ISC_SPNEGO'
- DST_EXTRA_OBJS="$DST_EXTRA_OBJS spnego.$O"
- DST_EXTRA_SRCS="$DST_EXTRA_SRCS spnego.c"
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: using SPNEGO from lib/dns" >&5
-$as_echo "using SPNEGO from lib/dns" >&6; }
- ;;
- no)
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: using SPNEGO from GSSAPI library" >&5
-$as_echo "using SPNEGO from GSSAPI library" >&6; }
- ;;
- esac
-fi
-
-
pkg_failed=no
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for CMOCKA" >&5
-$as_echo_n "checking for CMOCKA... " >&6; }
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for cmocka >= 1.0.0" >&5
+$as_echo_n "checking for cmocka >= 1.0.0... " >&6; }
if test -n "$CMOCKA_CFLAGS"; then
pkg_cv_CMOCKA_CFLAGS="$CMOCKA_CFLAGS"
if test $pkg_failed = yes; then
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+ { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
$as_echo "no" >&6; }
if $PKG_CONFIG --atleast-pkgconfig-version 0.20; then
and CMOCKA_LIBS to avoid the need to call pkg-config.
See the pkg-config man page for more details." "$LINENO" 5
elif test $pkg_failed = untried; then
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+ { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
$as_echo "no" >&6; }
{ { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
$as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
AC_SUBST(ISC_EXTRA_SRCS)
AC_CHECK_FUNC(strerror, AC_DEFINE(HAVE_STRERROR))
-#
-# Use our own SPNEGO implementation?
-#
-# [pairwise: --enable-isc-spnego, --disable-isc-spnego]
-AC_ARG_ENABLE(isc-spnego,
- AS_HELP_STRING([--disable-isc-spnego],
- [use SPNEGO from GSSAPI library]))
-
-if test -n "$USE_GSSAPI"
-then
- case "$enable_isc_spnego" in
- yes|'')
- USE_ISC_SPNEGO='-DUSE_ISC_SPNEGO'
- DST_EXTRA_OBJS="$DST_EXTRA_OBJS spnego.$O"
- DST_EXTRA_SRCS="$DST_EXTRA_SRCS spnego.c"
- AC_MSG_RESULT(using SPNEGO from lib/dns)
- ;;
- no)
- AC_MSG_RESULT(using SPNEGO from GSSAPI library)
- ;;
- esac
-fi
-
-AC_SUBST(USE_ISC_SPNEGO)
AC_SUBST(DST_EXTRA_OBJS)
AC_SUBST(DST_EXTRA_SRCS)
@BIND9_MAKE_INCLUDES@
-USE_ISC_SPNEGO = @USE_ISC_SPNEGO@
-
CINCLUDES = -I. -I${top_srcdir}/lib/dns -Iinclude ${DNS_INCLUDES} \
${ISC_INCLUDES} ${MAXMINDDB_CFLAGS} \
@DST_OPENSSL_INC@ @DST_GSSAPI_INC@
-CDEFINES = -DUSE_MD5 @CRYPTO@ @USE_GSSAPI@ ${USE_ISC_SPNEGO}
+CDEFINES = -DUSE_MD5 @CRYPTO@ @USE_GSSAPI@
CWARNINGS =
$(PROTOC_C) --c_out=. --proto_path ${srcdir} dnstap.proto
dnstap.pb-c.@O@: dnstap.pb-c.c
-
-spnego.@O@: spnego_asn1.c spnego.h
#include "dst_internal.h"
-/*
- * If we're using our own SPNEGO implementation (see configure.in),
- * pull it in now. Otherwise, we just use whatever GSSAPI supplies.
- */
-#if defined(GSSAPI) && defined(USE_ISC_SPNEGO)
-#include "spnego.h"
-#define gss_accept_sec_context gss_accept_sec_context_spnego
-#define gss_init_sec_context gss_init_sec_context_spnego
-#endif
-
/*
* Solaris8 apparently needs an explicit OID set, and Solaris10 needs
* one for anything but Kerberos. Supplying an explicit OID set
0x2a, 0x86, 0x48, 0x86, 0xf7, 0x12, 0x01, 0x02, 0x02
};
-#ifndef USE_ISC_SPNEGO
-static unsigned char spnego_mech_oid_bytes[] = {
- 0x2b, 0x06, 0x01, 0x05, 0x05, 0x02
-};
-#endif
+static unsigned char spnego_mech_oid_bytes[] = { 0x2b, 0x06, 0x01,
+ 0x05, 0x05, 0x02 };
static gss_OID_desc mech_oid_set_array[] = {
{ sizeof(krb5_mech_oid_bytes), krb5_mech_oid_bytes },
-#ifndef USE_ISC_SPNEGO
{ sizeof(spnego_mech_oid_bytes), spnego_mech_oid_bytes },
-#endif
};
static gss_OID_set_desc mech_oid_set = {
+++ /dev/null
--- Copyright (C) The Internet Society 2005. This version of
--- this module is part of RFC 4178; see the RFC itself for
--- full legal notices.
-
--- (The above copyright notice is per RFC 3978 5.6 (a), q.v.)
-
--- This is the SPNEGO ASN.1 module from RFC 4178, tweaked
--- to get the Heimdal ASN.1 compiler to accept it.
-
-SPNEGOASNOneSpec DEFINITIONS ::= BEGIN
-
-MechType ::= OBJECT IDENTIFIER
-
-MechTypeList ::= SEQUENCE OF MechType
-
-ContextFlags ::= BIT STRING {
- delegFlag (0),
- mutualFlag (1),
- replayFlag (2),
- sequenceFlag (3),
- anonFlag (4),
- confFlag (5),
- integFlag (6)
-}
-
-NegTokenInit ::= SEQUENCE {
- mechTypes [0] MechTypeList,
- reqFlags [1] ContextFlags OPTIONAL,
- mechToken [2] OCTET STRING OPTIONAL,
- mechListMIC [3] OCTET STRING OPTIONAL
-}
-
-NegTokenResp ::= SEQUENCE {
- negState [0] ENUMERATED {
- accept-completed (0),
- accept-incomplete (1),
- reject (2),
- request-mic (3)
- } OPTIONAL,
- supportedMech [1] MechType OPTIONAL,
- responseToken [2] OCTET STRING OPTIONAL,
- mechListMIC [3] OCTET STRING OPTIONAL
-}
-
-NegotiationToken ::= CHOICE {
- negTokenInit [0] NegTokenInit,
- negTokenResp [1] NegTokenResp
-}
-
-END
+++ /dev/null
-/*
- * Copyright (C) Internet Systems Consortium, Inc. ("ISC")
- *
- * This Source Code Form is subject to the terms of the Mozilla Public
- * License, v. 2.0. If a copy of the MPL was not distributed with this
- * file, you can obtain one at https://mozilla.org/MPL/2.0/.
- *
- * See the COPYRIGHT file distributed with this work for additional
- * information regarding copyright ownership.
- */
-
-/*! \file
- * \brief
- * Portable SPNEGO implementation.
- *
- * This is part of a portable implementation of the SPNEGO protocol
- * (RFCs 2478 and 4178). This implementation uses the RFC 4178 ASN.1
- * module but is not a full implementation of the RFC 4178 protocol;
- * at the moment, we only support GSS-TSIG with Kerberos
- * authentication, so we only need enough of the SPNEGO protocol to
- * support that.
- *
- * The files that make up this portable SPNEGO implementation are:
- * \li spnego.c (this file)
- * \li spnego.h (API SPNEGO exports to the rest of lib/dns)
- * \li spnego.asn1 (SPNEGO ASN.1 module)
- * \li spnego_asn1.c (routines generated from spngo.asn1)
- * \li spnego_asn1.pl (perl script to generate spnego_asn1.c)
- *
- * Everything but the functions exported in spnego.h is static, to
- * avoid possible conflicts with other libraries (particularly Heimdal,
- * since much of this code comes from Heimdal by way of mod_auth_kerb).
- *
- * spnego_asn1.c is shipped as part of lib/dns because generating it
- * requires both Perl and the Heimdal ASN.1 compiler. See
- * spnego_asn1.pl for further details. We've tried to eliminate all
- * compiler warnings from the generated code, but you may see a few
- * when using a compiler version we haven't tested yet.
- */
-
-/*
- * Portions of this code were derived from mod_auth_kerb and Heimdal.
- * These packages are available from:
- *
- * http://modauthkerb.sourceforge.net/
- * http://www.pdc.kth.se/heimdal/
- *
- * and were released under the following licenses:
- *
- * ----------------------------------------------------------------
- *
- * Copyright (c) 2004 Masarykova universita
- * (Masaryk University, Brno, Czech Republic)
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions are met:
- *
- * 1. Redistributions of source code must retain the above copyright notice,
- * this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * 3. Neither the name of the University nor the names of its contributors may
- * be used to endorse or promote products derived from this software
- * without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
- * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
- *
- * ----------------------------------------------------------------
- *
- * Copyright (c) 1997 - 2003 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * 3. Neither the name of the Institute nor the names of its contributors
- * may be used to endorse or promote products derived from this software
- * without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-/*
- * XXXSRA We should omit this file entirely in Makefile.in via autoconf,
- * but this will keep it from generating errors until that's written.
- */
-
-#ifdef GSSAPI
-
-/*
- * XXXSRA Some of the following files are almost certainly unnecessary,
- * but using this list (borrowed from gssapictx.c) gets rid of some
- * whacky compilation errors when building with MSVC and should be
- * harmless in any case.
- */
-
-#include <config.h>
-
-#include <inttypes.h>
-#include <stdbool.h>
-#include <stdlib.h>
-#include <errno.h>
-
-#include <isc/buffer.h>
-#include <isc/dir.h>
-#include <isc/entropy.h>
-#include <isc/lex.h>
-#include <isc/mem.h>
-#include <isc/once.h>
-#include <isc/random.h>
-#include <isc/safe.h>
-#include <isc/string.h>
-#include <isc/time.h>
-#include <isc/util.h>
-
-#include <dns/fixedname.h>
-#include <dns/name.h>
-#include <dns/rdata.h>
-#include <dns/rdataclass.h>
-#include <dns/result.h>
-#include <dns/types.h>
-#include <dns/keyvalues.h>
-#include <dns/log.h>
-
-#include <dst/gssapi.h>
-#include <dst/result.h>
-
-#include "dst_internal.h"
-
-/*
- * The API we export
- */
-#include "spnego.h"
-
-/* asn1_err.h */
-/* Generated from ../../../lib/asn1/asn1_err.et */
-
-#ifndef ERROR_TABLE_BASE_asn1
-/* these may be brought in already via gssapi_krb5.h */
-typedef enum asn1_error_number {
- ASN1_BAD_TIMEFORMAT = 1859794432,
- ASN1_MISSING_FIELD = 1859794433,
- ASN1_MISPLACED_FIELD = 1859794434,
- ASN1_TYPE_MISMATCH = 1859794435,
- ASN1_OVERFLOW = 1859794436,
- ASN1_OVERRUN = 1859794437,
- ASN1_BAD_ID = 1859794438,
- ASN1_BAD_LENGTH = 1859794439,
- ASN1_BAD_FORMAT = 1859794440,
- ASN1_PARSE_ERROR = 1859794441
-} asn1_error_number;
-
-#define ERROR_TABLE_BASE_asn1 1859794432
-#endif
-
-#define __asn1_common_definitions__
-
-typedef struct octet_string {
- size_t length;
- void *data;
-} octet_string;
-
-typedef char *general_string;
-
-typedef char *utf8_string;
-
-typedef struct oid {
- size_t length;
- unsigned *components;
-} oid;
-
-/* der.h */
-
-typedef enum {
- ASN1_C_UNIV = 0, ASN1_C_APPL = 1,
- ASN1_C_CONTEXT = 2, ASN1_C_PRIVATE = 3
-} Der_class;
-
-typedef enum {
- PRIM = 0, CONS = 1
-} Der_type;
-
-/* Universal tags */
-
-enum {
- UT_Boolean = 1,
- UT_Integer = 2,
- UT_BitString = 3,
- UT_OctetString = 4,
- UT_Null = 5,
- UT_OID = 6,
- UT_Enumerated = 10,
- UT_Sequence = 16,
- UT_Set = 17,
- UT_PrintableString = 19,
- UT_IA5String = 22,
- UT_UTCTime = 23,
- UT_GeneralizedTime = 24,
- UT_VisibleString = 26,
- UT_GeneralString = 27
-};
-
-#define ASN1_INDEFINITE 0xdce0deed
-
-static int
-der_get_length(const unsigned char *p, size_t len,
- size_t * val, size_t * size);
-
-static int
-der_get_octet_string(const unsigned char *p, size_t len,
- octet_string * data, size_t * size);
-static int
-der_get_oid(const unsigned char *p, size_t len,
- oid * data, size_t * size);
-static int
-der_get_tag(const unsigned char *p, size_t len,
- Der_class * xclass, Der_type * type,
- int *tag, size_t * size);
-
-static int
-der_match_tag(const unsigned char *p, size_t len,
- Der_class xclass, Der_type type,
- int tag, size_t * size);
-static int
-der_match_tag_and_length(const unsigned char *p, size_t len,
- Der_class xclass, Der_type type, int tag,
- size_t * length_ret, size_t * size);
-
-static int
-decode_oid(const unsigned char *p, size_t len,
- oid * k, size_t * size);
-
-static int
-decode_enumerated(const unsigned char *p, size_t len, void *num, size_t *size);
-
-static int
-decode_octet_string(const unsigned char *, size_t, octet_string *, size_t *);
-
-static int
-der_put_int(unsigned char *p, size_t len, int val, size_t *);
-
-static int
-der_put_length(unsigned char *p, size_t len, size_t val, size_t *);
-
-static int
-der_put_octet_string(unsigned char *p, size_t len,
- const octet_string * data, size_t *);
-static int
-der_put_oid(unsigned char *p, size_t len,
- const oid * data, size_t * size);
-static int
-der_put_tag(unsigned char *p, size_t len, Der_class xclass, Der_type type,
- int tag, size_t *);
-static int
-der_put_length_and_tag(unsigned char *, size_t, size_t,
- Der_class, Der_type, int, size_t *);
-
-static int
-encode_enumerated(unsigned char *p, size_t len, const void *data, size_t *);
-
-static int
-encode_octet_string(unsigned char *p, size_t len,
- const octet_string * k, size_t *);
-static int
-encode_oid(unsigned char *p, size_t len,
- const oid * k, size_t *);
-
-static void
-free_octet_string(octet_string * k);
-
-static void
-free_oid (oid * k);
-
-static size_t
-length_len(size_t len);
-
-static int
-fix_dce(size_t reallen, size_t * len);
-
-/*
- * Include stuff generated by the ASN.1 compiler.
- */
-
-#include "spnego_asn1.c"
-
-/*
- * Force the oid arrays to be uint64_t aligned to silence warnings
- * about the arrays not being properly aligned for (void *).
- */
-typedef union { unsigned char b[8]; uint64_t _align; } aligned8;
-typedef union { unsigned char b[16]; uint64_t _align[2]; } aligned16;
-
-static aligned16 gss_krb5_mech_oid_bytes = {
- { 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x12, 0x01, 0x02, 0x02 }
-};
-
-static gss_OID_desc gss_krb5_mech_oid_desc = {
- 9, gss_krb5_mech_oid_bytes.b
-};
-
-static gss_OID GSS_KRB5_MECH = &gss_krb5_mech_oid_desc;
-
-static aligned16 gss_mskrb5_mech_oid_bytes = {
- { 0x2a, 0x86, 0x48, 0x82, 0xf7, 0x12, 0x01, 0x02, 0x02 }
-};
-
-static gss_OID_desc gss_mskrb5_mech_oid_desc = {
- 9, gss_mskrb5_mech_oid_bytes.b
-};
-
-static gss_OID GSS_MSKRB5_MECH = &gss_mskrb5_mech_oid_desc;
-
-static aligned8 gss_spnego_mech_oid_bytes = {
- { 0x2b, 0x06, 0x01, 0x05, 0x05, 0x02 }
-};
-
-static gss_OID_desc gss_spnego_mech_oid_desc = {
- 6, gss_spnego_mech_oid_bytes.b
-};
-
-static gss_OID GSS_SPNEGO_MECH = &gss_spnego_mech_oid_desc;
-
-/* spnegokrb5_locl.h */
-
-static OM_uint32
-gssapi_spnego_encapsulate(OM_uint32 *,
- unsigned char *,
- size_t,
- gss_buffer_t,
- const gss_OID);
-
-static OM_uint32
-gssapi_spnego_decapsulate(OM_uint32 *,
- gss_buffer_t,
- unsigned char **,
- size_t *,
- const gss_OID);
-
-/* mod_auth_kerb.c */
-
-static int
-cmp_gss_type(gss_buffer_t token, gss_OID gssoid)
-{
- unsigned char *p;
- size_t len;
-
- if (token->length == 0U)
- return (GSS_S_DEFECTIVE_TOKEN);
-
- p = token->value;
- if (*p++ != 0x60)
- return (GSS_S_DEFECTIVE_TOKEN);
- len = *p++;
- if (len & 0x80) {
- if ((len & 0x7f) > 4U)
- return (GSS_S_DEFECTIVE_TOKEN);
- p += len & 0x7f;
- }
- if (*p++ != 0x06)
- return (GSS_S_DEFECTIVE_TOKEN);
-
- if (((OM_uint32) *p++) != gssoid->length)
- return (GSS_S_DEFECTIVE_TOKEN);
-
- return (isc_safe_memcompare(p, gssoid->elements, gssoid->length));
-}
-
-/* accept_sec_context.c */
-/*
- * SPNEGO wrapper for Kerberos5 GSS-API kouril@ics.muni.cz, 2003 (mostly
- * based on Heimdal code)
- */
-
-static OM_uint32
-code_NegTokenArg(OM_uint32 * minor_status,
- const NegTokenResp * resp,
- unsigned char **outbuf,
- size_t * outbuf_size)
-{
- OM_uint32 ret;
- u_char *buf;
- size_t buf_size, buf_len = 0;
-
- buf_size = 1024;
- buf = malloc(buf_size);
- if (buf == NULL) {
- *minor_status = ENOMEM;
- return (GSS_S_FAILURE);
- }
- do {
- ret = encode_NegTokenResp(buf + buf_size - 1,
- buf_size,
- resp, &buf_len);
- if (ret == 0) {
- size_t tmp;
-
- ret = der_put_length_and_tag(buf + buf_size - buf_len - 1,
- buf_size - buf_len,
- buf_len,
- ASN1_C_CONTEXT,
- CONS,
- 1,
- &tmp);
- if (ret == 0)
- buf_len += tmp;
- }
- if (ret) {
- if (ret == ASN1_OVERFLOW) {
- u_char *tmp;
-
- buf_size *= 2;
- tmp = realloc(buf, buf_size);
- if (tmp == NULL) {
- *minor_status = ENOMEM;
- free(buf);
- return (GSS_S_FAILURE);
- }
- buf = tmp;
- } else {
- *minor_status = ret;
- free(buf);
- return (GSS_S_FAILURE);
- }
- }
- } while (ret == ASN1_OVERFLOW);
-
- *outbuf = malloc(buf_len);
- if (*outbuf == NULL) {
- *minor_status = ENOMEM;
- free(buf);
- return (GSS_S_FAILURE);
- }
- memmove(*outbuf, buf + buf_size - buf_len, buf_len);
- *outbuf_size = buf_len;
-
- free(buf);
-
- return (GSS_S_COMPLETE);
-}
-
-static OM_uint32
-send_reject(OM_uint32 * minor_status,
- gss_buffer_t output_token)
-{
- NegTokenResp resp;
- OM_uint32 ret;
-
- resp.negState = malloc(sizeof(*resp.negState));
- if (resp.negState == NULL) {
- *minor_status = ENOMEM;
- return (GSS_S_FAILURE);
- }
- *(resp.negState) = reject;
-
- resp.supportedMech = NULL;
- resp.responseToken = NULL;
- resp.mechListMIC = NULL;
-
- ret = code_NegTokenArg(minor_status, &resp,
- (unsigned char **)&output_token->value,
- &output_token->length);
- free_NegTokenResp(&resp);
- if (ret)
- return (ret);
-
- return (GSS_S_BAD_MECH);
-}
-
-static OM_uint32
-send_accept(OM_uint32 * minor_status,
- gss_buffer_t output_token,
- gss_buffer_t mech_token,
- const gss_OID pref)
-{
- NegTokenResp resp;
- OM_uint32 ret;
-
- memset(&resp, 0, sizeof(resp));
- resp.negState = malloc(sizeof(*resp.negState));
- if (resp.negState == NULL) {
- *minor_status = ENOMEM;
- return (GSS_S_FAILURE);
- }
- *(resp.negState) = accept_completed;
-
- resp.supportedMech = malloc(sizeof(*resp.supportedMech));
- if (resp.supportedMech == NULL) {
- free_NegTokenResp(&resp);
- *minor_status = ENOMEM;
- return (GSS_S_FAILURE);
- }
- ret = der_get_oid(pref->elements,
- pref->length,
- resp.supportedMech,
- NULL);
- if (ret) {
- free_NegTokenResp(&resp);
- *minor_status = ENOMEM;
- return (GSS_S_FAILURE);
- }
- if (mech_token != NULL && mech_token->length != 0U) {
- resp.responseToken = malloc(sizeof(*resp.responseToken));
- if (resp.responseToken == NULL) {
- free_NegTokenResp(&resp);
- *minor_status = ENOMEM;
- return (GSS_S_FAILURE);
- }
- resp.responseToken->length = mech_token->length;
- resp.responseToken->data = mech_token->value;
- }
-
- ret = code_NegTokenArg(minor_status, &resp,
- (unsigned char **)&output_token->value,
- &output_token->length);
- if (resp.responseToken != NULL) {
- free(resp.responseToken);
- resp.responseToken = NULL;
- }
- free_NegTokenResp(&resp);
- if (ret)
- return (ret);
-
- return (GSS_S_COMPLETE);
-}
-
-OM_uint32
-gss_accept_sec_context_spnego(OM_uint32 *minor_status,
- gss_ctx_id_t *context_handle,
- const gss_cred_id_t acceptor_cred_handle,
- const gss_buffer_t input_token_buffer,
- const gss_channel_bindings_t input_chan_bindings,
- gss_name_t *src_name,
- gss_OID *mech_type,
- gss_buffer_t output_token,
- OM_uint32 *ret_flags,
- OM_uint32 *time_rec,
- gss_cred_id_t *delegated_cred_handle)
-{
- NegTokenInit init_token;
- OM_uint32 major_status = GSS_S_COMPLETE;
- OM_uint32 minor_status2;
- gss_buffer_desc ibuf, obuf;
- gss_buffer_t ot = NULL;
- gss_OID pref = GSS_KRB5_MECH;
- unsigned char *buf;
- size_t buf_size;
- size_t len, taglen, ni_len;
- int found = 0;
- int ret;
- unsigned i;
-
- /*
- * Before doing anything else, see whether this is a SPNEGO
- * PDU. If not, dispatch to the GSSAPI library and get out.
- */
-
- if (cmp_gss_type(input_token_buffer, GSS_SPNEGO_MECH))
- return (gss_accept_sec_context(minor_status,
- context_handle,
- acceptor_cred_handle,
- input_token_buffer,
- input_chan_bindings,
- src_name,
- mech_type,
- output_token,
- ret_flags,
- time_rec,
- delegated_cred_handle));
-
- /*
- * If we get here, it's SPNEGO.
- */
-
- memset(&init_token, 0, sizeof(init_token));
-
- ret = gssapi_spnego_decapsulate(minor_status, input_token_buffer,
- &buf, &buf_size, GSS_SPNEGO_MECH);
- if (ret)
- return (ret);
-
- ret = der_match_tag_and_length(buf, buf_size, ASN1_C_CONTEXT, CONS,
- 0, &len, &taglen);
- if (ret)
- return (ret);
-
- ret = decode_NegTokenInit(buf + taglen, len, &init_token, &ni_len);
- if (ret) {
- *minor_status = EINVAL; /* XXX */
- return (GSS_S_DEFECTIVE_TOKEN);
- }
-
- for (i = 0; !found && i < init_token.mechTypes.len; ++i) {
- unsigned char mechbuf[17];
- size_t mech_len;
-
- ret = der_put_oid(mechbuf + sizeof(mechbuf) - 1,
- sizeof(mechbuf),
- &init_token.mechTypes.val[i],
- &mech_len);
- if (ret) {
- free_NegTokenInit(&init_token);
- return (GSS_S_DEFECTIVE_TOKEN);
- }
- if (mech_len == GSS_KRB5_MECH->length &&
- isc_safe_memequal(GSS_KRB5_MECH->elements,
- mechbuf + sizeof(mechbuf) - mech_len,
- mech_len))
- {
- found = 1;
- break;
- }
- if (mech_len == GSS_MSKRB5_MECH->length &&
- isc_safe_memequal(GSS_MSKRB5_MECH->elements,
- mechbuf + sizeof(mechbuf) - mech_len,
- mech_len))
- {
- found = 1;
- if (i == 0)
- pref = GSS_MSKRB5_MECH;
- break;
- }
- }
-
- if (!found) {
- free_NegTokenInit(&init_token);
- return (send_reject(minor_status, output_token));
- }
-
- if (i == 0 && init_token.mechToken != NULL) {
- ibuf.length = init_token.mechToken->length;
- ibuf.value = init_token.mechToken->data;
-
- major_status = gss_accept_sec_context(minor_status,
- context_handle,
- acceptor_cred_handle,
- &ibuf,
- input_chan_bindings,
- src_name,
- mech_type,
- &obuf,
- ret_flags,
- time_rec,
- delegated_cred_handle);
- if (GSS_ERROR(major_status)) {
- free_NegTokenInit(&init_token);
- send_reject(&minor_status2, output_token);
- return (major_status);
- }
- ot = &obuf;
- }
- ret = send_accept(&minor_status2, output_token, ot, pref);
- free_NegTokenInit(&init_token);
- if (ot != NULL && ot->length != 0U)
- gss_release_buffer(&minor_status2, ot);
-
- return (ret != GSS_S_COMPLETE ? (OM_uint32) ret : major_status);
-}
-
-/* decapsulate.c */
-
-static OM_uint32
-gssapi_verify_mech_header(u_char ** str,
- size_t total_len,
- const gss_OID mech)
-{
- size_t len, len_len, mech_len, foo;
- int e;
- u_char *p = *str;
-
- if (total_len < 1U)
- return (GSS_S_DEFECTIVE_TOKEN);
- if (*p++ != 0x60)
- return (GSS_S_DEFECTIVE_TOKEN);
- e = der_get_length(p, total_len - 1, &len, &len_len);
- if (e || 1 + len_len + len != total_len)
- return (GSS_S_DEFECTIVE_TOKEN);
- p += len_len;
- if (*p++ != 0x06)
- return (GSS_S_DEFECTIVE_TOKEN);
- e = der_get_length(p, total_len - 1 - len_len - 1,
- &mech_len, &foo);
- if (e)
- return (GSS_S_DEFECTIVE_TOKEN);
- p += foo;
- if (mech_len != mech->length)
- return (GSS_S_BAD_MECH);
- if (!isc_safe_memequal(p, mech->elements, mech->length))
- return (GSS_S_BAD_MECH);
- p += mech_len;
- *str = p;
- return (GSS_S_COMPLETE);
-}
-
-/*
- * Remove the GSS-API wrapping from `in_token' giving `buf and buf_size' Does
- * not copy data, so just free `in_token'.
- */
-
-static OM_uint32
-gssapi_spnego_decapsulate(OM_uint32 *minor_status,
- gss_buffer_t input_token_buffer,
- unsigned char **buf,
- size_t *buf_len,
- const gss_OID mech)
-{
- u_char *p;
- OM_uint32 ret;
-
- p = input_token_buffer->value;
- ret = gssapi_verify_mech_header(&p,
- input_token_buffer->length,
- mech);
- if (ret) {
- *minor_status = ret;
- return (GSS_S_FAILURE);
- }
- *buf_len = input_token_buffer->length -
- (p - (u_char *) input_token_buffer->value);
- *buf = p;
- return (GSS_S_COMPLETE);
-}
-
-/* der_free.c */
-
-static void
-free_octet_string(octet_string *k)
-{
- free(k->data);
- k->data = NULL;
-}
-
-static void
-free_oid(oid *k)
-{
- free(k->components);
- k->components = NULL;
-}
-
-/* der_get.c */
-
-/*
- * All decoding functions take a pointer `p' to first position in which to
- * read, from the left, `len' which means the maximum number of characters we
- * are able to read, `ret' were the value will be returned and `size' where
- * the number of used bytes is stored. Either 0 or an error code is returned.
- */
-
-static int
-der_get_unsigned(const unsigned char *p, size_t len,
- unsigned *ret, size_t *size)
-{
- unsigned val = 0;
- size_t oldlen = len;
-
- while (len--)
- val = val * 256 + *p++;
- *ret = val;
- if (size)
- *size = oldlen;
- return (0);
-}
-
-static int
-der_get_int(const unsigned char *p, size_t len,
- int *ret, size_t *size)
-{
- int val = 0;
- size_t oldlen = len;
-
- if (len > 0U) {
- val = (signed char)*p++;
- while (--len)
- val = val * 256 + *p++;
- }
- *ret = val;
- if (size)
- *size = oldlen;
- return (0);
-}
-
-static int
-der_get_length(const unsigned char *p, size_t len,
- size_t *val, size_t *size)
-{
- size_t v;
-
- if (len <= 0U)
- return (ASN1_OVERRUN);
- --len;
- v = *p++;
- if (v < 128U) {
- *val = v;
- if (size)
- *size = 1;
- } else {
- int e;
- size_t l;
- unsigned tmp;
-
- if (v == 0x80U) {
- *val = ASN1_INDEFINITE;
- if (size)
- *size = 1;
- return (0);
- }
- v &= 0x7F;
- if (len < v)
- return (ASN1_OVERRUN);
- e = der_get_unsigned(p, v, &tmp, &l);
- if (e)
- return (e);
- *val = tmp;
- if (size)
- *size = l + 1;
- }
- return (0);
-}
-
-static int
-der_get_octet_string(const unsigned char *p, size_t len,
- octet_string *data, size_t *size)
-{
- data->length = len;
- if (len != 0U) {
- data->data = malloc(len);
- if (data->data == NULL)
- return (ENOMEM);
- memmove(data->data, p, len);
- } else
- data->data = NULL;
- if (size)
- *size = len;
- return (0);
-}
-
-static int
-der_get_oid(const unsigned char *p, size_t len, oid *data, size_t *size) {
- int n;
- size_t oldlen = len;
-
- data->components = NULL;
- data->length = 0;
- if (len < 1U) {
- return (ASN1_OVERRUN);
- }
-
- data->components = malloc((len + 1) * sizeof(*data->components));
- if (data->components == NULL) {
- return (ENOMEM);
- }
- data->components[0] = (*p) / 40;
- data->components[1] = (*p) % 40;
- --len;
- ++p;
- for (n = 2; len > 0U; ++n) {
- unsigned u = 0;
-
- do {
- --len;
- u = u * 128 + (*p++ % 128);
- } while (len > 0U && p[-1] & 0x80);
- data->components[n] = u;
- }
- if (p[-1] & 0x80) {
- free_oid(data);
- return (ASN1_OVERRUN);
- }
- data->length = n;
- if (size) {
- *size = oldlen;
- }
- return (0);
-}
-
-static int
-der_get_tag(const unsigned char *p, size_t len,
- Der_class *xclass, Der_type *type,
- int *tag, size_t *size)
-{
- if (len < 1U)
- return (ASN1_OVERRUN);
- *xclass = (Der_class) (((*p) >> 6) & 0x03);
- *type = (Der_type) (((*p) >> 5) & 0x01);
- *tag = (*p) & 0x1F;
- if (size)
- *size = 1;
- return (0);
-}
-
-static int
-der_match_tag(const unsigned char *p, size_t len,
- Der_class xclass, Der_type type,
- int tag, size_t *size)
-{
- size_t l;
- Der_class thisclass;
- Der_type thistype;
- int thistag;
- int e;
-
- e = der_get_tag(p, len, &thisclass, &thistype, &thistag, &l);
- if (e)
- return (e);
- if (xclass != thisclass || type != thistype)
- return (ASN1_BAD_ID);
- if (tag > thistag)
- return (ASN1_MISPLACED_FIELD);
- if (tag < thistag)
- return (ASN1_MISSING_FIELD);
- if (size)
- *size = l;
- return (0);
-}
-
-static int
-der_match_tag_and_length(const unsigned char *p, size_t len,
- Der_class xclass, Der_type type, int tag,
- size_t *length_ret, size_t *size)
-{
- size_t l, ret = 0;
- int e;
-
- e = der_match_tag(p, len, xclass, type, tag, &l);
- if (e)
- return (e);
- p += l;
- len -= l;
- ret += l;
- e = der_get_length(p, len, length_ret, &l);
- if (e)
- return (e);
- /* p += l; */
- len -= l;
- POST(len);
- ret += l;
- if (size)
- *size = ret;
- return (0);
-}
-
-static int
-decode_enumerated(const unsigned char *p, size_t len, void *num, size_t *size)
-{
- size_t ret = 0;
- size_t l, reallen;
- int e;
-
- e = der_match_tag(p, len, ASN1_C_UNIV, PRIM, UT_Enumerated, &l);
- if (e)
- return (e);
- p += l;
- len -= l;
- ret += l;
- e = der_get_length(p, len, &reallen, &l);
- if (e)
- return (e);
- p += l;
- len -= l;
- ret += l;
- e = der_get_int(p, reallen, num, &l);
- if (e)
- return (e);
- p += l;
- len -= l;
- POST(p); POST(len);
- ret += l;
- if (size)
- *size = ret;
- return (0);
-}
-
-static int
-decode_octet_string(const unsigned char *p, size_t len,
- octet_string *k, size_t *size)
-{
- size_t ret = 0;
- size_t l;
- int e;
- size_t slen;
-
- k->data = NULL;
- k->length = 0;
-
- e = der_match_tag(p, len, ASN1_C_UNIV, PRIM, UT_OctetString, &l);
- if (e)
- return (e);
- p += l;
- len -= l;
- ret += l;
-
- e = der_get_length(p, len, &slen, &l);
- if (e)
- return (e);
- p += l;
- len -= l;
- ret += l;
- if (len < slen)
- return (ASN1_OVERRUN);
-
- e = der_get_octet_string(p, slen, k, &l);
- if (e)
- return (e);
- p += l;
- len -= l;
- POST(p); POST(len);
- ret += l;
- if (size)
- *size = ret;
- return (0);
-}
-
-static int
-decode_oid(const unsigned char *p, size_t len,
- oid *k, size_t *size)
-{
- size_t ret = 0;
- size_t l;
- int e;
- size_t slen;
-
- e = der_match_tag(p, len, ASN1_C_UNIV, PRIM, UT_OID, &l);
- if (e)
- return (e);
- p += l;
- len -= l;
- ret += l;
-
- e = der_get_length(p, len, &slen, &l);
- if (e)
- return (e);
- p += l;
- len -= l;
- ret += l;
- if (len < slen)
- return (ASN1_OVERRUN);
-
- e = der_get_oid(p, slen, k, &l);
- if (e)
- return (e);
- p += l;
- len -= l;
- POST(p); POST(len);
- ret += l;
- if (size)
- *size = ret;
- return (0);
-}
-
-static int
-fix_dce(size_t reallen, size_t *len)
-{
- if (reallen == ASN1_INDEFINITE)
- return (1);
- if (*len < reallen)
- return (-1);
- *len = reallen;
- return (0);
-}
-
-/* der_length.c */
-
-static size_t
-len_unsigned(unsigned val)
-{
- size_t ret = 0;
-
- do {
- ++ret;
- val /= 256;
- } while (val);
- return (ret);
-}
-
-static size_t
-length_len(size_t len)
-{
- if (len < 128U)
- return (1);
- else
- return (len_unsigned((unsigned int)len) + 1);
-}
-
-
-/* der_put.c */
-
-/*
- * All encoding functions take a pointer `p' to first position in which to
- * write, from the right, `len' which means the maximum number of characters
- * we are able to write. The function returns the number of characters
- * written in `size' (if non-NULL). The return value is 0 or an error.
- */
-
-static int
-der_put_unsigned(unsigned char *p, size_t len, unsigned val, size_t *size)
-{
- unsigned char *base = p;
-
- if (val) {
- while (len > 0U && val) {
- *p-- = val % 256;
- val /= 256;
- --len;
- }
- if (val != 0)
- return (ASN1_OVERFLOW);
- else {
- *size = base - p;
- return (0);
- }
- } else if (len < 1U)
- return (ASN1_OVERFLOW);
- else {
- *p = 0;
- *size = 1;
- return (0);
- }
-}
-
-static int
-der_put_int(unsigned char *p, size_t len, int val, size_t *size)
-{
- unsigned char *base = p;
-
- if (val >= 0) {
- do {
- if (len < 1U)
- return (ASN1_OVERFLOW);
- *p-- = val % 256;
- len--;
- val /= 256;
- } while (val);
- if (p[1] >= 128) {
- if (len < 1U)
- return (ASN1_OVERFLOW);
- *p-- = 0;
- len--;
- POST(len);
- }
- } else {
- val = ~val;
- do {
- if (len < 1U)
- return (ASN1_OVERFLOW);
- *p-- = ~(val % 256);
- len--;
- val /= 256;
- } while (val);
- if (p[1] < 128) {
- if (len < 1U)
- return (ASN1_OVERFLOW);
- *p-- = 0xff;
- len--;
- POST(len);
- }
- }
- *size = base - p;
- return (0);
-}
-
-static int
-der_put_length(unsigned char *p, size_t len, size_t val, size_t *size)
-{
- if (len < 1U)
- return (ASN1_OVERFLOW);
- if (val < 128U) {
- *p = (unsigned char)val;
- *size = 1;
- return (0);
- } else {
- size_t l;
- int e;
-
- e = der_put_unsigned(p, len - 1, (unsigned int)val, &l);
- if (e)
- return (e);
- p -= l;
- *p = 0x80 | (unsigned char)l;
- *size = l + 1;
- return (0);
- }
-}
-
-static int
-der_put_octet_string(unsigned char *p, size_t len,
- const octet_string *data, size_t *size)
-{
- if (len < data->length)
- return (ASN1_OVERFLOW);
- p -= data->length;
- len -= data->length;
- POST(len);
- memmove(p + 1, data->data, data->length);
- *size = data->length;
- return (0);
-}
-
-static int
-der_put_oid(unsigned char *p, size_t len,
- const oid *data, size_t *size)
-{
- unsigned char *base = p;
- size_t n;
-
- for (n = data->length; n >= 3u; --n) {
- unsigned u = data->components[n - 1];
-
- if (len < 1U)
- return (ASN1_OVERFLOW);
- *p-- = u % 128;
- u /= 128;
- --len;
- while (u > 0) {
- if (len < 1U)
- return (ASN1_OVERFLOW);
- *p-- = 128 + u % 128;
- u /= 128;
- --len;
- }
- }
- if (len < 1U)
- return (ASN1_OVERFLOW);
- *p-- = 40 * data->components[0] + data->components[1];
- *size = base - p;
- return (0);
-}
-
-static int
-der_put_tag(unsigned char *p, size_t len, Der_class xclass, Der_type type,
- int tag, size_t *size)
-{
- if (len < 1U)
- return (ASN1_OVERFLOW);
- *p = (xclass << 6) | (type << 5) | tag; /* XXX */
- *size = 1;
- return (0);
-}
-
-static int
-der_put_length_and_tag(unsigned char *p, size_t len, size_t len_val,
- Der_class xclass, Der_type type, int tag, size_t *size)
-{
- size_t ret = 0;
- size_t l;
- int e;
-
- e = der_put_length(p, len, len_val, &l);
- if (e)
- return (e);
- p -= l;
- len -= l;
- ret += l;
- e = der_put_tag(p, len, xclass, type, tag, &l);
- if (e)
- return (e);
- p -= l;
- len -= l;
- POST(p); POST(len);
- ret += l;
- *size = ret;
- return (0);
-}
-
-static int
-encode_enumerated(unsigned char *p, size_t len, const void *data, size_t *size)
-{
- unsigned num = *(const unsigned *)data;
- size_t ret = 0;
- size_t l;
- int e;
-
- e = der_put_int(p, len, num, &l);
- if (e)
- return (e);
- p -= l;
- len -= l;
- ret += l;
- e = der_put_length_and_tag(p, len, l, ASN1_C_UNIV, PRIM, UT_Enumerated, &l);
- if (e)
- return (e);
- p -= l;
- len -= l;
- POST(p); POST(len);
- ret += l;
- *size = ret;
- return (0);
-}
-
-static int
-encode_octet_string(unsigned char *p, size_t len,
- const octet_string *k, size_t *size)
-{
- size_t ret = 0;
- size_t l;
- int e;
-
- e = der_put_octet_string(p, len, k, &l);
- if (e)
- return (e);
- p -= l;
- len -= l;
- ret += l;
- e = der_put_length_and_tag(p, len, l, ASN1_C_UNIV, PRIM, UT_OctetString, &l);
- if (e)
- return (e);
- p -= l;
- len -= l;
- POST(p); POST(len);
- ret += l;
- *size = ret;
- return (0);
-}
-
-static int
-encode_oid(unsigned char *p, size_t len,
- const oid *k, size_t *size)
-{
- size_t ret = 0;
- size_t l;
- int e;
-
- e = der_put_oid(p, len, k, &l);
- if (e)
- return (e);
- p -= l;
- len -= l;
- ret += l;
- e = der_put_length_and_tag(p, len, l, ASN1_C_UNIV, PRIM, UT_OID, &l);
- if (e)
- return (e);
- p -= l;
- len -= l;
- POST(p); POST(len);
- ret += l;
- *size = ret;
- return (0);
-}
-
-
-/* encapsulate.c */
-
-static void
-gssapi_encap_length(size_t data_len,
- size_t *len,
- size_t *total_len,
- const gss_OID mech)
-{
- size_t len_len;
-
- *len = 1 + 1 + mech->length + data_len;
-
- len_len = length_len(*len);
-
- *total_len = 1 + len_len + *len;
-}
-
-static u_char *
-gssapi_mech_make_header(u_char *p,
- size_t len,
- const gss_OID mech)
-{
- int e;
- size_t len_len, foo;
-
- *p++ = 0x60;
- len_len = length_len(len);
- e = der_put_length(p + len_len - 1, len_len, len, &foo);
- if (e || foo != len_len)
- return (NULL);
- p += len_len;
- *p++ = 0x06;
- *p++ = mech->length;
- memmove(p, mech->elements, mech->length);
- p += mech->length;
- return (p);
-}
-
-/*
- * Give it a krb5_data and it will encapsulate with extra GSS-API wrappings.
- */
-
-static OM_uint32
-gssapi_spnego_encapsulate(OM_uint32 * minor_status,
- unsigned char *buf,
- size_t buf_size,
- gss_buffer_t output_token,
- const gss_OID mech)
-{
- size_t len, outer_len;
- u_char *p;
-
- gssapi_encap_length(buf_size, &len, &outer_len, mech);
-
- output_token->length = outer_len;
- output_token->value = malloc(outer_len);
- if (output_token->value == NULL) {
- *minor_status = ENOMEM;
- return (GSS_S_FAILURE);
- }
- p = gssapi_mech_make_header(output_token->value, len, mech);
- if (p == NULL) {
- if (output_token->length != 0U)
- gss_release_buffer(minor_status, output_token);
- return (GSS_S_FAILURE);
- }
- memmove(p, buf, buf_size);
- return (GSS_S_COMPLETE);
-}
-
-/* init_sec_context.c */
-/*
- * SPNEGO wrapper for Kerberos5 GSS-API kouril@ics.muni.cz, 2003 (mostly
- * based on Heimdal code)
- */
-
-static int
-add_mech(MechTypeList * mech_list, gss_OID mech)
-{
- MechType *tmp;
- int ret;
-
- tmp = realloc(mech_list->val, (mech_list->len + 1) * sizeof(*tmp));
- if (tmp == NULL)
- return (ENOMEM);
- mech_list->val = tmp;
-
- ret = der_get_oid(mech->elements, mech->length,
- &mech_list->val[mech_list->len], NULL);
- if (ret)
- return (ret);
-
- mech_list->len++;
- return (0);
-}
-
-/*
- * return the length of the mechanism in token or -1
- * (which implies that the token was bad - GSS_S_DEFECTIVE_TOKEN
- */
-
-static ssize_t
-gssapi_krb5_get_mech(const u_char *ptr,
- size_t total_len,
- const u_char **mech_ret)
-{
- size_t len, len_len, mech_len, foo;
- const u_char *p = ptr;
- int e;
-
- if (total_len < 1U)
- return (-1);
- if (*p++ != 0x60)
- return (-1);
- e = der_get_length (p, total_len - 1, &len, &len_len);
- if (e || 1 + len_len + len != total_len)
- return (-1);
- p += len_len;
- if (*p++ != 0x06)
- return (-1);
- e = der_get_length (p, total_len - 1 - len_len - 1,
- &mech_len, &foo);
- if (e)
- return (-1);
- p += foo;
- *mech_ret = p;
- return (mech_len);
-}
-
-static OM_uint32
-spnego_initial(OM_uint32 *minor_status,
- const gss_cred_id_t initiator_cred_handle,
- gss_ctx_id_t *context_handle,
- const gss_name_t target_name,
- const gss_OID mech_type,
- OM_uint32 req_flags,
- OM_uint32 time_req,
- const gss_channel_bindings_t input_chan_bindings,
- const gss_buffer_t input_token,
- gss_OID *actual_mech_type,
- gss_buffer_t output_token,
- OM_uint32 *ret_flags,
- OM_uint32 *time_rec)
-{
- NegTokenInit token_init;
- OM_uint32 major_status, minor_status2;
- gss_buffer_desc krb5_output_token = GSS_C_EMPTY_BUFFER;
- unsigned char *buf = NULL;
- size_t buf_size;
- size_t len = 0;
- int ret;
-
- (void)mech_type;
-
- memset(&token_init, 0, sizeof(token_init));
-
- ret = add_mech(&token_init.mechTypes, GSS_KRB5_MECH);
- if (ret) {
- *minor_status = ret;
- ret = GSS_S_FAILURE;
- goto end;
- }
-
- major_status = gss_init_sec_context(minor_status,
- initiator_cred_handle,
- context_handle,
- target_name,
- GSS_KRB5_MECH,
- req_flags,
- time_req,
- input_chan_bindings,
- input_token,
- actual_mech_type,
- &krb5_output_token,
- ret_flags,
- time_rec);
- if (GSS_ERROR(major_status)) {
- ret = major_status;
- goto end;
- }
- if (krb5_output_token.length > 0U) {
- token_init.mechToken = malloc(sizeof(*token_init.mechToken));
- if (token_init.mechToken == NULL) {
- *minor_status = ENOMEM;
- ret = GSS_S_FAILURE;
- goto end;
- }
- token_init.mechToken->data = krb5_output_token.value;
- token_init.mechToken->length = krb5_output_token.length;
- }
- /*
- * The MS implementation of SPNEGO seems to not like the mechListMIC
- * field, so we omit it (it's optional anyway)
- */
-
- buf_size = 1024;
- buf = malloc(buf_size);
- if (buf == NULL) {
- *minor_status = ENOMEM;
- ret = GSS_S_FAILURE;
- goto end;
- }
-
- do {
- ret = encode_NegTokenInit(buf + buf_size - 1,
- buf_size,
- &token_init, &len);
- if (ret == 0) {
- size_t tmp;
-
- ret = der_put_length_and_tag(buf + buf_size - len - 1,
- buf_size - len,
- len,
- ASN1_C_CONTEXT,
- CONS,
- 0,
- &tmp);
- if (ret == 0)
- len += tmp;
- }
- if (ret) {
- if (ret == ASN1_OVERFLOW) {
- u_char *tmp;
-
- buf_size *= 2;
- tmp = realloc(buf, buf_size);
- if (tmp == NULL) {
- *minor_status = ENOMEM;
- ret = GSS_S_FAILURE;
- goto end;
- }
- buf = tmp;
- } else {
- *minor_status = ret;
- ret = GSS_S_FAILURE;
- goto end;
- }
- }
- } while (ret == ASN1_OVERFLOW);
-
- ret = gssapi_spnego_encapsulate(minor_status,
- buf + buf_size - len, len,
- output_token, GSS_SPNEGO_MECH);
- if (ret == GSS_S_COMPLETE)
- ret = major_status;
-
-end:
- if (token_init.mechToken != NULL) {
- free(token_init.mechToken);
- token_init.mechToken = NULL;
- }
- free_NegTokenInit(&token_init);
- if (krb5_output_token.length != 0U)
- gss_release_buffer(&minor_status2, &krb5_output_token);
- if (buf)
- free(buf);
-
- return (ret);
-}
-
-static OM_uint32
-spnego_reply(OM_uint32 *minor_status,
- const gss_cred_id_t initiator_cred_handle,
- gss_ctx_id_t *context_handle,
- const gss_name_t target_name,
- const gss_OID mech_type,
- OM_uint32 req_flags,
- OM_uint32 time_req,
- const gss_channel_bindings_t input_chan_bindings,
- const gss_buffer_t input_token,
- gss_OID *actual_mech_type,
- gss_buffer_t output_token,
- OM_uint32 *ret_flags,
- OM_uint32 *time_rec)
-{
- OM_uint32 ret;
- NegTokenResp resp;
- unsigned char *buf;
- size_t buf_size;
- u_char oidbuf[17];
- size_t oidlen;
- gss_buffer_desc sub_token;
- ssize_t mech_len;
- const u_char *p;
- size_t len, taglen;
-
- (void)mech_type;
-
- output_token->length = 0;
- output_token->value = NULL;
-
- /*
- * SPNEGO doesn't include gss wrapping on SubsequentContextToken
- * like the Kerberos 5 mech does. But lets check for it anyway.
- */
-
- mech_len = gssapi_krb5_get_mech(input_token->value,
- input_token->length,
- &p);
-
- if (mech_len < 0) {
- buf = input_token->value;
- buf_size = input_token->length;
- } else if ((size_t)mech_len == GSS_KRB5_MECH->length &&
- isc_safe_memequal(GSS_KRB5_MECH->elements, p, mech_len))
- return (gss_init_sec_context(minor_status,
- initiator_cred_handle,
- context_handle,
- target_name,
- GSS_KRB5_MECH,
- req_flags,
- time_req,
- input_chan_bindings,
- input_token,
- actual_mech_type,
- output_token,
- ret_flags,
- time_rec));
- else if ((size_t)mech_len == GSS_SPNEGO_MECH->length &&
- isc_safe_memequal(GSS_SPNEGO_MECH->elements, p, mech_len)) {
- ret = gssapi_spnego_decapsulate(minor_status,
- input_token,
- &buf,
- &buf_size,
- GSS_SPNEGO_MECH);
- if (ret)
- return (ret);
- } else
- return (GSS_S_BAD_MECH);
-
- ret = der_match_tag_and_length(buf, buf_size,
- ASN1_C_CONTEXT, CONS, 1, &len, &taglen);
- if (ret)
- return (ret);
-
- if(len > buf_size - taglen)
- return (ASN1_OVERRUN);
-
- ret = decode_NegTokenResp(buf + taglen, len, &resp, NULL);
- if (ret) {
- free_NegTokenResp(&resp);
- *minor_status = ENOMEM;
- return (GSS_S_FAILURE);
- }
-
- if (resp.negState == NULL ||
- *(resp.negState) == reject ||
- resp.supportedMech == NULL) {
- free_NegTokenResp(&resp);
- return (GSS_S_BAD_MECH);
- }
-
- ret = der_put_oid(oidbuf + sizeof(oidbuf) - 1,
- sizeof(oidbuf),
- resp.supportedMech,
- &oidlen);
- if (ret || oidlen != GSS_KRB5_MECH->length ||
- !isc_safe_memequal(oidbuf + sizeof(oidbuf) - oidlen,
- GSS_KRB5_MECH->elements, oidlen))
- {
- free_NegTokenResp(&resp);
- return GSS_S_BAD_MECH;
- }
-
- if (resp.responseToken != NULL) {
- sub_token.length = resp.responseToken->length;
- sub_token.value = resp.responseToken->data;
- } else {
- sub_token.length = 0;
- sub_token.value = NULL;
- }
-
- ret = gss_init_sec_context(minor_status,
- initiator_cred_handle,
- context_handle,
- target_name,
- GSS_KRB5_MECH,
- req_flags,
- time_req,
- input_chan_bindings,
- &sub_token,
- actual_mech_type,
- output_token,
- ret_flags,
- time_rec);
- if (ret) {
- free_NegTokenResp(&resp);
- return (ret);
- }
-
- /*
- * XXXSRA I don't think this limited implementation ever needs
- * to check the MIC -- our preferred mechanism (Kerberos)
- * authenticates its own messages and is the only mechanism
- * we'll accept, so if the mechanism negotiation completes
- * successfully, we don't need the MIC. See RFC 4178.
- */
-
- free_NegTokenResp(&resp);
- return (ret);
-}
-
-
-
-OM_uint32
-gss_init_sec_context_spnego(OM_uint32 *minor_status,
- const gss_cred_id_t initiator_cred_handle,
- gss_ctx_id_t *context_handle,
- const gss_name_t target_name,
- const gss_OID mech_type,
- OM_uint32 req_flags,
- OM_uint32 time_req,
- const gss_channel_bindings_t input_chan_bindings,
- const gss_buffer_t input_token,
- gss_OID *actual_mech_type,
- gss_buffer_t output_token,
- OM_uint32 *ret_flags,
- OM_uint32 *time_rec)
-{
- /* Dirty trick to suppress compiler warnings */
-
- /* Figure out whether we're starting over or processing a reply */
-
- if (input_token == GSS_C_NO_BUFFER || input_token->length == 0U)
- return (spnego_initial(minor_status,
- initiator_cred_handle,
- context_handle,
- target_name,
- mech_type,
- req_flags,
- time_req,
- input_chan_bindings,
- input_token,
- actual_mech_type,
- output_token,
- ret_flags,
- time_rec));
- else
- return (spnego_reply(minor_status,
- initiator_cred_handle,
- context_handle,
- target_name,
- mech_type,
- req_flags,
- time_req,
- input_chan_bindings,
- input_token,
- actual_mech_type,
- output_token,
- ret_flags,
- time_rec));
-}
-
-#endif /* GSSAPI */
+++ /dev/null
-/*
- * Copyright (C) Internet Systems Consortium, Inc. ("ISC")
- *
- * This Source Code Form is subject to the terms of the Mozilla Public
- * License, v. 2.0. If a copy of the MPL was not distributed with this
- * file, you can obtain one at https://mozilla.org/MPL/2.0/.
- *
- * See the COPYRIGHT file distributed with this work for additional
- * information regarding copyright ownership.
- */
-
-
-/*! \file
- * \brief
- * Entry points into portable SPNEGO implementation.
- * See spnego.c for information on the SPNEGO implementation itself.
- */
-
-#ifndef _SPNEGO_H_
-#define _SPNEGO_H_
-
-/*%
- * Wrapper for GSSAPI gss_init_sec_context(), using portable SPNEGO
- * implementation instead of the one that's part of the GSSAPI
- * library. Takes arguments identical to the standard GSSAPI
- * function, uses standard gss_init_sec_context() to handle
- * everything inside the SPNEGO wrapper.
- */
-OM_uint32
-gss_init_sec_context_spnego(OM_uint32 *,
- const gss_cred_id_t,
- gss_ctx_id_t *,
- const gss_name_t,
- const gss_OID,
- OM_uint32,
- OM_uint32,
- const gss_channel_bindings_t,
- const gss_buffer_t,
- gss_OID *,
- gss_buffer_t,
- OM_uint32 *,
- OM_uint32 *);
-
-/*%
- * Wrapper for GSSAPI gss_accept_sec_context(), using portable SPNEGO
- * implementation instead of the one that's part of the GSSAPI
- * library. Takes arguments identical to the standard GSSAPI
- * function. Checks the OID of the input token to see if it's SPNEGO;
- * if so, processes it, otherwise hands the call off to the standard
- * gss_accept_sec_context() function.
- */
-OM_uint32 gss_accept_sec_context_spnego(OM_uint32 *,
- gss_ctx_id_t *,
- const gss_cred_id_t,
- const gss_buffer_t,
- const gss_channel_bindings_t,
- gss_name_t *,
- gss_OID *,
- gss_buffer_t,
- OM_uint32 *,
- OM_uint32 *,
- gss_cred_id_t *);
-
-
-#endif
+++ /dev/null
-/*
- * Copyright (C) Internet Systems Consortium, Inc. ("ISC")
- *
- * This Source Code Form is subject to the terms of the Mozilla Public
- * License, v. 2.0. If a copy of the MPL was not distributed with this
- * file, you can obtain one at https://mozilla.org/MPL/2.0/.
- *
- * See the COPYRIGHT file distributed with this work for additional
- * information regarding copyright ownership.
- */
-
-
-/*! \file
- * \brief Method routines generated from SPNEGO ASN.1 module.
- * See spnego_asn1.pl for details. Do not edit.
- */
-
-/* Generated from spnego.asn1 */
-/* Do not edit */
-
-#ifndef __asn1_h__
-#define __asn1_h__
-
-
-#ifndef __asn1_common_definitions__
-#define __asn1_common_definitions__
-
-typedef struct octet_string {
- size_t length;
- void *data;
-} octet_string;
-
-typedef char *general_string;
-
-typedef char *utf8_string;
-
-typedef struct oid {
- size_t length;
- unsigned *components;
-} oid;
-
-#define ASN1_MALLOC_ENCODE(T, B, BL, S, L, R) \
- do { \
- (BL) = length_##T((S)); \
- (B) = malloc((BL)); \
- if((B) == NULL) { \
- (R) = ENOMEM; \
- } else { \
- (R) = encode_##T(((unsigned char*)(B)) + (BL) - 1, (BL), \
- (S), (L)); \
- if((R) != 0) { \
- free((B)); \
- (B) = NULL; \
- } \
- } \
- } while (0)
-
-#endif
-
-/*
- * MechType ::= OBJECT IDENTIFIER
- */
-
-typedef oid MechType;
-
-static int encode_MechType(unsigned char *, size_t, const MechType *, size_t *);
-static int decode_MechType(const unsigned char *, size_t, MechType *, size_t *);
-static void free_MechType(MechType *);
-/* unused declaration: length_MechType */
-/* unused declaration: copy_MechType */
-
-
-/*
- * MechTypeList ::= SEQUENCE OF MechType
- */
-
-typedef struct MechTypeList {
- unsigned int len;
- MechType *val;
-} MechTypeList;
-
-static int encode_MechTypeList(unsigned char *, size_t, const MechTypeList *, size_t *);
-static int decode_MechTypeList(const unsigned char *, size_t, MechTypeList *, size_t *);
-static void free_MechTypeList(MechTypeList *);
-/* unused declaration: length_MechTypeList */
-/* unused declaration: copy_MechTypeList */
-
-
-/*
- * ContextFlags ::= BIT STRING { delegFlag(0), mutualFlag(1), replayFlag(2),
- * sequenceFlag(3), anonFlag(4), confFlag(5), integFlag(6) }
- */
-
-typedef struct ContextFlags {
- unsigned int delegFlag:1;
- unsigned int mutualFlag:1;
- unsigned int replayFlag:1;
- unsigned int sequenceFlag:1;
- unsigned int anonFlag:1;
- unsigned int confFlag:1;
- unsigned int integFlag:1;
-} ContextFlags;
-
-
-static int encode_ContextFlags(unsigned char *, size_t, const ContextFlags *, size_t *);
-static int decode_ContextFlags(const unsigned char *, size_t, ContextFlags *, size_t *);
-static void free_ContextFlags(ContextFlags *);
-/* unused declaration: length_ContextFlags */
-/* unused declaration: copy_ContextFlags */
-/* unused declaration: ContextFlags2int */
-/* unused declaration: int2ContextFlags */
-/* unused declaration: asn1_ContextFlags_units */
-
-/*
- * NegTokenInit ::= SEQUENCE { mechTypes[0] MechTypeList, reqFlags[1]
- * ContextFlags OPTIONAL, mechToken[2] OCTET STRING OPTIONAL,
- * mechListMIC[3] OCTET STRING OPTIONAL }
- */
-
-typedef struct NegTokenInit {
- MechTypeList mechTypes;
- ContextFlags *reqFlags;
- octet_string *mechToken;
- octet_string *mechListMIC;
-} NegTokenInit;
-
-static int encode_NegTokenInit(unsigned char *, size_t, const NegTokenInit *, size_t *);
-static int decode_NegTokenInit(const unsigned char *, size_t, NegTokenInit *, size_t *);
-static void free_NegTokenInit(NegTokenInit *);
-/* unused declaration: length_NegTokenInit */
-/* unused declaration: copy_NegTokenInit */
-
-
-/*
- * NegTokenResp ::= SEQUENCE { negState[0] ENUMERATED {
- * accept-completed(0), accept-incomplete(1), reject(2), request-mic(3) }
- * OPTIONAL, supportedMech[1] MechType OPTIONAL, responseToken[2] OCTET
- * STRING OPTIONAL, mechListMIC[3] OCTET STRING OPTIONAL }
- */
-
-typedef struct NegTokenResp {
- enum {
- accept_completed = 0,
- accept_incomplete = 1,
- reject = 2,
- request_mic = 3
- } *negState;
-
- MechType *supportedMech;
- octet_string *responseToken;
- octet_string *mechListMIC;
-} NegTokenResp;
-
-static int encode_NegTokenResp(unsigned char *, size_t, const NegTokenResp *, size_t *);
-static int decode_NegTokenResp(const unsigned char *, size_t, NegTokenResp *, size_t *);
-static void free_NegTokenResp(NegTokenResp *);
-/* unused declaration: length_NegTokenResp */
-/* unused declaration: copy_NegTokenResp */
-
-
-
-
-#endif /* __asn1_h__ */
-/* Generated from spnego.asn1 */
-/* Do not edit */
-
-
-#define BACK if (e) return e; p -= l; len -= l; ret += l; POST(p); POST(len); POST(ret)
-
-static int
-encode_MechType(unsigned char *p, size_t len, const MechType * data, size_t * size)
-{
- size_t ret = 0;
- size_t l;
- int e;
-
- e = encode_oid(p, len, data, &l);
- BACK;
- *size = ret;
- return 0;
-}
-
-#define FORW if(e) goto fail; p += l; len -= l; ret += l; POST(p); POST(len); POST(ret)
-
-static int
-decode_MechType(const unsigned char *p, size_t len, MechType * data, size_t * size)
-{
- size_t ret = 0;
- size_t l;
- int e;
-
- memset(data, 0, sizeof(*data));
- e = decode_oid(p, len, data, &l);
- FORW;
- if (size)
- *size = ret;
- return 0;
-fail:
- free_MechType(data);
- return e;
-}
-
-static void
-free_MechType(MechType * data)
-{
- free_oid(data);
-}
-
-/* unused function: length_MechType */
-
-
-/* unused function: copy_MechType */
-
-/* Generated from spnego.asn1 */
-/* Do not edit */
-
-
-static int
-encode_MechTypeList(unsigned char *p, size_t len, const MechTypeList * data, size_t * size)
-{
- size_t ret = 0;
- size_t l;
- int i, e;
-
- for (i = (data)->len - 1; i >= 0; --i) {
- size_t oldret = ret;
- ret = 0;
- e = encode_MechType(p, len, &(data)->val[i], &l);
- BACK;
- ret += oldret;
- }
- e = der_put_length_and_tag(p, len, ret, ASN1_C_UNIV, CONS, UT_Sequence, &l);
- BACK;
- *size = ret;
- return 0;
-}
-
-static int
-decode_MechTypeList(const unsigned char *p, size_t len, MechTypeList * data, size_t * size)
-{
- size_t ret = 0, reallen;
- size_t l;
- int e;
-
- memset(data, 0, sizeof(*data));
- reallen = 0;
- e = der_match_tag_and_length(p, len, ASN1_C_UNIV, CONS, UT_Sequence, &reallen, &l);
- FORW;
- if (len < reallen)
- return ASN1_OVERRUN;
- len = reallen;
- {
- size_t origlen = len;
- size_t oldret = ret;
- ret = 0;
- (data)->len = 0;
- (data)->val = NULL;
- while (ret < origlen) {
- void *old = (data)->val;
- (data)->len++;
- (data)->val = realloc((data)->val, sizeof(*((data)->val)) * (data)->len);
- if ((data)->val == NULL) {
- (data)->val = old;
- (data)->len--;
- return ENOMEM;
- }
- e = decode_MechType(p, len, &(data)->val[(data)->len - 1], &l);
- FORW;
- len = origlen - ret;
- }
- ret += oldret;
- }
- if (size)
- *size = ret;
- return 0;
-fail:
- free_MechTypeList(data);
- return e;
-}
-
-static void
-free_MechTypeList(MechTypeList * data)
-{
- while ((data)->len) {
- free_MechType(&(data)->val[(data)->len - 1]);
- (data)->len--;
- }
- free((data)->val);
- (data)->val = NULL;
-}
-
-/* unused function: length_MechTypeList */
-
-
-/* unused function: copy_MechTypeList */
-
-/* Generated from spnego.asn1 */
-/* Do not edit */
-
-
-static int
-encode_ContextFlags(unsigned char *p, size_t len, const ContextFlags * data, size_t * size)
-{
- size_t ret = 0;
- size_t l;
- int e;
-
- {
- unsigned char c = 0;
- *p-- = c;
- len--;
- ret++;
- c = 0;
- *p-- = c;
- len--;
- ret++;
- c = 0;
- *p-- = c;
- len--;
- ret++;
- c = 0;
- if (data->integFlag)
- c |= 1 << 1;
- if (data->confFlag)
- c |= 1 << 2;
- if (data->anonFlag)
- c |= 1 << 3;
- if (data->sequenceFlag)
- c |= 1 << 4;
- if (data->replayFlag)
- c |= 1 << 5;
- if (data->mutualFlag)
- c |= 1 << 6;
- if (data->delegFlag)
- c |= 1 << 7;
- *p-- = c;
- *p-- = 0;
- len -= 2;
- ret += 2;
- }
-
- e = der_put_length_and_tag(p, len, ret, ASN1_C_UNIV, PRIM, UT_BitString, &l);
- BACK;
- *size = ret;
- return 0;
-}
-
-static int
-decode_ContextFlags(const unsigned char *p, size_t len, ContextFlags * data, size_t * size)
-{
- size_t ret = 0, reallen;
- size_t l;
- int e;
-
- memset(data, 0, sizeof(*data));
- reallen = 0;
- e = der_match_tag_and_length(p, len, ASN1_C_UNIV, PRIM, UT_BitString, &reallen, &l);
- FORW;
- if (len < reallen)
- return ASN1_OVERRUN;
- p++;
- len--;
- POST(len);
- reallen--;
- ret++;
- data->delegFlag = (*p >> 7) & 1;
- data->mutualFlag = (*p >> 6) & 1;
- data->replayFlag = (*p >> 5) & 1;
- data->sequenceFlag = (*p >> 4) & 1;
- data->anonFlag = (*p >> 3) & 1;
- data->confFlag = (*p >> 2) & 1;
- data->integFlag = (*p >> 1) & 1;
- ret += reallen;
- if (size)
- *size = ret;
- return 0;
-fail:
- free_ContextFlags(data);
- return e;
-}
-
-static void
-free_ContextFlags(ContextFlags * data)
-{
- (void)data;
-}
-
-/* unused function: length_ContextFlags */
-
-
-/* unused function: copy_ContextFlags */
-
-
-/* unused function: ContextFlags2int */
-
-
-/* unused function: int2ContextFlags */
-
-
-/* unused variable: ContextFlags_units */
-
-/* unused function: asn1_ContextFlags_units */
-
-/* Generated from spnego.asn1 */
-/* Do not edit */
-
-
-static int
-encode_NegTokenInit(unsigned char *p, size_t len, const NegTokenInit * data, size_t * size)
-{
- size_t ret = 0;
- size_t l;
- int e;
-
- if ((data)->mechListMIC) {
- size_t oldret = ret;
- ret = 0;
- e = encode_octet_string(p, len, (data)->mechListMIC, &l);
- BACK;
- e = der_put_length_and_tag(p, len, ret, ASN1_C_CONTEXT, CONS, 3, &l);
- BACK;
- ret += oldret;
- }
- if ((data)->mechToken) {
- size_t oldret = ret;
- ret = 0;
- e = encode_octet_string(p, len, (data)->mechToken, &l);
- BACK;
- e = der_put_length_and_tag(p, len, ret, ASN1_C_CONTEXT, CONS, 2, &l);
- BACK;
- ret += oldret;
- }
- if ((data)->reqFlags) {
- size_t oldret = ret;
- ret = 0;
- e = encode_ContextFlags(p, len, (data)->reqFlags, &l);
- BACK;
- e = der_put_length_and_tag(p, len, ret, ASN1_C_CONTEXT, CONS, 1, &l);
- BACK;
- ret += oldret;
- } {
- size_t oldret = ret;
- ret = 0;
- e = encode_MechTypeList(p, len, &(data)->mechTypes, &l);
- BACK;
- e = der_put_length_and_tag(p, len, ret, ASN1_C_CONTEXT, CONS, 0, &l);
- BACK;
- ret += oldret;
- }
- e = der_put_length_and_tag(p, len, ret, ASN1_C_UNIV, CONS, UT_Sequence, &l);
- BACK;
- *size = ret;
- return 0;
-}
-
-static int
-decode_NegTokenInit(const unsigned char *p, size_t len, NegTokenInit * data, size_t * size)
-{
- size_t ret = 0, reallen;
- size_t l;
- int e;
-
- memset(data, 0, sizeof(*data));
- reallen = 0;
- e = der_match_tag_and_length(p, len, ASN1_C_UNIV, CONS, UT_Sequence, &reallen, &l);
- FORW;
- {
- int dce_fix;
- if ((dce_fix = fix_dce(reallen, &len)) < 0) {
- e = ASN1_BAD_FORMAT;
- goto fail;
- }
- {
- size_t newlen, oldlen;
-
- e = der_match_tag(p, len, ASN1_C_CONTEXT, CONS, 0, &l);
- FORW;
- {
- e = der_get_length(p, len, &newlen, &l);
- FORW;
- {
- int mydce_fix;
- oldlen = len;
- if ((mydce_fix = fix_dce(newlen, &len)) < 0) {
- e = ASN1_BAD_FORMAT;
- goto fail;
- }
- e = decode_MechTypeList(p, len, &(data)->mechTypes, &l);
- FORW;
- if (mydce_fix) {
- e = der_match_tag_and_length(p, len, (Der_class) 0, (Der_type) 0, 0, &reallen, &l);
- FORW;
- } else
- len = oldlen - newlen;
- }
- }
- }
- {
- size_t newlen, oldlen;
-
- e = der_match_tag(p, len, ASN1_C_CONTEXT, CONS, 1, &l);
- if (e)
- (data)->reqFlags = NULL;
- else {
- p += l;
- len -= l;
- ret += l;
- e = der_get_length(p, len, &newlen, &l);
- FORW;
- {
- int mydce_fix;
- oldlen = len;
- if ((mydce_fix = fix_dce(newlen, &len)) < 0) {
- e = ASN1_BAD_FORMAT;
- goto fail;
- }
- (data)->reqFlags = malloc(sizeof(*(data)->reqFlags));
- if ((data)->reqFlags == NULL) {
- e = ENOMEM;
- goto fail;
- }
- e = decode_ContextFlags(p, len, (data)->reqFlags, &l);
- FORW;
- if (mydce_fix) {
- e = der_match_tag_and_length(p, len, (Der_class) 0, (Der_type) 0, 0, &reallen, &l);
- FORW;
- } else
- len = oldlen - newlen;
- }
- }
- }
- {
- size_t newlen, oldlen;
-
- e = der_match_tag(p, len, ASN1_C_CONTEXT, CONS, 2, &l);
- if (e)
- (data)->mechToken = NULL;
- else {
- p += l;
- len -= l;
- ret += l;
- e = der_get_length(p, len, &newlen, &l);
- FORW;
- {
- int mydce_fix;
- oldlen = len;
- if ((mydce_fix = fix_dce(newlen, &len)) < 0) {
- e = ASN1_BAD_FORMAT;
- goto fail;
- }
- (data)->mechToken = malloc(sizeof(*(data)->mechToken));
- if ((data)->mechToken == NULL) {
- e = ENOMEM;
- goto fail;
- }
- e = decode_octet_string(p, len, (data)->mechToken, &l);
- FORW;
- if (mydce_fix) {
- e = der_match_tag_and_length(p, len, (Der_class) 0, (Der_type) 0, 0, &reallen, &l);
- FORW;
- } else
- len = oldlen - newlen;
- }
- }
- }
- {
- size_t newlen, oldlen;
-
- e = der_match_tag(p, len, ASN1_C_CONTEXT, CONS, 3, &l);
- if (e)
- (data)->mechListMIC = NULL;
- else {
- p += l;
- len -= l;
- ret += l;
- e = der_get_length(p, len, &newlen, &l);
- FORW;
- {
- int mydce_fix;
- oldlen = len;
- if ((mydce_fix = fix_dce(newlen, &len)) < 0) {
- e = ASN1_BAD_FORMAT;
- goto fail;
- }
- (data)->mechListMIC = malloc(sizeof(*(data)->mechListMIC));
- if ((data)->mechListMIC == NULL) {
- e = ENOMEM;
- goto fail;
- }
- e = decode_octet_string(p, len, (data)->mechListMIC, &l);
- FORW;
- if (mydce_fix) {
- e = der_match_tag_and_length(p, len, (Der_class) 0, (Der_type) 0, 0, &reallen, &l);
- FORW;
- } else
- len = oldlen - newlen;
- }
- }
- }
- if (dce_fix) {
- e = der_match_tag_and_length(p, len, (Der_class) 0, (Der_type) 0, 0, &reallen, &l);
- FORW;
- }
- }
- if (size)
- *size = ret;
- return 0;
-fail:
- free_NegTokenInit(data);
- return e;
-}
-
-static void
-free_NegTokenInit(NegTokenInit * data)
-{
- free_MechTypeList(&(data)->mechTypes);
- if ((data)->reqFlags) {
- free_ContextFlags((data)->reqFlags);
- free((data)->reqFlags);
- (data)->reqFlags = NULL;
- }
- if ((data)->mechToken) {
- free_octet_string((data)->mechToken);
- free((data)->mechToken);
- (data)->mechToken = NULL;
- }
- if ((data)->mechListMIC) {
- free_octet_string((data)->mechListMIC);
- free((data)->mechListMIC);
- (data)->mechListMIC = NULL;
- }
-}
-
-/* unused function: length_NegTokenInit */
-
-
-/* unused function: copy_NegTokenInit */
-
-/* Generated from spnego.asn1 */
-/* Do not edit */
-
-
-static int
-encode_NegTokenResp(unsigned char *p, size_t len, const NegTokenResp * data, size_t * size)
-{
- size_t ret = 0;
- size_t l;
- int e;
-
- if ((data)->mechListMIC) {
- size_t oldret = ret;
- ret = 0;
- e = encode_octet_string(p, len, (data)->mechListMIC, &l);
- BACK;
- e = der_put_length_and_tag(p, len, ret, ASN1_C_CONTEXT, CONS, 3, &l);
- BACK;
- ret += oldret;
- }
- if ((data)->responseToken) {
- size_t oldret = ret;
- ret = 0;
- e = encode_octet_string(p, len, (data)->responseToken, &l);
- BACK;
- e = der_put_length_and_tag(p, len, ret, ASN1_C_CONTEXT, CONS, 2, &l);
- BACK;
- ret += oldret;
- }
- if ((data)->supportedMech) {
- size_t oldret = ret;
- ret = 0;
- e = encode_MechType(p, len, (data)->supportedMech, &l);
- BACK;
- e = der_put_length_and_tag(p, len, ret, ASN1_C_CONTEXT, CONS, 1, &l);
- BACK;
- ret += oldret;
- }
- if ((data)->negState) {
- size_t oldret = ret;
- ret = 0;
- e = encode_enumerated(p, len, (data)->negState, &l);
- BACK;
- e = der_put_length_and_tag(p, len, ret, ASN1_C_CONTEXT, CONS, 0, &l);
- BACK;
- ret += oldret;
- }
- e = der_put_length_and_tag(p, len, ret, ASN1_C_UNIV, CONS, UT_Sequence, &l);
- BACK;
- *size = ret;
- return 0;
-}
-
-static int
-decode_NegTokenResp(const unsigned char *p, size_t len, NegTokenResp * data, size_t * size)
-{
- size_t ret = 0, reallen;
- size_t l;
- int e;
-
- memset(data, 0, sizeof(*data));
- reallen = 0;
- e = der_match_tag_and_length(p, len, ASN1_C_UNIV, CONS, UT_Sequence, &reallen, &l);
- FORW;
- {
- int dce_fix;
- if ((dce_fix = fix_dce(reallen, &len)) < 0)
- return ASN1_BAD_FORMAT;
- {
- size_t newlen, oldlen;
-
- e = der_match_tag(p, len, ASN1_C_CONTEXT, CONS, 0, &l);
- if (e)
- (data)->negState = NULL;
- else {
- p += l;
- len -= l;
- ret += l;
- e = der_get_length(p, len, &newlen, &l);
- FORW;
- {
- int mydce_fix;
- oldlen = len;
- if ((mydce_fix = fix_dce(newlen, &len)) < 0)
- return ASN1_BAD_FORMAT;
- (data)->negState = malloc(sizeof(*(data)->negState));
- if ((data)->negState == NULL)
- return ENOMEM;
- e = decode_enumerated(p, len, (data)->negState, &l);
- FORW;
- if (mydce_fix) {
- e = der_match_tag_and_length(p, len, (Der_class) 0, (Der_type) 0, 0, &reallen, &l);
- FORW;
- } else
- len = oldlen - newlen;
- }
- }
- }
- {
- size_t newlen, oldlen;
-
- e = der_match_tag(p, len, ASN1_C_CONTEXT, CONS, 1, &l);
- if (e)
- (data)->supportedMech = NULL;
- else {
- p += l;
- len -= l;
- ret += l;
- e = der_get_length(p, len, &newlen, &l);
- FORW;
- {
- int mydce_fix;
- oldlen = len;
- if ((mydce_fix = fix_dce(newlen, &len)) < 0)
- return ASN1_BAD_FORMAT;
- (data)->supportedMech = malloc(sizeof(*(data)->supportedMech));
- if ((data)->supportedMech == NULL)
- return ENOMEM;
- e = decode_MechType(p, len, (data)->supportedMech, &l);
- FORW;
- if (mydce_fix) {
- e = der_match_tag_and_length(p, len, (Der_class) 0, (Der_type) 0, 0, &reallen, &l);
- FORW;
- } else
- len = oldlen - newlen;
- }
- }
- }
- {
- size_t newlen, oldlen;
-
- e = der_match_tag(p, len, ASN1_C_CONTEXT, CONS, 2, &l);
- if (e)
- (data)->responseToken = NULL;
- else {
- p += l;
- len -= l;
- ret += l;
- e = der_get_length(p, len, &newlen, &l);
- FORW;
- {
- int mydce_fix;
- oldlen = len;
- if ((mydce_fix = fix_dce(newlen, &len)) < 0)
- return ASN1_BAD_FORMAT;
- (data)->responseToken = malloc(sizeof(*(data)->responseToken));
- if ((data)->responseToken == NULL)
- return ENOMEM;
- e = decode_octet_string(p, len, (data)->responseToken, &l);
- FORW;
- if (mydce_fix) {
- e = der_match_tag_and_length(p, len, (Der_class) 0, (Der_type) 0, 0, &reallen, &l);
- FORW;
- } else
- len = oldlen - newlen;
- }
- }
- }
- {
- size_t newlen, oldlen;
-
- e = der_match_tag(p, len, ASN1_C_CONTEXT, CONS, 3, &l);
- if (e)
- (data)->mechListMIC = NULL;
- else {
- p += l;
- len -= l;
- ret += l;
- e = der_get_length(p, len, &newlen, &l);
- FORW;
- {
- int mydce_fix;
- oldlen = len;
- if ((mydce_fix = fix_dce(newlen, &len)) < 0)
- return ASN1_BAD_FORMAT;
- (data)->mechListMIC = malloc(sizeof(*(data)->mechListMIC));
- if ((data)->mechListMIC == NULL)
- return ENOMEM;
- e = decode_octet_string(p, len, (data)->mechListMIC, &l);
- FORW;
- if (mydce_fix) {
- e = der_match_tag_and_length(p, len, (Der_class) 0, (Der_type) 0, 0, &reallen, &l);
- FORW;
- } else
- len = oldlen - newlen;
- }
- }
- }
- if (dce_fix) {
- e = der_match_tag_and_length(p, len, (Der_class) 0, (Der_type) 0, 0, &reallen, &l);
- FORW;
- }
- }
- if (size)
- *size = ret;
- return 0;
-fail:
- free_NegTokenResp(data);
- return e;
-}
-
-static void
-free_NegTokenResp(NegTokenResp * data)
-{
- if ((data)->negState) {
- free((data)->negState);
- (data)->negState = NULL;
- }
- if ((data)->supportedMech) {
- free_MechType((data)->supportedMech);
- free((data)->supportedMech);
- (data)->supportedMech = NULL;
- }
- if ((data)->responseToken) {
- free_octet_string((data)->responseToken);
- free((data)->responseToken);
- (data)->responseToken = NULL;
- }
- if ((data)->mechListMIC) {
- free_octet_string((data)->mechListMIC);
- free((data)->mechListMIC);
- (data)->mechListMIC = NULL;
- }
-}
-
-/* unused function: length_NegTokenResp */
-
-
-/* unused function: copy_NegTokenResp */
-
-/* Generated from spnego.asn1 */
-/* Do not edit */
-
-
-/* CHOICE */
-/* unused variable: asn1_NegotiationToken_dummy_holder */
+++ /dev/null
-#!/bin/bin/perl -w
-#
-# Copyright (C) Internet Systems Consortium, Inc. ("ISC")
-#
-# This Source Code Form is subject to the terms of the Mozilla Public
-# License, v. 2.0. If a copy of the MPL was not distributed with this
-# file, you can obtain one at https://mozilla.org/MPL/2.0/.
-#
-# See the COPYRIGHT file distributed with this work for additional
-# information regarding copyright ownership.
-
-# Our SPNEGO implementation uses some functions generated by the
-# Heimdal ASN.1 compiler, which this script then whacks a bit to make
-# them work properly in this stripped down implementation. We don't
-# want to require our users to have a copy of the compiler, so we ship
-# the output of this script, but we need to keep the script around in
-# any case to cope with future changes to the SPNEGO ASN.1 code, so we
-# might as well supply the script for users who want it.
-
-# Overall plan: run the ASN.1 compiler, run each of its output files
-# through indent, fix up symbols and whack everything to be static.
-# We use indent for two reasons: (1) to whack the Heimdal compiler's
-# output into something closer to ISC's coding standard, and (2) to
-# make it easier for this script to parse the result.
-
-# Output from this script is C code which we expect to be #included
-# into another C file, which is why everything generated by this
-# script is marked "static". The intent is to minimize the number of
-# extern symbols exported by the SPNEGO implementation, to avoid
-# potential conflicts with the GSSAPI libraries.
-
-###
-
-# Filename of the ASN.1 specification. Hardcoded for the moment
-# since this script is intended for compiling exactly one module.
-
-my $asn1_source = $ENV{ASN1_SOURCE} || "spnego.asn1";
-
-# Heimdal ASN.1 compiler. This script was written using the version
-# from Heimdal 0.7.1. To build this, download a copy of
-# heimdal-0.7.1.tar.gz, configure and build with the default options,
-# then look for the compiler in heimdal-0.7.1/lib/asn1/asn1_compile.
-
-my $asn1_compile = $ENV{ASN1_COMPILE} || "asn1_compile";
-
-# BSD indent program. This script was written using the version of
-# indent that comes with FreeBSD 4.11-STABLE. The GNU project, as
-# usual, couldn't resist the temptation to monkey with indent's
-# command line syntax, so this probably won't work with GNU indent.
-
-my $indent = $ENV{INDENT} || "indent";
-
-###
-
-# Step 1: run the compiler. Input is the ASN.1 file. Outputs are a
-# header file (name specified on command line without the .h suffix),
-# a file called "asn1_files" listing the names of the other output
-# files, and a set of files containing C code generated by the
-# compiler for each data type that the compiler found.
-
-if (! -r $asn1_source || system($asn1_compile, $asn1_source, "asn1")) {
- die("Couldn't compile ASN.1 source file $asn1_source\n");
-}
-
-my @files = ("asn1.h");
-
-open(F, "asn1_files")
- or die("Couldn't open asn1_files: $!\n");
-push(@files, split)
- while (<F>);
-close(F);
-
-unlink("asn1_files");
-
-###
-
-# Step 2: generate header block.
-
-print(q~/*
- * Copyright (C) 2006 Internet Systems Consortium, Inc. ("ISC")
- *
- * Permission to use, copy, modify, and distribute this software for any
- * purpose with or without fee is hereby granted, provided that the above
- * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
- * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
- * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
- * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
- * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
- * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
- * PERFORMANCE OF THIS SOFTWARE.
- */
-
-/*! \file
- * \brief Method routines generated from SPNEGO ASN.1 module.
- * See spnego_asn1.pl for details. Do not edit.
- */
-
-~);
-
-###
-
-# Step 3: read and process each generated file, then delete it.
-
-my $output;
-
-for my $file (@files) {
-
- my $is_static = 0;
-
- system($indent, "-di1", "-ldi1", $file) == 0
- or die("Couldn't indent $file");
-
- unlink("$file.BAK");
-
- open(F, $file)
- or die("Couldn't open $file: $!");
-
- while (<F>) {
-
- # Symbol name fixups
-
- s/heim_general_string/general_string/g;
- s/heim_octet_string/octet_string/g;
- s/heim_oid/oid/g;
- s/heim_utf8_string/utf8_string/g;
-
- # Convert all externs to statics
-
- if (/^static/) {
- $is_static = 1;
- }
-
- if (!/^typedef/ &&
- !$is_static &&
- /^[A-Za-z_][0-9A-Za-z_]*[ \t]*($|[^:0-9A-Za-z_])/) {
- $_ = "static " . $_;
- $is_static = 1;
- }
-
- if (/[{};]/) {
- $is_static = 0;
- }
-
- # Suppress file inclusion, pass anything else through
-
- if (!/#include/) {
- $output .= $_;
- }
- }
-
- close(F);
- unlink($file);
-}
-
-# Step 4: Delete unused stuff to avoid code bloat and compiler warnings.
-
-my @unused_functions = qw(ContextFlags2int
- int2ContextFlags
- asn1_ContextFlags_units
- length_NegTokenInit
- copy_NegTokenInit
- length_NegTokenResp
- copy_NegTokenResp
- length_MechTypeList
- length_MechType
- copy_MechTypeList
- length_ContextFlags
- copy_ContextFlags
- copy_MechType);
-
-$output =~ s<^static [^\n]+\n$_\(.+?^}></* unused function: $_ */\n>ms
- foreach (@unused_functions);
-
-$output =~ s<^static .+$_\(.*\);$></* unused declaration: $_ */>m
- foreach (@unused_functions);
-
-$output =~ s<^static struct units ContextFlags_units\[\].+?^};>
- </* unused variable: ContextFlags_units */>ms;
-
-$output =~ s<^static int asn1_NegotiationToken_dummy_holder = 1;>
- </* unused variable: asn1_NegotiationToken_dummy_holder */>ms;
-
-$output =~ s<^static void\nfree_ContextFlags\(ContextFlags \* data\)\n{\n>
- <$&\t(void)data;\n>ms;
-
-# Step 5: Write the result.
-
-print($output);
-
# PROP Ignore_Export_Lib 0
# PROP Target_Dir ""
# ADD BASE CPP /nologo /MT /W3 @COPTX@ @COPTI@ /O2 /D "BIND9" /D "WIN32" /D "NDEBUG" /D "_WINDOWS" /D "_MBCS" /D "_USRDLL" /D "libdns_EXPORTS" @COPTY@ /FD /c
-# ADD CPP /nologo /MD /W3 @COPTX@ @COPTI@ /O2 /I "./" /I "../../../" /I "include" /I "../include" /I "../../isc/win32" /I "../../isc/win32/include" /I "../../isc/include" @LIBXML2_INC@ @OPENSSL_INC@ @GSSAPI_INC@ @GEOIP_INC@ /D "NDEBUG" /D "BIND9" /D "WIN32" /D "_WINDOWS" /D "__STDC__" /D "_MBCS" /D "_USRDLL" /D "USE_MD5" @CRYPTO@ @USE_GSSAPI@ @USE_ISC_SPNEGO@ /D "LIBDNS_EXPORTS" @COPTY@ /FD /c
+# ADD CPP /nologo /MD /W3 @COPTX@ @COPTI@ /O2 /I "./" /I "../../../" /I "include" /I "../include" /I "../../isc/win32" /I "../../isc/win32/include" /I "../../isc/include" @LIBXML2_INC@ @OPENSSL_INC@ @GSSAPI_INC@ @GEOIP_INC@ /D "NDEBUG" /D "BIND9" /D "WIN32" /D "_WINDOWS" /D "__STDC__" /D "_MBCS" /D "_USRDLL" /D "USE_MD5" @CRYPTO@ @USE_GSSAPI@ /D "LIBDNS_EXPORTS" @COPTY@ /FD /c
# SUBTRACT CPP /X
# ADD BASE MTL /nologo /D "NDEBUG" /mktyplib203 /win32
# ADD MTL /nologo /D "NDEBUG" /mktyplib203 /win32
# PROP Ignore_Export_Lib 0
# PROP Target_Dir ""
# ADD BASE CPP /nologo /MTd /W3 /Gm @COPTX@ @COPTI@ /ZI /Od /D "BIND9" /D "WIN32" /D "_DEBUG" /D "_WINDOWS" /D "_MBCS" /D "_USRDLL" /D "libdns_EXPORTS" @COPTY@ /FD /GZ /c
-# ADD CPP /nologo /MDd /W3 /Gm @COPTX@ @COPTI@ /ZI /Od /I "./" /I "../../../" /I "include" /I "../include" /I "../../isc/win32" /I "../../isc/win32/include" /I "../../isc/include" @OPENSSL_INC@ @LIBXML2_INC@ @GSSAPI_INC@ @GEOIP_INC@ /D "_DEBUG" /D "BIND9" /D "WIN32" /D "_WINDOWS" /D "__STDC__" /D "_MBCS" /D "_USRDLL" /D "USE_MD5" @CRYPTO@ @USE_GSSAPI@ @USE_ISC_SPNEGO@ /D "LIBDNS_EXPORTS" /FR @COPTY@ /FD /GZ /c
+# ADD CPP /nologo /MDd /W3 /Gm @COPTX@ @COPTI@ /ZI /Od /I "./" /I "../../../" /I "include" /I "../include" /I "../../isc/win32" /I "../../isc/win32/include" /I "../../isc/include" @OPENSSL_INC@ @LIBXML2_INC@ @GSSAPI_INC@ @GEOIP_INC@ /D "_DEBUG" /D "BIND9" /D "WIN32" /D "_WINDOWS" /D "__STDC__" /D "_MBCS" /D "_USRDLL" /D "USE_MD5" @CRYPTO@ @USE_GSSAPI@ /D "LIBDNS_EXPORTS" /FR @COPTY@ /FD /GZ /c
# SUBTRACT CPP /X
# ADD BASE MTL /nologo /D "_DEBUG" /mktyplib203 /win32
# ADD MTL /nologo /D "_DEBUG" /mktyplib203 /win32
LIBXML=@LIBXML2_LIB@
CPP=cl.exe
-CPP_PROJ=/nologo /MD /W3 @COPTX@ @COPTI@ /O2 /I "./" /I "../../../" /I "include" /I "../include" /I "../../isc/win32" /I "../../isc/win32/include" /I "../../isc/include" @OPENSSL_INC@ @LIBXML2_INC@ @GSSAPI_INC@ @GEOIP_INC@ /D "NDEBUG" /D "BIND9" /D "WIN32" /D "_WINDOWS" /D "__STDC__" /D "_MBCS" /D "_USRDLL" /D "USE_MD5" @CRYPTO@ @USE_GSSAPI@ @USE_ISC_SPNEGO@ /D "LIBDNS_EXPORTS" /Fp"$(INTDIR)\libdns.pch" @COPTY@ /Fo"$(INTDIR)\\" /Fd"$(INTDIR)\\" /FD /c
+CPP_PROJ=/nologo /MD /W3 @COPTX@ @COPTI@ /O2 /I "./" /I "../../../" /I "include" /I "../include" /I "../../isc/win32" /I "../../isc/win32/include" /I "../../isc/include" @OPENSSL_INC@ @LIBXML2_INC@ @GSSAPI_INC@ @GEOIP_INC@ /D "NDEBUG" /D "BIND9" /D "WIN32" /D "_WINDOWS" /D "__STDC__" /D "_MBCS" /D "_USRDLL" /D "USE_MD5" @CRYPTO@ @USE_GSSAPI@ /D "LIBDNS_EXPORTS" /Fp"$(INTDIR)\libdns.pch" @COPTY@ /Fo"$(INTDIR)\\" /Fd"$(INTDIR)\\" /FD /c
.c{$(INTDIR)}.obj::
$(CPP) @<<
if not exist "$(OUTDIR)/$(NULL)" mkdir "$(OUTDIR)"
CPP=cl.exe
-CPP_PROJ=/nologo /MDd /W3 /Gm @COPTX@ @COPTI@ /ZI /Od /I "./" /I "../../../" /I "include" /I "../include" /I "../../isc/win32" /I "../../isc/win32/include" /I "../../isc/include" @OPENSSL_INC@ @LIBXML2_INC@ @GSSAPI_INC@ @GEOIP_INC@ /D "_DEBUG" /D "BIND9" /D "WIN32" /D "_WINDOWS" /D "__STDC__" /D "_MBCS" /D "_USRDLL" /D "USE_MD5" @CRYPTO@ @USE_GSSAPI@ @USE_ISC_SPNEGO@ /D "LIBDNS_EXPORTS" /FR"$(INTDIR)\\" /Fp"$(INTDIR)\libdns.pch" @COPTY@ /Fo"$(INTDIR)\\" /Fd"$(INTDIR)\\" /FD /GZ /c
+CPP_PROJ=/nologo /MDd /W3 /Gm @COPTX@ @COPTI@ /ZI /Od /I "./" /I "../../../" /I "include" /I "../include" /I "../../isc/win32" /I "../../isc/win32/include" /I "../../isc/include" @OPENSSL_INC@ @LIBXML2_INC@ @GSSAPI_INC@ @GEOIP_INC@ /D "_DEBUG" /D "BIND9" /D "WIN32" /D "_WINDOWS" /D "__STDC__" /D "_MBCS" /D "_USRDLL" /D "USE_MD5" @CRYPTO@ @USE_GSSAPI@ /D "LIBDNS_EXPORTS" /FR"$(INTDIR)\\" /Fp"$(INTDIR)\libdns.pch" @COPTY@ /Fo"$(INTDIR)\\" /Fd"$(INTDIR)\\" /FD /GZ /c
.c{$(INTDIR)}.obj::
$(CPP) @<<
!IF "$(CFG)" == "libdns - @PLATFORM@ Release"
-CPP_SWITCHES=/nologo /MD /W3 @COPTX@ @COPTI@ /O2 /I "./" /I "../../../" /I "include" /I "../include" /I "../../isc/win32" /I "../../isc/win32/include" /I "../../isc/include" @OPENSSL_INC@ @LIBXML2_INC@ @GSSAPI_INC@ @GEOIP_INC@ /D "NDEBUG" /D "BIND9" /D "WIN32" /D "_WINDOWS" /D "__STDC__" /D "_MBCS" /D "_USRDLL" /D "USE_MD5" @CRYPTO@ @USE_GSSAPI@ @USE_ISC_SPNEGO@ /D "LIBDNS_EXPORTS" /Fp"$(INTDIR)\libdns.pch" @COPTY@ /Fo"$(INTDIR)\\" /Fd"$(INTDIR)\\" /FD /c
+CPP_SWITCHES=/nologo /MD /W3 @COPTX@ @COPTI@ /O2 /I "./" /I "../../../" /I "include" /I "../include" /I "../../isc/win32" /I "../../isc/win32/include" /I "../../isc/include" @OPENSSL_INC@ @LIBXML2_INC@ @GSSAPI_INC@ @GEOIP_INC@ /D "NDEBUG" /D "BIND9" /D "WIN32" /D "_WINDOWS" /D "__STDC__" /D "_MBCS" /D "_USRDLL" /D "USE_MD5" @CRYPTO@ @USE_GSSAPI@ /D "LIBDNS_EXPORTS" /Fp"$(INTDIR)\libdns.pch" @COPTY@ /Fo"$(INTDIR)\\" /Fd"$(INTDIR)\\" /FD /c
"$(INTDIR)\dispatch.obj" : $(SOURCE) "$(INTDIR)"
$(CPP) @<<
!ELSEIF "$(CFG)" == "libdns - @PLATFORM@ Debug"
-CPP_SWITCHES=/nologo /MDd /W3 /Gm @COPTX@ @COPTI@ /ZI /Od /I "./" /I "../../../" /I "include" /I "../include" /I "../../isc/win32" /I "../../isc/win32/include" /I "../../isc/include" @OPENSSL_INC@ @LIBXML2_INC@ @GSSAPI_INC@ @GEOIP_INC@ /D "_DEBUG" /D "BIND9" /D "WIN32" /D "_WINDOWS" /D "__STDC__" /D "_MBCS" /D "_USRDLL" /D "USE_MD5" @CRYPTO@ @USE_GSSAPI@ @USE_ISC_SPNEGO@ /D "LIBDNS_EXPORTS" /FR"$(INTDIR)\\" /Fp"$(INTDIR)\libdns.pch" @COPTY@ /Fo"$(INTDIR)\\" /Fd"$(INTDIR)\\" /FD /GZ /c
+CPP_SWITCHES=/nologo /MDd /W3 /Gm @COPTX@ @COPTI@ /ZI /Od /I "./" /I "../../../" /I "include" /I "../include" /I "../../isc/win32" /I "../../isc/win32/include" /I "../../isc/include" @OPENSSL_INC@ @LIBXML2_INC@ @GSSAPI_INC@ @GEOIP_INC@ /D "_DEBUG" /D "BIND9" /D "WIN32" /D "_WINDOWS" /D "__STDC__" /D "_MBCS" /D "_USRDLL" /D "USE_MD5" @CRYPTO@ @USE_GSSAPI@ /D "LIBDNS_EXPORTS" /FR"$(INTDIR)\\" /Fp"$(INTDIR)\libdns.pch" @COPTY@ /Fo"$(INTDIR)\\" /Fd"$(INTDIR)\\" /FD /GZ /c
"$(INTDIR)\dispatch.obj" "$(INTDIR)\dispatch.sbr" : $(SOURCE) "$(INTDIR)"
$(CPP) @<<
<Filter>Dst Source Files</Filter>
</ClCompile>
@END PKCS11
- <ClCompile Include="..\spnego.c">
- <Filter>Dst Source Files</Filter>
- </ClCompile>
</ItemGroup>
<ItemGroup>
<ClInclude Include="..\code.h">
<Filter>Dst Header Files</Filter>
</ClInclude>
@END PKCS11
- <ClInclude Include="..\spnego.h">
- <Filter>Dst Header Files</Filter>
- </ClInclude>
</ItemGroup>
</Project>
<WarningLevel>Level4</WarningLevel>
<TreatWarningAsError>false</TreatWarningAsError>
<Optimization>Disabled</Optimization>
- <PreprocessorDefinitions>BIND9;WIN32;USE_MD5;@CRYPTO@@USE_GSSAPI@@USE_ISC_SPNEGO@_DEBUG;_WINDOWS;_USRDLL;LIBDNS_EXPORTS;%(PreprocessorDefinitions);%(PreprocessorDefinitions);%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <PreprocessorDefinitions>BIND9;WIN32;USE_MD5;@CRYPTO@@USE_GSSAPI@_DEBUG;_WINDOWS;_USRDLL;LIBDNS_EXPORTS;%(PreprocessorDefinitions);%(PreprocessorDefinitions);%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>.\;..\..\..\;include;..\include;..\..\isc;..\..\isc\win32;..\..\isc\win32\include;..\..\isc\include;@LIBXML2_INC@@OPENSSL_INC@@GSSAPI_INC@@GEOIP_INC@%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
<FunctionLevelLinking>true</FunctionLevelLinking>
<PrecompiledHeaderOutputFile>.\$(Configuration)\$(TargetName).pch</PrecompiledHeaderOutputFile>
<Optimization>MaxSpeed</Optimization>
<FunctionLevelLinking>true</FunctionLevelLinking>
<IntrinsicFunctions>@INTRINSIC@</IntrinsicFunctions>
- <PreprocessorDefinitions>BIND9;WIN32;USE_MD5;@CRYPTO@@USE_GSSAPI@@USE_ISC_SPNEGO@NDEBUG;_WINDOWS;_USRDLL;LIBDNS_EXPORTS;%(PreprocessorDefinitions);%(PreprocessorDefinitions);%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <PreprocessorDefinitions>BIND9;WIN32;USE_MD5;@CRYPTO@@USE_GSSAPI@NDEBUG;_WINDOWS;_USRDLL;LIBDNS_EXPORTS;%(PreprocessorDefinitions);%(PreprocessorDefinitions);%(PreprocessorDefinitions)</PreprocessorDefinitions>
<AdditionalIncludeDirectories>.\;..\..\..\;include;..\include;..\..\isc;..\..\isc\win32;..\..\isc\win32\include;..\..\isc\include;@LIBXML2_INC@@OPENSSL_INC@@GSSAPI_INC@@GEOIP_INC@%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
<InlineFunctionExpansion>OnlyExplicitInline</InlineFunctionExpansion>
<StringPooling>true</StringPooling>
<ClCompile Include="..\sdb.c" />
<ClCompile Include="..\sdlz.c" />
<ClCompile Include="..\soa.c" />
- <ClCompile Include="..\spnego.c" />
<ClCompile Include="..\ssu.c" />
<ClCompile Include="..\ssu_external.c" />
<ClCompile Include="..\stats.c" />
<ClInclude Include="..\rbtdb.h" />
<ClInclude Include="..\rbtdb64.h" />
<ClInclude Include="..\rdatalist_p.h" />
- <ClInclude Include="..\spnego.h" />
</ItemGroup>
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
<ImportGroup Label="ExtensionTargets">
_LT_EOF
echo "$LTCC $LTCFLAGS -c -o conftest.o conftest.c" >&AS_MESSAGE_LOG_FD
$LTCC $LTCFLAGS -c -o conftest.o conftest.c 2>&AS_MESSAGE_LOG_FD
- echo "$AR cru libconftest.a conftest.o" >&AS_MESSAGE_LOG_FD
- $AR cru libconftest.a conftest.o 2>&AS_MESSAGE_LOG_FD
+ echo "$AR cr libconftest.a conftest.o" >&AS_MESSAGE_LOG_FD
+ $AR cr libconftest.a conftest.o 2>&AS_MESSAGE_LOG_FD
echo "$RANLIB libconftest.a" >&AS_MESSAGE_LOG_FD
$RANLIB libconftest.a 2>&AS_MESSAGE_LOG_FD
cat > conftest.c << _LT_EOF
# to the OS version, if on x86, and 10.4, the deployment
# target defaults to 10.4. Don't you love it?
case ${MACOSX_DEPLOYMENT_TARGET-10.0},$host in
- 10.0,*86*-darwin8*|10.0,*-darwin[[91]]*)
+ 10.0,*86*-darwin8*|10.0,*-darwin[[912]]*)
_lt_dar_allow_undefined='$wl-undefined ${wl}dynamic_lookup' ;;
10.[[012]][[,.]]*)
_lt_dar_allow_undefined='$wl-flat_namespace $wl-undefined ${wl}suppress' ;;
- 10.*)
+ 10.*|11.*)
_lt_dar_allow_undefined='$wl-undefined ${wl}dynamic_lookup' ;;
esac
;;
m4_defun([_LT_PROG_AR],
[AC_CHECK_TOOLS(AR, [ar], false)
: ${AR=ar}
-: ${AR_FLAGS=cru}
+: ${AR_FLAGS=cr}
_LT_DECL([], [AR], [1], [The archiver])
_LT_DECL([], [AR_FLAGS], [1], [Flags to create an archive])
_LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC'
_LT_TAGVAR(lt_prog_compiler_static, $1)='-static'
;;
+ # flang / f18. f95 an alias for gfortran or flang on Debian
+ flang* | f18* | f95*)
+ _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
+ _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC'
+ _LT_TAGVAR(lt_prog_compiler_static, $1)='-static'
+ ;;
# icc used to be incompatible with GCC.
# ICC 10 doesn't accept -KPIC any more.
icc* | ifort*)
PROGRAM=libtool
PACKAGE=libtool
-VERSION="2.4.6 Debian-2.4.6-9"
+VERSION="2.4.6 Debian-2.4.6-15"
package_revision=2.4.6
# putting '$debug_cmd' at the start of all your functions, you can get
# bash to show function call trace with:
#
-# debug_cmd='eval echo "${FUNCNAME[0]} $*" >&2' bash your-script-name
+# debug_cmd='echo "${FUNCNAME[0]} $*" >&2' bash your-script-name
debug_cmd=${debug_cmd-":"}
exit_cmd=:
compiler: $LTCC
compiler flags: $LTCFLAGS
linker: $LD (gnu? $with_gnu_ld)
- version: $progname $scriptversion Debian-2.4.6-9
+ version: $progname $scriptversion Debian-2.4.6-15
automake: `($AUTOMAKE --version) 2>/dev/null |$SED 1q`
autoconf: `($AUTOCONF --version) 2>/dev/null |$SED 1q`
# -stdlib=* select c++ std lib with clang
# -fsanitize=* Clang/GCC memory and address sanitizer
# -fuse-ld=* Linker select flags for GCC
+ # -static-* direct GCC to link specific libraries statically
+ # -fcilkplus Cilk Plus language extension features for C/C++
-64|-mips[0-9]|-r[0-9][0-9]*|-xarch=*|-xtarget=*|+DA*|+DD*|-q*|-m*| \
-t[45]*|-txscale*|-p|-pg|--coverage|-fprofile-*|-F*|@*|-tp=*|--sysroot=*| \
-O*|-g*|-flto*|-fwhopr*|-fuse-linker-plugin|-fstack-protector*|-stdlib=*| \
- -specs=*|-fsanitize=*|-fuse-ld=*)
+ -specs=*|-fsanitize=*|-fuse-ld=*|-static-*|-fcilkplus)
func_quote_for_eval "$arg"
arg=$func_quote_for_eval_result
func_append compile_command " $arg"
./lib/dns/sdb.c C 2000,2001,2003,2004,2005,2006,2007,2008,2009,2010,2011,2012,2013,2014,2015,2016,2018,2019,2020,2021
./lib/dns/sdlz.c C.PORTION 1999,2000,2001,2005,2006,2007,2008,2009,2010,2011,2012,2013,2014,2015,2016,2017,2018,2019,2020,2021
./lib/dns/soa.c C 2000,2001,2004,2005,2007,2009,2016,2018,2019,2020,2021
-./lib/dns/spnego.asn1 X 2006,2018,2019,2020,2021
-./lib/dns/spnego.c C 2006,2007,2008,2009,2010,2011,2012,2013,2014,2015,2016,2017,2018,2019,2020,2021
-./lib/dns/spnego.h C 2006,2007,2016,2018,2019,2020,2021
-./lib/dns/spnego_asn1.c C 2006,2007,2012,2013,2015,2016,2018,2019,2020,2021
-./lib/dns/spnego_asn1.pl PERL 2006,2007,2012,2016,2018,2019,2020,2021
./lib/dns/ssu.c C 2000,2001,2003,2004,2005,2006,2007,2008,2010,2011,2013,2014,2016,2017,2018,2019,2020,2021
./lib/dns/ssu_external.c C 2011,2012,2013,2016,2017,2018,2019,2020,2021
./lib/dns/stats.c C 2000,2001,2004,2005,2007,2008,2009,2012,2016,2018,2019,2020,2021
"PK11_LIB_LOCATION",
"USE_GSSAPI",
"USE_PKCS11",
- "USE_PYTHON",
- "USE_ISC_SPNEGO");
+ "USE_PYTHON");
# conditions
my @enablelist = ("developer",
"fixed-rrset",
"intrinsics",
- "isc-spnego",
"native-pkcs11",
"openssl-hash",
"filter-aaaa",
" enable-intrinsics enable intrinsic/atomic functions [default=yes]\n",
" enable-native-pkcs11 use native PKCS#11 for all crypto [default=no]\n",
" enable-openssl-hash use OpenSSL for hash functions [default=yes]\n",
-" enable-isc-spnego use SPNEGO from lib/dns [default=yes]\n",
" enable-filter-aaaa enable filtering of AAAA records [default=yes]\n",
" enable-fixed-rrset enable fixed rrset ordering [default=no]\n",
" enable-developer enable developer build settings [default=no]\n",
my $enable_native_pkcs11 = "no";
my $enable_openssl_hash = "auto";
my $enable_filter_aaaa = "yes";
-my $enable_isc_spnego = "yes";
my $enable_fixed_rrset = "no";
my $enable_developer = "no";
my $enable_querytrace = "no";
} elsif ($val =~ /^no$/i) {
$enable_openssl_hash = "no";
}
- } elsif ($key =~ /^isc-spnego$/i) {
- if ($val =~ /^no$/i) {
- $enable_isc_spnego = "no";
- }
} elsif ($key =~ /^filter-aaaa$/i) {
if ($val =~ /^no$/i) {
$enable_filter_aaaa = "no";
} else {
print "openssl-hash: disabled\n";
}
- if ($enable_isc_spnego eq "yes") {
- print "isc-spnego: enabled\n";
- } else {
- print "isc-spnego: disabled\n";
- }
if ($enable_filter_aaaa eq "yes") {
print "filter-aaaa: enabled\n";
} else {
die "find more than one OpenSSL libcrypto-*.dll DLL candidate\n";
}
$openssl_dll = File::Spec->catdir($openssl_path, "@dirlist[0]");
- }
+ }
$configcond{"OPENSSL"} = 1;
$configdefd{"CRYPTO"} = "OPENSSL";
$configdll{"WSHELP_DLL"} = "$wshelp_dll";
}
-# enable-isc-spnego
-if ($use_gssapi ne "yes") {
- $enable_isc_spnego = "no";
-} elsif ($enable_isc_spnego eq "yes") {
- if ($use_gssapi eq "no") {
- die "No GSSAPI for SPNEGO\n";
- }
- $configdefd{"USE_ISC_SPNEGO"} = "USE_ISC_SPNEGO";
-}
-
# with-geoip
if ($use_geoip eq "no") {
if ($verbose) {
# --enable-symtable incompatible with DLLs (or libtool)
# --enable-ipv6 included without a way to disable it
# --enable-atomic supported (renamed to intrinsic)
-# --enable-isc-spnego supported (part of GSSAPI)
# --enable-fixed-rrset supported
# --enable-querytrace supported
# --disable-rpz-nsip supported
projects / thirdparty / bind9.git / commitdiff
