1/* 2 * Copyright (c) 2011 Kungliga Tekniska Högskolan 3 * (Royal Institute of Technology, Stockholm, Sweden). 4 * All rights reserved. 5 * 6 * Portions Copyright (c) 2011 Apple Inc. All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 12 * 1. Redistributions of source code must retain the above copyright 13 * notice, this list of conditions and the following disclaimer. 14 * 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 19 * 3. Neither the name of the Institute nor the names of its contributors 20 * may be used to endorse or promote products derived from this software 21 * without specific prior written permission. 22 * 23 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND 24 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 25 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 26 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE 27 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 28 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 29 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 30 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 31 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 32 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 33 * SUCH DAMAGE. 34 */ 35 36#include <dlfcn.h> 37#include <stdlib.h> 38#include <stdio.h> 39#include <err.h> 40 41static const char *exported_10_7[] = { 42 "gss_aapl_initial_cred", 43 "gss_accept_sec_context", 44 "gss_acquire_cred", 45 "gss_add_buffer_set_member", 46 "gss_add_cred", 47 "gss_add_oid_set_member", 48 "gss_canonicalize_name", 49 "gss_compare_name", 50 "gss_context_time", 51 "gss_create_empty_buffer_set", 52 "gss_create_empty_oid_set", 53 "gss_decapsulate_token", 54 "gss_delete_sec_context", 55 "gss_destroy_cred", 56 "gss_display_name", 57 "gss_display_status", 58 "gss_duplicate_name", 59 "gss_duplicate_oid", 60 "gss_encapsulate_token", 61 "gss_export_cred", 62 "gss_export_name", 63 "gss_export_sec_context", 64 "gss_get_mic", 65 "gss_import_cred", 66 "gss_import_name", 67 "gss_import_sec_context", 68 "gss_indicate_mechs", 69 "gss_init_sec_context", 70 "gss_inquire_context", 71 "gss_inquire_cred", 72 "gss_inquire_cred_by_mech", 73 "gss_inquire_cred_by_oid", 74 "gss_inquire_mechs_for_name", 75 "gss_inquire_names_for_mech", 76 "gss_inquire_sec_context_by_oid", 77 "gss_iter_creds", 78 "gss_iter_creds_f", 79 "gss_krb5_ccache_name", 80 "gss_krb5_copy_ccache", 81 "gss_krb5_export_lucid_sec_context", 82 "gss_krb5_free_lucid_sec_context", 83 "gss_krb5_set_allowable_enctypes", 84 "gss_oid_equal", 85 "gss_oid_to_str", 86 "gss_process_context_token", 87 "gss_pseudo_random", 88 "gss_release_buffer", 89 "gss_release_buffer_set", 90 "gss_release_cred", 91 "gss_release_name", 92 "gss_release_oid", 93 "gss_release_oid_set", 94 "gss_seal", 95 "gss_set_cred_option", 96 "gss_set_sec_context_option", 97 "gss_sign", 98 "gss_test_oid_set_member", 99 "gss_unseal", 100 "gss_unwrap", 101 "gss_verify", 102 "gss_verify_mic", 103 "gss_wrap", 104 "gss_wrap_size_limit", 105 "gsskrb5_extract_authz_data_from_sec_context", 106 "gsskrb5_register_acceptor_identity", 107 "krb5_gss_register_acceptor_identity" 108}; 109 110static const char *import_mkshim_gss[] = { 111 "gss_accept_sec_context", 112 "gss_acquire_cred", 113 "gss_add_cred", 114 "gss_add_oid_set_member", 115 "gss_canonicalize_name", 116 "gss_compare_name", 117 "gss_context_time", 118 "gss_create_empty_oid_set", 119 "gss_delete_sec_context", 120 "gss_display_name", 121 "gss_display_status", 122 "gss_duplicate_name", 123 "gss_export_name", 124 "gss_export_sec_context", 125 "gss_get_mic", 126 "gss_import_sec_context", 127 "gss_indicate_mechs", 128 "gss_init_sec_context", 129 "gss_inquire_context", 130 "gss_inquire_cred", 131 "gss_inquire_cred_by_mech", 132 "gss_inquire_names_for_mech", 133 "gss_krb5_ccache_name", 134 "gss_krb5_copy_ccache", 135 "gss_krb5_export_lucid_sec_context", 136 "gss_krb5_free_lucid_sec_context", 137 "gss_krb5_set_allowable_enctypes", 138 "gss_oid_equal", 139 "gss_oid_to_str", 140 "gss_process_context_token", 141 "gss_release_buffer", 142 "gss_release_cred", 143 "gss_release_name", 144 "gss_release_oid", 145 "gss_release_oid_set", 146 "gss_seal", 147 "gss_test_oid_set_member", 148 "gss_unseal", 149 "gss_unwrap", 150 "gss_verify_mic", 151 "gss_wrap", 152 "gss_wrap_size_limit", 153 "gss_import_name", 154 "gsskrb5_extract_authz_data_from_sec_context", 155 "krb5_gss_register_acceptor_identity" 156}; 157 158static const char *import_mkshim_heimdal[] = { 159 "krb5_cc_start_seq_get", 160 "krb5_cc_default_name", 161 "krb5_cc_destroy", 162 "krb5_cccol_cursor_free", 163 "krb5_cccol_cursor_new", 164 "krb5_cccol_cursor_next", 165 "krb5_free_host_realm", 166 "krb5_get_default_realm", 167 "krb5_get_host_realm", 168 "krb5_cc_set_default_name", 169 "krb5_kt_resolve", 170 "krb5_kt_default", 171 "krb5_kt_default_name", 172 "krb5_kt_close", 173 "krb5_kt_destroy", 174 "krb5_auth_con_free", 175 "krb5_auth_con_init", 176 "krb5_auth_con_genaddrs", 177 "krb5_auth_con_getlocalseqnumber", 178 "krb5_auth_con_getremoteseqnumber", 179 "krb5_auth_con_setflags", 180 "krb5_auth_con_getflags", 181 "krb5_clear_error_message", 182 "krb5_free_error_message", 183 "krb5_set_default_realm", 184 "krb5_set_error_message", 185 "krb5_vset_error_message", 186 "com_err", 187 "com_err_va", 188 "reset_com_err_hook", 189 "set_com_err_hook", 190 "krb5_cc_end_seq_get", 191 "krb5_config_get_string", 192 "krb5_set_default_in_tkt_etypes", 193 "krb5_get_pw_salt", 194 "krb5_free_salt", 195 "krb5_string_to_key_data_salt", 196 "krb5_free_keyblock_contents", 197 "krb5_set_real_time", 198 "krb5_mk_req_extended", 199 "krb5_free_keyblock", 200 "krb5_auth_con_getremotesubkey", 201 "krb5_auth_con_getlocalsubkey", 202 "krb5_set_password", 203 "krb5_set_password_using_ccache", 204 "krb5_realm_compare", 205 "krb5_get_renewed_creds", 206 "krb5_get_validated_creds", 207 "krb5_get_init_creds_keytab", 208 "krb5_prompter_posix", 209 "krb5_string_to_deltat", 210 "krb5_get_all_client_addrs", 211 "krb5_kt_get_type", 212 "krb5_kt_add_entry", 213 "krb5_kt_remove_entry", 214 "krb5_mk_req", 215 "krb5_kt_get_name", 216 "krb5_rd_req", 217 "krb5_free_ticket", 218 "krb5_build_principal_va", 219 "krb5_build_principal_va_ext", 220 "krb5_cc_cache_match", 221 "krb5_cc_close", 222 "krb5_cc_default", 223 "krb5_cc_get_config", 224 "krb5_cc_get_full_name", 225 "krb5_cc_get_name", 226 "krb5_cc_get_principal", 227 "krb5_cc_get_type", 228 "krb5_cc_initialize", 229 "krb5_cc_move", 230 "krb5_cc_new_unique", 231 "krb5_cc_resolve", 232 "krb5_cc_store_cred", 233 "krb5_cc_switch", 234 "krb5_cc_retrieve_cred", 235 "krb5_cc_remove_cred", 236 "krb5_cc_get_kdc_offset", 237 "krb5_cc_set_kdc_offset", 238 "krb5_cc_next_cred", 239 "krb5_cccol_last_change_time", 240 "krb5_crypto_init", 241 "krb5_crypto_getblocksize", 242 "krb5_crypto_destroy", 243 "krb5_decrypt_ivec", 244 "krb5_encrypt_ivec", 245 "krb5_crypto_getenctype", 246 "krb5_generate_random_keyblock", 247 "krb5_get_wrapped_length", 248 "krb5_copy_creds_contents", 249 "krb5_copy_data", 250 "krb5_copy_principal", 251 "krb5_data_copy", 252 "krb5_data_free", 253 "krb5_data_zero", 254 "krb5_free_context", 255 "krb5_free_cred_contents", 256 "krb5_free_creds", 257 "krb5_free_principal", 258 "krb5_sname_to_principal", 259 "krb5_get_credentials", 260 "krb5_get_error_string", 261 "krb5_get_default_principal", 262 "krb5_get_error_message", 263 "krb5_get_init_creds_opt_alloc", 264 "krb5_get_init_creds_opt_free", 265 "krb5_get_init_creds_opt_set_canonicalize", 266 "krb5_get_init_creds_opt_set_forwardable", 267 "krb5_get_init_creds_opt_set_proxiable", 268 "krb5_get_init_creds_opt_set_renew_life", 269 "krb5_get_init_creds_opt_set_tkt_life", 270 "krb5_get_init_creds_password", 271 "krb5_get_kdc_cred", 272 "krb5_get_kdc_sec_offset", 273 "krb5_init_context", 274 "krb5_make_principal", 275 "krb5_parse_name", 276 "krb5_principal_compare", 277 "krb5_principal_get_realm", 278 "krb5_timeofday", 279 "krb5_unparse_name", 280 "krb5_us_timeofday", 281 "krb5_kt_start_seq_get", 282 "krb5_kt_end_seq_get", 283 "krb5_xfree", 284 "krb5_kt_next_entry", 285 "krb5_kt_free_entry", 286 "krb5_sendauth", 287 "krb5_free_ap_rep_enc_part", 288 "krb5_free_error", 289 "krb5_recvauth", 290 "krb5_recvauth_match_version", 291 "krb5_mk_priv", 292 "krb5_rd_priv", 293 "krb5_mk_safe", 294 "krb5_rd_safe", 295 "krb5_set_home_dir_access", 296 "krb5_verify_init_creds", 297 "krb5_verify_init_creds_opt_init", 298 "krb5_verify_init_creds_opt_set_ap_req_nofail", 299 "krb5_kuserok", 300 "com_right", 301 "com_right_r", 302 "krb5_appdefault_boolean", 303 "krb5_appdefault_string", 304 305}; 306 307int 308main(int argc, char **argv) 309{ 310 unsigned int n; 311 void *syms; 312 313 /* check gss */ 314 315 syms = dlopen("/System/Library/Framework/GSS.framework/GSS", RTLD_NOW | RTLD_LOCAL); 316 if (syms == NULL) 317 err(1, "dlopen(GSS.framework)"); 318 319 for (n = 0; n < sizeof(exported_10_7) / sizeof(exported_10_7[0]); n++) 320 if (dlsym(syms, exported_10_7[n]) == NULL) 321 err(1, "symbol: %s missing", exported_10_7[0]); 322 323 for (n = 0; n < sizeof(import_mkshim_gss) / sizeof(import_mkshim_gss[0]); n++) 324 if (dlsym(syms, import_mkshim_gss[n]) == NULL) 325 err(1, "symbol: %s missing", import_mkshim_gss[0]); 326 327 dlclose(syms); 328 329 /* check heimdal */ 330 331 syms = dlopen("/System/Library/PrivateFrameworks/Heimdal.framework/Heimdal", RTLD_NOW | RTLD_LOCAL); 332 if (syms == NULL) 333 err(1, "dlopen(Heimdal.framework)"); 334 335 for (n = 0; n < sizeof(import_mkshim_heimdal) / sizeof(import_mkshim_heimdal[0]); n++) 336 if (dlsym(syms, import_mkshim_heimdal[n]) == NULL) 337 err(1, "symbol: %s missing", import_mkshim_heimdal[0]); 338 339 dlclose(syms); 340 341 return 0; 342} 343