From 4ddc6a08eda5e889af968fe0e40b13328c574659 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Love=20H=C3=B6rnquist=20=C3=85strand?= Date: Sun, 31 Aug 2003 19:52:16 +0000 Subject: [PATCH] (gss_krb5_extract_authz_data_from_sec_context): return the kerberos authorizationdata, from idea of Luke Howard git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@12714 ec53bebd-3082-4978-b11e-865c3cabbd6b --- lib/gssapi/copy_ccache.c | 38 +++++++++++++++++++++++++++++++++++ lib/gssapi/gssapi.h | 7 +++++++ lib/gssapi/krb5/copy_ccache.c | 38 +++++++++++++++++++++++++++++++++++ lib/gssapi/krb5/gssapi.h | 7 +++++++ 4 files changed, 90 insertions(+) diff --git a/lib/gssapi/copy_ccache.c b/lib/gssapi/copy_ccache.c index b8938acb3..80db21460 100644 --- a/lib/gssapi/copy_ccache.c +++ b/lib/gssapi/copy_ccache.c @@ -60,3 +60,41 @@ gss_krb5_copy_ccache(OM_uint32 *minor_status, *minor_status = 0; return GSS_S_COMPLETE; } + +OM_uint32 +gss_krb5_extract_authz_data_from_sec_context(OM_uint32 *minor_status, + gss_ctx_id_t context_handle, + int ad_type, + gss_buffer_t ad_data) +{ + krb5_error_code ret; + krb5_data data; + + ad_data->value = NULL; + ad_data->length = 0; + + HEIMDAL_MUTEX_lock(&context_handle->ctx_id_mutex); + ret = krb5_ticket_get_authorization_data_type(gssapi_krb5_context, + context_handle->ticket, + ad_type, + &data); + HEIMDAL_MUTEX_unlock(&context_handle->ctx_id_mutex); + if (ret) { + *minor_status = ret; + return GSS_S_FAILURE; + } + + ad_data->value = malloc(data.length); + if (ad_data->value == NULL) { + krb5_data_free(&data); + *minor_status = ENOMEM; + return GSS_S_FAILURE; + } + + ad_data->length = data.length; + memcpy(ad_data->value, data.data, ad_data->length); + krb5_data_free(&data); + + *minor_status = 0; + return GSS_S_COMPLETE; +} diff --git a/lib/gssapi/gssapi.h b/lib/gssapi/gssapi.h index 462b6f3f6..2a3bcdabf 100644 --- a/lib/gssapi/gssapi.h +++ b/lib/gssapi/gssapi.h @@ -760,6 +760,13 @@ OM_uint32 gss_krb5_copy_ccache gss_cred_id_t /*cred*/, struct krb5_ccache_data */*out*/); +OM_uint32 +gss_krb5_extract_authz_data_from_sec_context + (OM_uint32 * /*minor_status*/, + gss_ctx_id_t /*context_handle*/, + int /*ad_type*/, + gss_buffer_t /*ad_data*/); + #define GSS_C_KRB5_COMPAT_DES3_MIC 1 OM_uint32 diff --git a/lib/gssapi/krb5/copy_ccache.c b/lib/gssapi/krb5/copy_ccache.c index b8938acb3..80db21460 100644 --- a/lib/gssapi/krb5/copy_ccache.c +++ b/lib/gssapi/krb5/copy_ccache.c @@ -60,3 +60,41 @@ gss_krb5_copy_ccache(OM_uint32 *minor_status, *minor_status = 0; return GSS_S_COMPLETE; } + +OM_uint32 +gss_krb5_extract_authz_data_from_sec_context(OM_uint32 *minor_status, + gss_ctx_id_t context_handle, + int ad_type, + gss_buffer_t ad_data) +{ + krb5_error_code ret; + krb5_data data; + + ad_data->value = NULL; + ad_data->length = 0; + + HEIMDAL_MUTEX_lock(&context_handle->ctx_id_mutex); + ret = krb5_ticket_get_authorization_data_type(gssapi_krb5_context, + context_handle->ticket, + ad_type, + &data); + HEIMDAL_MUTEX_unlock(&context_handle->ctx_id_mutex); + if (ret) { + *minor_status = ret; + return GSS_S_FAILURE; + } + + ad_data->value = malloc(data.length); + if (ad_data->value == NULL) { + krb5_data_free(&data); + *minor_status = ENOMEM; + return GSS_S_FAILURE; + } + + ad_data->length = data.length; + memcpy(ad_data->value, data.data, ad_data->length); + krb5_data_free(&data); + + *minor_status = 0; + return GSS_S_COMPLETE; +} diff --git a/lib/gssapi/krb5/gssapi.h b/lib/gssapi/krb5/gssapi.h index 462b6f3f6..2a3bcdabf 100644 --- a/lib/gssapi/krb5/gssapi.h +++ b/lib/gssapi/krb5/gssapi.h @@ -760,6 +760,13 @@ OM_uint32 gss_krb5_copy_ccache gss_cred_id_t /*cred*/, struct krb5_ccache_data */*out*/); +OM_uint32 +gss_krb5_extract_authz_data_from_sec_context + (OM_uint32 * /*minor_status*/, + gss_ctx_id_t /*context_handle*/, + int /*ad_type*/, + gss_buffer_t /*ad_data*/); + #define GSS_C_KRB5_COMPAT_DES3_MIC 1 OM_uint32