xref: /aosp_15_r20/external/curl/lib/vauth/spnego_gssapi.c (revision 6236dae45794135f37c4eb022389c904c8b0090d) 
1*6236dae4SAndroid Build Coastguard Worker /***************************************************************************
2*6236dae4SAndroid Build Coastguard Worker  *                                  _   _ ____  _
3*6236dae4SAndroid Build Coastguard Worker  *  Project                     ___| | | |  _ \| |
4*6236dae4SAndroid Build Coastguard Worker  *                             / __| | | | |_) | |
5*6236dae4SAndroid Build Coastguard Worker  *                            | (__| |_| |  _ <| |___
6*6236dae4SAndroid Build Coastguard Worker  *                             \___|\___/|_| \_\_____|
7*6236dae4SAndroid Build Coastguard Worker  *
8*6236dae4SAndroid Build Coastguard Worker  * Copyright (C) Daniel Stenberg, <[email protected]>, et al.
9*6236dae4SAndroid Build Coastguard Worker  *
10*6236dae4SAndroid Build Coastguard Worker  * This software is licensed as described in the file COPYING, which
11*6236dae4SAndroid Build Coastguard Worker  * you should have received as part of this distribution. The terms
12*6236dae4SAndroid Build Coastguard Worker  * are also available at https://curl.se/docs/copyright.html.
13*6236dae4SAndroid Build Coastguard Worker  *
14*6236dae4SAndroid Build Coastguard Worker  * You may opt to use, copy, modify, merge, publish, distribute and/or sell
15*6236dae4SAndroid Build Coastguard Worker  * copies of the Software, and permit persons to whom the Software is
16*6236dae4SAndroid Build Coastguard Worker  * furnished to do so, under the terms of the COPYING file.
17*6236dae4SAndroid Build Coastguard Worker  *
18*6236dae4SAndroid Build Coastguard Worker  * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
19*6236dae4SAndroid Build Coastguard Worker  * KIND, either express or implied.
20*6236dae4SAndroid Build Coastguard Worker  *
21*6236dae4SAndroid Build Coastguard Worker  * SPDX-License-Identifier: curl
22*6236dae4SAndroid Build Coastguard Worker  *
23*6236dae4SAndroid Build Coastguard Worker  * RFC4178 Simple and Protected GSS-API Negotiation Mechanism
24*6236dae4SAndroid Build Coastguard Worker  *
25*6236dae4SAndroid Build Coastguard Worker  ***************************************************************************/
26*6236dae4SAndroid Build Coastguard Worker 
27*6236dae4SAndroid Build Coastguard Worker #include "curl_setup.h"
28*6236dae4SAndroid Build Coastguard Worker 
29*6236dae4SAndroid Build Coastguard Worker #if defined(HAVE_GSSAPI) && defined(USE_SPNEGO)
30*6236dae4SAndroid Build Coastguard Worker 
31*6236dae4SAndroid Build Coastguard Worker #include <curl/curl.h>
32*6236dae4SAndroid Build Coastguard Worker 
33*6236dae4SAndroid Build Coastguard Worker #include "vauth/vauth.h"
34*6236dae4SAndroid Build Coastguard Worker #include "urldata.h"
35*6236dae4SAndroid Build Coastguard Worker #include "curl_base64.h"
36*6236dae4SAndroid Build Coastguard Worker #include "curl_gssapi.h"
37*6236dae4SAndroid Build Coastguard Worker #include "warnless.h"
38*6236dae4SAndroid Build Coastguard Worker #include "curl_multibyte.h"
39*6236dae4SAndroid Build Coastguard Worker #include "sendf.h"
40*6236dae4SAndroid Build Coastguard Worker 
41*6236dae4SAndroid Build Coastguard Worker /* The last #include files should be: */
42*6236dae4SAndroid Build Coastguard Worker #include "curl_memory.h"
43*6236dae4SAndroid Build Coastguard Worker #include "memdebug.h"
44*6236dae4SAndroid Build Coastguard Worker 
45*6236dae4SAndroid Build Coastguard Worker /*
46*6236dae4SAndroid Build Coastguard Worker  * Curl_auth_is_spnego_supported()
47*6236dae4SAndroid Build Coastguard Worker  *
48*6236dae4SAndroid Build Coastguard Worker  * This is used to evaluate if SPNEGO (Negotiate) is supported.
49*6236dae4SAndroid Build Coastguard Worker  *
50*6236dae4SAndroid Build Coastguard Worker  * Parameters: None
51*6236dae4SAndroid Build Coastguard Worker  *
52*6236dae4SAndroid Build Coastguard Worker  * Returns TRUE if Negotiate supported by the GSS-API library.
53*6236dae4SAndroid Build Coastguard Worker  */
Curl_auth_is_spnego_supported(void)54*6236dae4SAndroid Build Coastguard Worker bool Curl_auth_is_spnego_supported(void)
55*6236dae4SAndroid Build Coastguard Worker {
56*6236dae4SAndroid Build Coastguard Worker   return TRUE;
57*6236dae4SAndroid Build Coastguard Worker }
58*6236dae4SAndroid Build Coastguard Worker 
59*6236dae4SAndroid Build Coastguard Worker /*
60*6236dae4SAndroid Build Coastguard Worker  * Curl_auth_decode_spnego_message()
61*6236dae4SAndroid Build Coastguard Worker  *
62*6236dae4SAndroid Build Coastguard Worker  * This is used to decode an already encoded SPNEGO (Negotiate) challenge
63*6236dae4SAndroid Build Coastguard Worker  * message.
64*6236dae4SAndroid Build Coastguard Worker  *
65*6236dae4SAndroid Build Coastguard Worker  * Parameters:
66*6236dae4SAndroid Build Coastguard Worker  *
67*6236dae4SAndroid Build Coastguard Worker  * data        [in]     - The session handle.
68*6236dae4SAndroid Build Coastguard Worker  * userp       [in]     - The username in the format User or Domain\User.
69*6236dae4SAndroid Build Coastguard Worker  * passwdp     [in]     - The user's password.
70*6236dae4SAndroid Build Coastguard Worker  * service     [in]     - The service type such as http, smtp, pop or imap.
71*6236dae4SAndroid Build Coastguard Worker  * host        [in]     - The hostname.
72*6236dae4SAndroid Build Coastguard Worker  * chlg64      [in]     - The optional base64 encoded challenge message.
73*6236dae4SAndroid Build Coastguard Worker  * nego        [in/out] - The Negotiate data struct being used and modified.
74*6236dae4SAndroid Build Coastguard Worker  *
75*6236dae4SAndroid Build Coastguard Worker  * Returns CURLE_OK on success.
76*6236dae4SAndroid Build Coastguard Worker  */
Curl_auth_decode_spnego_message(struct Curl_easy * data,const char * user,const char * password,const char * service,const char * host,const char * chlg64,struct negotiatedata * nego)77*6236dae4SAndroid Build Coastguard Worker CURLcode Curl_auth_decode_spnego_message(struct Curl_easy *data,
78*6236dae4SAndroid Build Coastguard Worker                                          const char *user,
79*6236dae4SAndroid Build Coastguard Worker                                          const char *password,
80*6236dae4SAndroid Build Coastguard Worker                                          const char *service,
81*6236dae4SAndroid Build Coastguard Worker                                          const char *host,
82*6236dae4SAndroid Build Coastguard Worker                                          const char *chlg64,
83*6236dae4SAndroid Build Coastguard Worker                                          struct negotiatedata *nego)
84*6236dae4SAndroid Build Coastguard Worker {
85*6236dae4SAndroid Build Coastguard Worker   CURLcode result = CURLE_OK;
86*6236dae4SAndroid Build Coastguard Worker   size_t chlglen = 0;
87*6236dae4SAndroid Build Coastguard Worker   unsigned char *chlg = NULL;
88*6236dae4SAndroid Build Coastguard Worker   OM_uint32 major_status;
89*6236dae4SAndroid Build Coastguard Worker   OM_uint32 minor_status;
90*6236dae4SAndroid Build Coastguard Worker   OM_uint32 unused_status;
91*6236dae4SAndroid Build Coastguard Worker   gss_buffer_desc spn_token = GSS_C_EMPTY_BUFFER;
92*6236dae4SAndroid Build Coastguard Worker   gss_buffer_desc input_token = GSS_C_EMPTY_BUFFER;
93*6236dae4SAndroid Build Coastguard Worker   gss_buffer_desc output_token = GSS_C_EMPTY_BUFFER;
94*6236dae4SAndroid Build Coastguard Worker   gss_channel_bindings_t chan_bindings = GSS_C_NO_CHANNEL_BINDINGS;
95*6236dae4SAndroid Build Coastguard Worker   struct gss_channel_bindings_struct chan;
96*6236dae4SAndroid Build Coastguard Worker 
97*6236dae4SAndroid Build Coastguard Worker   (void) user;
98*6236dae4SAndroid Build Coastguard Worker   (void) password;
99*6236dae4SAndroid Build Coastguard Worker 
100*6236dae4SAndroid Build Coastguard Worker   if(nego->context && nego->status == GSS_S_COMPLETE) {
101*6236dae4SAndroid Build Coastguard Worker     /* We finished successfully our part of authentication, but server
102*6236dae4SAndroid Build Coastguard Worker      * rejected it (since we are again here). Exit with an error since we
103*6236dae4SAndroid Build Coastguard Worker      * cannot invent anything better */
104*6236dae4SAndroid Build Coastguard Worker     Curl_auth_cleanup_spnego(nego);
105*6236dae4SAndroid Build Coastguard Worker     return CURLE_LOGIN_DENIED;
106*6236dae4SAndroid Build Coastguard Worker   }
107*6236dae4SAndroid Build Coastguard Worker 
108*6236dae4SAndroid Build Coastguard Worker   if(!nego->spn) {
109*6236dae4SAndroid Build Coastguard Worker     /* Generate our SPN */
110*6236dae4SAndroid Build Coastguard Worker     char *spn = Curl_auth_build_spn(service, NULL, host);
111*6236dae4SAndroid Build Coastguard Worker     if(!spn)
112*6236dae4SAndroid Build Coastguard Worker       return CURLE_OUT_OF_MEMORY;
113*6236dae4SAndroid Build Coastguard Worker 
114*6236dae4SAndroid Build Coastguard Worker     /* Populate the SPN structure */
115*6236dae4SAndroid Build Coastguard Worker     spn_token.value = spn;
116*6236dae4SAndroid Build Coastguard Worker     spn_token.length = strlen(spn);
117*6236dae4SAndroid Build Coastguard Worker 
118*6236dae4SAndroid Build Coastguard Worker     /* Import the SPN */
119*6236dae4SAndroid Build Coastguard Worker     major_status = gss_import_name(&minor_status, &spn_token,
120*6236dae4SAndroid Build Coastguard Worker                                    GSS_C_NT_HOSTBASED_SERVICE,
121*6236dae4SAndroid Build Coastguard Worker                                    &nego->spn);
122*6236dae4SAndroid Build Coastguard Worker     if(GSS_ERROR(major_status)) {
123*6236dae4SAndroid Build Coastguard Worker       Curl_gss_log_error(data, "gss_import_name() failed: ",
124*6236dae4SAndroid Build Coastguard Worker                          major_status, minor_status);
125*6236dae4SAndroid Build Coastguard Worker 
126*6236dae4SAndroid Build Coastguard Worker       free(spn);
127*6236dae4SAndroid Build Coastguard Worker 
128*6236dae4SAndroid Build Coastguard Worker       return CURLE_AUTH_ERROR;
129*6236dae4SAndroid Build Coastguard Worker     }
130*6236dae4SAndroid Build Coastguard Worker 
131*6236dae4SAndroid Build Coastguard Worker     free(spn);
132*6236dae4SAndroid Build Coastguard Worker   }
133*6236dae4SAndroid Build Coastguard Worker 
134*6236dae4SAndroid Build Coastguard Worker   if(chlg64 && *chlg64) {
135*6236dae4SAndroid Build Coastguard Worker     /* Decode the base-64 encoded challenge message */
136*6236dae4SAndroid Build Coastguard Worker     if(*chlg64 != '=') {
137*6236dae4SAndroid Build Coastguard Worker       result = Curl_base64_decode(chlg64, &chlg, &chlglen);
138*6236dae4SAndroid Build Coastguard Worker       if(result)
139*6236dae4SAndroid Build Coastguard Worker         return result;
140*6236dae4SAndroid Build Coastguard Worker     }
141*6236dae4SAndroid Build Coastguard Worker 
142*6236dae4SAndroid Build Coastguard Worker     /* Ensure we have a valid challenge message */
143*6236dae4SAndroid Build Coastguard Worker     if(!chlg) {
144*6236dae4SAndroid Build Coastguard Worker       infof(data, "SPNEGO handshake failure (empty challenge message)");
145*6236dae4SAndroid Build Coastguard Worker       return CURLE_BAD_CONTENT_ENCODING;
146*6236dae4SAndroid Build Coastguard Worker     }
147*6236dae4SAndroid Build Coastguard Worker 
148*6236dae4SAndroid Build Coastguard Worker     /* Setup the challenge "input" security buffer */
149*6236dae4SAndroid Build Coastguard Worker     input_token.value = chlg;
150*6236dae4SAndroid Build Coastguard Worker     input_token.length = chlglen;
151*6236dae4SAndroid Build Coastguard Worker   }
152*6236dae4SAndroid Build Coastguard Worker 
153*6236dae4SAndroid Build Coastguard Worker   /* Set channel binding data if available */
154*6236dae4SAndroid Build Coastguard Worker   if(nego->channel_binding_data.leng > 0) {
155*6236dae4SAndroid Build Coastguard Worker     memset(&chan, 0, sizeof(struct gss_channel_bindings_struct));
156*6236dae4SAndroid Build Coastguard Worker     chan.application_data.length = nego->channel_binding_data.leng;
157*6236dae4SAndroid Build Coastguard Worker     chan.application_data.value = nego->channel_binding_data.bufr;
158*6236dae4SAndroid Build Coastguard Worker     chan_bindings = &chan;
159*6236dae4SAndroid Build Coastguard Worker   }
160*6236dae4SAndroid Build Coastguard Worker 
161*6236dae4SAndroid Build Coastguard Worker   /* Generate our challenge-response message */
162*6236dae4SAndroid Build Coastguard Worker   major_status = Curl_gss_init_sec_context(data,
163*6236dae4SAndroid Build Coastguard Worker                                            &minor_status,
164*6236dae4SAndroid Build Coastguard Worker                                            &nego->context,
165*6236dae4SAndroid Build Coastguard Worker                                            nego->spn,
166*6236dae4SAndroid Build Coastguard Worker                                            &Curl_spnego_mech_oid,
167*6236dae4SAndroid Build Coastguard Worker                                            chan_bindings,
168*6236dae4SAndroid Build Coastguard Worker                                            &input_token,
169*6236dae4SAndroid Build Coastguard Worker                                            &output_token,
170*6236dae4SAndroid Build Coastguard Worker                                            TRUE,
171*6236dae4SAndroid Build Coastguard Worker                                            NULL);
172*6236dae4SAndroid Build Coastguard Worker 
173*6236dae4SAndroid Build Coastguard Worker   /* Free the decoded challenge as it is not required anymore */
174*6236dae4SAndroid Build Coastguard Worker   Curl_safefree(input_token.value);
175*6236dae4SAndroid Build Coastguard Worker 
176*6236dae4SAndroid Build Coastguard Worker   nego->status = major_status;
177*6236dae4SAndroid Build Coastguard Worker   if(GSS_ERROR(major_status)) {
178*6236dae4SAndroid Build Coastguard Worker     if(output_token.value)
179*6236dae4SAndroid Build Coastguard Worker       gss_release_buffer(&unused_status, &output_token);
180*6236dae4SAndroid Build Coastguard Worker 
181*6236dae4SAndroid Build Coastguard Worker     Curl_gss_log_error(data, "gss_init_sec_context() failed: ",
182*6236dae4SAndroid Build Coastguard Worker                        major_status, minor_status);
183*6236dae4SAndroid Build Coastguard Worker 
184*6236dae4SAndroid Build Coastguard Worker     return CURLE_AUTH_ERROR;
185*6236dae4SAndroid Build Coastguard Worker   }
186*6236dae4SAndroid Build Coastguard Worker 
187*6236dae4SAndroid Build Coastguard Worker   if(!output_token.value || !output_token.length) {
188*6236dae4SAndroid Build Coastguard Worker     if(output_token.value)
189*6236dae4SAndroid Build Coastguard Worker       gss_release_buffer(&unused_status, &output_token);
190*6236dae4SAndroid Build Coastguard Worker 
191*6236dae4SAndroid Build Coastguard Worker     return CURLE_AUTH_ERROR;
192*6236dae4SAndroid Build Coastguard Worker   }
193*6236dae4SAndroid Build Coastguard Worker 
194*6236dae4SAndroid Build Coastguard Worker   /* Free previous token */
195*6236dae4SAndroid Build Coastguard Worker   if(nego->output_token.length && nego->output_token.value)
196*6236dae4SAndroid Build Coastguard Worker     gss_release_buffer(&unused_status, &nego->output_token);
197*6236dae4SAndroid Build Coastguard Worker 
198*6236dae4SAndroid Build Coastguard Worker   nego->output_token = output_token;
199*6236dae4SAndroid Build Coastguard Worker 
200*6236dae4SAndroid Build Coastguard Worker   return CURLE_OK;
201*6236dae4SAndroid Build Coastguard Worker }
202*6236dae4SAndroid Build Coastguard Worker 
203*6236dae4SAndroid Build Coastguard Worker /*
204*6236dae4SAndroid Build Coastguard Worker  * Curl_auth_create_spnego_message()
205*6236dae4SAndroid Build Coastguard Worker  *
206*6236dae4SAndroid Build Coastguard Worker  * This is used to generate an already encoded SPNEGO (Negotiate) response
207*6236dae4SAndroid Build Coastguard Worker  * message ready for sending to the recipient.
208*6236dae4SAndroid Build Coastguard Worker  *
209*6236dae4SAndroid Build Coastguard Worker  * Parameters:
210*6236dae4SAndroid Build Coastguard Worker  *
211*6236dae4SAndroid Build Coastguard Worker  * data        [in]     - The session handle.
212*6236dae4SAndroid Build Coastguard Worker  * nego        [in/out] - The Negotiate data struct being used and modified.
213*6236dae4SAndroid Build Coastguard Worker  * outptr      [in/out] - The address where a pointer to newly allocated memory
214*6236dae4SAndroid Build Coastguard Worker  *                        holding the result will be stored upon completion.
215*6236dae4SAndroid Build Coastguard Worker  * outlen      [out]    - The length of the output message.
216*6236dae4SAndroid Build Coastguard Worker  *
217*6236dae4SAndroid Build Coastguard Worker  * Returns CURLE_OK on success.
218*6236dae4SAndroid Build Coastguard Worker  */
Curl_auth_create_spnego_message(struct negotiatedata * nego,char ** outptr,size_t * outlen)219*6236dae4SAndroid Build Coastguard Worker CURLcode Curl_auth_create_spnego_message(struct negotiatedata *nego,
220*6236dae4SAndroid Build Coastguard Worker                                          char **outptr, size_t *outlen)
221*6236dae4SAndroid Build Coastguard Worker {
222*6236dae4SAndroid Build Coastguard Worker   CURLcode result;
223*6236dae4SAndroid Build Coastguard Worker   OM_uint32 minor_status;
224*6236dae4SAndroid Build Coastguard Worker 
225*6236dae4SAndroid Build Coastguard Worker   /* Base64 encode the already generated response */
226*6236dae4SAndroid Build Coastguard Worker   result = Curl_base64_encode(nego->output_token.value,
227*6236dae4SAndroid Build Coastguard Worker                               nego->output_token.length,
228*6236dae4SAndroid Build Coastguard Worker                               outptr, outlen);
229*6236dae4SAndroid Build Coastguard Worker 
230*6236dae4SAndroid Build Coastguard Worker   if(result) {
231*6236dae4SAndroid Build Coastguard Worker     gss_release_buffer(&minor_status, &nego->output_token);
232*6236dae4SAndroid Build Coastguard Worker     nego->output_token.value = NULL;
233*6236dae4SAndroid Build Coastguard Worker     nego->output_token.length = 0;
234*6236dae4SAndroid Build Coastguard Worker 
235*6236dae4SAndroid Build Coastguard Worker     return result;
236*6236dae4SAndroid Build Coastguard Worker   }
237*6236dae4SAndroid Build Coastguard Worker 
238*6236dae4SAndroid Build Coastguard Worker   if(!*outptr || !*outlen) {
239*6236dae4SAndroid Build Coastguard Worker     gss_release_buffer(&minor_status, &nego->output_token);
240*6236dae4SAndroid Build Coastguard Worker     nego->output_token.value = NULL;
241*6236dae4SAndroid Build Coastguard Worker     nego->output_token.length = 0;
242*6236dae4SAndroid Build Coastguard Worker 
243*6236dae4SAndroid Build Coastguard Worker     return CURLE_REMOTE_ACCESS_DENIED;
244*6236dae4SAndroid Build Coastguard Worker   }
245*6236dae4SAndroid Build Coastguard Worker 
246*6236dae4SAndroid Build Coastguard Worker   return CURLE_OK;
247*6236dae4SAndroid Build Coastguard Worker }
248*6236dae4SAndroid Build Coastguard Worker 
249*6236dae4SAndroid Build Coastguard Worker /*
250*6236dae4SAndroid Build Coastguard Worker  * Curl_auth_cleanup_spnego()
251*6236dae4SAndroid Build Coastguard Worker  *
252*6236dae4SAndroid Build Coastguard Worker  * This is used to clean up the SPNEGO (Negotiate) specific data.
253*6236dae4SAndroid Build Coastguard Worker  *
254*6236dae4SAndroid Build Coastguard Worker  * Parameters:
255*6236dae4SAndroid Build Coastguard Worker  *
256*6236dae4SAndroid Build Coastguard Worker  * nego     [in/out] - The Negotiate data struct being cleaned up.
257*6236dae4SAndroid Build Coastguard Worker  *
258*6236dae4SAndroid Build Coastguard Worker  */
Curl_auth_cleanup_spnego(struct negotiatedata * nego)259*6236dae4SAndroid Build Coastguard Worker void Curl_auth_cleanup_spnego(struct negotiatedata *nego)
260*6236dae4SAndroid Build Coastguard Worker {
261*6236dae4SAndroid Build Coastguard Worker   OM_uint32 minor_status;
262*6236dae4SAndroid Build Coastguard Worker 
263*6236dae4SAndroid Build Coastguard Worker   /* Free our security context */
264*6236dae4SAndroid Build Coastguard Worker   if(nego->context != GSS_C_NO_CONTEXT) {
265*6236dae4SAndroid Build Coastguard Worker     gss_delete_sec_context(&minor_status, &nego->context, GSS_C_NO_BUFFER);
266*6236dae4SAndroid Build Coastguard Worker     nego->context = GSS_C_NO_CONTEXT;
267*6236dae4SAndroid Build Coastguard Worker   }
268*6236dae4SAndroid Build Coastguard Worker 
269*6236dae4SAndroid Build Coastguard Worker   /* Free the output token */
270*6236dae4SAndroid Build Coastguard Worker   if(nego->output_token.value) {
271*6236dae4SAndroid Build Coastguard Worker     gss_release_buffer(&minor_status, &nego->output_token);
272*6236dae4SAndroid Build Coastguard Worker     nego->output_token.value = NULL;
273*6236dae4SAndroid Build Coastguard Worker     nego->output_token.length = 0;
274*6236dae4SAndroid Build Coastguard Worker 
275*6236dae4SAndroid Build Coastguard Worker   }
276*6236dae4SAndroid Build Coastguard Worker 
277*6236dae4SAndroid Build Coastguard Worker   /* Free the SPN */
278*6236dae4SAndroid Build Coastguard Worker   if(nego->spn != GSS_C_NO_NAME) {
279*6236dae4SAndroid Build Coastguard Worker     gss_release_name(&minor_status, &nego->spn);
280*6236dae4SAndroid Build Coastguard Worker     nego->spn = GSS_C_NO_NAME;
281*6236dae4SAndroid Build Coastguard Worker   }
282*6236dae4SAndroid Build Coastguard Worker 
283*6236dae4SAndroid Build Coastguard Worker   /* Reset any variables */
284*6236dae4SAndroid Build Coastguard Worker   nego->status = 0;
285*6236dae4SAndroid Build Coastguard Worker   nego->noauthpersist = FALSE;
286*6236dae4SAndroid Build Coastguard Worker   nego->havenoauthpersist = FALSE;
287*6236dae4SAndroid Build Coastguard Worker   nego->havenegdata = FALSE;
288*6236dae4SAndroid Build Coastguard Worker   nego->havemultiplerequests = FALSE;
289*6236dae4SAndroid Build Coastguard Worker }
290*6236dae4SAndroid Build Coastguard Worker 
291*6236dae4SAndroid Build Coastguard Worker #endif /* HAVE_GSSAPI && USE_SPNEGO */
292