RFR 6722928: Support SSPI as a native GSS-API provider
Weijun Wang
weijun.wang at oracle.com
Fri Dec 28 13:07:04 UTC 2018
If we are not going to use or implement new functions defined in RFC 5587, I doubt if this is useful.
And I don't think we can rewrite existing declarations in gssapi.h to use these const types. Or can we?
Thanks,
Max
> On Dec 20, 2018, at 6:53 AM, Valerie Peng <valerie.peng at oracle.com> wrote:
>
> Sure, those typedefs makes sense.
>
> Thanks,
> Valerie
> On 12/19/2018 12:31 PM, Nico Williams wrote:
>> On Wed, Dec 12, 2018 at 02:20:24PM -0800, Valerie Peng wrote:
>>> - gss_unwrap: add "const" to the 2nd and 3rd arguments? Isn't variable
>>> naming convention starts with lower case? the argument qop_state may be
>>> non-null but is not set?||
>> Nowadays we have gss_const_* types. You have to use those because
>> otherwise const won't be doing what you think when you pass typedef'ed
>> pointers. See RFC 5587. You need to add the following typedefs to
>> src/java.security.jgss/share/native/libj2gss/gssapi.h:
>>
>> typedef const gss_buffer_desc *gss_const_buffer_t;
>> typedef const struct gss_channel_bindings_struct *gss_const_channel_bindings_t;
>> typedef const struct gss_ctx_id_struct *gss_const_ctx_id_t;
>> typedef const struct gss_cred_id_struct *gss_const_cred_id_t;
>> typedef const struct gss_name_struct *gss_const_name_t;
>> typedef const gss_OID_desc *gss_const_OID;
>> typedef const gss_OID_set_desc *gss_const_OID_set;
>>
>>> - gss_add_oid_set_member: add "const" to the 2nd argument?
>>> - gss_display_status: add "const" to the 4th argument? As for the impl, I
>>> have a question, this particular method is for displaying text output for
>>> gssapi error codes, but the FormatMessage() call takes window specific
>>> message id. Are they the same?
>> See above.
>>
>> Nico
More information about the security-dev
mailing list