Add support to perform external operations

This allows the code to know it has to use an external mechanism,
such as winbind, to handle authentication.

Based on work from David Woodhouse <David.Woodhouse@intel.com>

1 files changed, 17 insertions, 0 deletions

diff --git a/src/gss_creds.c b/src/gss_creds.c
index 17ac3f6..080de5d 100644
--- a/src/gss_creds.c
+++ b/src/gss_creds.c
@@ -273,6 +273,11 @@ int gssntlm_copy_creds(struct gssntlm_cred *in, struct gssntlm_cred *out)
                                 &out->cred.server.name);
         if (ret) goto done;
         break;
+    case GSSNTLM_CRED_EXTERNAL:
+        ret = gssntlm_copy_name(&in->cred.external.user,
+                                &out->cred.external.user);
+        if (ret) goto done;
+        break;
     }
     out->type = in->type;
 
@@ -305,6 +310,9 @@ void gssntlm_int_release_cred(struct gssntlm_cred *cred)
     case GSSNTLM_CRED_SERVER:
         gssntlm_int_release_name(&cred->cred.server.name);
         break;
+    case GSSNTLM_CRED_EXTERNAL:
+        gssntlm_int_release_name(&cred->cred.external.user);
+        break;
     }
 }
 
@@ -365,6 +373,9 @@ uint32_t gssntlm_acquire_cred_from(uint32_t *minor_status,
             retmin = get_creds_from_store(name, cred, cred_store);
         } else {
             retmin = get_user_file_creds(name, cred);
+            if (retmin) {
+                retmin = external_get_creds(name, cred);
+            }
         }
         if (retmin) {
             retmaj = GSS_S_CRED_UNAVAIL;
@@ -500,6 +511,12 @@ uint32_t gssntlm_inquire_cred(uint32_t *minor_status,
                                          name);
             if (maj != GSS_S_COMPLETE) return maj;
             break;
+        case GSSNTLM_CRED_EXTERNAL:
+            maj = gssntlm_duplicate_name(minor_status,
+                                         (gss_name_t)&cred->cred.external.user,
+                                         name);
+            if (maj != GSS_S_COMPLETE) return maj;
+            break;
         }
     }