Check after a credential to use.

git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@19346 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Love Hörnquist Åstrand
2006-12-15 16:40:28 +00:00
parent fbb7a0e925
commit 0188d9ca47

View File

@@ -159,6 +159,72 @@ out:
return GSS_S_FAILURE;
}
/*
* Get credential cache that the ntlm code can use to talk to the KDC
* using the digest API.
*/
static krb5_error_code
get_ccache(krb5_context context, krb5_ccache *id)
{
krb5_principal principal = NULL;
krb5_error_code ret;
krb5_keytab kt;
*id = NULL;
if (!issuid()) {
const char *cache;
cache = getenv("NTLM_ACCEPTOR_CCACHE");
if (cache) {
ret = krb5_cc_resolve(context, cache, id);
if (ret)
goto out;
return 0;
}
}
ret = krb5_sname_to_principal(context, NULL, "host",
KRB5_NT_SRV_HST, &principal);
if (ret)
goto out;
ret = krb5_cc_cache_match(context, principal, NULL, id);
if (ret == 0)
goto out;
/* did not find in default credcache, lets try default keytab */
ret = krb5_kt_default(context, &kt);
if (ret)
goto out;
/* XXX check in keytab */
#if 0
{
krb5_creds cred = NULL;
ret = krb5_get_init_creds_keytab (context,
&cred,
principal,
kt,
NULL,
NULL,
NULL);
if (ret) {
ret = krb5_cc_initialize (context, ccache, cred.client);
ret = krb5_cc_store_cred (context, ccache, &cred);
krb5_free_cred_contents (context, &cred);
}
}
#endif
krb5_kt_close(context, kt);
out:
if (principal)
krb5_free_principal(context, principal);
return ret;
}
/*
@@ -221,6 +287,13 @@ _gss_ntlm_accept_sec_context
return GSS_S_FAILURE;
}
ret = get_ccache(ctx->context, &ctx->id);
if (ret) {
_gss_ntlm_delete_sec_context(minor_status, context_handle, NULL);
*minor_status = ret;
return GSS_S_FAILURE;
}
ret = krb5_ntlm_alloc(ctx->context, &ctx->ntlm);
if (ret) {
_gss_ntlm_delete_sec_context(minor_status, context_handle, NULL);