oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

Use default NTLM domain cc config

Browse Source 
The NTLM GSS mechanism now supports default credential handles (and
acquiring handles for default credentials with desired_name ==
GSS_C_NO_NAME).
This commit is contained in:
Nicolas Williams
2015-04-17 10:48:22 -05:00
parent a449b7ef5e
commit 08724496ff
2 changed files with 64 additions and 34 deletions
Download Patch File Download Diff File Expand all files Collapse all files

29
lib/gssapi/ntlm/acquire_cred.c
View File

@@ -33,18 +33,18 @@
#include "ntlm.h"
OM_uint32 GSSAPI_CALLCONV _gss_ntlm_acquire_cred
(OM_uint32 * min_stat,
gss_const_name_t desired_name,
OM_uint32 time_req,
const gss_OID_set desired_mechs,
gss_cred_usage_t cred_usage,
gss_cred_id_t * output_cred_handle,
gss_OID_set * actual_mechs,
OM_uint32 * time_rec
)
OM_uint32 GSSAPI_CALLCONV
_gss_ntlm_acquire_cred(OM_uint32 *min_stat,
gss_const_name_t desired_name,
OM_uint32 time_req,
const gss_OID_set desired_mechs,
gss_cred_usage_t cred_usage,
gss_cred_id_t *output_cred_handle,
gss_OID_set *actual_mechs,
OM_uint32 *time_rec)
{
ntlm_name name = (ntlm_name) desired_name;
const char *domain = NULL;
OM_uint32 maj_stat;
ntlm_ctx ctx;
@@ -55,17 +55,14 @@ OM_uint32 GSSAPI_CALLCONV _gss_ntlm_acquire_cred
if (time_rec)
*time_rec = GSS_C_INDEFINITE;
if (desired_name == NULL)
return GSS_S_NO_CRED;
if (cred_usage == GSS_C_BOTH || cred_usage == GSS_C_ACCEPT) {
maj_stat = _gss_ntlm_allocate_ctx(min_stat, &ctx);
if (maj_stat != GSS_S_COMPLETE)
return maj_stat;
maj_stat = (*ctx->server->nsi_probe)(min_stat, ctx->ictx,
name->domain);
domain = name != NULL ? name->domain : NULL;
maj_stat = (*ctx->server->nsi_probe)(min_stat, ctx->ictx, domain);
{
gss_ctx_id_t context = (gss_ctx_id_t)ctx;
OM_uint32 junk;
@@ -79,7 +76,7 @@ OM_uint32 GSSAPI_CALLCONV _gss_ntlm_acquire_cred
*min_stat = _gss_ntlm_get_user_cred(name, &cred);
if (*min_stat)
return GSS_S_FAILURE;
return GSS_S_NO_CRED;
cred->usage = cred_usage;
*output_cred_handle = (gss_cred_id_t)cred;