oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

shim acquire_cred_with_password SPI into acquire_cred_ext

Browse Source
This commit is contained in:
Luke Howard
2011-05-14 17:00:55 +02:00
parent dfba868910
commit 48719d5651
8 changed files with 67 additions and 42 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
lib/gssapi/Makefile.am
View File

@@ -85,7 +85,6 @@ mechsrc = \
mech/gss_acquire_cred_ext.c \
mech/gss_acquire_cred_with_password.c \
mech/gss_add_cred.c \
mech/gss_add_cred_with_password.c \
mech/gss_add_oid_set_member.c \
mech/gss_aeap.c \
mech/gss_buffer_set.c \

30
lib/gssapi/gssapi_mech.h
View File

@@ -460,34 +460,6 @@ struct gss_mo_desc_struct {
int (*set)(gss_const_OID, gss_mo_desc *, int, gss_buffer_t);
};
typedef OM_uint32 GSSAPI_CALLCONV _gss_acquire_cred_with_password_t
(OM_uint32 *, /* minor_status */
const gss_name_t, /* desired_name */
const gss_buffer_t, /* password */
OM_uint32, /* time_req */
const gss_OID_set, /* desired_mechs */
gss_cred_usage_t, /* cred_usage */
gss_cred_id_t *, /* output_cred_handle */
gss_OID_set *, /* actual_mechs */
OM_uint32 * /* time_rec */
);
typedef OM_uint32 GSSAPI_CALLCONV _gss_add_cred_with_password_t (
OM_uint32 *, /* minor_status */
const gss_cred_id_t, /* input_cred_handle */
const gss_name_t, /* desired_name */
const gss_OID, /* desired_mech */
const gss_buffer_t, /* password */
gss_cred_usage_t, /* cred_usage */
OM_uint32, /* initiator_time_req */
OM_uint32, /* acceptor_time_req */
gss_cred_id_t *, /* output_cred_handle */
gss_OID_set *, /* actual_mechs */
OM_uint32 *, /* initiator_time_rec */
OM_uint32 * /* acceptor_time_rec */
);
typedef OM_uint32 GSSAPI_CALLCONV _gss_pname_to_uid_t (
OM_uint32 *, /* minor_status */
const gss_name_t, /* name */
@@ -572,8 +544,6 @@ typedef struct gssapi_mech_interface_desc {
_gss_set_name_attribute_t *gm_set_name_attribute;
_gss_delete_name_attribute_t *gm_delete_name_attribute;
_gss_export_name_composite_t *gm_export_name_composite;
_gss_acquire_cred_with_password_t *gm_acquire_cred_with_password;
_gss_add_cred_with_password_t *gm_add_cred_with_password;
struct gss_mech_compat_desc_struct *gm_compat;
} gssapi_mech_interface_desc, *gssapi_mech_interface;

1
lib/gssapi/libgssapi-exports.def
View File

@@ -11,6 +11,7 @@ EXPORTS
__gss_c_attr_stream_sizes_oid_desc DATA
gss_accept_sec_context
gss_acquire_cred
gss_acquire_cred_ext
gss_acquire_cred_with_password
gss_add_buffer_set_member
gss_add_cred

37
lib/gssapi/mech/compat.h
View File

@@ -51,13 +51,44 @@ typedef OM_uint32 GSSAPI_CALLCONV _gss_inquire_attrs_for_mech_t (
gss_OID_set * /* known_mech_attrs */
);
typedef OM_uint32 GSSAPI_CALLCONV _gss_acquire_cred_with_password_t
(OM_uint32 *, /* minor_status */
const gss_name_t, /* desired_name */
const gss_buffer_t, /* password */
OM_uint32, /* time_req */
const gss_OID_set, /* desired_mechs */
gss_cred_usage_t, /* cred_usage */
gss_cred_id_t *, /* output_cred_handle */
gss_OID_set *, /* actual_mechs */
OM_uint32 * /* time_rec */
);
typedef OM_uint32 GSSAPI_CALLCONV _gss_add_cred_with_password_t (
OM_uint32 *, /* minor_status */
const gss_cred_id_t, /* input_cred_handle */
const gss_name_t, /* desired_name */
const gss_OID, /* desired_mech */
const gss_buffer_t, /* password */
gss_cred_usage_t, /* cred_usage */
OM_uint32, /* initiator_time_req */
OM_uint32, /* acceptor_time_req */
gss_cred_id_t *, /* output_cred_handle */
gss_OID_set *, /* actual_mechs */
OM_uint32 *, /* initiator_time_rec */
OM_uint32 * /* acceptor_time_rec */
);
/*
* API-as-SPI compatibility for compatibility with MIT mechanisms;
* native Heimdal mechanisms should not use these.
*/
struct gss_mech_compat_desc_struct {
_gss_inquire_saslname_for_mech_t *gmc_inquire_saslname_for_mech;
_gss_inquire_mech_for_saslname_t *gmc_inquire_mech_for_saslname;
_gss_inquire_attrs_for_mech_t *gmc_inquire_attrs_for_mech;
_gss_inquire_saslname_for_mech_t *gmc_inquire_saslname_for_mech;
_gss_inquire_mech_for_saslname_t *gmc_inquire_mech_for_saslname;
_gss_inquire_attrs_for_mech_t *gmc_inquire_attrs_for_mech;
_gss_acquire_cred_with_password_t *gmc_acquire_cred_with_password;
#if 0
_gss_add_cred_with_password_t *gmc_add_cred_with_password;
#endif
};

25
lib/gssapi/mech/gss_acquire_cred_ext.c
View File

@@ -109,7 +109,30 @@ gss_acquire_cred_ext(OM_uint32 *minor_status,
mc->gmc_mech_oid,
cred_usage,
&mc->gmc_cred);
} else if (credential_type != GSS_C_NO_OID) {
} else if (gss_oid_equal(credential_type, GSS_C_CRED_PASSWORD) &&
m->gm_compat &&
m->gm_compat->gmc_acquire_cred_with_password) {
/*
* Shim for mechanisms that adhere to API-as-SPI and do not
* implement gss_acquire_cred_ext().
*/
gss_OID_set_desc set2;
_gss_acquire_cred_with_password_t *acwp
= m->gm_compat->gmc_acquire_cred_with_password;
set2.count = 1;
set2.elements = mc->gmc_mech_oid;
major_status = acwp(minor_status,
desired_mech_name,
(const gss_buffer_t)credential_data,
time_req,
&set2,
cred_usage,
&mc->gmc_cred,
NULL,
NULL);
} else if (credential_type == GSS_C_NO_OID) {
gss_OID_set_desc set2;
set2.count = 1;

5
lib/gssapi/mech/gss_mech_switch.c
View File

@@ -360,20 +360,20 @@ _gss_load_mech(void)
OPTSYM(export_cred);
OPTSYM(import_cred);
OPTSYM(acquire_cred_ext);
#if 0
OPTSYM(iter_creds);
OPTSYM(destroy_cred);
OPTSYM(cred_hold);
OPTSYM(cred_unhold);
OPTSYM(cred_label_get);
OPTSYM(cred_label_set);
#endif
OPTSYM(display_name_ext);
OPTSYM(inquire_name);
OPTSYM(get_name_attribute);
OPTSYM(set_name_attribute);
OPTSYM(delete_name_attribute);
OPTSYM(export_name_composite);
OPTSPISYM(acquire_cred_with_password);
OPTSYM(add_cred_with_password);
OPTSYM(pname_to_uid);
OPTSPISYM(authorize_localname);
@@ -388,6 +388,7 @@ _gss_load_mech(void)
COMPATSYM(inquire_saslname_for_mech);
COMPATSYM(inquire_mech_for_saslname);
COMPATSYM(inquire_attrs_for_mech);
COMPATSYM(acquire_cred_with_password);
}
/* pick up the oid sets of names */

8
lib/gssapi/test_context.c
View File

@@ -585,11 +585,11 @@ main(int argc, char **argv)
gssapi_err(maj_stat, min_stat, GSS_C_NO_OID));
gss_release_name(&min_stat, &cname);
} else if (credential_type) {
maj_stat = gss_acquire_cred_ex(&min_stat, GSS_C_NO_NAME,
credential_type, &credential_data,
0, GSS_C_NO_OID, GSS_C_INITIATE, &client_cred);
maj_stat = gss_acquire_cred_ext(&min_stat, GSS_C_NO_NAME,
credential_type, &credential_data,
0, GSS_C_NO_OID, GSS_C_INITIATE, &client_cred);
if (GSS_ERROR(maj_stat))
errx(1, "gss_acquire_cred_ex: %s",
errx(1, "gss_acquire_cred_ext: %s",
gssapi_err(maj_stat, min_stat, GSS_C_NO_OID));
}

2
lib/gssapi/version-script.map
View File

@@ -20,7 +20,7 @@ HEIMDAL_GSS_2.0 {
gss_acquire_cred_with_password;
gss_add_buffer_set_member;
gss_add_cred;
gss_add_cred_with_password;
# gss_add_cred_with_password;
gss_add_oid_set_member;
gss_authorize_localname;
gss_canonicalize_name;