diff --git a/lib/gssapi/mech/gss_krb5.c b/lib/gssapi/mech/gss_krb5.c index 7610da6b5..9fae26dd2 100644 --- a/lib/gssapi/mech/gss_krb5.c +++ b/lib/gssapi/mech/gss_krb5.c @@ -94,19 +94,71 @@ gss_krb5_import_cred(OM_uint32 *minor_status, krb5_keytab keytab, gss_cred_id_t *cred) { + gss_buffer_desc buffer; OM_uint32 major_status; + krb5_context context; + krb5_error_code ret; krb5_storage *sp; krb5_data data; - gss_buffer_desc buffer; + char *str; + + ret = krb5_init_context(&context); + if (ret) { + *minor_status = ret; + return GSS_S_FAILURE; + } sp = krb5_storage_emem(); + if (sp == NULL) { + *minor_status = ENOMEM; + major_status = GSS_S_FAILURE; + goto out; + } - krb5_store_string(sp, ""); - krb5_store_string(sp, ""); - krb5_store_string(sp, ""); + if (id) { + ret = krb5_cc_get_full_name(context, id, &str); + if (ret == 0) { + ret = krb5_store_string(sp, str); + free(str); + } + } else + ret = krb5_store_string(sp, ""); + if (ret) { + *minor_status = ret; + major_status = GSS_S_FAILURE; + goto out; + } + + if (keytab_principal) { + ret = krb5_unparse_name(context, keytab_principal, &str); + if (ret == 0) { + ret = krb5_store_string(sp, str); + free(str); + } + } else + krb5_store_string(sp, ""); + if (ret) { + *minor_status = ret; + major_status = GSS_S_FAILURE; + goto out; + } + + + if (keytab) { + ret = krb5_kt_get_full_name(context, keytab, &str); + if (ret == 0) { + ret = krb5_store_string(sp, str); + free(str); + } + } else + krb5_store_string(sp, ""); + if (ret) { + *minor_status = ret; + major_status = GSS_S_FAILURE; + goto out; + } krb5_storage_to_data(sp, &data); - krb5_storage_free(sp); buffer.value = data.data; buffer.length = data.length; @@ -116,6 +168,10 @@ gss_krb5_import_cred(OM_uint32 *minor_status, GSS_KRB5_IMPORT_CRED_X, &buffer); krb5_data_free(&data); +out: + if (sp) + krb5_storage_free(sp); + krb5_free_context(context); return major_status; }