diff options
| author | Simo Sorce <simo@redhat.com> | 2012-07-22 16:47:06 -0400 |
|---|---|---|
| committer | Simo Sorce <simo@redhat.com> | 2012-09-14 16:26:37 -0400 |
| commit | ce575c196b6837012fbcf1594df2fdd17dc52c1f (patch) | |
| tree | 50ba60e67f9f0ea9d4e464e29eed485c8c8f9004 | |
| parent | 8d914f4a22082eb54ef76ec63a0d5ba05e8aaf2d (diff) | |
| download | gss-proxy-ce575c196b6837012fbcf1594df2fdd17dc52c1f.tar.gz gss-proxy-ce575c196b6837012fbcf1594df2fdd17dc52c1f.tar.xz gss-proxy-ce575c196b6837012fbcf1594df2fdd17dc52c1f.zip | |
Add cred handle wrapper
| -rw-r--r-- | proxy/src/client/gpm_accept_sec_context.c | 8 | ||||
| -rw-r--r-- | proxy/src/client/gpm_acquire_cred.c | 12 | ||||
| -rw-r--r-- | proxy/src/client/gpm_init_sec_context.c | 6 | ||||
| -rw-r--r-- | proxy/src/client/gpm_release_handle.c | 6 | ||||
| -rw-r--r-- | proxy/src/client/gssapi_gpm.h | 14 | ||||
| -rw-r--r-- | proxy/src/mechglue/gss_plugin.h | 5 | ||||
| -rw-r--r-- | proxy/tests/cli_srv_comm.c | 6 |
7 files changed, 31 insertions, 26 deletions
diff --git a/proxy/src/client/gpm_accept_sec_context.c b/proxy/src/client/gpm_accept_sec_context.c index d5eeb8a..a4b08d4 100644 --- a/proxy/src/client/gpm_accept_sec_context.c +++ b/proxy/src/client/gpm_accept_sec_context.c @@ -28,7 +28,7 @@ OM_uint32 gpm_accept_sec_context(OM_uint32 *minor_status, gss_ctx_id_t *context_handle, - gss_cred_id_t acceptor_cred_handle, + gssx_cred *acceptor_cred_handle, gss_buffer_t input_token_buffer, gss_channel_bindings_t input_chan_bindings, gss_name_t *src_name, @@ -36,7 +36,7 @@ OM_uint32 gpm_accept_sec_context(OM_uint32 *minor_status, gss_buffer_t output_token, OM_uint32 *ret_flags, OM_uint32 *time_rec, - gss_cred_id_t *delegated_cred_handle) + gssx_cred **delegated_cred_handle) { union gp_rpc_arg uarg; union gp_rpc_res ures; @@ -58,7 +58,7 @@ OM_uint32 gpm_accept_sec_context(OM_uint32 *minor_status, } if (acceptor_cred_handle) { - arg->cred_handle = (gssx_cred *)acceptor_cred_handle; + arg->cred_handle = acceptor_cred_handle; } ret = gp_conv_buffer_to_gssx(input_token_buffer, &arg->input_token); @@ -141,7 +141,7 @@ OM_uint32 gpm_accept_sec_context(OM_uint32 *minor_status, if (res->delegated_cred_handle) { if (delegated_cred_handle) { - *delegated_cred_handle = (gss_cred_id_t)res->delegated_cred_handle; + *delegated_cred_handle = res->delegated_cred_handle; } /* we are stealing the delegated creds on success, so we do not want * it to be freed by xdr_free */ diff --git a/proxy/src/client/gpm_acquire_cred.c b/proxy/src/client/gpm_acquire_cred.c index b7b301b..99d6438 100644 --- a/proxy/src/client/gpm_acquire_cred.c +++ b/proxy/src/client/gpm_acquire_cred.c @@ -72,7 +72,7 @@ OM_uint32 gpm_acquire_cred(OM_uint32 *minor_status, OM_uint32 time_req, const gss_OID_set desired_mechs, gss_cred_usage_t cred_usage, - gss_cred_id_t *output_cred_handle, + gssx_cred **output_cred_handle, gss_OID_set *actual_mechs, OM_uint32 *time_rec) { @@ -161,7 +161,7 @@ OM_uint32 gpm_acquire_cred(OM_uint32 *minor_status, } /* we steal the cred handler here */ - *output_cred_handle = (gss_cred_id_t)res->output_cred_handle; + *output_cred_handle = res->output_cred_handle; res->output_cred_handle = NULL; ret_maj = GSS_S_COMPLETE; ret_min = 0; @@ -173,13 +173,13 @@ done: } OM_uint32 gpm_add_cred(OM_uint32 *minor_status, - const gss_cred_id_t input_cred_handle, + gssx_cred *input_cred_handle, const gss_name_t desired_name, const gss_OID desired_mech, gss_cred_usage_t cred_usage, OM_uint32 initiator_time_req, OM_uint32 acceptor_time_req, - gss_cred_id_t *output_cred_handle, + gssx_cred **output_cred_handle, gss_OID_set *actual_mechs, OM_uint32 *initiator_time_rec, OM_uint32 *acceptor_time_rec) @@ -199,7 +199,7 @@ OM_uint32 gpm_add_cred(OM_uint32 *minor_status, /* ignore call_ctx for now */ if (input_cred_handle) { - arg->input_cred_handle = (gssx_cred *)input_cred_handle; + arg->input_cred_handle = input_cred_handle; } if (output_cred_handle != NULL) { arg->add_cred_to_input_handle = true; @@ -275,7 +275,7 @@ OM_uint32 gpm_add_cred(OM_uint32 *minor_status, if (output_cred_handle) { /* we steal the cred handler here */ - *output_cred_handle = (gss_cred_id_t)res->output_cred_handle; + *output_cred_handle = res->output_cred_handle; res->output_cred_handle = NULL; } diff --git a/proxy/src/client/gpm_init_sec_context.c b/proxy/src/client/gpm_init_sec_context.c index 0769363..581dbc5 100644 --- a/proxy/src/client/gpm_init_sec_context.c +++ b/proxy/src/client/gpm_init_sec_context.c @@ -27,7 +27,7 @@ #include "src/gp_conv.h" OM_uint32 gpm_init_sec_context(OM_uint32 *minor_status, - gss_cred_id_t claimant_cred_handle, + gssx_cred *cred_handle, gss_ctx_id_t *context_handle, gss_name_t target_name, gss_OID mech_type, @@ -55,8 +55,8 @@ OM_uint32 gpm_init_sec_context(OM_uint32 *minor_status, memset(&ures, 0, sizeof(union gp_rpc_res)); /* prepare proxy request */ - if (claimant_cred_handle != GSS_C_NO_CREDENTIAL) { - arg->cred_handle = (gssx_cred *)claimant_cred_handle; + if (cred_handle != NULL) { + arg->cred_handle = cred_handle; } if (*context_handle) { diff --git a/proxy/src/client/gpm_release_handle.c b/proxy/src/client/gpm_release_handle.c index 010c148..f1eee00 100644 --- a/proxy/src/client/gpm_release_handle.c +++ b/proxy/src/client/gpm_release_handle.c @@ -26,7 +26,7 @@ #include "gssapi_gpm.h" OM_uint32 gpm_release_cred(OM_uint32 *minor_status, - gss_cred_id_t *cred_handle) + gssx_cred **cred_handle) { union gp_rpc_arg uarg; union gp_rpc_res ures; @@ -35,11 +35,11 @@ OM_uint32 gpm_release_cred(OM_uint32 *minor_status, gssx_cred *r; int ret; - if (cred_handle == NULL || *cred_handle == GSS_C_NO_CREDENTIAL) { + if (cred_handle == NULL || *cred_handle == NULL) { return 0; } - r = (gssx_cred *)(*cred_handle); + r = (*cred_handle); if (!r->needs_release) { ret = GSS_S_COMPLETE; diff --git a/proxy/src/client/gssapi_gpm.h b/proxy/src/client/gssapi_gpm.h index d157f06..99314e5 100644 --- a/proxy/src/client/gssapi_gpm.h +++ b/proxy/src/client/gssapi_gpm.h @@ -57,7 +57,7 @@ OM_uint32 gpm_display_status(OM_uint32 *minor_status, OM_uint32 gpm_accept_sec_context(OM_uint32 *minor_status, gss_ctx_id_t *context_handle, - gss_cred_id_t acceptor_cred_handle, + gssx_cred *acceptor_cred_handle, gss_buffer_t input_token_buffer, gss_channel_bindings_t input_chan_bindings, gss_name_t *src_name, @@ -65,10 +65,10 @@ OM_uint32 gpm_accept_sec_context(OM_uint32 *minor_status, gss_buffer_t output_token, OM_uint32 *ret_flags, OM_uint32 *time_rec, - gss_cred_id_t *delegated_cred_handle); + gssx_cred **delegated_cred_handle); OM_uint32 gpm_release_cred(OM_uint32 *minor_status, - gss_cred_id_t *cred_handle); + gssx_cred **cred_handle); OM_uint32 gpm_delete_sec_context(OM_uint32 *minor_status, gss_ctx_id_t *context_handle, @@ -79,18 +79,18 @@ OM_uint32 gpm_acquire_cred(OM_uint32 *minor_status, OM_uint32 time_req, const gss_OID_set desired_mechs, gss_cred_usage_t cred_usage, - gss_cred_id_t *output_cred_handle, + gssx_cred **output_cred_handle, gss_OID_set *actual_mechs, OM_uint32 *time_rec); OM_uint32 gpm_add_cred(OM_uint32 *minor_status, - const gss_cred_id_t input_cred_handle, + gssx_cred *input_cred_handle, const gss_name_t desired_name, const gss_OID desired_mech, gss_cred_usage_t cred_usage, OM_uint32 initiator_time_req, OM_uint32 acceptor_time_req, - gss_cred_id_t *output_cred_handle, + gssx_cred **output_cred_handle, gss_OID_set *actual_mechs, OM_uint32 *initiator_time_rec, OM_uint32 *acceptor_time_rec); @@ -164,7 +164,7 @@ OM_uint32 gpm_compare_name(OM_uint32 *minor_status, int *name_equal); OM_uint32 gpm_init_sec_context(OM_uint32 *minor_status, - gss_cred_id_t claimant_cred_handle, + gssx_cred *cred_handle, gss_ctx_id_t *context_handle, gss_name_t target_name, gss_OID mech_type, diff --git a/proxy/src/mechglue/gss_plugin.h b/proxy/src/mechglue/gss_plugin.h index ac5aa8a..6404402 100644 --- a/proxy/src/mechglue/gss_plugin.h +++ b/proxy/src/mechglue/gss_plugin.h @@ -28,6 +28,11 @@ #include "src/client/gssapi_gpm.h" +struct gpp_cred_handle { + gssx_cred *remote; + gss_cred_id_t local; +}; + extern const gss_OID_desc gssproxy_mech_interposer; enum gpp_behavior { diff --git a/proxy/tests/cli_srv_comm.c b/proxy/tests/cli_srv_comm.c index 4094340..cac4e73 100644 --- a/proxy/tests/cli_srv_comm.c +++ b/proxy/tests/cli_srv_comm.c @@ -206,7 +206,7 @@ void *client_thread(void *pvt) gss_buffer_desc out_token = GSS_C_EMPTY_BUFFER; gss_name_t name = GSS_C_NO_NAME; gss_ctx_id_t ctx = GSS_C_NO_CONTEXT; - gss_cred_id_t cred_handle = GSS_C_NO_CREDENTIAL; + struct gssx_cred *cred_handle = NULL; int ret = 0; gss_buffer_desc msg_buf = GSS_C_EMPTY_BUFFER; int conf_state; @@ -355,10 +355,10 @@ void *server_thread(void *pvt) uint32_t ret_maj; uint32_t ret_min; gss_ctx_id_t context_handle = GSS_C_NO_CONTEXT; - gss_cred_id_t cred_handle = GSS_C_NO_CREDENTIAL; + struct gssx_cred *cred_handle = NULL; gss_name_t src_name; gss_buffer_desc out_token = GSS_C_EMPTY_BUFFER; - gss_cred_id_t deleg_cred = GSS_C_NO_CREDENTIAL; + struct gssx_cred *deleg_cred = NULL; gss_OID_set mech_set = GSS_C_NO_OID_SET; gss_OID_set mech_names = GSS_C_NO_OID_SET; gss_OID_set mech_types = GSS_C_NO_OID_SET; |