oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

make gss_name_t an opaque type

Browse Source 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17736 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Love Hörnquist Åstrand
2006-06-29 07:27:26 +00:00
parent b79c379578
commit 03567db502
16 changed files with 154 additions and 127 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
lib/gssapi/krb5/accept_sec_context.c
View File

@@ -400,15 +400,18 @@ _gsskrb5_accept_sec_context
goto failure; goto failure;
if (src_name != NULL) { if (src_name != NULL) {
krb5_principal name;
kret = krb5_copy_principal (_gsskrb5_context, kret = krb5_copy_principal (_gsskrb5_context,
ticket->client, ticket->client,
src_name); &name);
if (kret) { if (kret) {
ret = GSS_S_FAILURE; ret = GSS_S_FAILURE;
*minor_status = kret; *minor_status = kret;
_gsskrb5_set_error_string (); _gsskrb5_set_error_string ();
goto failure; goto failure;
} }
*src_name = (gss_name_t)name;
} }
{ {

10
lib/gssapi/krb5/acquire_cred.c
View File

@@ -319,12 +319,14 @@ OM_uint32 _gsskrb5_acquire_cred
HEIMDAL_MUTEX_init(&handle->cred_id_mutex); HEIMDAL_MUTEX_init(&handle->cred_id_mutex);
if (desired_name != GSS_C_NO_NAME) { if (desired_name != GSS_C_NO_NAME) {
ret = _gsskrb5_duplicate_name(minor_status, desired_name, krb5_principal name = (krb5_principal)desired_name;
&handle->principal); ret = krb5_copy_principal(_gsskrb5_context, name, &handle->principal);
if (ret != GSS_S_COMPLETE) { if (ret) {
HEIMDAL_MUTEX_destroy(&handle->cred_id_mutex); HEIMDAL_MUTEX_destroy(&handle->cred_id_mutex);
_gsskrb5_set_error_string();
*minor_status = ret;
free(handle); free(handle);
return (ret); return GSS_S_FAILURE;
} }
} }
if (cred_usage == GSS_C_INITIATE || cred_usage == GSS_C_BOTH) { if (cred_usage == GSS_C_INITIATE || cred_usage == GSS_C_BOTH) {

19
lib/gssapi/krb5/add_cred.c
View File

@@ -50,9 +50,11 @@ OM_uint32 _gsskrb5_add_cred (
{ {
OM_uint32 ret, lifetime; OM_uint32 ret, lifetime;
gsskrb5_cred cred, handle; gsskrb5_cred cred, handle;
krb5_const_principal dname;
handle = NULL; handle = NULL;
cred = (gsskrb5_cred)input_cred_handle; cred = (gsskrb5_cred)input_cred_handle;
dname = (krb5_const_principal)desired_name;
if (gss_oid_equal(desired_mech, GSS_KRB5_MECHANISM) == 0) { if (gss_oid_equal(desired_mech, GSS_KRB5_MECHANISM) == 0) {
*minor_status = 0; *minor_status = 0;
@@ -80,8 +82,8 @@ OM_uint32 _gsskrb5_add_cred (
} }
/* check that we have the same name */ /* check that we have the same name */
if (desired_name != GSS_C_NO_NAME && if (dname != NULL &&
krb5_principal_compare(_gsskrb5_context, desired_name, krb5_principal_compare(_gsskrb5_context, dname,
cred->principal) != FALSE) { cred->principal) != FALSE) {
if (output_cred_handle) if (output_cred_handle)
HEIMDAL_MUTEX_unlock(&cred->cred_id_mutex); HEIMDAL_MUTEX_unlock(&cred->cred_id_mutex);
@@ -91,6 +93,7 @@ OM_uint32 _gsskrb5_add_cred (
/* make a copy */ /* make a copy */
if (output_cred_handle) { if (output_cred_handle) {
krb5_error_code kret;
handle = calloc(1, sizeof(*handle)); handle = calloc(1, sizeof(*handle));
if (handle == NULL) { if (handle == NULL) {
@@ -109,17 +112,16 @@ OM_uint32 _gsskrb5_add_cred (
ret = GSS_S_FAILURE; ret = GSS_S_FAILURE;
ret = _gsskrb5_duplicate_name(minor_status, cred->principal, kret = krb5_copy_principal(_gsskrb5_context, cred->principal,
&handle->principal); &handle->principal);
if (ret) { if (kret) {
HEIMDAL_MUTEX_unlock(&cred->cred_id_mutex); HEIMDAL_MUTEX_unlock(&cred->cred_id_mutex);
free(handle); free(handle);
*minor_status = ENOMEM; *minor_status = kret;
return GSS_S_FAILURE; return GSS_S_FAILURE;
} }
if (cred->keytab) { if (cred->keytab) {
krb5_error_code kret;
char name[KRB5_KT_PREFIX_MAX_LEN + MAXPATHLEN]; char name[KRB5_KT_PREFIX_MAX_LEN + MAXPATHLEN];
int len; int len;
@@ -151,7 +153,6 @@ OM_uint32 _gsskrb5_add_cred (
} }
if (cred->ccache) { if (cred->ccache) {
krb5_error_code kret;
const char *type, *name; const char *type, *name;
char *type_name; char *type_name;
@@ -233,7 +234,7 @@ OM_uint32 _gsskrb5_add_cred (
if (handle) { if (handle) {
if (handle->principal) if (handle->principal)
_gsskrb5_release_name(NULL, &handle->principal); krb5_free_principal(_gsskrb5_context, handle->principal);
if (handle->keytab) if (handle->keytab)
krb5_kt_close(_gsskrb5_context, handle->keytab); krb5_kt_close(_gsskrb5_context, handle->keytab);
if (handle->ccache) if (handle->ccache)

5
lib/gssapi/krb5/compare_name.c
View File

@@ -42,10 +42,13 @@ OM_uint32 _gsskrb5_compare_name
int * name_equal int * name_equal
) )
{ {
krb5_const_principal princ1 = (krb5_const_principal)name1;
krb5_const_principal princ2 = (krb5_const_principal)name2;
GSSAPI_KRB5_INIT(); GSSAPI_KRB5_INIT();
*name_equal = krb5_principal_compare (_gsskrb5_context, *name_equal = krb5_principal_compare (_gsskrb5_context,
name1, name2); princ1, princ2);
*minor_status = 0; *minor_status = 0;
return GSS_S_COMPLETE; return GSS_S_COMPLETE;
} }

2
lib/gssapi/krb5/compat.c
View File

@@ -37,7 +37,7 @@ RCSID("$Id$");
static krb5_error_code static krb5_error_code
check_compat(OM_uint32 *minor_status, gss_name_t name, check_compat(OM_uint32 *minor_status, krb5_const_principal name,
const char *option, krb5_boolean *compat, const char *option, krb5_boolean *compat,
krb5_boolean match_val) krb5_boolean match_val)
{ {

5
lib/gssapi/krb5/display_name.c
View File

@@ -42,14 +42,13 @@ OM_uint32 _gsskrb5_display_name
gss_OID * output_name_type gss_OID * output_name_type
) )
{ {
krb5_const_principal name = (krb5_const_principal)input_name;
krb5_error_code kret; krb5_error_code kret;
char *buf; char *buf;
size_t len; size_t len;
GSSAPI_KRB5_INIT (); GSSAPI_KRB5_INIT ();
kret = krb5_unparse_name (_gsskrb5_context, kret = krb5_unparse_name (_gsskrb5_context, name, &buf);
input_name,
&buf);
if (kret) { if (kret) {
*minor_status = kret; *minor_status = kret;
_gsskrb5_set_error_string (); _gsskrb5_set_error_string ();

6
lib/gssapi/krb5/duplicate_name.c
View File

@@ -41,13 +41,13 @@ OM_uint32 _gsskrb5_duplicate_name (
gss_name_t * dest_name gss_name_t * dest_name
) )
{ {
krb5_const_principal src = (krb5_const_principal)src_name;
krb5_principal *dest = (krb5_principal *)dest_name;
krb5_error_code kret; krb5_error_code kret;
GSSAPI_KRB5_INIT (); GSSAPI_KRB5_INIT ();
kret = krb5_copy_principal (_gsskrb5_context, kret = krb5_copy_principal (_gsskrb5_context, src, dest);
src_name,
dest_name);
if (kret) { if (kret) {
*minor_status = kret; *minor_status = kret;
_gsskrb5_set_error_string (); _gsskrb5_set_error_string ();

5
lib/gssapi/krb5/export_name.c
View File

@@ -41,14 +41,13 @@ OM_uint32 _gsskrb5_export_name
gss_buffer_t exported_name gss_buffer_t exported_name
) )
{ {
krb5_const_principal princ = (krb5_const_principal)input_name;
krb5_error_code kret; krb5_error_code kret;
char *buf, *name; char *buf, *name;
size_t len; size_t len;
GSSAPI_KRB5_INIT (); GSSAPI_KRB5_INIT ();
kret = krb5_unparse_name (_gsskrb5_context, kret = krb5_unparse_name (_gsskrb5_context, princ, &name);
input_name,
&name);
if (kret) { if (kret) {
*minor_status = kret; *minor_status = kret;
_gsskrb5_set_error_string (); _gsskrb5_set_error_string ();

4
lib/gssapi/krb5/export_sec_context.c
View File

@@ -167,7 +167,7 @@ _gsskrb5_export_sec_context (
/* names */ /* names */
ret = _gsskrb5_export_name (minor_status, ret = _gsskrb5_export_name (minor_status,
ctx->source, &buffer); (gss_name_t)ctx->source, &buffer);
if (ret) if (ret)
goto failure; goto failure;
data.data = buffer.value; data.data = buffer.value;
@@ -180,7 +180,7 @@ _gsskrb5_export_sec_context (
} }
ret = _gsskrb5_export_name (minor_status, ret = _gsskrb5_export_name (minor_status,
ctx->target, &buffer); (gss_name_t)ctx->target, &buffer);
if (ret) if (ret)
goto failure; goto failure;
data.data = buffer.value; data.data = buffer.value;

6
lib/gssapi/krb5/gsskrb5_locl.h
View File

@@ -57,7 +57,7 @@ struct gss_msg_order;
typedef struct { typedef struct {
struct krb5_auth_context_data *auth_context; struct krb5_auth_context_data *auth_context;
gss_name_t source, target; krb5_principal source, target;
OM_uint32 flags; OM_uint32 flags;
enum { LOCAL = 1, OPEN = 2, enum { LOCAL = 1, OPEN = 2,
COMPAT_OLD_DES3 = 4, COMPAT_OLD_DES3 = 4,
@@ -71,7 +71,7 @@ typedef struct {
} *gsskrb5_ctx; } *gsskrb5_ctx;
typedef struct { typedef struct {
gss_name_t principal; krb5_principal principal;
int cred_flags; int cred_flags;
#define GSS_CF_DESTROY_CRED_ON_RELEASE 1 #define GSS_CF_DESTROY_CRED_ON_RELEASE 1
struct krb5_keytab_data *keytab; struct krb5_keytab_data *keytab;
@@ -82,6 +82,8 @@ typedef struct {
HEIMDAL_MUTEX cred_id_mutex; HEIMDAL_MUTEX cred_id_mutex;
} *gsskrb5_cred; } *gsskrb5_cred;
typedef struct Principal *gsskrb5_name;
/* /*
* *
*/ */

44
lib/gssapi/krb5/import_name.c
View File

@@ -40,21 +40,22 @@ parse_krb5_name (OM_uint32 *minor_status,
const char *name, const char *name,
gss_name_t *output_name) gss_name_t *output_name)
{ {
krb5_principal princ;
krb5_error_code kerr; krb5_error_code kerr;
kerr = krb5_parse_name (_gsskrb5_context, name, output_name); kerr = krb5_parse_name (_gsskrb5_context, name, &princ);
if (kerr == 0) if (kerr == 0) {
*output_name = (gss_name_t)princ;
return GSS_S_COMPLETE; return GSS_S_COMPLETE;
else if (kerr == KRB5_PARSE_ILLCHAR || kerr == KRB5_PARSE_MALFORMED) {
_gsskrb5_set_error_string ();
*minor_status = kerr;
return GSS_S_BAD_NAME;
} else {
_gsskrb5_set_error_string ();
*minor_status = kerr;
return GSS_S_FAILURE;
} }
_gsskrb5_set_error_string ();
*minor_status = kerr;
if (kerr == KRB5_PARSE_ILLCHAR || kerr == KRB5_PARSE_MALFORMED)
return GSS_S_BAD_NAME;
return GSS_S_FAILURE;
} }
static OM_uint32 static OM_uint32
@@ -91,8 +92,7 @@ import_hostbased_name (OM_uint32 *minor_status,
char *p; char *p;
char *host; char *host;
char local_hostname[MAXHOSTNAMELEN]; char local_hostname[MAXHOSTNAMELEN];
krb5_principal princ = NULL;
*output_name = NULL;
tmp = malloc (input_name_buffer->length + 1); tmp = malloc (input_name_buffer->length + 1);
if (tmp == NULL) { if (tmp == NULL) {
@@ -121,20 +121,20 @@ import_hostbased_name (OM_uint32 *minor_status,
host, host,
tmp, tmp,
KRB5_NT_SRV_HST, KRB5_NT_SRV_HST,
output_name); &princ);
free (tmp); free (tmp);
*minor_status = kerr; *minor_status = kerr;
if (kerr == 0) if (kerr == 0) {
*output_name = (gss_name_t)princ;
return GSS_S_COMPLETE; return GSS_S_COMPLETE;
else if (kerr == KRB5_PARSE_ILLCHAR || kerr == KRB5_PARSE_MALFORMED) {
_gsskrb5_set_error_string ();
*minor_status = kerr;
return GSS_S_BAD_NAME;
} else {
_gsskrb5_set_error_string ();
*minor_status = kerr;
return GSS_S_FAILURE;
} }
_gsskrb5_set_error_string ();
*minor_status = kerr;
if (kerr == KRB5_PARSE_ILLCHAR || kerr == KRB5_PARSE_MALFORMED)
return GSS_S_BAD_NAME;
return GSS_S_FAILURE;
} }
static OM_uint32 static OM_uint32

16
lib/gssapi/krb5/import_sec_context.c
View File

@@ -53,8 +53,8 @@ _gsskrb5_import_sec_context (
krb5_keyblock keyblock; krb5_keyblock keyblock;
int32_t tmp; int32_t tmp;
int32_t flags; int32_t flags;
OM_uint32 minor;
gsskrb5_ctx ctx; gsskrb5_ctx ctx;
gss_name_t name;
GSSAPI_KRB5_INIT (); GSSAPI_KRB5_INIT ();
@@ -158,15 +158,16 @@ _gsskrb5_import_sec_context (
buffer.length = data.length; buffer.length = data.length;
ret = _gsskrb5_import_name (minor_status, &buffer, GSS_C_NT_EXPORT_NAME, ret = _gsskrb5_import_name (minor_status, &buffer, GSS_C_NT_EXPORT_NAME,
&ctx->source); &name);
if (ret) { if (ret) {
ret = _gsskrb5_import_name (minor_status, &buffer, GSS_C_NO_OID, ret = _gsskrb5_import_name (minor_status, &buffer, GSS_C_NO_OID,
&ctx->source); &name);
if (ret) { if (ret) {
krb5_data_free (&data); krb5_data_free (&data);
goto failure; goto failure;
} }
} }
ctx->source = (krb5_principal)name;
krb5_data_free (&data); krb5_data_free (&data);
if (krb5_ret_data (sp, &data) != 0) if (krb5_ret_data (sp, &data) != 0)
@@ -175,15 +176,16 @@ _gsskrb5_import_sec_context (
buffer.length = data.length; buffer.length = data.length;
ret = _gsskrb5_import_name (minor_status, &buffer, GSS_C_NT_EXPORT_NAME, ret = _gsskrb5_import_name (minor_status, &buffer, GSS_C_NT_EXPORT_NAME,
&ctx->target); &name);
if (ret) { if (ret) {
ret = _gsskrb5_import_name (minor_status, &buffer, GSS_C_NO_OID, ret = _gsskrb5_import_name (minor_status, &buffer, GSS_C_NO_OID,
&ctx->target); &name);
if (ret) { if (ret) {
krb5_data_free (&data); krb5_data_free (&data);
goto failure; goto failure;
} }
} }
ctx->target = (krb5_principal)name;
krb5_data_free (&data); krb5_data_free (&data);
if (krb5_ret_int32 (sp, &tmp)) if (krb5_ret_int32 (sp, &tmp))
@@ -210,9 +212,9 @@ failure:
krb5_auth_con_free (_gsskrb5_context, krb5_auth_con_free (_gsskrb5_context,
ctx->auth_context); ctx->auth_context);
if (ctx->source != NULL) if (ctx->source != NULL)
_gsskrb5_release_name(&minor, &ctx->source); krb5_free_principal(_gsskrb5_context, ctx->source);
if (ctx->target != NULL) if (ctx->target != NULL)
_gsskrb5_release_name(&minor, &ctx->target); krb5_free_principal(_gsskrb5_context, ctx->target);
if (localp) if (localp)
krb5_free_address (_gsskrb5_context, localp); krb5_free_address (_gsskrb5_context, localp);
if (remotep) if (remotep)

21
lib/gssapi/krb5/init_sec_context.c
View File

@@ -105,7 +105,7 @@ static void
do_delegation (krb5_auth_context ac, do_delegation (krb5_auth_context ac,
krb5_ccache ccache, krb5_ccache ccache,
krb5_creds *cred, krb5_creds *cred,
const gss_name_t target_name, krb5_const_principal name,
krb5_data *fwd_data, krb5_data *fwd_data,
uint32_t *flags) uint32_t *flags)
{ {
@@ -137,14 +137,14 @@ do_delegation (krb5_auth_context ac,
fwd_flags.b.forwardable = 1; fwd_flags.b.forwardable = 1;
if ( /*target_name->name.name_type != KRB5_NT_SRV_HST ||*/ if ( /*target_name->name.name_type != KRB5_NT_SRV_HST ||*/
target_name->name.name_string.len < 2) name->name.name_string.len < 2)
goto out; goto out;
kret = krb5_get_forwarded_creds(_gsskrb5_context, kret = krb5_get_forwarded_creds(_gsskrb5_context,
ac, ac,
ccache, ccache,
fwd_flags.i, fwd_flags.i,
target_name->name.name_string.val[1], name->name.name_string.val[1],
&creds, &creds,
fwd_data); fwd_data);
@@ -169,7 +169,7 @@ init_auth
(OM_uint32 * minor_status, (OM_uint32 * minor_status,
gsskrb5_cred initiator_cred_handle, gsskrb5_cred initiator_cred_handle,
gss_ctx_id_t * context_handle, gss_ctx_id_t * context_handle,
const gss_name_t target_name, krb5_const_principal name,
const gss_OID mech_type, const gss_OID mech_type,
OM_uint32 req_flags, OM_uint32 req_flags,
OM_uint32 time_req, OM_uint32 time_req,
@@ -263,9 +263,7 @@ init_auth
goto failure; goto failure;
} }
kret = krb5_copy_principal (_gsskrb5_context, kret = krb5_copy_principal (_gsskrb5_context, name, &ctx->target);
target_name,
&ctx->target);
if (kret) { if (kret) {
_gsskrb5_set_error_string (); _gsskrb5_set_error_string ();
*minor_status = kret; *minor_status = kret;
@@ -343,7 +341,7 @@ init_auth
krb5_boolean delegate; krb5_boolean delegate;
krb5_appdefault_boolean(_gsskrb5_context, krb5_appdefault_boolean(_gsskrb5_context,
"gssapi", target_name->realm, "gssapi", name->realm,
"ok-as-delegate", FALSE, &delegate); "ok-as-delegate", FALSE, &delegate);
if (delegate) if (delegate)
req_flags &= ~GSS_C_DELEG_FLAG; req_flags &= ~GSS_C_DELEG_FLAG;
@@ -353,7 +351,7 @@ init_auth
ap_options = 0; ap_options = 0;
if (req_flags & GSS_C_DELEG_FLAG) if (req_flags & GSS_C_DELEG_FLAG)
do_delegation (ctx->auth_context, do_delegation (ctx->auth_context,
ccache, cred, target_name, &fwd_data, &flags); ccache, cred, name, &fwd_data, &flags);
if (req_flags & GSS_C_MUTUAL_FLAG) { if (req_flags & GSS_C_MUTUAL_FLAG) {
flags |= GSS_C_MUTUAL_FLAG; flags |= GSS_C_MUTUAL_FLAG;
@@ -482,7 +480,6 @@ repl_mutual
(OM_uint32 * minor_status, (OM_uint32 * minor_status,
const gsskrb5_cred initiator_cred_handle, const gsskrb5_cred initiator_cred_handle,
gss_ctx_id_t * context_handle, gss_ctx_id_t * context_handle,
const gss_name_t target_name,
const gss_OID mech_type, const gss_OID mech_type,
OM_uint32 req_flags, OM_uint32 req_flags,
OM_uint32 time_req, OM_uint32 time_req,
@@ -584,6 +581,7 @@ OM_uint32 _gsskrb5_init_sec_context
) )
{ {
gsskrb5_cred cred = (gsskrb5_cred)initiator_cred_handle; gsskrb5_cred cred = (gsskrb5_cred)initiator_cred_handle;
krb5_const_principal name = (krb5_const_principal)target_name;
GSSAPI_KRB5_INIT (); GSSAPI_KRB5_INIT ();
@@ -611,7 +609,7 @@ OM_uint32 _gsskrb5_init_sec_context
return init_auth (minor_status, return init_auth (minor_status,
cred, cred,
context_handle, context_handle,
target_name, name,
mech_type, mech_type,
req_flags, req_flags,
time_req, time_req,
@@ -625,7 +623,6 @@ OM_uint32 _gsskrb5_init_sec_context
return repl_mutual(minor_status, return repl_mutual(minor_status,
cred, cred,
context_handle, context_handle,
target_name,
mech_type, mech_type,
req_flags, req_flags,
time_req, time_req,

102
lib/gssapi/krb5/inquire_context.c
View File

@@ -36,63 +36,71 @@
RCSID("$Id$"); RCSID("$Id$");
OM_uint32 _gsskrb5_inquire_context ( OM_uint32 _gsskrb5_inquire_context (
OM_uint32 * minor_status, OM_uint32 * minor_status,
const gss_ctx_id_t context_handle, const gss_ctx_id_t context_handle,
gss_name_t * src_name, gss_name_t * src_name,
gss_name_t * targ_name, gss_name_t * targ_name,
OM_uint32 * lifetime_rec, OM_uint32 * lifetime_rec,
gss_OID * mech_type, gss_OID * mech_type,
OM_uint32 * ctx_flags, OM_uint32 * ctx_flags,
int * locally_initiated, int * locally_initiated,
int * open_context int * open_context
) )
{ {
OM_uint32 ret; OM_uint32 ret;
gsskrb5_ctx ctx = (gsskrb5_ctx)context_handle; gsskrb5_ctx ctx = (gsskrb5_ctx)context_handle;
gss_name_t name;
HEIMDAL_MUTEX_lock(&ctx->ctx_id_mutex); if (src_name)
*src_name = GSS_C_NO_NAME;
if (targ_name)
*targ_name = GSS_C_NO_NAME;
if (src_name) { HEIMDAL_MUTEX_lock(&ctx->ctx_id_mutex);
ret = _gsskrb5_duplicate_name (minor_status,
ctx->source,
src_name);
if (ret)
goto failed;
}
if (targ_name) { if (src_name) {
ret = _gsskrb5_duplicate_name (minor_status, name = (gss_name_t)ctx->source;
ctx->target, ret = _gsskrb5_duplicate_name (minor_status, name, src_name);
targ_name); if (ret)
if (ret) goto failed;
goto failed; }
}
if (lifetime_rec) { if (targ_name) {
ret = _gsskrb5_lifetime_left(minor_status, name = (gss_name_t)ctx->target;
ctx->lifetime, ret = _gsskrb5_duplicate_name (minor_status, name, targ_name);
lifetime_rec); if (ret)
if (ret) goto failed;
goto failed; }
}
if (mech_type) if (lifetime_rec) {
*mech_type = GSS_KRB5_MECHANISM; ret = _gsskrb5_lifetime_left(minor_status,
ctx->lifetime,
lifetime_rec);
if (ret)
goto failed;
}
if (ctx_flags) if (mech_type)
*ctx_flags = ctx->flags; *mech_type = GSS_KRB5_MECHANISM;
if (locally_initiated) if (ctx_flags)
*locally_initiated = ctx->more_flags & LOCAL; *ctx_flags = ctx->flags;
if (open_context) if (locally_initiated)
*open_context = ctx->more_flags & OPEN; *locally_initiated = ctx->more_flags & LOCAL;
*minor_status = 0; if (open_context)
ret = GSS_S_COMPLETE; *open_context = ctx->more_flags & OPEN;
failed: *minor_status = 0;
ret = GSS_S_COMPLETE;
HEIMDAL_MUTEX_unlock(&ctx->ctx_id_mutex); failed:
return ret; if (src_name)
_gsskrb5_release_name(NULL, src_name);
if (targ_name)
_gsskrb5_release_name(NULL, targ_name);
HEIMDAL_MUTEX_unlock(&ctx->ctx_id_mutex);
return ret;
} }

22
lib/gssapi/krb5/inquire_cred.c
View File

@@ -38,7 +38,7 @@ RCSID("$Id$");
OM_uint32 _gsskrb5_inquire_cred OM_uint32 _gsskrb5_inquire_cred
(OM_uint32 * minor_status, (OM_uint32 * minor_status,
const gss_cred_id_t cred_handle, const gss_cred_id_t cred_handle,
gss_name_t * name, gss_name_t * output_name,
OM_uint32 * lifetime, OM_uint32 * lifetime,
gss_cred_usage_t * cred_usage, gss_cred_usage_t * cred_usage,
gss_OID_set * mechanisms gss_OID_set * mechanisms
@@ -50,8 +50,8 @@ OM_uint32 _gsskrb5_inquire_cred
*minor_status = 0; *minor_status = 0;
if (name) if (output_name)
*name = NULL; *output_name = NULL;
if (mechanisms) if (mechanisms)
*mechanisms = GSS_C_NO_OID_SET; *mechanisms = GSS_C_NO_OID_SET;
@@ -72,26 +72,32 @@ OM_uint32 _gsskrb5_inquire_cred
HEIMDAL_MUTEX_lock(&cred->cred_id_mutex); HEIMDAL_MUTEX_lock(&cred->cred_id_mutex);
if (name != NULL) { if (output_name != NULL) {
if (cred->principal != NULL) { if (cred->principal != NULL) {
ret = _gsskrb5_duplicate_name(minor_status, cred->principal, gss_name_t name = (gss_name_t)cred->principal;
name);
ret = _gsskrb5_duplicate_name(minor_status, name, output_name);
if (ret) if (ret)
goto out; goto out;
} else if (cred->usage == GSS_C_ACCEPT) { } else if (cred->usage == GSS_C_ACCEPT) {
krb5_principal princ;
*minor_status = krb5_sname_to_principal(_gsskrb5_context, NULL, *minor_status = krb5_sname_to_principal(_gsskrb5_context, NULL,
NULL, KRB5_NT_SRV_HST, name); NULL, KRB5_NT_SRV_HST,
&princ);
if (*minor_status) { if (*minor_status) {
ret = GSS_S_FAILURE; ret = GSS_S_FAILURE;
goto out; goto out;
} }
*output_name = (gss_name_t)princ;
} else { } else {
krb5_principal princ;
*minor_status = krb5_get_default_principal(_gsskrb5_context, *minor_status = krb5_get_default_principal(_gsskrb5_context,
name); &princ);
if (*minor_status) { if (*minor_status) {
ret = GSS_S_FAILURE; ret = GSS_S_FAILURE;
goto out; goto out;
} }
*output_name = (gss_name_t)princ;
} }
} }
if (lifetime != NULL) { if (lifetime != NULL) {

9
lib/gssapi/krb5/release_name.c
View File

@@ -40,11 +40,16 @@ OM_uint32 _gsskrb5_release_name
gss_name_t * input_name gss_name_t * input_name
) )
{ {
krb5_principal name = (krb5_principal)*input_name;
GSSAPI_KRB5_INIT (); GSSAPI_KRB5_INIT ();
if (minor_status) if (minor_status)
*minor_status = 0; *minor_status = 0;
krb5_free_principal(_gsskrb5_context,
*input_name);
*input_name = GSS_C_NO_NAME; *input_name = GSS_C_NO_NAME;
krb5_free_principal(_gsskrb5_context, name);
return GSS_S_COMPLETE; return GSS_S_COMPLETE;
} }