oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

gssapi: credential store extensions (#451)

Browse Source 
Implement the GSS-API credential store API extensions defined by MIT here:

https://k5wiki.kerberos.org/wiki/Projects/Credential_Store_extensions

Note: we kill off gss_acquire_cred_ext() here. This was never a public API,
although mechanisms could have implemented it and I briefly used it in my
BrowserID prototype mechanism. gss_acquire_cred_ext_from() occupies the place
in the dispatch table where gss_acquire_cred_ext() used to, but this structure
was never visible outside Heimdal (i.e. it is only used by internal
mechanisms);

(Mechanisms that need to accept arbitrary key/value dictionaries from
applications should now implement gss_acquire_cred_from().)
This commit is contained in:
Luke Howard
2019-01-03 09:26:41 +11:00
committed by Nico Williams
parent a7d42cdf6b
commit e0bb9c10ca
39 changed files with 1289 additions and 1054 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
lib/gssapi/krb5/external.c
View File

@@ -339,7 +339,7 @@ static gssapi_mech_interface_desc krb5_mech = {
"kerberos 5",
{9, rk_UNCONST("\x2a\x86\x48\x86\xf7\x12\x01\x02\x02") },
0,
_gsskrb5_acquire_cred,
NULL, /* gm_acquire_cred */
_gsskrb5_release_cred,
_gsskrb5_init_sec_context,
_gsskrb5_accept_sec_context,
@@ -360,7 +360,7 @@ static gssapi_mech_interface_desc krb5_mech = {
_gsskrb5_inquire_cred,
_gsskrb5_inquire_context,
_gsskrb5_wrap_size_limit,
_gsskrb5_add_cred,
NULL, /* gm_add_cred */
_gsskrb5_inquire_cred_by_mech,
_gsskrb5_export_sec_context,
_gsskrb5_import_sec_context,
@@ -376,10 +376,10 @@ static gssapi_mech_interface_desc krb5_mech = {
_gk_wrap_iov,
_gk_unwrap_iov,
_gk_wrap_iov_length,
_gsskrb5_store_cred,
NULL, /* gm_store_cred */
_gsskrb5_export_cred,
_gsskrb5_import_cred,
_gsskrb5_acquire_cred_ext,
_gsskrb5_acquire_cred_from,
NULL,
NULL,
NULL,
@@ -397,6 +397,8 @@ static gssapi_mech_interface_desc krb5_mech = {
NULL, /* gm_delete_name_attribute */
NULL, /* gm_export_name_composite */
_gsskrb5_duplicate_cred,
_gsskrb5_add_cred_from,
_gsskrb5_store_cred_into,
NULL /* gm_compat */
};