(gsskrb5_acceptor_start): use krb5_rd_req_ctx
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@18930 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Love Hörnquist Åstrand
@@ -264,9 +264,7 @@ gsskrb5_acceptor_start(OM_uint32 * minor_status,
|
|||||||
OM_uint32 ret = GSS_S_COMPLETE;
|
OM_uint32 ret = GSS_S_COMPLETE;
|
||||||
krb5_data indata;
|
krb5_data indata;
|
||||||
krb5_flags ap_options;
|
krb5_flags ap_options;
|
||||||
krb5_ticket *ticket = NULL;
|
|
||||||
krb5_keytab keytab = NULL;
|
krb5_keytab keytab = NULL;
|
||||||
krb5_keyblock *keyblock = NULL;
|
|
||||||
int is_cfx = 0;
|
int is_cfx = 0;
|
||||||
const gsskrb5_cred acceptor_cred = (gsskrb5_cred)acceptor_cred_handle;
|
const gsskrb5_cred acceptor_cred = (gsskrb5_cred)acceptor_cred_handle;
|
||||||
|
|
||||||
@@ -298,44 +296,65 @@ gsskrb5_acceptor_start(OM_uint32 * minor_status,
|
|||||||
/*
|
/*
|
||||||
* We need to check the ticket and create the AP-REP packet
|
* We need to check the ticket and create the AP-REP packet
|
||||||
*/
|
*/
|
||||||
#if 0
|
|
||||||
kret = krb5_rd_req_return_keyblock(gssapi_krb5_context,
|
{
|
||||||
&ctx->auth_context,
|
krb5_rd_req_in_ctx in = NULL;
|
||||||
&indata,
|
krb5_rd_req_out_ctx out = NULL;
|
||||||
(acceptor_cred_handle == GSS_C_NO_CREDENTIAL) ? NULL : acceptor_cred_handle->principal,
|
|
||||||
keytab,
|
kret = krb5_rd_req_in_ctx_alloc(_gsskrb5_context, &in);
|
||||||
&ap_options,
|
if (kret == 0)
|
||||||
&ticket,
|
kret = krb5_rd_req_in_set_keytab(_gsskrb5_context, in, keytab);
|
||||||
&keyblock);
|
if (kret) {
|
||||||
#else
|
if (in)
|
||||||
kret = krb5_rd_req(_gsskrb5_context,
|
krb5_rd_req_in_ctx_free(_gsskrb5_context, in);
|
||||||
&ctx->auth_context,
|
ret = GSS_S_FAILURE;
|
||||||
&indata,
|
*minor_status = kret;
|
||||||
(acceptor_cred == NULL) ? NULL : acceptor_cred->principal,
|
_gsskrb5_set_error_string ();
|
||||||
keytab,
|
return ret;
|
||||||
&ap_options,
|
}
|
||||||
&ticket);
|
|
||||||
#endif
|
kret = krb5_rd_req_ctx(_gsskrb5_context,
|
||||||
if (kret) {
|
&ctx->auth_context,
|
||||||
ret = GSS_S_FAILURE;
|
&indata,
|
||||||
*minor_status = kret;
|
(acceptor_cred_handle == GSS_C_NO_CREDENTIAL) ? NULL : acceptor_cred->principal,
|
||||||
_gsskrb5_set_error_string ();
|
in, &out);
|
||||||
return ret;
|
krb5_rd_req_in_ctx_free(_gsskrb5_context, in);
|
||||||
|
if (kret) {
|
||||||
|
ret = GSS_S_FAILURE;
|
||||||
|
*minor_status = kret;
|
||||||
|
_gsskrb5_set_error_string ();
|
||||||
|
return ret;
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* We need to remember some data on the context_handle.
|
||||||
|
*/
|
||||||
|
kret = krb5_rd_req_out_get_ap_req_options(_gsskrb5_context, out,
|
||||||
|
&ap_options);
|
||||||
|
if (kret == 0)
|
||||||
|
kret = krb5_rd_req_out_get_ticket(_gsskrb5_context, out,
|
||||||
|
&ctx->ticket);
|
||||||
|
if (kret == 0)
|
||||||
|
kret = krb5_rd_req_out_get_keyblock(_gsskrb5_context, out,
|
||||||
|
&ctx->service_keyblock);
|
||||||
|
ctx->lifetime = ctx->ticket->ticket.endtime;
|
||||||
|
|
||||||
|
krb5_rd_req_out_ctx_free(_gsskrb5_context, out);
|
||||||
|
if (kret) {
|
||||||
|
ret = GSS_S_FAILURE;
|
||||||
|
*minor_status = kret;
|
||||||
|
_gsskrb5_set_error_string ();
|
||||||
|
return ret;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/*
|
|
||||||
* We need to remember some data on the context_handle.
|
|
||||||
*/
|
|
||||||
ctx->ticket = ticket;
|
|
||||||
ctx->service_keyblock = keyblock;
|
|
||||||
ctx->lifetime = ticket->ticket.endtime;
|
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* We need to copy the principal names to the context and the
|
* We need to copy the principal names to the context and the
|
||||||
* calling layer.
|
* calling layer.
|
||||||
*/
|
*/
|
||||||
kret = krb5_copy_principal(_gsskrb5_context,
|
kret = krb5_copy_principal(_gsskrb5_context,
|
||||||
ticket->client,
|
ctx->ticket->client,
|
||||||
&ctx->source);
|
&ctx->source);
|
||||||
if (kret) {
|
if (kret) {
|
||||||
ret = GSS_S_FAILURE;
|
ret = GSS_S_FAILURE;
|
||||||
@@ -343,7 +362,9 @@ gsskrb5_acceptor_start(OM_uint32 * minor_status,
|
|||||||
_gsskrb5_set_error_string ();
|
_gsskrb5_set_error_string ();
|
||||||
}
|
}
|
||||||
|
|
||||||
kret = krb5_copy_principal(_gsskrb5_context, ticket->server, &ctx->target);
|
kret = krb5_copy_principal(_gsskrb5_context,
|
||||||
|
ctx->ticket->server,
|
||||||
|
&ctx->target);
|
||||||
if (kret) {
|
if (kret) {
|
||||||
ret = GSS_S_FAILURE;
|
ret = GSS_S_FAILURE;
|
||||||
*minor_status = kret;
|
*minor_status = kret;
|
||||||
@@ -361,7 +382,7 @@ gsskrb5_acceptor_start(OM_uint32 * minor_status,
|
|||||||
|
|
||||||
if (src_name != NULL) {
|
if (src_name != NULL) {
|
||||||
kret = krb5_copy_principal (_gsskrb5_context,
|
kret = krb5_copy_principal (_gsskrb5_context,
|
||||||
ticket->client,
|
ctx->ticket->client,
|
||||||
(gsskrb5_name*)src_name);
|
(gsskrb5_name*)src_name);
|
||||||
if (kret) {
|
if (kret) {
|
||||||
ret = GSS_S_FAILURE;
|
ret = GSS_S_FAILURE;
|
||||||
@@ -481,7 +502,7 @@ gsskrb5_acceptor_start(OM_uint32 * minor_status,
|
|||||||
|
|
||||||
/* Remember the flags */
|
/* Remember the flags */
|
||||||
|
|
||||||
ctx->lifetime = ticket->ticket.endtime;
|
ctx->lifetime = ctx->ticket->ticket.endtime;
|
||||||
ctx->more_flags |= OPEN;
|
ctx->more_flags |= OPEN;
|
||||||
|
|
||||||
if (mech_type)
|
if (mech_type)
|
||||||
|
|||||||
Reference in New Issue
Block a user