summaryrefslogtreecommitdiffstats
path: root/proxy
diff options
context:
space:
mode:
Diffstat (limited to 'proxy')
-rw-r--r--proxy/src/client/gpm_accept_sec_context.c8
-rw-r--r--proxy/src/client/gpm_acquire_cred.c12
-rw-r--r--proxy/src/client/gpm_init_sec_context.c6
-rw-r--r--proxy/src/client/gpm_release_handle.c6
-rw-r--r--proxy/src/client/gssapi_gpm.h14
-rw-r--r--proxy/src/mechglue/gss_plugin.h5
-rw-r--r--proxy/tests/cli_srv_comm.c6
7 files changed, 31 insertions, 26 deletions
diff --git a/proxy/src/client/gpm_accept_sec_context.c b/proxy/src/client/gpm_accept_sec_context.c
index d5eeb8a..a4b08d4 100644
--- a/proxy/src/client/gpm_accept_sec_context.c
+++ b/proxy/src/client/gpm_accept_sec_context.c
@@ -28,7 +28,7 @@
OM_uint32 gpm_accept_sec_context(OM_uint32 *minor_status,
gss_ctx_id_t *context_handle,
- gss_cred_id_t acceptor_cred_handle,
+ gssx_cred *acceptor_cred_handle,
gss_buffer_t input_token_buffer,
gss_channel_bindings_t input_chan_bindings,
gss_name_t *src_name,
@@ -36,7 +36,7 @@ OM_uint32 gpm_accept_sec_context(OM_uint32 *minor_status,
gss_buffer_t output_token,
OM_uint32 *ret_flags,
OM_uint32 *time_rec,
- gss_cred_id_t *delegated_cred_handle)
+ gssx_cred **delegated_cred_handle)
{
union gp_rpc_arg uarg;
union gp_rpc_res ures;
@@ -58,7 +58,7 @@ OM_uint32 gpm_accept_sec_context(OM_uint32 *minor_status,
}
if (acceptor_cred_handle) {
- arg->cred_handle = (gssx_cred *)acceptor_cred_handle;
+ arg->cred_handle = acceptor_cred_handle;
}
ret = gp_conv_buffer_to_gssx(input_token_buffer, &arg->input_token);
@@ -141,7 +141,7 @@ OM_uint32 gpm_accept_sec_context(OM_uint32 *minor_status,
if (res->delegated_cred_handle) {
if (delegated_cred_handle) {
- *delegated_cred_handle = (gss_cred_id_t)res->delegated_cred_handle;
+ *delegated_cred_handle = res->delegated_cred_handle;
}
/* we are stealing the delegated creds on success, so we do not want
* it to be freed by xdr_free */
diff --git a/proxy/src/client/gpm_acquire_cred.c b/proxy/src/client/gpm_acquire_cred.c
index b7b301b..99d6438 100644
--- a/proxy/src/client/gpm_acquire_cred.c
+++ b/proxy/src/client/gpm_acquire_cred.c
@@ -72,7 +72,7 @@ OM_uint32 gpm_acquire_cred(OM_uint32 *minor_status,
OM_uint32 time_req,
const gss_OID_set desired_mechs,
gss_cred_usage_t cred_usage,
- gss_cred_id_t *output_cred_handle,
+ gssx_cred **output_cred_handle,
gss_OID_set *actual_mechs,
OM_uint32 *time_rec)
{
@@ -161,7 +161,7 @@ OM_uint32 gpm_acquire_cred(OM_uint32 *minor_status,
}
/* we steal the cred handler here */
- *output_cred_handle = (gss_cred_id_t)res->output_cred_handle;
+ *output_cred_handle = res->output_cred_handle;
res->output_cred_handle = NULL;
ret_maj = GSS_S_COMPLETE;
ret_min = 0;
@@ -173,13 +173,13 @@ done:
}
OM_uint32 gpm_add_cred(OM_uint32 *minor_status,
- const gss_cred_id_t input_cred_handle,
+ gssx_cred *input_cred_handle,
const gss_name_t desired_name,
const gss_OID desired_mech,
gss_cred_usage_t cred_usage,
OM_uint32 initiator_time_req,
OM_uint32 acceptor_time_req,
- gss_cred_id_t *output_cred_handle,
+ gssx_cred **output_cred_handle,
gss_OID_set *actual_mechs,
OM_uint32 *initiator_time_rec,
OM_uint32 *acceptor_time_rec)
@@ -199,7 +199,7 @@ OM_uint32 gpm_add_cred(OM_uint32 *minor_status,
/* ignore call_ctx for now */
if (input_cred_handle) {
- arg->input_cred_handle = (gssx_cred *)input_cred_handle;
+ arg->input_cred_handle = input_cred_handle;
}
if (output_cred_handle != NULL) {
arg->add_cred_to_input_handle = true;
@@ -275,7 +275,7 @@ OM_uint32 gpm_add_cred(OM_uint32 *minor_status,
if (output_cred_handle) {
/* we steal the cred handler here */
- *output_cred_handle = (gss_cred_id_t)res->output_cred_handle;
+ *output_cred_handle = res->output_cred_handle;
res->output_cred_handle = NULL;
}
diff --git a/proxy/src/client/gpm_init_sec_context.c b/proxy/src/client/gpm_init_sec_context.c
index 0769363..581dbc5 100644
--- a/proxy/src/client/gpm_init_sec_context.c
+++ b/proxy/src/client/gpm_init_sec_context.c
@@ -27,7 +27,7 @@
#include "src/gp_conv.h"
OM_uint32 gpm_init_sec_context(OM_uint32 *minor_status,
- gss_cred_id_t claimant_cred_handle,
+ gssx_cred *cred_handle,
gss_ctx_id_t *context_handle,
gss_name_t target_name,
gss_OID mech_type,
@@ -55,8 +55,8 @@ OM_uint32 gpm_init_sec_context(OM_uint32 *minor_status,
memset(&ures, 0, sizeof(union gp_rpc_res));
/* prepare proxy request */
- if (claimant_cred_handle != GSS_C_NO_CREDENTIAL) {
- arg->cred_handle = (gssx_cred *)claimant_cred_handle;
+ if (cred_handle != NULL) {
+ arg->cred_handle = cred_handle;
}
if (*context_handle) {
diff --git a/proxy/src/client/gpm_release_handle.c b/proxy/src/client/gpm_release_handle.c
index 010c148..f1eee00 100644
--- a/proxy/src/client/gpm_release_handle.c
+++ b/proxy/src/client/gpm_release_handle.c
@@ -26,7 +26,7 @@
#include "gssapi_gpm.h"
OM_uint32 gpm_release_cred(OM_uint32 *minor_status,
- gss_cred_id_t *cred_handle)
+ gssx_cred **cred_handle)
{
union gp_rpc_arg uarg;
union gp_rpc_res ures;
@@ -35,11 +35,11 @@ OM_uint32 gpm_release_cred(OM_uint32 *minor_status,
gssx_cred *r;
int ret;
- if (cred_handle == NULL || *cred_handle == GSS_C_NO_CREDENTIAL) {
+ if (cred_handle == NULL || *cred_handle == NULL) {
return 0;
}
- r = (gssx_cred *)(*cred_handle);
+ r = (*cred_handle);
if (!r->needs_release) {
ret = GSS_S_COMPLETE;
diff --git a/proxy/src/client/gssapi_gpm.h b/proxy/src/client/gssapi_gpm.h
index d157f06..99314e5 100644
--- a/proxy/src/client/gssapi_gpm.h
+++ b/proxy/src/client/gssapi_gpm.h
@@ -57,7 +57,7 @@ OM_uint32 gpm_display_status(OM_uint32 *minor_status,
OM_uint32 gpm_accept_sec_context(OM_uint32 *minor_status,
gss_ctx_id_t *context_handle,
- gss_cred_id_t acceptor_cred_handle,
+ gssx_cred *acceptor_cred_handle,
gss_buffer_t input_token_buffer,
gss_channel_bindings_t input_chan_bindings,
gss_name_t *src_name,
@@ -65,10 +65,10 @@ OM_uint32 gpm_accept_sec_context(OM_uint32 *minor_status,
gss_buffer_t output_token,
OM_uint32 *ret_flags,
OM_uint32 *time_rec,
- gss_cred_id_t *delegated_cred_handle);
+ gssx_cred **delegated_cred_handle);
OM_uint32 gpm_release_cred(OM_uint32 *minor_status,
- gss_cred_id_t *cred_handle);
+ gssx_cred **cred_handle);
OM_uint32 gpm_delete_sec_context(OM_uint32 *minor_status,
gss_ctx_id_t *context_handle,
@@ -79,18 +79,18 @@ OM_uint32 gpm_acquire_cred(OM_uint32 *minor_status,
OM_uint32 time_req,
const gss_OID_set desired_mechs,
gss_cred_usage_t cred_usage,
- gss_cred_id_t *output_cred_handle,
+ gssx_cred **output_cred_handle,
gss_OID_set *actual_mechs,
OM_uint32 *time_rec);
OM_uint32 gpm_add_cred(OM_uint32 *minor_status,
- const gss_cred_id_t input_cred_handle,
+ gssx_cred *input_cred_handle,
const gss_name_t desired_name,
const gss_OID desired_mech,
gss_cred_usage_t cred_usage,
OM_uint32 initiator_time_req,
OM_uint32 acceptor_time_req,
- gss_cred_id_t *output_cred_handle,
+ gssx_cred **output_cred_handle,
gss_OID_set *actual_mechs,
OM_uint32 *initiator_time_rec,
OM_uint32 *acceptor_time_rec);
@@ -164,7 +164,7 @@ OM_uint32 gpm_compare_name(OM_uint32 *minor_status,
int *name_equal);
OM_uint32 gpm_init_sec_context(OM_uint32 *minor_status,
- gss_cred_id_t claimant_cred_handle,
+ gssx_cred *cred_handle,
gss_ctx_id_t *context_handle,
gss_name_t target_name,
gss_OID mech_type,
diff --git a/proxy/src/mechglue/gss_plugin.h b/proxy/src/mechglue/gss_plugin.h
index ac5aa8a..6404402 100644
--- a/proxy/src/mechglue/gss_plugin.h
+++ b/proxy/src/mechglue/gss_plugin.h
@@ -28,6 +28,11 @@
#include "src/client/gssapi_gpm.h"
+struct gpp_cred_handle {
+ gssx_cred *remote;
+ gss_cred_id_t local;
+};
+
extern const gss_OID_desc gssproxy_mech_interposer;
enum gpp_behavior {
diff --git a/proxy/tests/cli_srv_comm.c b/proxy/tests/cli_srv_comm.c
index 4094340..cac4e73 100644
--- a/proxy/tests/cli_srv_comm.c
+++ b/proxy/tests/cli_srv_comm.c
@@ -206,7 +206,7 @@ void *client_thread(void *pvt)
gss_buffer_desc out_token = GSS_C_EMPTY_BUFFER;
gss_name_t name = GSS_C_NO_NAME;
gss_ctx_id_t ctx = GSS_C_NO_CONTEXT;
- gss_cred_id_t cred_handle = GSS_C_NO_CREDENTIAL;
+ struct gssx_cred *cred_handle = NULL;
int ret = 0;
gss_buffer_desc msg_buf = GSS_C_EMPTY_BUFFER;
int conf_state;
@@ -355,10 +355,10 @@ void *server_thread(void *pvt)
uint32_t ret_maj;
uint32_t ret_min;
gss_ctx_id_t context_handle = GSS_C_NO_CONTEXT;
- gss_cred_id_t cred_handle = GSS_C_NO_CREDENTIAL;
+ struct gssx_cred *cred_handle = NULL;
gss_name_t src_name;
gss_buffer_desc out_token = GSS_C_EMPTY_BUFFER;
- gss_cred_id_t deleg_cred = GSS_C_NO_CREDENTIAL;
+ struct gssx_cred *deleg_cred = NULL;
gss_OID_set mech_set = GSS_C_NO_OID_SET;
gss_OID_set mech_names = GSS_C_NO_OID_SET;
gss_OID_set mech_types = GSS_C_NO_OID_SET;
generated by cgit (git 2.34.1) at 2025-07-04 12:47:03 +0000