diff options
| author | Simo Sorce <simo@redhat.com> | 2012-06-07 12:54:43 -0400 |
|---|---|---|
| committer | Greg Hudson <ghudson@mit.edu> | 2012-08-06 16:08:23 -0400 |
| commit | 22881a18581623cd4742d9197c90b106645d67a9 (patch) | |
| tree | 6173afd98a4a280e14c1631bc8d692cdf14c8e9b /src/lib/gssapi/mechglue | |
| parent | bb02471343e899c600025248501cd6c8ac737c55 (diff) | |
| download | krb5-22881a18581623cd4742d9197c90b106645d67a9.tar.gz krb5-22881a18581623cd4742d9197c90b106645d67a9.tar.xz krb5-22881a18581623cd4742d9197c90b106645d67a9.zip | |
Pass the actual mech oid in creds functions
This way the mechanism handler knows what mech type is intended.
This allows plugin that implement multiple mechanisms or interposer
plugins to know what they are being asked to do.
Diffstat (limited to 'src/lib/gssapi/mechglue')
| -rw-r--r-- | src/lib/gssapi/mechglue/g_acquire_cred.c | 16 | ||||
| -rw-r--r-- | src/lib/gssapi/mechglue/g_acquire_cred_with_pw.c | 29 |
2 files changed, 34 insertions, 11 deletions
diff --git a/src/lib/gssapi/mechglue/g_acquire_cred.c b/src/lib/gssapi/mechglue/g_acquire_cred.c index c28bf720e3..d228a7731e 100644 --- a/src/lib/gssapi/mechglue/g_acquire_cred.c +++ b/src/lib/gssapi/mechglue/g_acquire_cred.c @@ -373,6 +373,7 @@ gss_add_cred_from(minor_status, input_cred_handle, gss_cred_id_t cred = NULL; gss_OID new_mechs_array = NULL; gss_cred_id_t * new_cred_array = NULL; + gss_OID_set target_mechs = GSS_C_NO_OID_SET; status = val_add_cred_args(minor_status, input_cred_handle, @@ -439,15 +440,24 @@ gss_add_cred_from(minor_status, input_cred_handle, else time_req = 0; + status = gss_create_empty_oid_set(minor_status, &target_mechs); + if (status != GSS_S_COMPLETE) + goto errout; + + status = gss_add_oid_set_member(minor_status, + &mech->mech_type, &target_mechs); + if (status != GSS_S_COMPLETE) + goto errout; + if (mech->gss_acquire_cred_from) { status = mech->gss_acquire_cred_from(minor_status, internal_name, - time_req, GSS_C_NULL_OID_SET, + time_req, target_mechs, cred_usage, cred_store, &cred, NULL, &time_rec); } else if (cred_store == GSS_C_NO_CRED_STORE) { status = mech->gss_acquire_cred(minor_status, internal_name, time_req, - GSS_C_NULL_OID_SET, cred_usage, &cred, - NULL, &time_rec); + target_mechs, cred_usage, &cred, NULL, + &time_rec); } else { return GSS_S_UNAVAILABLE; } diff --git a/src/lib/gssapi/mechglue/g_acquire_cred_with_pw.c b/src/lib/gssapi/mechglue/g_acquire_cred_with_pw.c index 6ac650b35e..35ec25c849 100644 --- a/src/lib/gssapi/mechglue/g_acquire_cred_with_pw.c +++ b/src/lib/gssapi/mechglue/g_acquire_cred_with_pw.c @@ -339,6 +339,7 @@ gss_add_cred_with_password(minor_status, input_cred_handle, gss_cred_id_t cred = NULL; gss_OID new_mechs_array = NULL; gss_cred_id_t * new_cred_array = NULL; + gss_OID_set target_mechs = GSS_C_NO_OID_SET; status = val_add_cred_pw_args(minor_status, input_cred_handle, @@ -402,15 +403,24 @@ gss_add_cred_with_password(minor_status, input_cred_handle, else time_req = 0; + status = gss_create_empty_oid_set(minor_status, &target_mechs); + if (status != GSS_S_COMPLETE) + goto errout; + + status = gss_add_oid_set_member(minor_status, + &mech->mech_type, &target_mechs); + if (status != GSS_S_COMPLETE) + goto errout; + status = mech_ext->gssspi_acquire_cred_with_password(minor_status, - internal_name, - password, - time_req, - GSS_C_NULL_OID_SET, - cred_usage, - &cred, - NULL, - &time_rec); + internal_name, + password, + time_req, + target_mechs, + cred_usage, + &cred, + NULL, + &time_rec); if (status != GSS_S_COMPLETE) { map_error(minor_status, mech); goto errout; @@ -506,6 +516,9 @@ errout: &mech->mech_type, &allocated_name); + if (target_mechs) + (void)gss_release_oid_set(&temp_minor_status, &target_mechs); + if (input_cred_handle == GSS_C_NO_CREDENTIAL && union_cred) free(union_cred); |