NIM 1.2.0.1 corrections

NetIdMgr Version 1.2.0.1 netidmgr.exe: - add functionality to implement previously defined "DefaultSticky" registry based configuration parameter. This value is can be added to an installer by a transform or pushed by Group Policy. When set, it controls the default setting of the "sticky" flag for new identities. nidmgr32.dll: - fix the version resources: FileVersion, ProductName, and ProductVersion krb5cred.dll: - when importing an identity from the MSLSA, if there has never been a default identity, configure the MSLSA identity to be the default. ticket: new component: windows tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19407 dc483132-0cff-0310-8789-dd5450dbe970
author: Jeffrey Altman <jaltman@secure-endpoints.com> 2007-04-07 01:02:00 +0000
committer: Jeffrey Altman <jaltman@secure-endpoints.com> 2007-04-07 01:02:00 +0000
commit: 5ace55fd0e100506f4803ffebc9b1aeb8f252185 (patch)
tree: e2a0952ffc2418d0dfea7c0a40bbd3e542d60293 /src/windows/identity/plugins
parent: d8038bd24c942e972517d9a845b9a9c1f1bf56ef (diff)
3 files changed, 39 insertions, 4 deletions
diff --git a/src/windows/identity/plugins/krb5/krb5funcs.c b/src/windows/identity/plugins/krb5/krb5funcs.c
index bc0170d8f..b924c1f4c 100644
--- a/src/windows/identity/plugins/krb5/krb5funcs.c
+++ b/src/windows/identity/plugins/krb5/krb5funcs.c
@@ -1165,7 +1165,7 @@ khm_krb5_renew_ident(khm_handle identity)
 
         UnicodeStrToAnsi(cidname, sizeof(cidname), idname);
 
-        imported = khm_krb5_ms2mit(cidname, FALSE, TRUE);
+        imported = khm_krb5_ms2mit(cidname, FALSE, TRUE, NULL);
 
         if (imported)
             goto cleanup;
@@ -2096,7 +2096,8 @@ IsKerberosLogon(VOID)
 
 
 BOOL
-khm_krb5_ms2mit(char * match_princ, BOOL match_realm, BOOL save_creds)
+khm_krb5_ms2mit(char * match_princ, BOOL match_realm, BOOL save_creds,
+                khm_handle * ret_ident)
 {
 #ifdef NO_KRB5
     return(FALSE);
@@ -2238,9 +2239,15 @@ khm_krb5_ms2mit(char * match_princ, BOOL match_realm, BOOL save_creds)
         /* and mark the identity as having been imported */
         if (ident) {
             khm_krb5_set_identity_flags(ident, K5IDFLAG_IMPORTED, K5IDFLAG_IMPORTED);
+
+            if (ret_ident) {
+                *ret_ident = ident;
+                kcdb_identity_hold(*ret_ident);
+            }
         }
 
         rc = TRUE;
+
     } else {
         /* Enumerate tickets from cache looking for an initial ticket */
         if ((code = pkrb5_cc_start_seq_get(kcontext, mslsa_ccache, &cursor))) 
@@ -2271,6 +2278,9 @@ cleanup:
         pkrb5_cc_close(kcontext, mslsa_ccache);
     if (kcontext)
         pkrb5_free_context(kcontext);
+    if (ident)
+        kcdb_identity_release(ident);
+
     return(rc);
 #endif /* NO_KRB5 */
 }
@@ -2568,6 +2578,10 @@ khm_krb5_get_default_realm(void)
     char * def = 0;
 
     pkrb5_init_context(&ctx);
+
+    if (ctx == 0)
+        return NULL;
+
     pkrb5_get_default_realm(ctx,&def);
     
     if (def) {
diff --git a/src/windows/identity/plugins/krb5/krb5funcs.h b/src/windows/identity/plugins/krb5/krb5funcs.h
index ce3989682..b4ab452b3 100644
--- a/src/windows/identity/plugins/krb5/krb5funcs.h
+++ b/src/windows/identity/plugins/krb5/krb5funcs.h
@@ -108,7 +108,8 @@ typedef struct tag_k5params {
 BOOL 
 khm_krb5_ms2mit(char * match_princ,
                 BOOL   match_realm,
-                BOOL   save_creds);
+                BOOL   save_creds,
+                khm_handle * ret_ident);
 
 int
 khm_krb5_kinit(krb5_context       alt_ctx,
diff --git a/src/windows/identity/plugins/krb5/krb5newcreds.c b/src/windows/identity/plugins/krb5/krb5newcreds.c
index b9f0c075e..edd64725d 100644
--- a/src/windows/identity/plugins/krb5/krb5newcreds.c
+++ b/src/windows/identity/plugins/krb5/krb5newcreds.c
@@ -2710,14 +2710,34 @@ k5_msg_cred_dialog(khm_int32 msg_type,
 
             if (t != K5_LSAIMPORT_NEVER) {
                 krb5_context ctx = NULL;
+                khm_handle id_default = NULL;
+                khm_handle id_imported = NULL;
                 BOOL imported;
 
-                imported = khm_krb5_ms2mit(NULL, (t == K5_LSAIMPORT_MATCH), TRUE);
+                imported = khm_krb5_ms2mit(NULL, (t == K5_LSAIMPORT_MATCH), TRUE,
+                                           &id_imported);
                 if (imported) {
                     khm_krb5_list_tickets(&ctx);
+
                     if (ctx)
                         pkrb5_free_context(ctx);
+
+                    kcdb_identity_refresh(id_imported);
+
+                    if (KHM_SUCCEEDED(kcdb_identity_get_default(&id_default))) {
+                        kcdb_identity_release(id_default);
+                        id_default = NULL;
+                    } else {
+                        _reportf(L"There was no default identity.  Setting default");
+                        kcdb_identity_set_default(id_imported);
+                    }
+
+                    /* and update the LRU */
+                    k5_update_LRU(id_imported);
                 }
+
+                if (id_imported)
+                    kcdb_identity_release(id_imported);
             }
         }
         break;
author	Jeffrey Altman <jaltman@secure-endpoints.com>	2007-04-07 01:02:00 +0000
committer	Jeffrey Altman <jaltman@secure-endpoints.com>	2007-04-07 01:02:00 +0000
commit	5ace55fd0e100506f4803ffebc9b1aeb8f252185 (patch)
tree	e2a0952ffc2418d0dfea7c0a40bbd3e542d60293 /src/windows/identity/plugins
parent	d8038bd24c942e972517d9a845b9a9c1f1bf56ef (diff)