make gsskrb5_register_acceptor_identity set the keytab to be used for gss_acquire_cred too
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@10284 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Assar Westerlund
@@ -35,20 +35,20 @@
|
|||||||
|
|
||||||
RCSID("$Id$");
|
RCSID("$Id$");
|
||||||
|
|
||||||
static krb5_keytab gss_keytab;
|
krb5_keytab gssapi_krb5_keytab;
|
||||||
|
|
||||||
OM_uint32
|
OM_uint32
|
||||||
gsskrb5_register_acceptor_identity (char *identity)
|
gsskrb5_register_acceptor_identity (char *identity)
|
||||||
{
|
{
|
||||||
char *p;
|
char *p;
|
||||||
if(gss_keytab != NULL) {
|
if(gssapi_krb5_keytab != NULL) {
|
||||||
krb5_kt_close(gssapi_krb5_context, gss_keytab);
|
krb5_kt_close(gssapi_krb5_context, gssapi_krb5_keytab);
|
||||||
gss_keytab = NULL;
|
gssapi_krb5_keytab = NULL;
|
||||||
}
|
}
|
||||||
asprintf(&p, "FILE:%s", identity);
|
asprintf(&p, "FILE:%s", identity);
|
||||||
if(p == NULL)
|
if(p == NULL)
|
||||||
return GSS_S_FAILURE;
|
return GSS_S_FAILURE;
|
||||||
krb5_kt_resolve(gssapi_krb5_context, p, &gss_keytab);
|
krb5_kt_resolve(gssapi_krb5_context, p, &gssapi_krb5_keytab);
|
||||||
free(p);
|
free(p);
|
||||||
return GSS_S_COMPLETE;
|
return GSS_S_COMPLETE;
|
||||||
}
|
}
|
||||||
@@ -199,8 +199,8 @@ gss_accept_sec_context
|
|||||||
}
|
}
|
||||||
|
|
||||||
if (acceptor_cred_handle == GSS_C_NO_CREDENTIAL) {
|
if (acceptor_cred_handle == GSS_C_NO_CREDENTIAL) {
|
||||||
if (gss_keytab != NULL) {
|
if (gssapi_krb5_keytab != NULL) {
|
||||||
keytab = gss_keytab;
|
keytab = gssapi_krb5_keytab;
|
||||||
}
|
}
|
||||||
} else if (acceptor_cred_handle->keytab != NULL) {
|
} else if (acceptor_cred_handle->keytab != NULL) {
|
||||||
keytab = acceptor_cred_handle->keytab;
|
keytab = acceptor_cred_handle->keytab;
|
||||||
|
|||||||
@@ -85,9 +85,23 @@ OM_uint32 gss_acquire_cred
|
|||||||
krb5_get_init_creds_opt opt;
|
krb5_get_init_creds_opt opt;
|
||||||
|
|
||||||
try_keytab:
|
try_keytab:
|
||||||
|
if (gssapi_krb5_keytab != NULL) {
|
||||||
|
char kt_name[256];
|
||||||
|
|
||||||
|
kret = krb5_kt_get_name(gssapi_krb5_context,
|
||||||
|
gssapi_krb5_keytab,
|
||||||
|
kt_name, sizeof(kt_name));
|
||||||
|
if (kret)
|
||||||
|
goto krb5_bad;
|
||||||
|
kret = krb5_kt_resolve(gssapi_krb5_context, kt_name,
|
||||||
|
&handle->keytab);
|
||||||
|
if (kret)
|
||||||
|
goto krb5_bad;
|
||||||
|
} else {
|
||||||
kret = krb5_kt_default(gssapi_krb5_context, &handle->keytab);
|
kret = krb5_kt_default(gssapi_krb5_context, &handle->keytab);
|
||||||
if (kret != 0)
|
if (kret != 0)
|
||||||
goto krb5_bad;
|
goto krb5_bad;
|
||||||
|
}
|
||||||
|
|
||||||
krb5_get_init_creds_opt_init(&opt);
|
krb5_get_init_creds_opt_init(&opt);
|
||||||
memset(&cred, 0, sizeof(cred));
|
memset(&cred, 0, sizeof(cred));
|
||||||
|
|||||||
@@ -46,6 +46,8 @@
|
|||||||
|
|
||||||
extern krb5_context gssapi_krb5_context;
|
extern krb5_context gssapi_krb5_context;
|
||||||
|
|
||||||
|
extern krb5_keytab gssapi_krb5_keytab;
|
||||||
|
|
||||||
void gssapi_krb5_init (void);
|
void gssapi_krb5_init (void);
|
||||||
|
|
||||||
krb5_error_code
|
krb5_error_code
|
||||||
|
|||||||
@@ -35,20 +35,20 @@
|
|||||||
|
|
||||||
RCSID("$Id$");
|
RCSID("$Id$");
|
||||||
|
|
||||||
static krb5_keytab gss_keytab;
|
krb5_keytab gssapi_krb5_keytab;
|
||||||
|
|
||||||
OM_uint32
|
OM_uint32
|
||||||
gsskrb5_register_acceptor_identity (char *identity)
|
gsskrb5_register_acceptor_identity (char *identity)
|
||||||
{
|
{
|
||||||
char *p;
|
char *p;
|
||||||
if(gss_keytab != NULL) {
|
if(gssapi_krb5_keytab != NULL) {
|
||||||
krb5_kt_close(gssapi_krb5_context, gss_keytab);
|
krb5_kt_close(gssapi_krb5_context, gssapi_krb5_keytab);
|
||||||
gss_keytab = NULL;
|
gssapi_krb5_keytab = NULL;
|
||||||
}
|
}
|
||||||
asprintf(&p, "FILE:%s", identity);
|
asprintf(&p, "FILE:%s", identity);
|
||||||
if(p == NULL)
|
if(p == NULL)
|
||||||
return GSS_S_FAILURE;
|
return GSS_S_FAILURE;
|
||||||
krb5_kt_resolve(gssapi_krb5_context, p, &gss_keytab);
|
krb5_kt_resolve(gssapi_krb5_context, p, &gssapi_krb5_keytab);
|
||||||
free(p);
|
free(p);
|
||||||
return GSS_S_COMPLETE;
|
return GSS_S_COMPLETE;
|
||||||
}
|
}
|
||||||
@@ -199,8 +199,8 @@ gss_accept_sec_context
|
|||||||
}
|
}
|
||||||
|
|
||||||
if (acceptor_cred_handle == GSS_C_NO_CREDENTIAL) {
|
if (acceptor_cred_handle == GSS_C_NO_CREDENTIAL) {
|
||||||
if (gss_keytab != NULL) {
|
if (gssapi_krb5_keytab != NULL) {
|
||||||
keytab = gss_keytab;
|
keytab = gssapi_krb5_keytab;
|
||||||
}
|
}
|
||||||
} else if (acceptor_cred_handle->keytab != NULL) {
|
} else if (acceptor_cred_handle->keytab != NULL) {
|
||||||
keytab = acceptor_cred_handle->keytab;
|
keytab = acceptor_cred_handle->keytab;
|
||||||
|
|||||||
@@ -85,9 +85,23 @@ OM_uint32 gss_acquire_cred
|
|||||||
krb5_get_init_creds_opt opt;
|
krb5_get_init_creds_opt opt;
|
||||||
|
|
||||||
try_keytab:
|
try_keytab:
|
||||||
|
if (gssapi_krb5_keytab != NULL) {
|
||||||
|
char kt_name[256];
|
||||||
|
|
||||||
|
kret = krb5_kt_get_name(gssapi_krb5_context,
|
||||||
|
gssapi_krb5_keytab,
|
||||||
|
kt_name, sizeof(kt_name));
|
||||||
|
if (kret)
|
||||||
|
goto krb5_bad;
|
||||||
|
kret = krb5_kt_resolve(gssapi_krb5_context, kt_name,
|
||||||
|
&handle->keytab);
|
||||||
|
if (kret)
|
||||||
|
goto krb5_bad;
|
||||||
|
} else {
|
||||||
kret = krb5_kt_default(gssapi_krb5_context, &handle->keytab);
|
kret = krb5_kt_default(gssapi_krb5_context, &handle->keytab);
|
||||||
if (kret != 0)
|
if (kret != 0)
|
||||||
goto krb5_bad;
|
goto krb5_bad;
|
||||||
|
}
|
||||||
|
|
||||||
krb5_get_init_creds_opt_init(&opt);
|
krb5_get_init_creds_opt_init(&opt);
|
||||||
memset(&cred, 0, sizeof(cred));
|
memset(&cred, 0, sizeof(cred));
|
||||||
|
|||||||
@@ -46,6 +46,8 @@
|
|||||||
|
|
||||||
extern krb5_context gssapi_krb5_context;
|
extern krb5_context gssapi_krb5_context;
|
||||||
|
|
||||||
|
extern krb5_keytab gssapi_krb5_keytab;
|
||||||
|
|
||||||
void gssapi_krb5_init (void);
|
void gssapi_krb5_init (void);
|
||||||
|
|
||||||
krb5_error_code
|
krb5_error_code
|
||||||
|
|||||||
Reference in New Issue
Block a user