1 files changed, 72 insertions, 43 deletions

diff --git a/src/lib/gssapi/mechglue/g_glue.c b/src/lib/gssapi/mechglue/g_glue.c
index 3de298cb57..1dcd147952 100644
--- a/src/lib/gssapi/mechglue/g_glue.c
+++ b/src/lib/gssapi/mechglue/g_glue.c
@@ -283,51 +283,71 @@ OM_uint32 gssint_get_mech_type(OID, token)
     return (GSS_S_COMPLETE);
 }
 
-
-/*
- *  Internal routines to get and release an internal mechanism name
- */
-
-#if 0
 static OM_uint32
-import_internal_name_composite(OM_uint32 *minor_status,
-			       gss_mechanism mech,
-			       gss_union_name_t union_name,
-			       gss_name_t *internal_name)
+import_internal_attributes(OM_uint32 *minor,
+			   gss_mechanism dmech,
+			   gss_union_name_t sname,
+			   gss_name_t dname)
 {
-    OM_uint32		status, tmp;
-    gss_mechanism	name_mech;
-    gss_buffer_desc	composite_name;
+    OM_uint32 major, tmpMinor;
+    gss_mechanism smech;
+    gss_buffer_set_t attrs = GSS_C_NO_BUFFER_SET;
+    size_t i;
 
-    if (mech->gss_import_name == NULL)
+    if (sname->mech_name == GSS_C_NO_NAME)
 	return (GSS_S_UNAVAILABLE);
 
-    name_mech = gssint_get_mechanism(union_name->mech_type);
-    if (name_mech == NULL)
+    smech = gssint_get_mechanism (sname->mech_type);
+    if (smech == NULL)
 	return (GSS_S_BAD_MECH);
 
-    if (name_mech->gss_export_name_composite == NULL)
+    if (smech->gss_inquire_name == NULL ||
+	smech->gss_get_name_attribute == NULL)
 	return (GSS_S_UNAVAILABLE);
 
-    composite_name.length = 0;
-    composite_name.value = NULL;
+    if (dmech->gss_set_name_attribute == NULL)
+	return (GSS_S_UNAVAILABLE);
 
-    status = (*name_mech->gss_export_name_composite)(minor_status,
-						     union_name->mech_name,
-						     &composite_name);
-    if (GSS_ERROR(status))
-	return (status);
+    major = smech->gss_inquire_name(minor, sname->mech_name,
+				    NULL, NULL, &attrs);
+    if (GSS_ERROR(major) || attrs == GSS_C_NO_BUFFER_SET) {
+	gss_release_buffer_set(&tmpMinor, &attrs);
+	return (major);
+    }
 
-    status = (*mech->gss_import_name)(minor_status,
-				      &composite_name,
-				      gss_nt_exported_name,
-				      internal_name);
+    for (i = 0; i < attrs->count; i++) {
+	int more = -1;
 
-    gss_release_buffer(&tmp, &composite_name);
+	while (more != 0) {
+	    gss_buffer_desc value, display_value;
+	    int authenticated, complete;
 
-    return (status);
+	    major = smech->gss_get_name_attribute(minor, sname->mech_name,
+						  &attrs->elements[i],
+						  &authenticated, &complete,
+						  &value, &display_value,
+						  &more);
+	    if (GSS_ERROR(major))
+		continue;
+
+	    if (authenticated) {
+		dmech->gss_set_name_attribute(minor, dname, complete,
+					      &attrs->elements[i], &value);
+	    }
+
+	    gss_release_buffer(&tmpMinor, &value);
+	    gss_release_buffer(&tmpMinor, &display_value);
+	}
+    }
+
+    gss_release_buffer_set(&tmpMinor, &attrs);
+
+    return (GSS_S_COMPLETE);
 }
-#endif
+
+/*
+ *  Internal routines to get and release an internal mechanism name
+ */
 
 OM_uint32 gssint_import_internal_name (minor_status, mech_type, union_name,
 				internal_name)
@@ -336,24 +356,28 @@ gss_OID		mech_type;
 gss_union_name_t	union_name;
 gss_name_t	*internal_name;
 {
-    OM_uint32		status;
+    OM_uint32		status, tmpMinor;
     gss_mechanism	mech;
 
     mech = gssint_get_mechanism (mech_type);
     if (mech == NULL)
 	return (GSS_S_BAD_MECH);
 
-#if 0
-    /* Try composite name, it will preserve any extended attributes */
-    if (union_name->mech_type && union_name->mech_name) {
-	status = import_internal_name_composite(minor_status,
-						mech,
-						union_name,
-						internal_name);
-	if (status == GSS_S_COMPLETE)
-	    return (GSS_S_COMPLETE);
+    /*
+     * If we are importing a name for the same mechanism, and the
+     * mechanism implements gss_duplicate_name, then use that.
+     */
+    if (union_name->mech_name != GSS_C_NO_NAME &&
+	g_OID_equal(union_name->mech_type, mech_type) &&
+	mech->gss_duplicate_name != NULL) {
+	status = mech->gss_duplicate_name(minor_status,
+					  union_name->mech_name,
+					  internal_name);
+	if (status != GSS_S_UNAVAILABLE) {
+	    map_error(minor_status, mech);
+	    return (status);
+	}
     }
-#endif
 
     if (mech->gss_import_name == NULL)
 	return (GSS_S_UNAVAILABLE);
@@ -362,8 +386,13 @@ gss_name_t	*internal_name;
 				   union_name->external_name,
 				   union_name->name_type,
 				   internal_name);
-    if (status != GSS_S_COMPLETE)
+    if (status == GSS_S_COMPLETE) {
+        /* Attempt to round-trip attributes */
+	(void) import_internal_attributes(&tmpMinor, mech,
+				          union_name, *internal_name);
+    } else {
 	map_error(minor_status, mech);
+    }
 
     return (status);
 }