7 /* Unix code to set up the GSSAPI library list. */
\r
9 #if !defined NO_LIBDL && !defined NO_GSSAPI
\r
11 const int ngsslibs = 4;
\r
12 const char *const gsslibnames[4] = {
\r
13 "libgssapi (Heimdal)",
\r
14 "libgssapi_krb5 (MIT Kerberos)",
\r
16 "User-specified GSSAPI library",
\r
18 const struct keyvalwhere gsslibkeywords[] = {
\r
19 { "libgssapi", 0, -1, -1 },
\r
20 { "libgssapi_krb5", 1, -1, -1 },
\r
21 { "libgss", 2, -1, -1 },
\r
22 { "custom", 3, -1, -1 },
\r
26 * Run-time binding against a choice of GSSAPI implementations. We
\r
27 * try loading several libraries, and produce an entry in
\r
28 * ssh_gss_libraries[] for each one.
\r
31 static void gss_init(struct ssh_gss_library *lib, void *dlhandle,
\r
32 int id, const char *msg)
\r
35 lib->gsslogmsg = msg;
\r
36 lib->handle = dlhandle;
\r
38 #define BIND_GSS_FN(name) \
\r
39 lib->u.gssapi.name = (t_gss_##name) dlsym(dlhandle, "gss_" #name)
\r
41 BIND_GSS_FN(delete_sec_context);
\r
42 BIND_GSS_FN(display_status);
\r
43 BIND_GSS_FN(get_mic);
\r
44 BIND_GSS_FN(import_name);
\r
45 BIND_GSS_FN(init_sec_context);
\r
46 BIND_GSS_FN(release_buffer);
\r
47 BIND_GSS_FN(release_cred);
\r
48 BIND_GSS_FN(release_name);
\r
52 ssh_gssapi_bind_fns(lib);
\r
55 /* Dynamically load gssapi libs. */
\r
56 struct ssh_gss_liblist *ssh_gss_setup(const Config *cfg)
\r
59 struct ssh_gss_liblist *list = snew(struct ssh_gss_liblist);
\r
61 list->libraries = snewn(4, struct ssh_gss_library);
\r
62 list->nlibraries = 0;
\r
64 /* Heimdal's GSSAPI Library */
\r
65 if ((gsslib = dlopen("libgssapi.so.2", RTLD_LAZY)) != NULL)
\r
66 gss_init(&list->libraries[list->nlibraries++], gsslib,
\r
67 0, "Using GSSAPI from libgssapi.so.2");
\r
69 /* MIT Kerberos's GSSAPI Library */
\r
70 if ((gsslib = dlopen("libgssapi_krb5.so.2", RTLD_LAZY)) != NULL)
\r
71 gss_init(&list->libraries[list->nlibraries++], gsslib,
\r
72 1, "Using GSSAPI from libgssapi_krb5.so.2");
\r
74 /* Sun's GSSAPI Library */
\r
75 if ((gsslib = dlopen("libgss.so.1", RTLD_LAZY)) != NULL)
\r
76 gss_init(&list->libraries[list->nlibraries++], gsslib,
\r
77 2, "Using GSSAPI from libgss.so.1");
\r
79 /* User-specified GSSAPI library */
\r
80 if (cfg->ssh_gss_custom.path[0] &&
\r
81 (gsslib = dlopen(cfg->ssh_gss_custom.path, RTLD_LAZY)) != NULL)
\r
82 gss_init(&list->libraries[list->nlibraries++], gsslib,
\r
83 3, dupprintf("Using GSSAPI from user-specified"
\r
84 " library '%s'", cfg->ssh_gss_custom.path));
\r
89 void ssh_gss_cleanup(struct ssh_gss_liblist *list)
\r
94 * dlopen and dlclose are defined to employ reference counting
\r
95 * in the case where the same library is repeatedly dlopened, so
\r
96 * even in a multiple-sessions-per-process context it's safe to
\r
97 * naively dlclose everything here without worrying about
\r
98 * destroying it under the feet of another SSH instance still
\r
101 for (i = 0; i < list->nlibraries; i++) {
\r
102 dlclose(list->libraries[i].handle);
\r
103 if (list->libraries[i].id == 3) {
\r
104 /* The 'custom' id involves a dynamically allocated message.
\r
105 * Note that we must cast away the 'const' to free it. */
\r
106 sfree((char *)list->libraries[i].gsslogmsg);
\r
109 sfree(list->libraries);
\r
113 #elif !defined NO_GSSAPI
\r
115 const int ngsslibs = 1;
\r
116 const char *const gsslibnames[1] = {
\r
119 const struct keyvalwhere gsslibkeywords[] = {
\r
120 { "static", 0, -1, -1 },
\r
124 * Link-time binding against GSSAPI. Here we just construct a single
\r
125 * library structure containing pointers to the functions we linked
\r
129 #include <gssapi/gssapi.h>
\r
131 /* Dynamically load gssapi libs. */
\r
132 struct ssh_gss_liblist *ssh_gss_setup(const Config *cfg)
\r
134 struct ssh_gss_liblist *list = snew(struct ssh_gss_liblist);
\r
136 list->libraries = snew(struct ssh_gss_library);
\r
137 list->nlibraries = 1;
\r
139 list->libraries[0].gsslogmsg = "Using statically linked GSSAPI";
\r
141 #define BIND_GSS_FN(name) \
\r
142 list->libraries[0].u.gssapi.name = (t_gss_##name) gss_##name
\r
144 BIND_GSS_FN(delete_sec_context);
\r
145 BIND_GSS_FN(display_status);
\r
146 BIND_GSS_FN(get_mic);
\r
147 BIND_GSS_FN(import_name);
\r
148 BIND_GSS_FN(init_sec_context);
\r
149 BIND_GSS_FN(release_buffer);
\r
150 BIND_GSS_FN(release_cred);
\r
151 BIND_GSS_FN(release_name);
\r
155 ssh_gssapi_bind_fns(&list->libraries[0]);
\r
160 void ssh_gss_cleanup(struct ssh_gss_liblist *list)
\r
162 sfree(list->libraries);
\r
166 #endif /* NO_LIBDL */
\r
168 #endif /* NO_GSSAPI */
\r