From f3b3f8cfaf6d43188d333119cbdc049231863cdb Mon Sep 17 00:00:00 2001
From: Rainer Gerhards <rgerhards@adiscon.com>
Date: Tue, 20 Nov 2007 16:08:25 +0000
Subject: applied gssapi patch from varmojfekoj - gss-api is now supported

---
 gss-misc.c | 210 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 210 insertions(+)
 create mode 100644 gss-misc.c

(limited to 'gss-misc.c')

diff --git a/gss-misc.c b/gss-misc.c
new file mode 100644
index 00000000..68197f01
--- /dev/null
+++ b/gss-misc.c
@@ -0,0 +1,210 @@
+#include "config.h"
+#if defined(SYSLOG_INET) && defined(USE_GSSAPI)
+#include "rsyslog.h"
+#include <stdio.h>
+#include <stdarg.h>
+#include <stdlib.h>
+#include <string.h>
+#include <time.h>
+#include <netinet/in.h>
+#include <netdb.h>
+#include <arpa/inet.h>
+#include <fnmatch.h>
+#include <assert.h>
+#include <errno.h>
+#include <ctype.h>
+#include <unistd.h>
+#ifdef USE_PTHREADS
+#include <pthread.h>
+#else
+#include <fcntl.h>
+#endif
+#include <gssapi.h>
+#include "syslogd.h"
+#include "syslogd-types.h"
+#include "srUtils.h"
+#include "net.h"
+#include "omfwd.h"
+#include "template.h"
+#include "msg.h"
+#include "tcpsyslog.h"
+#include "module-template.h"
+#include "gss-misc.h"
+
+
+static void display_status_(char *m, OM_uint32 code, int type)
+{
+	OM_uint32 maj_stat, min_stat, msg_ctx = 0;
+	gss_buffer_desc msg;
+
+	do {
+		maj_stat = gss_display_status(&min_stat, code, type, GSS_C_NO_OID, &msg_ctx, &msg);
+		if (maj_stat != GSS_S_COMPLETE) {
+			logerrorSz("GSS-API error in gss_display_status called from <%s>\n", m);
+			break;
+		} else {
+			char buf[1024];
+			snprintf(buf, sizeof(buf), "GSS-API error %s: %s\n", m, (char *) msg.value);
+			buf[sizeof(buf)/sizeof(char) - 1] = '\0';
+			logerror(buf);
+		}
+		if (msg.length != 0)
+			gss_release_buffer(&min_stat, &msg);
+	} while (msg_ctx);
+}
+
+
+void display_status(char *m, OM_uint32 maj_stat, OM_uint32 min_stat)
+{
+	display_status_(m, maj_stat, GSS_C_GSS_CODE);
+	display_status_(m, min_stat, GSS_C_MECH_CODE);
+}
+
+
+void display_ctx_flags(OM_uint32 flags)
+{
+    if (flags & GSS_C_DELEG_FLAG)
+	dbgprintf("GSS_C_DELEG_FLAG\n");
+    if (flags & GSS_C_MUTUAL_FLAG)
+	dbgprintf("GSS_C_MUTUAL_FLAG\n");
+    if (flags & GSS_C_REPLAY_FLAG)
+	dbgprintf("GSS_C_REPLAY_FLAG\n");
+    if (flags & GSS_C_SEQUENCE_FLAG)
+	dbgprintf("GSS_C_SEQUENCE_FLAG\n");
+    if (flags & GSS_C_CONF_FLAG)
+	dbgprintf("GSS_C_CONF_FLAG\n");
+    if (flags & GSS_C_INTEG_FLAG)
+	dbgprintf("GSS_C_INTEG_FLAG\n");
+}
+
+
+static int read_all(int fd, char *buf, unsigned int nbyte)
+{
+    int     ret;
+    char   *ptr;
+    fd_set  rfds;
+    struct timeval tv;
+
+    FD_ZERO(&rfds);
+    FD_SET(fd, &rfds);
+    tv.tv_sec = 1;
+    tv.tv_usec = 0;
+
+    for (ptr = buf; nbyte; ptr += ret, nbyte -= ret) {
+	    if ((ret = select(FD_SETSIZE, &rfds, NULL, NULL, &tv)) <= 0
+		|| !FD_ISSET(fd, &rfds))
+		    return ret;
+	    ret = recv(fd, ptr, nbyte, 0);
+	    if (ret < 0) {
+		    if (errno == EINTR)
+			    continue;
+		    return (ret);
+	    } else if (ret == 0) {
+		    return (ptr - buf);
+	    }
+    }
+
+    return (ptr - buf);
+}
+
+
+static int write_all(int fd, char *buf, unsigned int nbyte)
+{
+    int     ret;
+    char   *ptr;
+
+    for (ptr = buf; nbyte; ptr += ret, nbyte -= ret) {
+	ret = send(fd, ptr, nbyte, 0);
+	if (ret < 0) {
+	    if (errno == EINTR)
+		continue;
+	    return (ret);
+	} else if (ret == 0) {
+	    return (ptr - buf);
+	}
+    }
+
+    return (ptr - buf);
+}
+
+
+int recv_token(int s, gss_buffer_t tok)
+{
+	int ret;
+	unsigned char lenbuf[4];
+	unsigned int len;
+
+	ret = read_all(s, (char *) lenbuf, 4);
+	if (ret < 0) {
+		logerror("GSS-API error reading token length");
+		return -1;
+	} else if (!ret) {
+		return 0;
+	} else if (ret != 4) {
+		logerror("GSS-API error reading token length");
+		return -1;
+	}
+
+	len = ((lenbuf[0] << 24)
+	       | (lenbuf[1] << 16)
+	       | (lenbuf[2] << 8)
+	       | lenbuf[3]);
+	tok->length = ntohl(len);
+
+	tok->value = (char *) malloc(tok->length ? tok->length : 1);
+	if (tok->length && tok->value == NULL) {
+		logerror("Out of memory allocating token data\n");
+		return -1;
+	}
+
+	ret = read_all(s, (char *) tok->value, tok->length);
+	if (ret < 0) {
+		logerror("GSS-API error reading token data");
+		free(tok->value);
+		return -1;
+	} else if (ret != (int) tok->length) {
+		logerror("GSS-API error reading token data");
+		free(tok->value);
+		return -1;
+	}
+
+	return 1;
+}
+
+
+int send_token(int s, gss_buffer_t tok)
+{
+	int     ret;
+	unsigned char lenbuf[4];
+	unsigned int len;
+
+	if (tok->length > 0xffffffffUL)
+		abort();  /* TODO: we need to reconsider this, abort() is not really a solution - degrade, but keep running */
+	len = htonl(tok->length);
+	lenbuf[0] = (len >> 24) & 0xff;
+	lenbuf[1] = (len >> 16) & 0xff;
+	lenbuf[2] = (len >> 8) & 0xff;
+	lenbuf[3] = len & 0xff;
+
+	ret = write_all(s, (char *) lenbuf, 4);
+	if (ret < 0) {
+		logerror("GSS-API error sending token length");
+		return -1;
+	} else if (ret != 4) {
+		logerror("GSS-API error sending token length");
+		return -1;
+	}
+
+	ret = write_all(s, tok->value, tok->length);
+	if (ret < 0) {
+		logerror("GSS-API error sending token data");
+		return -1;
+	} else if (ret != (int) tok->length) {
+		logerror("GSS-API error sending token data");
+		return -1;
+	}
+
+	return 0;
+}
+
+#endif /* #if defined(SYSLOG_INET) && defined(USE_GSSAPI) */
-- 
cgit v1.2.3


From 3cdb6743f792f9b6705b352c9e4a5b502b1f5993 Mon Sep 17 00:00:00 2001
From: Rainer Gerhards <rgerhards@adiscon.com>
Date: Wed, 19 Dec 2007 07:45:32 +0000
Subject: applied enhanced gss-api functionality provided by varmojfekoj

---
 gss-misc.c | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

(limited to 'gss-misc.c')

diff --git a/gss-misc.c b/gss-misc.c
index 68197f01..7a09b1b9 100644
--- a/gss-misc.c
+++ b/gss-misc.c
@@ -85,12 +85,12 @@ static int read_all(int fd, char *buf, unsigned int nbyte)
     fd_set  rfds;
     struct timeval tv;
 
-    FD_ZERO(&rfds);
-    FD_SET(fd, &rfds);
-    tv.tv_sec = 1;
-    tv.tv_usec = 0;
-
     for (ptr = buf; nbyte; ptr += ret, nbyte -= ret) {
+	    FD_ZERO(&rfds);
+	    FD_SET(fd, &rfds);
+	    tv.tv_sec = 1;
+	    tv.tv_usec = 0;
+
 	    if ((ret = select(FD_SETSIZE, &rfds, NULL, NULL, &tv)) <= 0
 		|| !FD_ISSET(fd, &rfds))
 		    return ret;
-- 
cgit v1.2.3


From c7b246e3b64b79f588f364d904cdb1337eccd91b Mon Sep 17 00:00:00 2001
From: Rainer Gerhards <rgerhards@adiscon.com>
Date: Thu, 27 Dec 2007 13:03:36 +0000
Subject: applied cross-platform patch from darix to facilitate GSS-API compile
 on     more platforms

---
 gss-misc.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'gss-misc.c')

diff --git a/gss-misc.c b/gss-misc.c
index 7a09b1b9..93642520 100644
--- a/gss-misc.c
+++ b/gss-misc.c
@@ -19,7 +19,7 @@
 #else
 #include <fcntl.h>
 #endif
-#include <gssapi.h>
+#include <gssapi/gssapi.h>
 #include "syslogd.h"
 #include "syslogd-types.h"
 #include "srUtils.h"
-- 
cgit v1.2.3


From 24b02dc831889986211600a75572737e733ef9d8 Mon Sep 17 00:00:00 2001
From: Rainer Gerhards <rgerhards@adiscon.com>
Date: Wed, 5 Mar 2008 14:53:25 +0000
Subject: - extracted logerror*() family of functions from syslogd, made them
 their     own class and converted to new object calling conventions    
 (interface-based) - converted gss-misc into a loadable library module

---
 gss-misc.c | 116 ++++++++++++++++++++++++++++++++++++++++++++++++++++---------
 1 file changed, 99 insertions(+), 17 deletions(-)

(limited to 'gss-misc.c')

diff --git a/gss-misc.c b/gss-misc.c
index 93642520..a51b48ac 100644
--- a/gss-misc.c
+++ b/gss-misc.c
@@ -1,5 +1,26 @@
+/* gss-misc.c
+ * This is a miscellaneous helper class for gss-api features.
+ *
+ * Copyright 2007 Rainer Gerhards and Adiscon GmbH.
+ *
+ * This file is part of rsyslog.
+ *
+ * Rsyslog is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * Rsyslog is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with Rsyslog.  If not, see <http://www.gnu.org/licenses/>.
+ *
+ * A copy of the GPL can be found in the file "COPYING" in this distribution.
+ */
 #include "config.h"
-#if defined(SYSLOG_INET) && defined(USE_GSSAPI)
 #include "rsyslog.h"
 #include <stdio.h>
 #include <stdarg.h>
@@ -29,8 +50,15 @@
 #include "msg.h"
 #include "tcpsyslog.h"
 #include "module-template.h"
+#include "obj.h"
+#include "errmsg.h"
 #include "gss-misc.h"
 
+MODULE_TYPE_LIB
+
+/* static data */
+DEFobjStaticHelpers
+DEFobjCurrIf(errmsg)
 
 static void display_status_(char *m, OM_uint32 code, int type)
 {
@@ -40,13 +68,13 @@ static void display_status_(char *m, OM_uint32 code, int type)
 	do {
 		maj_stat = gss_display_status(&min_stat, code, type, GSS_C_NO_OID, &msg_ctx, &msg);
 		if (maj_stat != GSS_S_COMPLETE) {
-			logerrorSz("GSS-API error in gss_display_status called from <%s>\n", m);
+			errmsg.LogError(NO_ERRCODE, "GSS-API error in gss_display_status called from <%s>\n", m);
 			break;
 		} else {
 			char buf[1024];
 			snprintf(buf, sizeof(buf), "GSS-API error %s: %s\n", m, (char *) msg.value);
 			buf[sizeof(buf)/sizeof(char) - 1] = '\0';
-			logerror(buf);
+			errmsg.LogError(NO_ERRCODE, "%s", buf);
 		}
 		if (msg.length != 0)
 			gss_release_buffer(&min_stat, &msg);
@@ -54,14 +82,14 @@ static void display_status_(char *m, OM_uint32 code, int type)
 }
 
 
-void display_status(char *m, OM_uint32 maj_stat, OM_uint32 min_stat)
+static void display_status(char *m, OM_uint32 maj_stat, OM_uint32 min_stat)
 {
 	display_status_(m, maj_stat, GSS_C_GSS_CODE);
 	display_status_(m, min_stat, GSS_C_MECH_CODE);
 }
 
 
-void display_ctx_flags(OM_uint32 flags)
+static void display_ctx_flags(OM_uint32 flags)
 {
     if (flags & GSS_C_DELEG_FLAG)
 	dbgprintf("GSS_C_DELEG_FLAG\n");
@@ -128,7 +156,7 @@ static int write_all(int fd, char *buf, unsigned int nbyte)
 }
 
 
-int recv_token(int s, gss_buffer_t tok)
+static int recv_token(int s, gss_buffer_t tok)
 {
 	int ret;
 	unsigned char lenbuf[4];
@@ -136,12 +164,12 @@ int recv_token(int s, gss_buffer_t tok)
 
 	ret = read_all(s, (char *) lenbuf, 4);
 	if (ret < 0) {
-		logerror("GSS-API error reading token length");
+		errmsg.LogError(NO_ERRCODE, "GSS-API error reading token length");
 		return -1;
 	} else if (!ret) {
 		return 0;
 	} else if (ret != 4) {
-		logerror("GSS-API error reading token length");
+		errmsg.LogError(NO_ERRCODE, "GSS-API error reading token length");
 		return -1;
 	}
 
@@ -153,17 +181,17 @@ int recv_token(int s, gss_buffer_t tok)
 
 	tok->value = (char *) malloc(tok->length ? tok->length : 1);
 	if (tok->length && tok->value == NULL) {
-		logerror("Out of memory allocating token data\n");
+		errmsg.LogError(NO_ERRCODE, "Out of memory allocating token data\n");
 		return -1;
 	}
 
 	ret = read_all(s, (char *) tok->value, tok->length);
 	if (ret < 0) {
-		logerror("GSS-API error reading token data");
+		errmsg.LogError(NO_ERRCODE, "GSS-API error reading token data");
 		free(tok->value);
 		return -1;
 	} else if (ret != (int) tok->length) {
-		logerror("GSS-API error reading token data");
+		errmsg.LogError(NO_ERRCODE, "GSS-API error reading token data");
 		free(tok->value);
 		return -1;
 	}
@@ -172,7 +200,7 @@ int recv_token(int s, gss_buffer_t tok)
 }
 
 
-int send_token(int s, gss_buffer_t tok)
+static int send_token(int s, gss_buffer_t tok)
 {
 	int     ret;
 	unsigned char lenbuf[4];
@@ -188,23 +216,77 @@ int send_token(int s, gss_buffer_t tok)
 
 	ret = write_all(s, (char *) lenbuf, 4);
 	if (ret < 0) {
-		logerror("GSS-API error sending token length");
+		errmsg.LogError(NO_ERRCODE, "GSS-API error sending token length");
 		return -1;
 	} else if (ret != 4) {
-		logerror("GSS-API error sending token length");
+		errmsg.LogError(NO_ERRCODE, "GSS-API error sending token length");
 		return -1;
 	}
 
 	ret = write_all(s, tok->value, tok->length);
 	if (ret < 0) {
-		logerror("GSS-API error sending token data");
+		errmsg.LogError(NO_ERRCODE, "GSS-API error sending token data");
 		return -1;
 	} else if (ret != (int) tok->length) {
-		logerror("GSS-API error sending token data");
+		errmsg.LogError(NO_ERRCODE, "GSS-API error sending token data");
 		return -1;
 	}
 
 	return 0;
 }
 
-#endif /* #if defined(SYSLOG_INET) && defined(USE_GSSAPI) */
+
+/* queryInterface function
+ * rgerhards, 2008-02-29
+ */
+BEGINobjQueryInterface(gssutil)
+CODESTARTobjQueryInterface(gssutil)
+	if(pIf->ifVersion != gssutilCURR_IF_VERSION) { /* check for current version, increment on each change */
+		ABORT_FINALIZE(RS_RET_INTERFACE_NOT_SUPPORTED);
+	}
+
+	/* ok, we have the right interface, so let's fill it
+	 * Please note that we may also do some backwards-compatibility
+	 * work here (if we can support an older interface version - that,
+	 * of course, also affects the "if" above).
+	 */
+	pIf->recv_token = recv_token;
+	pIf->send_token = send_token;
+	pIf->display_status = display_status;
+	pIf->display_ctx_flags = display_ctx_flags;
+
+finalize_it:
+ENDobjQueryInterface(gssutil)
+
+
+/* Initialize our class. Must be called as the very first method
+ * before anything else is called inside this class.
+ * rgerhards, 2008-02-29
+ */
+BEGINAbstractObjClassInit(gssutil, 1, OBJ_IS_LOADABLE_MODULE) /* class, version - CHANGE class also in END MACRO! */
+	/* request objects we use */
+	CHKiRet(objUse(errmsg, CORE_COMPONENT));
+ENDObjClassInit(gssutil)
+
+
+/* --------------- here now comes the plumbing that makes as a library module --------------- */
+
+
+BEGINmodExit
+CODESTARTmodExit
+ENDmodExit
+
+
+BEGINqueryEtryPt
+CODESTARTqueryEtryPt
+CODEqueryEtryPt_STD_LIB_QUERIES
+ENDqueryEtryPt
+
+
+BEGINmodInit()
+CODESTARTmodInit
+	*ipIFVersProvided = CURR_MOD_IF_VERSION; /* we only support the current interface specification */
+
+	/* Initialize all classes that are in our module - this includes ourselfs */
+	CHKiRet(gssutilClassInit()); /* must be done after tcps_sess, as we use it */
+ENDmodInit
-- 
cgit v1.2.3


From e946e122d02987552874595f2613c07ce0c0aa23 Mon Sep 17 00:00:00 2001
From: Rainer Gerhards <rgerhards@adiscon.com>
Date: Tue, 11 Mar 2008 16:43:13 +0000
Subject: implemented module unload handling (required a number of interface
 changes)

---
 gss-misc.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'gss-misc.c')

diff --git a/gss-misc.c b/gss-misc.c
index a51b48ac..01d6833d 100644
--- a/gss-misc.c
+++ b/gss-misc.c
@@ -288,5 +288,5 @@ CODESTARTmodInit
 	*ipIFVersProvided = CURR_MOD_IF_VERSION; /* we only support the current interface specification */
 
 	/* Initialize all classes that are in our module - this includes ourselfs */
-	CHKiRet(gssutilClassInit()); /* must be done after tcps_sess, as we use it */
+	CHKiRet(gssutilClassInit(pModInfo)); /* must be done after tcps_sess, as we use it */
 ENDmodInit
-- 
cgit v1.2.3


From 9ddee5b38772f42f4371c6828a832f0d6267251d Mon Sep 17 00:00:00 2001
From: Rainer Gerhards <rgerhards@adiscon.com>
Date: Wed, 12 Mar 2008 11:02:10 +0000
Subject: class exit function was missing, causing segfault

---
 gss-misc.c | 11 +++++++++++
 1 file changed, 11 insertions(+)

(limited to 'gss-misc.c')

diff --git a/gss-misc.c b/gss-misc.c
index 01d6833d..a80f2e6b 100644
--- a/gss-misc.c
+++ b/gss-misc.c
@@ -259,6 +259,16 @@ finalize_it:
 ENDobjQueryInterface(gssutil)
 
 
+/* exit our class
+ * rgerhards, 2008-03-10
+ */
+BEGINObjClassExit(gssutil, OBJ_IS_LOADABLE_MODULE) /* CHANGE class also in END MACRO! */
+CODESTARTObjClassExit(gssutil)
+	/* release objects we no longer need */
+	objRelease(errmsg, CORE_COMPONENT);
+ENDObjClassExit(gssutil)
+
+
 /* Initialize our class. Must be called as the very first method
  * before anything else is called inside this class.
  * rgerhards, 2008-02-29
@@ -274,6 +284,7 @@ ENDObjClassInit(gssutil)
 
 BEGINmodExit
 CODESTARTmodExit
+	gssutilClassExit();
 ENDmodExit
 
 
-- 
cgit v1.2.3


From 71dea8c86fd80c911ee112439e0aab0dd222f650 Mon Sep 17 00:00:00 2001
From: Rainer Gerhards <rgerhards@adiscon.com>
Date: Wed, 16 Apr 2008 11:45:34 +0200
Subject: cleanup: removed no longer needed files

---
 gss-misc.c | 1 -
 1 file changed, 1 deletion(-)

(limited to 'gss-misc.c')

diff --git a/gss-misc.c b/gss-misc.c
index a80f2e6b..d24dcf82 100644
--- a/gss-misc.c
+++ b/gss-misc.c
@@ -48,7 +48,6 @@
 #include "omfwd.h"
 #include "template.h"
 #include "msg.h"
-#include "tcpsyslog.h"
 #include "module-template.h"
 #include "obj.h"
 #include "errmsg.h"
-- 
cgit v1.2.3


From d9b0c77d3e719d4c08361e62f3b067228c30f6a9 Mon Sep 17 00:00:00 2001
From: Rainer Gerhards <rgerhards@adiscon.com>
Date: Wed, 16 Apr 2008 15:27:53 +0200
Subject: some more cleanup

reduced dependencies, moved non-runtime files to its own directory except
for some whom's status is unclear
---
 gss-misc.c | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

(limited to 'gss-misc.c')

diff --git a/gss-misc.c b/gss-misc.c
index d24dcf82..4f0df748 100644
--- a/gss-misc.c
+++ b/gss-misc.c
@@ -41,11 +41,10 @@
 #include <fcntl.h>
 #endif
 #include <gssapi/gssapi.h>
-#include "syslogd.h"
+#include "dirty.h"
 #include "syslogd-types.h"
 #include "srUtils.h"
 #include "net.h"
-#include "omfwd.h"
 #include "template.h"
 #include "msg.h"
 #include "module-template.h"
-- 
cgit v1.2.3


From 3f6c73a8b7ff2c6d9c931876d823f2b4ef6bbea2 Mon Sep 17 00:00:00 2001
From: Rainer Gerhards <rgerhards@adiscon.com>
Date: Fri, 27 Jun 2008 12:52:45 +0200
Subject: added (internal) error codes to error messages

Also added redirector to web description of error codes
closes bug http://bugzilla.adiscon.com/show_bug.cgi?id=20
---
 gss-misc.c | 22 +++++++++++-----------
 1 file changed, 11 insertions(+), 11 deletions(-)

(limited to 'gss-misc.c')

diff --git a/gss-misc.c b/gss-misc.c
index 4f0df748..c9220595 100644
--- a/gss-misc.c
+++ b/gss-misc.c
@@ -66,13 +66,13 @@ static void display_status_(char *m, OM_uint32 code, int type)
 	do {
 		maj_stat = gss_display_status(&min_stat, code, type, GSS_C_NO_OID, &msg_ctx, &msg);
 		if (maj_stat != GSS_S_COMPLETE) {
-			errmsg.LogError(NO_ERRCODE, "GSS-API error in gss_display_status called from <%s>\n", m);
+			errmsg.LogError(0, NO_ERRCODE, "GSS-API error in gss_display_status called from <%s>\n", m);
 			break;
 		} else {
 			char buf[1024];
 			snprintf(buf, sizeof(buf), "GSS-API error %s: %s\n", m, (char *) msg.value);
 			buf[sizeof(buf)/sizeof(char) - 1] = '\0';
-			errmsg.LogError(NO_ERRCODE, "%s", buf);
+			errmsg.LogError(0, NO_ERRCODE, "%s", buf);
 		}
 		if (msg.length != 0)
 			gss_release_buffer(&min_stat, &msg);
@@ -162,12 +162,12 @@ static int recv_token(int s, gss_buffer_t tok)
 
 	ret = read_all(s, (char *) lenbuf, 4);
 	if (ret < 0) {
-		errmsg.LogError(NO_ERRCODE, "GSS-API error reading token length");
+		errmsg.LogError(0, NO_ERRCODE, "GSS-API error reading token length");
 		return -1;
 	} else if (!ret) {
 		return 0;
 	} else if (ret != 4) {
-		errmsg.LogError(NO_ERRCODE, "GSS-API error reading token length");
+		errmsg.LogError(0, NO_ERRCODE, "GSS-API error reading token length");
 		return -1;
 	}
 
@@ -179,17 +179,17 @@ static int recv_token(int s, gss_buffer_t tok)
 
 	tok->value = (char *) malloc(tok->length ? tok->length : 1);
 	if (tok->length && tok->value == NULL) {
-		errmsg.LogError(NO_ERRCODE, "Out of memory allocating token data\n");
+		errmsg.LogError(0, NO_ERRCODE, "Out of memory allocating token data\n");
 		return -1;
 	}
 
 	ret = read_all(s, (char *) tok->value, tok->length);
 	if (ret < 0) {
-		errmsg.LogError(NO_ERRCODE, "GSS-API error reading token data");
+		errmsg.LogError(0, NO_ERRCODE, "GSS-API error reading token data");
 		free(tok->value);
 		return -1;
 	} else if (ret != (int) tok->length) {
-		errmsg.LogError(NO_ERRCODE, "GSS-API error reading token data");
+		errmsg.LogError(0, NO_ERRCODE, "GSS-API error reading token data");
 		free(tok->value);
 		return -1;
 	}
@@ -214,19 +214,19 @@ static int send_token(int s, gss_buffer_t tok)
 
 	ret = write_all(s, (char *) lenbuf, 4);
 	if (ret < 0) {
-		errmsg.LogError(NO_ERRCODE, "GSS-API error sending token length");
+		errmsg.LogError(0, NO_ERRCODE, "GSS-API error sending token length");
 		return -1;
 	} else if (ret != 4) {
-		errmsg.LogError(NO_ERRCODE, "GSS-API error sending token length");
+		errmsg.LogError(0, NO_ERRCODE, "GSS-API error sending token length");
 		return -1;
 	}
 
 	ret = write_all(s, tok->value, tok->length);
 	if (ret < 0) {
-		errmsg.LogError(NO_ERRCODE, "GSS-API error sending token data");
+		errmsg.LogError(0, NO_ERRCODE, "GSS-API error sending token data");
 		return -1;
 	} else if (ret != (int) tok->length) {
-		errmsg.LogError(NO_ERRCODE, "GSS-API error sending token data");
+		errmsg.LogError(0, NO_ERRCODE, "GSS-API error sending token data");
 		return -1;
 	}
 
-- 
cgit v1.2.3


From e04e1b50025f5fa9c26abd946190dce8f797d08f Mon Sep 17 00:00:00 2001
From: Rainer Gerhards <rgerhards@adiscon.com>
Date: Thu, 22 Oct 2009 11:33:38 +0200
Subject: enhanced test environment (including testbench)

support for enhancing probability of memory addressing failure by
using non-NULL default value for malloced memory (optional, only if
requested by configure option). This helps to track down some
otherwise undetected issues within the testbench and is expected
to be very useful in the future.
---
 gss-misc.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'gss-misc.c')

diff --git a/gss-misc.c b/gss-misc.c
index c9220595..d67c344d 100644
--- a/gss-misc.c
+++ b/gss-misc.c
@@ -51,6 +51,7 @@
 #include "obj.h"
 #include "errmsg.h"
 #include "gss-misc.h"
+#include "debug.h"
 
 MODULE_TYPE_LIB
 
@@ -177,7 +178,7 @@ static int recv_token(int s, gss_buffer_t tok)
 	       | lenbuf[3]);
 	tok->length = ntohl(len);
 
-	tok->value = (char *) malloc(tok->length ? tok->length : 1);
+	tok->value = (char *) MALLOC(tok->length ? tok->length : 1);
 	if (tok->length && tok->value == NULL) {
 		errmsg.LogError(0, NO_ERRCODE, "Out of memory allocating token data\n");
 		return -1;
-- 
cgit v1.2.3


From 30c2e42ec305bb97bd04172e5c02b89eeea53e35 Mon Sep 17 00:00:00 2001
From: varmojfekoj <theinric@redhat.com>
Date: Tue, 17 Nov 2009 09:00:01 +0100
Subject: added option to use unlimited-size select() calls

Thanks to varmjofekoj for the patch

Signed-off-by: Rainer Gerhards <rgerhards@adiscon.com>
---
 gss-misc.c | 23 ++++++++++++++++++-----
 1 file changed, 18 insertions(+), 5 deletions(-)

(limited to 'gss-misc.c')

diff --git a/gss-misc.c b/gss-misc.c
index c9220595..2bfaf9c5 100644
--- a/gss-misc.c
+++ b/gss-misc.c
@@ -51,11 +51,14 @@
 #include "obj.h"
 #include "errmsg.h"
 #include "gss-misc.h"
+#include "glbl.h"
+#include "unlimited_select.h"
 
 MODULE_TYPE_LIB
 
 /* static data */
 DEFobjStaticHelpers
+DEFobjCurrIf(glbl)
 DEFobjCurrIf(errmsg)
 
 static void display_status_(char *m, OM_uint32 code, int type)
@@ -108,28 +111,38 @@ static int read_all(int fd, char *buf, unsigned int nbyte)
 {
     int     ret;
     char   *ptr;
-    fd_set  rfds;
     struct timeval tv;
+#ifdef USE_UNLIMITED_SELECT
+    fd_set  *pRfds = malloc(glbl.GetFdSetSize());
+#else
+    fd_set  rfds;
+    fd_set *pRfds = &rfds;
+#endif
 
     for (ptr = buf; nbyte; ptr += ret, nbyte -= ret) {
-	    FD_ZERO(&rfds);
-	    FD_SET(fd, &rfds);
+	    FD_ZERO(pRfds);
+	    FD_SET(fd, pRfds);
 	    tv.tv_sec = 1;
 	    tv.tv_usec = 0;
 
-	    if ((ret = select(FD_SETSIZE, &rfds, NULL, NULL, &tv)) <= 0
-		|| !FD_ISSET(fd, &rfds))
+	    if ((ret = select(FD_SETSIZE, pRfds, NULL, NULL, &tv)) <= 0
+		|| !FD_ISSET(fd, pRfds)) {
+                    freeFdSet(pRfds);
 		    return ret;
+            }
 	    ret = recv(fd, ptr, nbyte, 0);
 	    if (ret < 0) {
 		    if (errno == EINTR)
 			    continue;
+                    freeFdSet(pRfds);
 		    return (ret);
 	    } else if (ret == 0) {
+                    freeFdSet(pRfds);
 		    return (ptr - buf);
 	    }
     }
 
+    freeFdSet(pRfds);
     return (ptr - buf);
 }
 
-- 
cgit v1.2.3


From 9e28d47aaa506709a9e80e318527ceb4443cbffe Mon Sep 17 00:00:00 2001
From: Rainer Gerhards <rgerhards@adiscon.com>
Date: Tue, 17 Nov 2009 10:14:02 +0100
Subject: worked a bit on "unlimited select()" patch

- potential segfault in gss-misc.c
- glbl interface needed different version ID
- some compile time warning cleanup
---
 gss-misc.c | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'gss-misc.c')

diff --git a/gss-misc.c b/gss-misc.c
index 2bfaf9c5..978454ff 100644
--- a/gss-misc.c
+++ b/gss-misc.c
@@ -277,6 +277,7 @@ BEGINObjClassExit(gssutil, OBJ_IS_LOADABLE_MODULE) /* CHANGE class also in END M
 CODESTARTObjClassExit(gssutil)
 	/* release objects we no longer need */
 	objRelease(errmsg, CORE_COMPONENT);
+	objRelease(glbl, CORE_COMPONENT);
 ENDObjClassExit(gssutil)
 
 
@@ -287,6 +288,7 @@ ENDObjClassExit(gssutil)
 BEGINAbstractObjClassInit(gssutil, 1, OBJ_IS_LOADABLE_MODULE) /* class, version - CHANGE class also in END MACRO! */
 	/* request objects we use */
 	CHKiRet(objUse(errmsg, CORE_COMPONENT));
+	CHKiRet(objUse(glbl, CORE_COMPONENT));
 ENDObjClassInit(gssutil)
 
 
-- 
cgit v1.2.3


From d1eb6e0edc51a78f3209448e800b25eda50340f2 Mon Sep 17 00:00:00 2001
From: Bojan Smojver <bojan@rexursive.com>
Date: Wed, 23 Feb 2011 11:25:43 +0100
Subject: added work-around for bug in gtls, which causes fd leak when using
 TLS

The capability has been added for module to specify that they do not
like being unloaded.
related bug tracker: http://bugzilla.adiscon.com/show_bug.cgi?id=222

Signed-off-by: Rainer Gerhards <rgerhards@adiscon.com>
---
 gss-misc.c | 1 +
 1 file changed, 1 insertion(+)

(limited to 'gss-misc.c')

diff --git a/gss-misc.c b/gss-misc.c
index a5e161de..d30eda02 100644
--- a/gss-misc.c
+++ b/gss-misc.c
@@ -56,6 +56,7 @@
 #include "unlimited_select.h"
 
 MODULE_TYPE_LIB
+MODULE_TYPE_NOKEEP
 
 /* static data */
 DEFobjStaticHelpers
-- 
cgit v1.2.3