diff options
author | Jeffrey Altman <jaltman@secure-endpoints.com> | 2005-10-31 19:23:19 +0000 |
---|---|---|
committer | Jeffrey Altman <jaltman@secure-endpoints.com> | 2005-10-31 19:23:19 +0000 |
commit | 95435446e6bfc3223d5946acde45b3ad806738ff (patch) | |
tree | cd8dae3fca68c17313a2d295883036f493c5b155 /src/lib/gssapi/krb5/acquire_cred.c | |
parent | 2351f07bfbe562bf73ae41d3a9ed9c358b3083ed (diff) | |
download | krb5-95435446e6bfc3223d5946acde45b3ad806738ff.tar.gz krb5-95435446e6bfc3223d5946acde45b3ad806738ff.tar.xz krb5-95435446e6bfc3223d5946acde45b3ad806738ff.zip |
* acquire_cred.c (acquire_init_cred):
If a specific principal has been requested, attempt to acquire
tickets and set the ccache name in the context to the ccache
containing the tickets if obtained. (KFM/KFW)
* ccdefault.c:
(krb5int_cc_default) - add KFW support for multiple ccaches
ticket: 3223
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17468 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/lib/gssapi/krb5/acquire_cred.c')
-rw-r--r-- | src/lib/gssapi/krb5/acquire_cred.c | 49 |
1 files changed, 37 insertions, 12 deletions
diff --git a/src/lib/gssapi/krb5/acquire_cred.c b/src/lib/gssapi/krb5/acquire_cred.c index 5318b6d77f..c293b27839 100644 --- a/src/lib/gssapi/krb5/acquire_cred.c +++ b/src/lib/gssapi/krb5/acquire_cred.c @@ -79,8 +79,11 @@ #include <strings.h> #endif -#ifdef USE_LOGIN_LIBRARY +#if defined(USE_LOGIN_LIBRARY) #include <Kerberos/KerberosLoginPrivate.h> +#elif defined(USE_LEASH) +static void (*pLeash_AcquireInitialTicketsIfNeeded)(krb5_context,krb5_principal,char*,int) = NULL; +static HANDLE hLeashDLL = INVALID_HANDLE_VALUE; #endif k5_mutex_t gssint_krb5_keytab_lock = K5_MUTEX_PARTIAL_INITIALIZER; @@ -227,8 +230,9 @@ acquire_init_cred(context, minor_status, desired_name, output_princ, cred) if (GSS_ERROR(kg_sync_ccache_name(context, minor_status))) return(GSS_S_FAILURE); -#ifdef USE_LOGIN_LIBRARY +#if defined(USE_LOGIN_LIBRARY) || defined(USE_LEASH) if (desired_name != NULL) { +#if defined(USE_LOGIN_LIBRARY) char *ccache_name = NULL; KLPrincipal kl_desired_princ = NULL; @@ -253,18 +257,39 @@ acquire_init_cred(context, minor_status, desired_name, output_princ, cred) if (kl_desired_princ != NULL) { KLDisposePrincipal (kl_desired_princ); } if (ccache_name != NULL) { KLDisposeString (ccache_name); } - - } else { -#endif - /* open the default credential cache */ +#elif defined(USE_LEASH) + if ( hLeashDLL == INVALID_HANDLE_VALUE ) { + hLeashDLL = LoadLibrary("leashw32.dll"); + if ( hLeashDLL != INVALID_HANDLE_VALUE ) { + (FARPROC) pLeash_AcquireInitialTicketsIfNeeded = + GetProcAddress(hLeashDLL, "not_an_API_Leash_AcquireInitialTicketsIfNeeded"); + } + } + + if ( pLeash_AcquireInitialTicketsIfNeeded ) { + char ccname[256]=""; + pLeash_AcquireInitialTicketsIfNeeded(context, (krb5_principal) desired_name, ccname, sizeof(ccname)); + if (!ccname[0]) { + *minor_status = KRB5_CC_NOTFOUND; + return(GSS_S_CRED_UNAVAIL); + } + + if ((code = krb5_cc_resolve (context, ccname, &ccache))) { + *minor_status = code; + return(GSS_S_CRED_UNAVAIL); + } + } +#endif /* USE_LEASH */ + } else +#endif /* USE_LOGIN_LIBRARY || USE_LEASH */ + { + /* open the default credential cache */ - if ((code = krb5int_cc_default(context, &ccache))) { - *minor_status = code; - return(GSS_S_CRED_UNAVAIL); - } -#ifdef USE_LOGIN_LIBRARY + if ((code = krb5int_cc_default(context, &ccache))) { + *minor_status = code; + return(GSS_S_CRED_UNAVAIL); + } } -#endif /* turn off OPENCLOSE mode while extensive frobbing is going on */ |