diff --git a/lib/gssapi/NTMakefile b/lib/gssapi/NTMakefile index d407e166f..af5e2131e 100644 --- a/lib/gssapi/NTMakefile +++ b/lib/gssapi/NTMakefile @@ -172,6 +172,7 @@ ntlmsrc = \ ntlm/canonicalize_name.c \ ntlm/compare_name.c \ ntlm/context_time.c \ + ntlm/creds.c \ ntlm/crypto.c \ ntlm/delete_sec_context.c \ ntlm/display_name.c \ @@ -186,10 +187,11 @@ ntlmsrc = \ ntlm/indicate_mechs.c \ ntlm/init_sec_context.c \ ntlm/inquire_context.c \ - ntlm/inquire_cred.c \ ntlm/inquire_cred_by_mech.c \ ntlm/inquire_mechs_for_name.c \ ntlm/inquire_names_for_mech.c \ + ntlm/inquire_sec_context_by_oid.c \ + ntlm/iter_cred.c \ ntlm/process_context_token.c \ ntlm/release_cred.c \ ntlm/release_name.c \ @@ -374,6 +376,7 @@ libgssapi_OBJs = \ $(OBJ)\ntlm/canonicalize_name.obj \ $(OBJ)\ntlm/compare_name.obj \ $(OBJ)\ntlm/context_time.obj \ + $(OBJ)\ntlm/creds.obj \ $(OBJ)\ntlm/crypto.obj \ $(OBJ)\ntlm/delete_sec_context.obj \ $(OBJ)\ntlm/display_name.obj \ @@ -387,10 +390,11 @@ libgssapi_OBJs = \ $(OBJ)\ntlm/indicate_mechs.obj \ $(OBJ)\ntlm/init_sec_context.obj \ $(OBJ)\ntlm/inquire_context.obj \ - $(OBJ)\ntlm/inquire_cred.obj \ $(OBJ)\ntlm/inquire_cred_by_mech.obj \ $(OBJ)\ntlm/inquire_mechs_for_name.obj \ $(OBJ)\ntlm/inquire_names_for_mech.obj \ + $(OBJ)\ntlm/inquire_sec_context_by_oid.obj \ + $(OBJ)\ntlm/iter_cred.obj \ $(OBJ)\ntlm/process_context_token.obj \ $(OBJ)\ntlm/release_cred.obj \ $(OBJ)\ntlm/release_name.obj \ diff --git a/lib/gssapi/ntlm/creds.c b/lib/gssapi/ntlm/creds.c index a3f1455b5..ac308731b 100644 --- a/lib/gssapi/ntlm/creds.c +++ b/lib/gssapi/ntlm/creds.c @@ -35,7 +35,8 @@ #include "ntlm.h" -OM_uint32 _gss_ntlm_inquire_cred +OM_uint32 GSSAPI_CALLCONV +_gss_ntlm_inquire_cred (OM_uint32 * minor_status, const gss_cred_id_t cred_handle, gss_name_t * name, @@ -85,26 +86,20 @@ out: return ret; } -OM_uint32 -_gss_ntlm_destroy_cred(OM_uint32 *minor_status, - gss_cred_id_t *cred_handle) +#ifdef HAVE_KCM +static OM_uint32 +_gss_ntlm_destroy_kcm_cred(gss_cred_id_t *cred_handle) { - krb5_error_code ret; krb5_storage *request, *response; krb5_data response_data; krb5_context context; ntlm_cred cred; - if (cred_handle == NULL || *cred_handle == GSS_C_NO_CREDENTIAL) - return GSS_S_COMPLETE; - cred = (ntlm_cred)*cred_handle; ret = krb5_init_context(&context); - if (ret) { - *minor_status = ret; - return GSS_S_FAILURE; - } + if (ret) + return ret; ret = krb5_kcm_storage_request(context, KCM_OP_DEL_NTLM_CRED, &request); if (ret) @@ -128,10 +123,29 @@ _gss_ntlm_destroy_cred(OM_uint32 *minor_status, out: krb5_free_context(context); + + return ret; +} +#endif /* HAVE_KCM */ + +OM_uint32 GSSAPI_CALLCONV +_gss_ntlm_destroy_cred(OM_uint32 *minor_status, + gss_cred_id_t *cred_handle) +{ +#ifdef HAVE_KCM + krb5_error_code ret; +#endif + + if (cred_handle == NULL || *cred_handle == GSS_C_NO_CREDENTIAL) + return GSS_S_COMPLETE; + +#ifdef HAVE_KCM + ret = _gss_ntlm_destroy_kcm_cred(cred_handle); if (ret) { *minor_status = ret; return GSS_S_FAILURE; } +#endif return _gss_ntlm_release_cred(minor_status, cred_handle); } diff --git a/lib/gssapi/ntlm/inquire_sec_context_by_oid.c b/lib/gssapi/ntlm/inquire_sec_context_by_oid.c index ead08854b..ee791b15a 100644 --- a/lib/gssapi/ntlm/inquire_sec_context_by_oid.c +++ b/lib/gssapi/ntlm/inquire_sec_context_by_oid.c @@ -35,7 +35,7 @@ #include "ntlm.h" -OM_uint32 +OM_uint32 GSSAPI_CALLCONV _gss_ntlm_inquire_sec_context_by_oid(OM_uint32 *minor_status, const gss_ctx_id_t context_handle, const gss_OID desired_object, diff --git a/lib/gssapi/ntlm/iter_cred.c b/lib/gssapi/ntlm/iter_cred.c index 060d5289a..81032be2d 100644 --- a/lib/gssapi/ntlm/iter_cred.c +++ b/lib/gssapi/ntlm/iter_cred.c @@ -35,11 +35,12 @@ #include "ntlm.h" -void +void GSSAPI_CALLCONV _gss_ntlm_iter_creds_f(OM_uint32 flags, void *userctx , void (*cred_iter)(void *, gss_OID, gss_cred_id_t)) { +#ifdef HAVE_KCM krb5_error_code ret; krb5_context context = NULL; krb5_storage *request, *response; @@ -93,5 +94,6 @@ _gss_ntlm_iter_creds_f(OM_uint32 flags, done: if (context) krb5_free_context(context); +#endif /* HAVE_KCM */ (*cred_iter)(userctx, NULL, NULL); }