On Fri, Aug 1, 2025 at 4:00 PM Warner Losh <[email protected]> wrote:
>
> Got diff? Hard to know without it...
>
> But if it's just interface info and the files are >~200 lines, I'd just copy.
>
> If there are comments, or the files are small, copy the copyright/license too.
I've attached the diff. The file it is taken out of is 305 lines long.
rick
>
> Warner
>
> On Fri, Aug 1, 2025, 12:53 PM Rick Macklem <[email protected]> wrote:
>>
>> Hi,
>>
>> I am working on a patch to fix the kgssapi so that it
>> works for MIT's Kerberos.
>>
>> I have copied about 20lines from the MIT .h file in
>> /usr/include/gssapi/gssapi_krb5.h to /usr/src/sys/kgssapi/gssapi.h.
>> (The kernel one is a small subset that the kernel code needs.)
>>
>> My question is...
>> Since the two .h files have different copyright notices, do I need
>> to copy the copyright notice into /usr/src/sys/kgssapi/gssapi.h?
>>
>> Thanks for any info (amateur lawyers welcome to comment), rick
>>
--- gssapi.h.sav 2025-07-28 14:54:59.588770000 -0700
+++ gssapi.h 2025-08-01 15:45:55.705616000 -0700
@@ -77,6 +77,54 @@ typedef int gss_cred_usage_t;
typedef int gss_cred_usage_t;
/*
+ * The structure returned by gss_krb5_export_lucid_sec_context().
+ */
+typedef struct gss_krb5_lucid_key {
+ OM_uint32 type; /* key encryption type */
+ OM_uint32 length; /* length of key data */
+ void * data; /* actual key data */
+} gss_krb5_lucid_key_t;
+
+typedef struct gss_krb5_rfc1964_keydata {
+ OM_uint32 sign_alg; /* signing algorithm */
+ OM_uint32 seal_alg; /* seal/encrypt algorithm */
+ gss_krb5_lucid_key_t ctx_key;
+ /* Context key
+ (Kerberos session key or subkey) */
+} gss_krb5_rfc1964_keydata_t;
+
+typedef struct gss_krb5_cfx_keydata {
+ OM_uint32 have_acceptor_subkey;
+ /* 1 if there is an acceptor_subkey
+ present, 0 otherwise */
+ gss_krb5_lucid_key_t ctx_key;
+ /* Context key
+ (Kerberos session key or subkey) */
+ gss_krb5_lucid_key_t acceptor_subkey;
+ /* acceptor-asserted subkey or
+ 0's if no acceptor subkey */
+} gss_krb5_cfx_keydata_t;
+
+typedef struct gss_krb5_lucid_context_v1 {
+ OM_uint32 version; /* Structure version number (1)
+ MUST be at beginning of struct! */
+ OM_uint32 initiate; /* Are we the initiator? */
+ OM_uint32 endtime; /* expiration time of context */
+ uint64_t send_seq; /* sender sequence number */
+ uint64_t recv_seq; /* receive sequence number */
+ OM_uint32 protocol; /* 0: rfc1964,
+ 1: draft-ietf-krb-wg-gssapi-cfx-07 */
+ /*
+ * if (protocol == 0) rfc1964_kd should be used
+ * and cfx_kd contents are invalid and should be zero
+ * if (protocol == 1) cfx_kd should be used
+ * and rfc1964_kd contents are invalid and should be zero
+ */
+ gss_krb5_rfc1964_keydata_t rfc1964_kd;
+ gss_krb5_cfx_keydata_t cfx_kd;
+} gss_krb5_lucid_context_v1_t;
+
+/*
* Flag bits for context-level services.
*/
#define GSS_C_DELEG_FLAG 1
