From 35a87984f67ebc2db3f670cb1431f08991853a5e Mon Sep 17 00:00:00 2001 From: Simon Tatham Date: Sat, 17 Sep 2022 07:28:46 +0100 Subject: [PATCH] Unix GSSAPI: support static linking against Heimdal. Heimdal provides its own definitions of OIDs like GSS_C_NT_USER_NAME in the form of macros, which conflict with our attempt to redefine them as variables - the macro gets expanded into the middle of the variable declaration, leaving the poor C compiler trying to parse a non-declaration along the lines of const_gss_OID (&__gss_c_nt_anonymous_oid_desc) = oids+5; Easily fixed by just not redefining these at all if they're already defined as macros. To make that easier, I've broken up the oids[] array into individual gss_OID_desc declarations, so I can put each one inside the appropriate ifdef. In the process, I've removed the 'const' from the gss_OID_desc declarations. That's on purpose! The problem is that not all implementations of the GSSAPI headers make const_gss_OID a pointer to a *const* gss_OID_desc; sometimes it's just a plain one and the 'const' prefix is just a comment to the user. So removing that const prevents compiler warnings (or worse) about address-taking a const thing and assigning it into a non-const pointer. --- ssh/pgssapi.c | 106 ++++++++++++++++++++++++++++++++------------------ 1 file changed, 68 insertions(+), 38 deletions(-) diff --git a/ssh/pgssapi.c b/ssh/pgssapi.c index 1f54d805..1730444d 100644 --- a/ssh/pgssapi.c +++ b/ssh/pgssapi.c @@ -9,38 +9,63 @@ #ifndef NO_LIBDL -/* Reserved static storage for GSS_oids. Comments are quotes from RFC 2744. */ -static const gss_OID_desc oids[] = { +/* Reserved static storage for GSS_oids. + * Constants of the form GSS_C_NT_* are specified by rfc 2744. + * Comments are quotes from RFC 2744 itself. + * + * These may be #defined to complex expressions by the local header + * file, if we're including one in static-GSSAPI mode. (For example, + * Heimdal defines them to things like + * (&__gss_c_nt_user_name_oid_desc).) So we only define them if + * needed. */ + +#ifndef GSS_C_NT_USER_NAME +static gss_OID_desc oid_GSS_C_NT_USER_NAME = { /* The implementation must reserve static storage for a * gss_OID_desc object containing the value */ - {10, (void *)"\x2a\x86\x48\x86\xf7\x12\x01\x02\x01\x01"}, + 10, "\x2a\x86\x48\x86\xf7\x12\x01\x02\x01\x01", /* corresponding to an object-identifier value of * {iso(1) member-body(2) United States(840) mit(113554) * infosys(1) gssapi(2) generic(1) user_name(1)}. The constant * GSS_C_NT_USER_NAME should be initialized to point - * to that gss_OID_desc. + * to that gss_OID_desc. */ +}; +const_gss_OID GSS_C_NT_USER_NAME = &oid_GSS_C_NT_USER_NAME; +#endif - * The implementation must reserve static storage for a +#ifndef GSS_C_NT_MACHINE_UID_NAME +static gss_OID_desc oid_GSS_C_NT_MACHINE_UID_NAME = { + /* The implementation must reserve static storage for a * gss_OID_desc object containing the value */ - {10, (void *)"\x2a\x86\x48\x86\xf7\x12\x01\x02\x01\x02"}, + 10, "\x2a\x86\x48\x86\xf7\x12\x01\x02\x01\x02", /* corresponding to an object-identifier value of * {iso(1) member-body(2) United States(840) mit(113554) * infosys(1) gssapi(2) generic(1) machine_uid_name(2)}. * The constant GSS_C_NT_MACHINE_UID_NAME should be - * initialized to point to that gss_OID_desc. + * initialized to point to that gss_OID_desc. */ +}; +const_gss_OID GSS_C_NT_MACHINE_UID_NAME = &oid_GSS_C_NT_MACHINE_UID_NAME; +#endif - * The implementation must reserve static storage for a +#ifndef GSS_C_NT_STRING_UID_NAME +static gss_OID_desc oid_GSS_C_NT_STRING_UID_NAME = { + /* The implementation must reserve static storage for a * gss_OID_desc object containing the value */ - {10, (void *)"\x2a\x86\x48\x86\xf7\x12\x01\x02\x01\x03"}, + 10, "\x2a\x86\x48\x86\xf7\x12\x01\x02\x01\x03", /* corresponding to an object-identifier value of * {iso(1) member-body(2) United States(840) mit(113554) * infosys(1) gssapi(2) generic(1) string_uid_name(3)}. * The constant GSS_C_NT_STRING_UID_NAME should be - * initialized to point to that gss_OID_desc. - * - * The implementation must reserve static storage for a + * initialized to point to that gss_OID_desc. */ +}; +const_gss_OID GSS_C_NT_STRING_UID_NAME = &oid_GSS_C_NT_STRING_UID_NAME; +#endif + +#ifndef GSS_C_NT_HOSTBASED_SERVICE_X +static gss_OID_desc oid_GSS_C_NT_HOSTBASED_SERVICE_X = { + /* The implementation must reserve static storage for a * gss_OID_desc object containing the value */ - {6, (void *)"\x2b\x06\x01\x05\x06\x02"}, + 6, "\x2b\x06\x01\x05\x06\x02", /* corresponding to an object-identifier value of * {iso(1) org(3) dod(6) internet(1) security(5) * nametypes(6) gss-host-based-services(2))}. The constant @@ -52,29 +77,44 @@ static const gss_OID_desc oids[] = { * GSS_C_NT_HOSTBASED_SERVICE_X should be accepted a synonym * for GSS_C_NT_HOSTBASED_SERVICE when presented as an input * parameter, but should not be emitted by GSS-API - * implementations - * - * The implementation must reserve static storage for a + * implementations */ +}; +const_gss_OID GSS_C_NT_HOSTBASED_SERVICE_X = &oid_GSS_C_NT_HOSTBASED_SERVICE_X; +#endif + +#ifndef GSS_C_NT_HOSTBASED_SERVICE +static gss_OID_desc oid_GSS_C_NT_HOSTBASED_SERVICE = { + /* The implementation must reserve static storage for a * gss_OID_desc object containing the value */ - {10, (void *)"\x2a\x86\x48\x86\xf7\x12\x01\x02\x01\x04"}, + 10, "\x2a\x86\x48\x86\xf7\x12\x01\x02\x01\x04", /* corresponding to an object-identifier value of {iso(1) * member-body(2) Unites States(840) mit(113554) infosys(1) * gssapi(2) generic(1) service_name(4)}. The constant * GSS_C_NT_HOSTBASED_SERVICE should be initialized - * to point to that gss_OID_desc. - * - * The implementation must reserve static storage for a + * to point to that gss_OID_desc. */ +}; +const_gss_OID GSS_C_NT_HOSTBASED_SERVICE = &oid_GSS_C_NT_HOSTBASED_SERVICE; +#endif + +#ifndef GSS_C_NT_ANONYMOUS +static gss_OID_desc oid_GSS_C_NT_ANONYMOUS = { + /* The implementation must reserve static storage for a * gss_OID_desc object containing the value */ - {6, (void *)"\x2b\x06\01\x05\x06\x03"}, + 6, "\x2b\x06\01\x05\x06\x03", /* corresponding to an object identifier value of * {1(iso), 3(org), 6(dod), 1(internet), 5(security), * 6(nametypes), 3(gss-anonymous-name)}. The constant * and GSS_C_NT_ANONYMOUS should be initialized to point - * to that gss_OID_desc. - * - * The implementation must reserve static storage for a + * to that gss_OID_desc. */ +}; +const_gss_OID GSS_C_NT_ANONYMOUS = &oid_GSS_C_NT_ANONYMOUS; +#endif + +#ifndef GSS_C_NT_EXPORT_NAME +static gss_OID_desc oid_GSS_C_NT_EXPORT_NAME = { + /* The implementation must reserve static storage for a * gss_OID_desc object containing the value */ - {6, (void *)"\x2b\x06\x01\x05\x06\x04"}, + 6, "\x2b\x06\x01\x05\x06\x04", /* corresponding to an object-identifier value of * {1(iso), 3(org), 6(dod), 1(internet), 5(security), * 6(nametypes), 4(gss-api-exported-name)}. The constant @@ -82,23 +122,13 @@ static const gss_OID_desc oids[] = { * to that gss_OID_desc. */ }; - -/* Here are the constants which point to the static structure above. - * - * Constants of the form GSS_C_NT_* are specified by rfc 2744. - */ -const_gss_OID GSS_C_NT_USER_NAME = oids+0; -const_gss_OID GSS_C_NT_MACHINE_UID_NAME = oids+1; -const_gss_OID GSS_C_NT_STRING_UID_NAME = oids+2; -const_gss_OID GSS_C_NT_HOSTBASED_SERVICE_X = oids+3; -const_gss_OID GSS_C_NT_HOSTBASED_SERVICE = oids+4; -const_gss_OID GSS_C_NT_ANONYMOUS = oids+5; -const_gss_OID GSS_C_NT_EXPORT_NAME = oids+6; +const_gss_OID GSS_C_NT_EXPORT_NAME = &oid_GSS_C_NT_EXPORT_NAME; +#endif #endif /* NO_LIBDL */ static gss_OID_desc gss_mech_krb5_desc = -{ 9, (void *)"\x2a\x86\x48\x86\xf7\x12\x01\x02\x02" }; +{ 9, "\x2a\x86\x48\x86\xf7\x12\x01\x02\x02" }; /* iso(1) member-body(2) United States(840) mit(113554) infosys(1) gssapi(2) krb5(2)*/ const gss_OID GSS_MECH_KRB5 = &gss_mech_krb5_desc;