diff options
| author | assar <assar@FreeBSD.org> | 2001-02-13 16:46:19 +0000 |
|---|---|---|
| committer | assar <assar@FreeBSD.org> | 2001-02-13 16:46:19 +0000 |
| commit | ebfe6dc471c206300fd82c7c0fd145f683aa52f6 (patch) | |
| tree | e66aa570ad1d12c43b32a7313b0f8e28971bf8a9 /crypto/heimdal/lib/gssapi/acquire_cred.c | |
| parent | e5f617598c2db0dd51906a38ecea9208123a8b70 (diff) | |
| download | FreeBSD-src-ebfe6dc471c206300fd82c7c0fd145f683aa52f6.zip FreeBSD-src-ebfe6dc471c206300fd82c7c0fd145f683aa52f6.tar.gz | |
import of heimdal 0.3e
Diffstat (limited to 'crypto/heimdal/lib/gssapi/acquire_cred.c')
| -rw-r--r-- | crypto/heimdal/lib/gssapi/acquire_cred.c | 63 |
1 files changed, 59 insertions, 4 deletions
diff --git a/crypto/heimdal/lib/gssapi/acquire_cred.c b/crypto/heimdal/lib/gssapi/acquire_cred.c index 821bbc3..341d06d 100644 --- a/crypto/heimdal/lib/gssapi/acquire_cred.c +++ b/crypto/heimdal/lib/gssapi/acquire_cred.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997 Kungliga Tekniska Högskolan + * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -33,7 +33,7 @@ #include "gssapi_locl.h" -RCSID("$Id: acquire_cred.c,v 1.3 1999/12/02 17:05:03 joda Exp $"); +RCSID("$Id: acquire_cred.c,v 1.4 2001/01/30 00:49:05 assar Exp $"); OM_uint32 gss_acquire_cred (OM_uint32 * minor_status, @@ -48,21 +48,67 @@ OM_uint32 gss_acquire_cred { gss_cred_id_t handle; OM_uint32 ret; + krb5_principal def_princ; + krb5_ccache ccache; + krb5_error_code pret = -1, kret = 0; + krb5_keytab kt; + krb5_creds cred; + krb5_get_init_creds_opt opt; handle = (gss_cred_id_t)malloc(sizeof(*handle)); if (handle == GSS_C_NO_CREDENTIAL) { return GSS_S_FAILURE; } + memset(handle, 0, sizeof (*handle)); ret = gss_duplicate_name(minor_status, desired_name, &handle->principal); if (ret) { return ret; } + if (krb5_cc_default(gssapi_krb5_context, &ccache) == 0 && + (pret = krb5_cc_get_principal(gssapi_krb5_context, ccache, + &def_princ)) == 0 && + krb5_principal_compare(gssapi_krb5_context, handle->principal, + def_princ) == TRUE) { + handle->ccache = ccache; + handle->keytab = NULL; + } else { + kret = krb5_kt_default(gssapi_krb5_context, &kt); + if (kret != 0) + goto out; + krb5_get_init_creds_opt_init(&opt); + memset(&cred, 0, sizeof(cred)); + kret = krb5_get_init_creds_keytab(gssapi_krb5_context, &cred, + handle->principal, kt, 0, NULL, &opt); + if (kret != 0) { + krb5_kt_close(gssapi_krb5_context, kt); + goto out; + } + kret = krb5_cc_gen_new(gssapi_krb5_context, &krb5_mcc_ops, &ccache); + if (kret != 0) { + krb5_kt_close(gssapi_krb5_context, kt); + goto out; + } + kret = krb5_cc_initialize(gssapi_krb5_context, ccache, cred.client); + if (kret != 0) { + krb5_kt_close(gssapi_krb5_context, kt); + krb5_cc_close(gssapi_krb5_context, ccache); + goto out; + } + kret = krb5_cc_store_cred(gssapi_krb5_context, ccache, &cred); + if (kret != 0) { + krb5_kt_close(gssapi_krb5_context, kt); + krb5_cc_close(gssapi_krb5_context, ccache); + goto out; + } + handle->ccache = ccache; + handle->keytab = kt; + } + + /* XXX */ handle->lifetime = time_req; - - handle->keytab = NULL; handle->usage = cred_usage; ret = gss_create_empty_oid_set(minor_status, &handle->mechanisms); @@ -83,5 +129,14 @@ OM_uint32 gss_acquire_cred *output_cred_handle = handle; +out: + if (pret == 0) + krb5_free_principal(gssapi_krb5_context, def_princ); + + if (kret != 0) { + *minor_status = kret; + return GSS_S_FAILURE; + } + return GSS_S_COMPLETE; } |
