oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

RFC 2743 says (regarding gss_acquire_cred),

Browse Source 
``A caller may provide the value NULL (GSS_C_NO_NAME) for
  desired_name, which will be interpreted as a request for a
  credential handle that will invoke default behavior when passed
  to GSS_Init_sec_context(), if cred_usage is GSS_C_INITIATE
  or GSS_C_BOTH, or GSS_Accept_sec_context(), if cred_usage is
  GSS_C_ACCEPT or GSS_C_BOTH.''


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@11155 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Jacques A. Vidrine
2002-08-20 12:02:45 +00:00
parent e703d7229f
commit fed304b01c
8 changed files with 48 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
lib/gssapi/ChangeLog
View File

@@ -1,3 +1,9 @@
2002-08-20 Jacques Vidrine <n@nectar.com>
* acquire_cred.c, inquire_cred.c, release_cred.c: Use default
credential resolution if gss_acquire_cred is called with
GSS_C_NO_NAME.
2002-06-20 Jacques Vidrine <n@nectar.com> 2002-06-20 Jacques Vidrine <n@nectar.com>
* import_name.c: Compare name types by value if pointers do * import_name.c: Compare name types by value if pointers do

8
lib/gssapi/acquire_cred.c
View File

@@ -164,12 +164,6 @@ static OM_uint32 acquire_acceptor_cred
kret = 0; kret = 0;
ret = GSS_S_FAILURE; ret = GSS_S_FAILURE;
if (handle->principal == NULL) {
kret = krb5_sname_to_principal(gssapi_krb5_context, NULL, NULL,
KRB5_NT_SRV_HST, &handle->principal);
if (kret)
goto end;
}
kret = get_keytab(&handle->keytab); kret = get_keytab(&handle->keytab);
if (kret) if (kret)
goto end; goto end;
@@ -210,7 +204,7 @@ OM_uint32 gss_acquire_cred
memset(handle, 0, sizeof (*handle)); memset(handle, 0, sizeof (*handle));
if (desired_name != NULL) { if (desired_name != GSS_C_NO_NAME) {
ret = gss_duplicate_name(minor_status, desired_name, ret = gss_duplicate_name(minor_status, desired_name,
&handle->principal); &handle->principal);
if (ret != GSS_S_COMPLETE) { if (ret != GSS_S_COMPLETE) {

18
lib/gssapi/inquire_cred.c
View File

@@ -51,10 +51,22 @@ OM_uint32 gss_inquire_cred
} }
if (name != NULL) { if (name != NULL) {
ret = gss_duplicate_name(minor_status, cred_handle->principal, name); if (cred_handle->principal != NULL) {
if (ret) { ret = gss_duplicate_name(minor_status, cred_handle->principal,
name);
if (ret)
return ret; return ret;
} } else if (cred_handle->usage == GSS_C_ACCEPT) {
*minor_status = krb5_sname_to_principal(gssapi_krb5_context, NULL,
NULL, KRB5_NT_SRV_HST, name);
if (*minor_status)
return GSS_S_FAILURE;
} else {
*minor_status = krb5_get_default_principal(gssapi_krb5_context,
name);
if (*minor_status)
return GSS_S_FAILURE;
}
} }
if (lifetime != NULL) { if (lifetime != NULL) {
*lifetime = cred_handle->lifetime; *lifetime = cred_handle->lifetime;

6
lib/gssapi/krb5/ChangeLog
View File

@@ -1,3 +1,9 @@
2002-08-20 Jacques Vidrine <n@nectar.com>
* acquire_cred.c, inquire_cred.c, release_cred.c: Use default
credential resolution if gss_acquire_cred is called with
GSS_C_NO_NAME.
2002-06-20 Jacques Vidrine <n@nectar.com> 2002-06-20 Jacques Vidrine <n@nectar.com>
* import_name.c: Compare name types by value if pointers do * import_name.c: Compare name types by value if pointers do

8
lib/gssapi/krb5/acquire_cred.c
View File

@@ -164,12 +164,6 @@ static OM_uint32 acquire_acceptor_cred
kret = 0; kret = 0;
ret = GSS_S_FAILURE; ret = GSS_S_FAILURE;
if (handle->principal == NULL) {
kret = krb5_sname_to_principal(gssapi_krb5_context, NULL, NULL,
KRB5_NT_SRV_HST, &handle->principal);
if (kret)
goto end;
}
kret = get_keytab(&handle->keytab); kret = get_keytab(&handle->keytab);
if (kret) if (kret)
goto end; goto end;
@@ -210,7 +204,7 @@ OM_uint32 gss_acquire_cred
memset(handle, 0, sizeof (*handle)); memset(handle, 0, sizeof (*handle));
if (desired_name != NULL) { if (desired_name != GSS_C_NO_NAME) {
ret = gss_duplicate_name(minor_status, desired_name, ret = gss_duplicate_name(minor_status, desired_name,
&handle->principal); &handle->principal);
if (ret != GSS_S_COMPLETE) { if (ret != GSS_S_COMPLETE) {

18
lib/gssapi/krb5/inquire_cred.c
View File

@@ -51,10 +51,22 @@ OM_uint32 gss_inquire_cred
} }
if (name != NULL) { if (name != NULL) {
ret = gss_duplicate_name(minor_status, cred_handle->principal, name); if (cred_handle->principal != NULL) {
if (ret) { ret = gss_duplicate_name(minor_status, cred_handle->principal,
name);
if (ret)
return ret; return ret;
} } else if (cred_handle->usage == GSS_C_ACCEPT) {
*minor_status = krb5_sname_to_principal(gssapi_krb5_context, NULL,
NULL, KRB5_NT_SRV_HST, name);
if (*minor_status)
return GSS_S_FAILURE;
} else {
*minor_status = krb5_get_default_principal(gssapi_krb5_context,
name);
if (*minor_status)
return GSS_S_FAILURE;
}
} }
if (lifetime != NULL) { if (lifetime != NULL) {
*lifetime = cred_handle->lifetime; *lifetime = cred_handle->lifetime;

3
lib/gssapi/krb5/release_cred.c
View File

@@ -46,7 +46,8 @@ OM_uint32 gss_release_cred
gssapi_krb5_init (); gssapi_krb5_init ();
krb5_free_principal(gssapi_krb5_context, (*cred_handle)->principal); if ((*cred_handle)->principal != NULL)
krb5_free_principal(gssapi_krb5_context, (*cred_handle)->principal);
if ((*cred_handle)->keytab != NULL) if ((*cred_handle)->keytab != NULL)
krb5_kt_close(gssapi_krb5_context, (*cred_handle)->keytab); krb5_kt_close(gssapi_krb5_context, (*cred_handle)->keytab);
if ((*cred_handle)->ccache != NULL) if ((*cred_handle)->ccache != NULL)

3
lib/gssapi/release_cred.c
View File

@@ -46,7 +46,8 @@ OM_uint32 gss_release_cred
gssapi_krb5_init (); gssapi_krb5_init ();
krb5_free_principal(gssapi_krb5_context, (*cred_handle)->principal); if ((*cred_handle)->principal != NULL)
krb5_free_principal(gssapi_krb5_context, (*cred_handle)->principal);
if ((*cred_handle)->keytab != NULL) if ((*cred_handle)->keytab != NULL)
krb5_kt_close(gssapi_krb5_context, (*cred_handle)->keytab); krb5_kt_close(gssapi_krb5_context, (*cred_handle)->keytab);
if ((*cred_handle)->ccache != NULL) if ((*cred_handle)->ccache != NULL)