Moving APOptions to GSSAPIBindRequest struct for coherence and to avo…

…id changing the func prototypes

bind.go

@@ -602,6 +602,8 @@ type GSSAPIBindRequest struct {
 	AuthZID string
 	// (Optional) Controls to send with the bind request
 	Controls []Control
+	// (Optional) APOptions
+	APOptions []int
 }
 
 // GSSAPIBind performs the GSSAPI SASL bind using the provided GSSAPI client.
@@ -611,13 +613,13 @@ func (l *Conn) GSSAPIBind(client GSSAPIClient, servicePrincipal, authzid string)
 		&GSSAPIBindRequest{
 			ServicePrincipalName: servicePrincipal,
 			AuthZID:              authzid,
+			APOptions:            []int{},
 		},
-		[]int{},
 	)
 }
 
 // GSSAPIBindRequest performs the GSSAPI SASL bind using the provided GSSAPI client.
-func (l *Conn) GSSAPIBindRequest(client GSSAPIClient, req *GSSAPIBindRequest, APOptions []int) error {
+func (l *Conn) GSSAPIBindRequest(client GSSAPIClient, req *GSSAPIBindRequest) error {
 	//nolint:errcheck
 	defer client.DeleteSecContext()
 
@@ -628,7 +630,7 @@ func (l *Conn) GSSAPIBindRequest(client GSSAPIClient, req *GSSAPIBindRequest, AP
 	for {
 		if needInit {
 			// Establish secure context between client and server.
-			reqToken, needInit, err = client.InitSecContext(req.ServicePrincipalName, recvToken, APOptions)
+			reqToken, needInit, err = client.InitSecContext(req.ServicePrincipalName, recvToken, req.APOptions)
 			if err != nil {
 				return err
 			}

gssapi/client.go

@@ -217,48 +217,47 @@ func (client *Client) NegotiateSaslAuth(input []byte, authzid string) ([]byte, e
 	return output, nil
 }
 
-func getGssWrapTokenId() *[2]byte {
-	return &[2]byte{0x05, 0x04}
-}
-
-func UnmarshalWrapToken(wt *gssapi.WrapToken, b []byte, expectFromAcceptor bool) error {
+func UnmarshalWrapToken(wt *gssapi.WrapToken, data []byte, expectFromAcceptor bool) error {
 	// Check if we can read a whole header
-	if len(b) < 16 {
+	if len(data) < 16 {
 		return errors.New("bytes shorter than header length")
 	}
+
 	// Is the Token ID correct?
-	if !bytes.Equal(getGssWrapTokenId()[:], b[0:2]) {
-		return fmt.Errorf("wrong Token ID. Expected %s, was %s",
-			hex.EncodeToString(getGssWrapTokenId()[:]),
-			hex.EncodeToString(b[0:2]))
+	expectedWrapTokenId := [2]byte{0x05, 0x04}
+	if !bytes.Equal(expectedWrapTokenId[:], data[0:2]) {
+		return fmt.Errorf("wrong Token ID. Expected %s, was %s", hex.EncodeToString(expectedWrapTokenId[:]), hex.EncodeToString(data[0:2]))
 	}
+
 	// Check the acceptor flag
-	flags := b[2]
+	flags := data[2]
 	isFromAcceptor := flags&0x01 == 1
 	if isFromAcceptor && !expectFromAcceptor {
 		return errors.New("unexpected acceptor flag is set: not expecting a token from the acceptor")
 	}
 	if !isFromAcceptor && expectFromAcceptor {
 		return errors.New("expected acceptor flag is not set: expecting a token from the acceptor, not the initiator")
 	}
+
 	// Check the filler byte
-	if b[3] != gssapi.FillerByte {
-		return fmt.Errorf("unexpected filler byte: expecting 0xFF, was %s ", hex.EncodeToString(b[3:4]))
+	if data[3] != gssapi.FillerByte {
+		return fmt.Errorf("unexpected filler byte: expecting 0xFF, was %s ", hex.EncodeToString(data[3:4]))
 	}
-	checksumL := binary.BigEndian.Uint16(b[4:6])
+	checksumL := binary.BigEndian.Uint16(data[4:6])
+
 	// Sanity check on the checksum length
-	if int(checksumL) > len(b)-gssapi.HdrLen {
-		return fmt.Errorf("inconsistent checksum length: %d bytes to parse, checksum length is %d", len(b), checksumL)
+	if int(checksumL) > len(data)-gssapi.HdrLen {
+		return fmt.Errorf("inconsistent checksum length: %d bytes to parse, checksum length is %d", len(data), checksumL)
 	}
 
 	payloadStart := 16 + checksumL
 
 	wt.Flags = flags
 	wt.EC = checksumL
-	wt.RRC = binary.BigEndian.Uint16(b[6:8])
-	wt.SndSeqNum = binary.BigEndian.Uint64(b[8:16])
-	wt.CheckSum = b[16:payloadStart]
-	wt.Payload = b[payloadStart:]
+	wt.RRC = binary.BigEndian.Uint16(data[6:8])
+	wt.SndSeqNum = binary.BigEndian.Uint64(data[8:16])
+	wt.CheckSum = data[16:payloadStart]
+	wt.Payload = data[payloadStart:]
 
 	return nil
 }

v3/bind.go

@@ -602,6 +602,8 @@ type GSSAPIBindRequest struct {
 	AuthZID string
 	// (Optional) Controls to send with the bind request
 	Controls []Control
+	// (Optional) APOptions
+	APOptions []int
 }
 
 // GSSAPIBind performs the GSSAPI SASL bind using the provided GSSAPI client.
@@ -611,13 +613,13 @@ func (l *Conn) GSSAPIBind(client GSSAPIClient, servicePrincipal, authzid string)
 		&GSSAPIBindRequest{
 			ServicePrincipalName: servicePrincipal,
 			AuthZID:              authzid,
+			APOptions:            []int{},
 		},
-		[]int{},
 	)
 }
 
 // GSSAPIBindRequest performs the GSSAPI SASL bind using the provided GSSAPI client.
-func (l *Conn) GSSAPIBindRequest(client GSSAPIClient, req *GSSAPIBindRequest, APOptions []int) error {
+func (l *Conn) GSSAPIBindRequest(client GSSAPIClient, req *GSSAPIBindRequest) error {
 	//nolint:errcheck
 	defer client.DeleteSecContext()
 
@@ -628,7 +630,7 @@ func (l *Conn) GSSAPIBindRequest(client GSSAPIClient, req *GSSAPIBindRequest, AP
 	for {
 		if needInit {
 			// Establish secure context between client and server.
-			reqToken, needInit, err = client.InitSecContext(req.ServicePrincipalName, recvToken, APOptions)
+			reqToken, needInit, err = client.InitSecContext(req.ServicePrincipalName, recvToken, req.APOptions)
 			if err != nil {
 				return err
 			}

v3/gssapi/client.go

@@ -217,48 +217,49 @@ func (client *Client) NegotiateSaslAuth(input []byte, authzid string) ([]byte, e
 	return output, nil
 }
 
-func getGssWrapTokenId() *[2]byte {
-	return &[2]byte{0x05, 0x04}
-}
-
-func UnmarshalWrapToken(wt *gssapi.WrapToken, b []byte, expectFromAcceptor bool) error {
+func UnmarshalWrapToken(wt *gssapi.WrapToken, data []byte, expectFromAcceptor bool) error {
 	// Check if we can read a whole header
-	if len(b) < 16 {
+	if len(data) < 16 {
 		return errors.New("bytes shorter than header length")
 	}
+
 	// Is the Token ID correct?
-	if !bytes.Equal(getGssWrapTokenId()[:], b[0:2]) {
+	expectedWrapTokenId := [2]byte{0x05, 0x04}
+	if !bytes.Equal(expectedWrapTokenId[:], data[0:2]) {
 		return fmt.Errorf("wrong Token ID. Expected %s, was %s",
-			hex.EncodeToString(getGssWrapTokenId()[:]),
-			hex.EncodeToString(b[0:2]))
+			hex.EncodeToString(expectedWrapTokenId[:]),
+			hex.EncodeToString(data[0:2]))
 	}
+
 	// Check the acceptor flag
-	flags := b[2]
+	flags := data[2]
 	isFromAcceptor := flags&0x01 == 1
 	if isFromAcceptor && !expectFromAcceptor {
 		return errors.New("unexpected acceptor flag is set: not expecting a token from the acceptor")
 	}
 	if !isFromAcceptor && expectFromAcceptor {
 		return errors.New("expected acceptor flag is not set: expecting a token from the acceptor, not the initiator")
 	}
+
 	// Check the filler byte
-	if b[3] != gssapi.FillerByte {
-		return fmt.Errorf("unexpected filler byte: expecting 0xFF, was %s ", hex.EncodeToString(b[3:4]))
+	if data[3] != gssapi.FillerByte {
+		return fmt.Errorf("unexpected filler byte: expecting 0xFF, was %s ", hex.EncodeToString(data[3:4]))
 	}
-	checksumL := binary.BigEndian.Uint16(b[4:6])
+	checksumL := binary.BigEndian.Uint16(data[4:6])
+
 	// Sanity check on the checksum length
-	if int(checksumL) > len(b)-gssapi.HdrLen {
-		return fmt.Errorf("inconsistent checksum length: %d bytes to parse, checksum length is %d", len(b), checksumL)
+	if int(checksumL) > len(data)-gssapi.HdrLen {
+		return fmt.Errorf("inconsistent checksum length: %d bytes to parse, checksum length is %d", len(data), checksumL)
 	}
 
 	payloadStart := 16 + checksumL
 
 	wt.Flags = flags
 	wt.EC = checksumL
-	wt.RRC = binary.BigEndian.Uint16(b[6:8])
-	wt.SndSeqNum = binary.BigEndian.Uint64(b[8:16])
-	wt.CheckSum = b[16:payloadStart]
-	wt.Payload = b[payloadStart:]
+	wt.RRC = binary.BigEndian.Uint16(data[6:8])
+	wt.SndSeqNum = binary.BigEndian.Uint64(data[8:16])
+	wt.CheckSum = data[16:payloadStart]
+	wt.Payload = data[payloadStart:]
 
 	return nil
 }