2179 gss should be more careful with pointer casts
Reviewed by: Albert Lee <
[email protected]>
Reviewed by: Joshua M. Clulow <
[email protected]>
Reviewed by: Jason King <
[email protected]>
Reviewed by: Milan Jurik <
[email protected]>
Approved by: Gordon Ross <
[email protected]>
--- a/usr/src/cmd/gss/gssd/gssd_clnt_stubs.c Wed Jun 22 12:54:00 2011 -0700
+++ b/usr/src/cmd/gss/gssd/gssd_clnt_stubs.c Mon May 16 02:18:09 2011 +0100
@@ -326,8 +326,7 @@
arg.uid = (OM_uint32) uid;
arg.input_cred_handle.GSS_CRED_ID_T_len =
- input_cred_handle ==
- (gssd_cred_id_t)GSS_C_NO_CREDENTIAL ?
+ input_cred_handle == GSSD_NO_CREDENTIAL ?
0 : (uint_t)sizeof (gssd_cred_id_t);
arg.input_cred_handle.GSS_CRED_ID_T_val =
(char *)&input_cred_handle;
@@ -454,7 +453,7 @@
gssd_cred_verifier = KCRED_TO_CREDV(input_cred_handle);
gssd_input_cred_handle = KCRED_TO_CRED(input_cred_handle);
} else
- gssd_input_cred_handle = (gssd_cred_id_t)GSS_C_NO_CREDENTIAL;
+ gssd_input_cred_handle = GSSD_NO_CREDENTIAL;
err = kgss_add_cred_wrapped(minor_status, gssd_input_cred_handle,
gssd_cred_verifier, desired_name, desired_mech_type,
@@ -620,7 +619,7 @@
arg.gssd_context_verifier = *gssd_context_verifier;
arg.claimant_cred_handle.GSS_CRED_ID_T_len =
- claimant_cred_handle == (gssd_cred_id_t)GSS_C_NO_CREDENTIAL ?
+ claimant_cred_handle == GSSD_NO_CREDENTIAL ?
0 : (uint_t)sizeof (gssd_cred_id_t);
arg.claimant_cred_handle.GSS_CRED_ID_T_val =
(char *)&claimant_cred_handle;
@@ -803,20 +802,20 @@
if (claimant_cred_handle != GSS_C_NO_CREDENTIAL) {
gssd_cred_verifier =
- KCRED_TO_CREDV(claimant_cred_handle);
+ KCRED_TO_CREDV(claimant_cred_handle);
gssd_cl_cred_handle =
- KCRED_TO_CRED(claimant_cred_handle);
- } else
- gssd_cl_cred_handle =
- (gssd_cred_id_t)GSS_C_NO_CREDENTIAL;
+ KCRED_TO_CRED(claimant_cred_handle);
+ } else {
+ gssd_cl_cred_handle = GSSD_NO_CREDENTIAL;
+ }
err = kgss_init_sec_context_wrapped(minor_status,
- gssd_cl_cred_handle,
- gssd_cred_verifier, &kctx->gssd_ctx,
- &kctx->gssd_ctx_verifier,
- target_name, mech_type, req_flags, time_req,
- input_chan_bindings, input_token, actual_mech_type,
- output_token, ret_flags, time_rec, uid);
+ gssd_cl_cred_handle,
+ gssd_cred_verifier, &kctx->gssd_ctx,
+ &kctx->gssd_ctx_verifier,
+ target_name, mech_type, req_flags, time_req,
+ input_chan_bindings, input_token, actual_mech_type,
+ output_token, ret_flags, time_rec, uid);
if (GSS_ERROR(err)) {
KGSS_FREE(kctx);
@@ -868,7 +867,7 @@
arg.uid = (OM_uint32) uid;
arg.context_handle.GSS_CTX_ID_T_len =
- *context_handle == (gssd_ctx_id_t)GSS_C_NO_CONTEXT ?
+ *context_handle == GSSD_NO_CONTEXT ?
0 : (uint_t)sizeof (gssd_ctx_id_t);
arg.context_handle.GSS_CTX_ID_T_val = (char *)context_handle;
arg.gssd_context_verifier =
@@ -876,8 +875,7 @@
0 : *gssd_context_verifier;
arg.verifier_cred_handle.GSS_CRED_ID_T_len =
- verifier_cred_handle ==
- (gssd_cred_id_t)GSS_C_NO_CREDENTIAL ?
+ verifier_cred_handle == GSSD_NO_CREDENTIAL ?
0 : (uint_t)sizeof (gssd_cred_id_t);
arg.verifier_cred_handle.GSS_CRED_ID_T_val =
(char *)&verifier_cred_handle;
@@ -1054,24 +1052,24 @@
if (*context_handle == GSS_C_NO_CONTEXT) {
kctx = KGSS_ALLOC();
*context_handle = (gss_ctx_id_t)kctx;
- kctx->gssd_ctx = (gssd_ctx_id_t)GSS_C_NO_CONTEXT;
+ kctx->gssd_ctx = GSSD_NO_CONTEXT;
} else
kctx = (struct kgss_ctx *)*context_handle;
if (verifier_cred_handle != GSS_C_NO_CREDENTIAL) {
gssd_cred_verifier =
- KCRED_TO_CREDV(verifier_cred_handle);
+ KCRED_TO_CREDV(verifier_cred_handle);
gssd_ver_cred_handle =
- KCRED_TO_CRED(verifier_cred_handle);
+ KCRED_TO_CRED(verifier_cred_handle);
} else
- gssd_ver_cred_handle = (gssd_cred_id_t)GSS_C_NO_CREDENTIAL;
+ gssd_ver_cred_handle = GSSD_NO_CREDENTIAL;
err = kgss_accept_sec_context_wrapped(minor_status,
- &kctx->gssd_ctx,
- &kctx->gssd_ctx_verifier, gssd_ver_cred_handle,
- gssd_cred_verifier, input_token, input_chan_bindings,
- src_name, mech_type, output_token, ret_flags,
- time_rec, delegated_cred_handle, uid);
+ &kctx->gssd_ctx,
+ &kctx->gssd_ctx_verifier, gssd_ver_cred_handle,
+ gssd_cred_verifier, input_token, input_chan_bindings,
+ src_name, mech_type, output_token, ret_flags,
+ time_rec, delegated_cred_handle, uid);
if (GSS_ERROR(err)) {
KGSS_FREE(kctx);
@@ -1234,10 +1232,10 @@
kctx = KCTX_TO_KGSS_CTX(*context_handle);
err = kgss_delete_sec_context_wrapped(minor_status,
- &kctx->gssd_ctx, kctx->gssd_ctx_verifier,
- output_token);
-
- if (kctx->gssd_ctx != (gssd_ctx_id_t)GSS_C_NO_CONTEXT)
+ &kctx->gssd_ctx, kctx->gssd_ctx_verifier,
+ output_token);
+
+ if (kctx->gssd_ctx != GSSD_NO_CONTEXT)
err = GSS_S_FAILURE;
else
err = GSS_S_COMPLETE;
@@ -1348,8 +1346,8 @@
return (GSS_S_FAILURE);
return (KGSS_SIGN(minor_status,
- context_handle, qop_req, message_buffer,
- msg_token));
+ context_handle, qop_req, message_buffer,
+ msg_token));
}
OM_uint32
@@ -1432,8 +1430,7 @@
return (GSS_S_FAILURE);
return (KGSS_VERIFY(minor_status, context_handle,
- message_buffer,
- token_buffer, qop_state));
+ message_buffer, token_buffer, qop_state));
}
@@ -1657,9 +1654,8 @@
return (GSS_S_FAILURE);
return (KGSS_UNSEAL(minor_status, context_handle,
- input_message_buffer,
- output_message_buffer,
- conf_state, qop_state));
+ input_message_buffer, output_message_buffer,
+ conf_state, qop_state));
}
/* EXPORT DELETE END */
@@ -1856,7 +1852,7 @@
arg.uid = (OM_uint32) uid;
arg.cred_handle.GSS_CRED_ID_T_len =
- cred_handle == (gssd_cred_id_t)GSS_C_NO_CREDENTIAL ?
+ cred_handle == GSSD_NO_CREDENTIAL ?
0 : (uint_t)sizeof (gssd_cred_id_t);
arg.cred_handle.GSS_CRED_ID_T_val = (char *)&cred_handle;
arg.gssd_cred_verifier = gssd_cred_verifier;
@@ -2019,7 +2015,7 @@
arg.uid = (OM_uint32) uid;
arg.cred_handle.GSS_CRED_ID_T_len =
- cred_handle == (gssd_cred_id_t)GSS_C_NO_CREDENTIAL ?
+ cred_handle == GSSD_NO_CREDENTIAL ?
0 : (uint_t)sizeof (gssd_cred_id_t);
arg.cred_handle.GSS_CRED_ID_T_val = (char *)&cred_handle;
arg.gssd_cred_verifier = gssd_cred_verifier;
@@ -2505,7 +2501,7 @@
switch (cmd) {
case DDI_ATTACH:
if (ddi_create_minor_node(dip, "gssd", S_IFCHR, 0, "gssd", 0)
- == DDI_FAILURE) {
+ == DDI_FAILURE) {
ddi_remove_minor_node(dip, NULL);
return (DDI_FAILURE);
}
@@ -2651,7 +2647,7 @@
int status;
if ((status = ddi_soft_state_init(&gssd_state,
- sizeof (gssd_devstate_t), 1)) != 0)
+ sizeof (gssd_devstate_t), 1)) != 0)
return (status);
if ((status = mod_install((struct modlinkage *)&modlinkage)) != 0)
--- a/usr/src/uts/common/gssapi/gssd_clnt_stubs.c Wed Jun 22 12:54:00 2011 -0700
+++ b/usr/src/uts/common/gssapi/gssd_clnt_stubs.c Mon May 16 02:18:09 2011 +0100
@@ -376,8 +376,7 @@
arg.uid = (OM_uint32)uid;
arg.input_cred_handle.GSS_CRED_ID_T_len =
- input_cred_handle ==
- (gssd_cred_id_t)GSS_C_NO_CREDENTIAL ?
+ input_cred_handle == GSSD_NO_CREDENTIAL ?
0 : (uint_t)sizeof (gssd_cred_id_t);
arg.input_cred_handle.GSS_CRED_ID_T_val = (char *)&input_cred_handle;
arg.gssd_cred_verifier = gssd_cred_verifier;
@@ -496,8 +495,9 @@
if (input_cred_handle != GSS_C_NO_CREDENTIAL) {
gssd_cred_verifier = KCRED_TO_CREDV(input_cred_handle);
gssd_input_cred_handle = KCRED_TO_CRED(input_cred_handle);
- } else
- gssd_input_cred_handle = (gssd_cred_id_t)GSS_C_NO_CREDENTIAL;
+ } else {
+ gssd_input_cred_handle = GSSD_NO_CREDENTIAL;
+ }
err = kgss_add_cred_wrapped(minor_status, gssd_input_cred_handle,
gssd_cred_verifier, desired_name, desired_mech_type,
@@ -661,14 +661,14 @@
arg.uid = (OM_uint32)uid;
arg.context_handle.GSS_CTX_ID_T_len =
- *context_handle == (gssd_ctx_id_t)GSS_C_NO_CONTEXT ?
+ *context_handle == GSSD_NO_CONTEXT ?
0 : (uint_t)sizeof (gssd_ctx_id_t);
arg.context_handle.GSS_CTX_ID_T_val = (char *)context_handle;
arg.gssd_context_verifier = *gssd_context_verifier;
arg.claimant_cred_handle.GSS_CRED_ID_T_len =
- claimant_cred_handle == (gssd_cred_id_t)GSS_C_NO_CREDENTIAL ?
+ claimant_cred_handle == GSSD_NO_CREDENTIAL ?
0 : (uint_t)sizeof (gssd_cred_id_t);
arg.claimant_cred_handle.GSS_CRED_ID_T_val =
(char *)&claimant_cred_handle;
@@ -678,8 +678,7 @@
arg.target_name.GSS_BUFFER_T_val = (char *)external_name.value;
arg.name_type.GSS_OID_len =
- name_type == GSS_C_NULL_OID ?
- 0 : (uint_t)name_type->length;
+ name_type == GSS_C_NULL_OID ? 0 : (uint_t)name_type->length;
arg.name_type.GSS_OID_val =
name_type == GSS_C_NULL_OID ?
@@ -769,8 +768,7 @@
output_token->value =
(void *)MALLOC(output_token->length);
(void) memcpy(output_token->value,
- res.output_token.GSS_BUFFER_T_val,
- output_token->length);
+ res.output_token.GSS_BUFFER_T_val, output_token->length);
}
/* if the call was successful, copy out the results */
@@ -782,8 +780,7 @@
* status codes, output token and context handle.
*/
*context_handle =
- *((gssd_ctx_id_t *)
- res.context_handle.GSS_CTX_ID_T_val);
+ *((gssd_ctx_id_t *)res.context_handle.GSS_CTX_ID_T_val);
*gssd_context_verifier = res.gssd_context_verifier;
if (res.status == GSS_S_COMPLETE) {
@@ -791,13 +788,11 @@
*actual_mech_type =
(gss_OID) MALLOC(sizeof (gss_OID_desc));
(*actual_mech_type)->length =
- (OM_UINT32)
- res.actual_mech_type.GSS_OID_len;
+ (OM_UINT32)res.actual_mech_type.GSS_OID_len;
(*actual_mech_type)->elements =
- (void *)
- MALLOC((*actual_mech_type)->length);
+ (void *)MALLOC((*actual_mech_type)->length);
(void) memcpy((*actual_mech_type)->elements,
- (void *) res.actual_mech_type.GSS_OID_val,
+ (void *)res.actual_mech_type.GSS_OID_val,
(*actual_mech_type)->length);
}
@@ -891,7 +886,7 @@
* upcalls to gssd.
*/
kctx->mech = &default_gc;
- kctx->gssd_ctx = (gssd_ctx_id_t)GSS_C_NO_CONTEXT;
+ kctx->gssd_ctx = GSSD_NO_CONTEXT;
*context_handle = (gss_ctx_id_t)kctx;
} else
kctx = (struct kgss_ctx *)*context_handle;
@@ -899,8 +894,9 @@
if (claimant_cred_handle != GSS_C_NO_CREDENTIAL) {
gssd_cred_verifier = KCRED_TO_CREDV(claimant_cred_handle);
gssd_cl_cred_handle = KCRED_TO_CRED(claimant_cred_handle);
- } else
- gssd_cl_cred_handle = (gssd_cred_id_t)GSS_C_NO_CREDENTIAL;
+ } else {
+ gssd_cl_cred_handle = GSSD_NO_CREDENTIAL;
+ }
/*
* We need to know the resulting mechanism oid, so allocate
@@ -973,25 +969,22 @@
arg.uid = (OM_uint32)uid;
arg.context_handle.GSS_CTX_ID_T_len =
- *context_handle == (gssd_ctx_id_t)GSS_C_NO_CONTEXT ?
+ *context_handle == GSSD_NO_CONTEXT ?
0 : (uint_t)sizeof (gssd_ctx_id_t);
arg.context_handle.GSS_CTX_ID_T_val = (char *)context_handle;
arg.gssd_context_verifier = *gssd_context_verifier;
arg.verifier_cred_handle.GSS_CRED_ID_T_len =
- verifier_cred_handle ==
- (gssd_cred_id_t)GSS_C_NO_CREDENTIAL ?
+ verifier_cred_handle == GSSD_NO_CREDENTIAL ?
0 : (uint_t)sizeof (gssd_cred_id_t);
arg.verifier_cred_handle.GSS_CRED_ID_T_val =
(char *)&verifier_cred_handle;
arg.gssd_cred_verifier = gssd_cred_verifier;
arg.input_token_buffer.GSS_BUFFER_T_len =
- (uint_t)(input_token != GSS_C_NO_BUFFER ?
- input_token->length : 0);
+ (uint_t)(input_token != GSS_C_NO_BUFFER ? input_token->length : 0);
arg.input_token_buffer.GSS_BUFFER_T_val =
- (char *)(input_token != GSS_C_NO_BUFFER ?
- input_token->value : 0);
+ (char *)(input_token != GSS_C_NO_BUFFER ? input_token->value : 0);
if (input_chan_bindings != GSS_C_NO_CHANNEL_BINDINGS) {
arg.input_chan_bindings.present = YES;
@@ -1055,19 +1048,16 @@
*minor_status = res.minor_status;
if (output_token != NULL && res.output_token.GSS_BUFFER_T_val != NULL) {
- output_token->length =
- res.output_token.GSS_BUFFER_T_len;
- output_token->value =
- (void *) MALLOC(output_token->length);
+ output_token->length = res.output_token.GSS_BUFFER_T_len;
+ output_token->value = (void *)MALLOC(output_token->length);
(void) memcpy(output_token->value,
- res.output_token.GSS_BUFFER_T_val,
- output_token->length);
+ res.output_token.GSS_BUFFER_T_val, output_token->length);
}
/* if the call was successful, copy out the results */
- if (res.status == (OM_uint32) GSS_S_COMPLETE ||
- res.status == (OM_uint32) GSS_S_CONTINUE_NEEDED) {
+ if (res.status == (OM_uint32)GSS_S_COMPLETE ||
+ res.status == (OM_uint32)GSS_S_CONTINUE_NEEDED) {
/*
* the only parameters that are ready when we
@@ -1080,7 +1070,7 @@
*gssd_context_verifier = res.gssd_context_verifier;
/* these other parameters are only ready upon GSS_S_COMPLETE */
- if (res.status == (OM_uint32) GSS_S_COMPLETE) {
+ if (res.status == (OM_uint32)GSS_S_COMPLETE) {
if (src_name != NULL) {
src_name->length =
@@ -1095,12 +1085,12 @@
* for gss_import_name_for_mech()
*/
if (mech_type != NULL) {
- *mech_type = (gss_OID)
- MALLOC(sizeof (gss_OID_desc));
+ *mech_type =
+ (gss_OID)MALLOC(sizeof (gss_OID_desc));
(*mech_type)->length =
- (OM_UINT32) res.mech_type.GSS_OID_len;
+ (OM_UINT32)res.mech_type.GSS_OID_len;
(*mech_type)->elements =
- (void *) MALLOC((*mech_type)->length);
+ (void *)MALLOC((*mech_type)->length);
(void) memcpy((*mech_type)->elements,
res.mech_type.GSS_OID_val,
(*mech_type)->length);
@@ -1116,8 +1106,9 @@
(res.delegated_cred_handle.GSS_CRED_ID_T_len
!= 0)) {
kcred = KGSS_CRED_ALLOC();
- kcred->gssd_cred = *((gssd_cred_id_t *)
- res.delegated_cred_handle.GSS_CRED_ID_T_val);
+ kcred->gssd_cred =
+ *((gssd_cred_id_t *)
+ res.delegated_cred_handle.GSS_CRED_ID_T_val);
kcred->gssd_cred_verifier =
res.gssd_context_verifier;
*delegated_cred_handle = (gss_cred_id_t)kcred;
@@ -1170,7 +1161,7 @@
if (*context_handle == GSS_C_NO_CONTEXT) {
kctx = KGSS_ALLOC();
kctx->mech = &default_gc;
- kctx->gssd_ctx = (gssd_ctx_id_t)GSS_C_NO_CONTEXT;
+ kctx->gssd_ctx = GSSD_NO_CONTEXT;
*context_handle = (gss_ctx_id_t)kctx;
} else
kctx = (struct kgss_ctx *)*context_handle;
@@ -1178,8 +1169,9 @@
if (verifier_cred_handle != GSS_C_NO_CREDENTIAL) {
gssd_cred_verifier = KCRED_TO_CREDV(verifier_cred_handle);
gssd_ver_cred_handle = KCRED_TO_CRED(verifier_cred_handle);
- } else
- gssd_ver_cred_handle = (gssd_cred_id_t)GSS_C_NO_CREDENTIAL;
+ } else {
+ gssd_ver_cred_handle = GSSD_NO_CREDENTIAL;
+ }
err = kgss_accept_sec_context_wrapped(minor_status,
&kctx->gssd_ctx, &kctx->gssd_ctx_verifier,
@@ -1302,7 +1294,7 @@
/* copy the procedure arguments into the rpc arg parameter */
arg.context_handle.GSS_CTX_ID_T_len =
- *context_handle == (gssd_ctx_id_t)GSS_C_NO_CONTEXT ?
+ *context_handle == GSSD_NO_CONTEXT ?
0 : (uint_t)sizeof (gssd_ctx_id_t);
arg.context_handle.GSS_CTX_ID_T_val = (char *)context_handle;
@@ -1375,7 +1367,7 @@
kctx = (struct kgss_ctx *)*context_handle;
if (kctx->ctx_imported == FALSE) {
- if (kctx->gssd_ctx == (gssd_ctx_id_t)GSS_C_NO_CONTEXT) {
+ if (kctx->gssd_ctx == GSSD_NO_CONTEXT) {
KGSS_FREE(kctx);
*context_handle = GSS_C_NO_CONTEXT;
return (GSS_S_COMPLETE);
@@ -1551,7 +1543,7 @@
gss_ctx_id_t internal_ctx_id;
kctx = (struct kgss_ctx *)context_handle;
- if (kctx->gssd_ctx != (gssd_ctx_id_t)GSS_C_NO_CONTEXT) {
+ if (kctx->gssd_ctx != GSSD_NO_CONTEXT) {
return (GSS_S_FAILURE);
}
@@ -1794,9 +1786,7 @@
if (context_handle == GSS_C_NO_CONTEXT)
return (GSS_S_FAILURE);
return (KGSS_VERIFY(minor_status, context_handle,
- message_buffer,
- token_buffer,
- qop_state));
+ message_buffer, token_buffer, qop_state));
}
/* EXPORT DELETE START */
@@ -2256,8 +2246,8 @@
arg.uid = (OM_uint32) uid;
arg.cred_handle.GSS_CRED_ID_T_len =
- cred_handle == (gssd_cred_id_t)GSS_C_NO_CREDENTIAL ?
- 0 : (uint_t)sizeof (gssd_cred_id_t);
+ cred_handle == GSSD_NO_CREDENTIAL ?
+ 0 : (uint_t)sizeof (gssd_cred_id_t);
arg.cred_handle.GSS_CRED_ID_T_val = (char *)&cred_handle;
arg.gssd_cred_verifier = gssd_cred_verifier;
@@ -2408,8 +2398,8 @@
arg.uid = (OM_uint32) uid;
arg.cred_handle.GSS_CRED_ID_T_len =
- cred_handle == (gssd_cred_id_t)GSS_C_NO_CREDENTIAL ?
- 0 : (uint_t)sizeof (gssd_cred_id_t);
+ cred_handle == GSSD_NO_CREDENTIAL ?
+ 0 : (uint_t)sizeof (gssd_cred_id_t);
arg.cred_handle.GSS_CRED_ID_T_val = (char *)&cred_handle;
arg.gssd_cred_verifier = gssd_cred_verifier;
--- a/usr/src/uts/common/gssapi/include/mechglueP.h Wed Jun 22 12:54:00 2011 -0700
+++ b/usr/src/uts/common/gssapi/include/mechglueP.h Mon May 16 02:18:09 2011 +0100
@@ -727,6 +727,9 @@
typedef unsigned int gssd_ctx_id_t;
typedef unsigned int gssd_cred_id_t;
+#define GSSD_NO_CONTEXT ((gssd_ctx_id_t)0)
+#define GSSD_NO_CREDENTIAL ((gssd_cred_id_t)0)
+
#ifdef _KERNEL
#ifndef _KRB5_H