diff options
Diffstat (limited to 'proxy')
| -rw-r--r-- | proxy/src/gp_rpc_init_sec_context.c | 25 |
1 files changed, 19 insertions, 6 deletions
diff --git a/proxy/src/gp_rpc_init_sec_context.c b/proxy/src/gp_rpc_init_sec_context.c index 2781238..76ffaab 100644 --- a/proxy/src/gp_rpc_init_sec_context.c +++ b/proxy/src/gp_rpc_init_sec_context.c @@ -24,6 +24,7 @@ */ #include "gp_rpc_process.h" +#include <gssapi/gssapi_krb5.h> int gp_init_sec_context(struct gp_call_ctx *gpcall, union gp_rpc_arg *arg, @@ -74,13 +75,7 @@ int gp_init_sec_context(struct gp_call_ctx *gpcall, if (ret_maj) { goto done; } - } else { - /* FIXME: get ccache from gpsvc ? */ - ret_maj = GSS_S_CRED_UNAVAIL; - ret_min = 0; - goto done; } - ret_maj = gp_conv_gssx_to_name(&ret_min, isca->target_name, &target_name); if (ret_maj) { goto done; @@ -107,6 +102,23 @@ int gp_init_sec_context(struct gp_call_ctx *gpcall, gp_conv_gssx_to_buffer(isca->input_token, &ibuf); } + if (!isca->cred_handle) { + if (gss_oid_equal(mech_type, gss_mech_krb5)) { + ret_maj = gp_add_krb5_creds(&ret_min, gpcall, + NULL, NULL, + GSS_C_INITIATE, + time_req, 0, &ich, + NULL, NULL, NULL); + } else { + ret_maj = GSS_S_NO_CRED; + ret_min = 0; + } + + if (ret_maj) { + goto done; + } + } + ret_maj = gss_init_sec_context(&ret_min, ich, &ctx, @@ -170,5 +182,6 @@ done: &iscr->status); gss_release_name(&ret_min, &target_name); gss_release_oid(&ret_min, &mech_type); + gss_release_cred(&ret_min, &ich); return ret; } |