diff options
Diffstat (limited to 'src/windows/identity/plugins')
| -rw-r--r-- | src/windows/identity/plugins/common/dynimport.c | 80 | ||||
| -rw-r--r-- | src/windows/identity/plugins/common/dynimport.h | 1 | ||||
| -rw-r--r-- | src/windows/identity/plugins/common/krb5common.c | 3 | ||||
| -rw-r--r-- | src/windows/identity/plugins/krb5/krb5configcc.c | 66 | ||||
| -rw-r--r-- | src/windows/identity/plugins/krb5/krb5funcs.c | 98 | ||||
| -rw-r--r-- | src/windows/identity/plugins/krb5/krb5identpro.c | 2 | ||||
| -rw-r--r-- | src/windows/identity/plugins/krb5/krb5main.c | 4 | ||||
| -rw-r--r-- | src/windows/identity/plugins/krb5/krb5newcreds.c | 65 | ||||
| -rw-r--r-- | src/windows/identity/plugins/krb5/krb5plugin.c | 18 | ||||
| -rw-r--r-- | src/windows/identity/plugins/krb5/krbcred.h | 4 |
10 files changed, 232 insertions, 109 deletions
diff --git a/src/windows/identity/plugins/common/dynimport.c b/src/windows/identity/plugins/common/dynimport.c index ed5110e66..b906b6ae9 100644 --- a/src/windows/identity/plugins/common/dynimport.c +++ b/src/windows/identity/plugins/common/dynimport.c @@ -91,6 +91,7 @@ DECL_FUNC_PTR(krb5_get_init_creds_password); DECL_FUNC_PTR(krb5_get_prompt_types);
DECL_FUNC_PTR(krb5_build_principal_ext);
DECL_FUNC_PTR(krb5_cc_get_name);
+DECL_FUNC_PTR(krb5_cc_get_type);
DECL_FUNC_PTR(krb5_cc_resolve);
DECL_FUNC_PTR(krb5_cc_default);
DECL_FUNC_PTR(krb5_cc_default_name);
@@ -190,36 +191,36 @@ FUNC_INFO ccapi_fi[] = { FUNC_INFO k4_fi[] = {
MAKE_FUNC_INFO(get_krb_err_txt_entry),
- MAKE_FUNC_INFO(k_isinst),
- MAKE_FUNC_INFO(k_isname),
- MAKE_FUNC_INFO(k_isrealm),
- MAKE_FUNC_INFO(kadm_change_your_password),
- MAKE_FUNC_INFO(kname_parse),
- MAKE_FUNC_INFO(krb_get_cred),
- MAKE_FUNC_INFO(krb_get_krbhst),
- MAKE_FUNC_INFO(krb_get_lrealm),
- MAKE_FUNC_INFO(krb_get_pw_in_tkt),
- MAKE_FUNC_INFO(krb_get_tf_realm),
- MAKE_FUNC_INFO(krb_mk_req),
- MAKE_FUNC_INFO(krb_realmofhost),
- MAKE_FUNC_INFO(tf_init),
- MAKE_FUNC_INFO(tf_close),
- MAKE_FUNC_INFO(tf_get_cred),
- MAKE_FUNC_INFO(tf_get_pname),
- MAKE_FUNC_INFO(tf_get_pinst),
- MAKE_FUNC_INFO(LocalHostAddr),
- MAKE_FUNC_INFO(tkt_string),
- MAKE_FUNC_INFO(krb_set_tkt_string),
- MAKE_FUNC_INFO(initialize_krb_error_func),
- MAKE_FUNC_INFO(initialize_kadm_error_table),
- MAKE_FUNC_INFO(dest_tkt),
- /* MAKE_FUNC_INFO(lsh_LoadKrb4LeashErrorTables), */// XXX
- MAKE_FUNC_INFO(krb_in_tkt),
- MAKE_FUNC_INFO(krb_save_credentials),
- MAKE_FUNC_INFO(krb_get_krbconf2),
- MAKE_FUNC_INFO(krb_get_krbrealm2),
- MAKE_FUNC_INFO(krb_life_to_time),
- END_FUNC_INFO
+ MAKE_FUNC_INFO(k_isinst),
+ MAKE_FUNC_INFO(k_isname),
+ MAKE_FUNC_INFO(k_isrealm),
+ MAKE_FUNC_INFO(kadm_change_your_password),
+ MAKE_FUNC_INFO(kname_parse),
+ MAKE_FUNC_INFO(krb_get_cred),
+ MAKE_FUNC_INFO(krb_get_krbhst),
+ MAKE_FUNC_INFO(krb_get_lrealm),
+ MAKE_FUNC_INFO(krb_get_pw_in_tkt),
+ MAKE_FUNC_INFO(krb_get_tf_realm),
+ MAKE_FUNC_INFO(krb_mk_req),
+ MAKE_FUNC_INFO(krb_realmofhost),
+ MAKE_FUNC_INFO(tf_init),
+ MAKE_FUNC_INFO(tf_close),
+ MAKE_FUNC_INFO(tf_get_cred),
+ MAKE_FUNC_INFO(tf_get_pname),
+ MAKE_FUNC_INFO(tf_get_pinst),
+ MAKE_FUNC_INFO(LocalHostAddr),
+ MAKE_FUNC_INFO(tkt_string),
+ MAKE_FUNC_INFO(krb_set_tkt_string),
+ MAKE_FUNC_INFO(initialize_krb_error_func),
+ MAKE_FUNC_INFO(initialize_kadm_error_table),
+ MAKE_FUNC_INFO(dest_tkt),
+ /* MAKE_FUNC_INFO(lsh_LoadKrb4LeashErrorTables), */// XXX
+ MAKE_FUNC_INFO(krb_in_tkt),
+ MAKE_FUNC_INFO(krb_save_credentials),
+ MAKE_FUNC_INFO(krb_get_krbconf2),
+ MAKE_FUNC_INFO(krb_get_krbrealm2),
+ MAKE_FUNC_INFO(krb_life_to_time),
+ END_FUNC_INFO
};
FUNC_INFO k5_fi[] = {
@@ -234,6 +235,7 @@ FUNC_INFO k5_fi[] = { MAKE_FUNC_INFO(krb5_get_prompt_types),
MAKE_FUNC_INFO(krb5_build_principal_ext),
MAKE_FUNC_INFO(krb5_cc_get_name),
+ MAKE_FUNC_INFO(krb5_cc_get_type),
MAKE_FUNC_INFO(krb5_cc_resolve),
MAKE_FUNC_INFO(krb5_cc_default),
MAKE_FUNC_INFO(krb5_cc_default_name),
@@ -290,8 +292,8 @@ FUNC_INFO k5_fi[] = { FUNC_INFO k524_fi[] = {
MAKE_FUNC_INFO(krb524_init_ets),
- MAKE_FUNC_INFO(krb524_convert_creds_kdc),
- END_FUNC_INFO
+ MAKE_FUNC_INFO(krb524_convert_creds_kdc),
+ END_FUNC_INFO
};
FUNC_INFO profile_fi[] = {
@@ -312,8 +314,8 @@ FUNC_INFO profile_fi[] = { FUNC_INFO ce_fi[] = {
MAKE_FUNC_INFO(com_err),
- MAKE_FUNC_INFO(error_message),
- END_FUNC_INFO
+ MAKE_FUNC_INFO(error_message),
+ END_FUNC_INFO
};
FUNC_INFO service_fi[] = {
@@ -327,11 +329,11 @@ FUNC_INFO service_fi[] = { FUNC_INFO lsa_fi[] = {
MAKE_FUNC_INFO(LsaConnectUntrusted),
- MAKE_FUNC_INFO(LsaLookupAuthenticationPackage),
- MAKE_FUNC_INFO(LsaCallAuthenticationPackage),
- MAKE_FUNC_INFO(LsaFreeReturnBuffer),
- MAKE_FUNC_INFO(LsaGetLogonSessionData),
- END_FUNC_INFO
+ MAKE_FUNC_INFO(LsaLookupAuthenticationPackage),
+ MAKE_FUNC_INFO(LsaCallAuthenticationPackage),
+ MAKE_FUNC_INFO(LsaFreeReturnBuffer),
+ MAKE_FUNC_INFO(LsaGetLogonSessionData),
+ END_FUNC_INFO
};
// psapi functions
diff --git a/src/windows/identity/plugins/common/dynimport.h b/src/windows/identity/plugins/common/dynimport.h index 99aad9aed..778bff324 100644 --- a/src/windows/identity/plugins/common/dynimport.h +++ b/src/windows/identity/plugins/common/dynimport.h @@ -203,6 +203,7 @@ extern DECL_FUNC_PTR(krb5_get_init_creds_password); extern DECL_FUNC_PTR(krb5_get_prompt_types);
extern DECL_FUNC_PTR(krb5_build_principal_ext);
extern DECL_FUNC_PTR(krb5_cc_get_name);
+extern DECL_FUNC_PTR(krb5_cc_get_type);
extern DECL_FUNC_PTR(krb5_cc_resolve);
extern DECL_FUNC_PTR(krb5_cc_default);
extern DECL_FUNC_PTR(krb5_cc_default_name);
diff --git a/src/windows/identity/plugins/common/krb5common.c b/src/windows/identity/plugins/common/krb5common.c index 6019c928e..cb9d86bc5 100644 --- a/src/windows/identity/plugins/common/krb5common.c +++ b/src/windows/identity/plugins/common/krb5common.c @@ -139,6 +139,9 @@ khm_krb5_initialize(khm_handle ident, } while(FALSE);
}
+#ifndef FAILOVER_TO_DEFAULT_CCACHE
+ rc = 1;
+#endif
if (*cache == 0
#ifdef FAILOVER_TO_DEFAULT_CCACHE
&& (rc = (*pkrb5_cc_default)(*ctx, cache))
diff --git a/src/windows/identity/plugins/krb5/krb5configcc.c b/src/windows/identity/plugins/krb5/krb5configcc.c index 256f6b75e..66e7a08d0 100644 --- a/src/windows/identity/plugins/krb5/krb5configcc.c +++ b/src/windows/identity/plugins/krb5/krb5configcc.c @@ -24,6 +24,11 @@ /* $Id$ */
+#if _WIN32_WINNT < 0x501
+#undef _WIN32_WINNT
+#define _WIN32_WINNT 0x501
+#endif
+
#include<krbcred.h>
#include<krb5.h>
#include<assert.h>
@@ -381,42 +386,63 @@ k5_ccconfig_dlgproc(HWND hwnd, /* not there. we need to add. but check a few things
first */
if (!PathFileExists(path)) {
- EDITBALLOONTIP bt;
wchar_t title[64];
wchar_t text[128];
- bt.cbStruct = sizeof(bt);
- bt.pszTitle = title;
LoadString(hResModule, IDS_CFG_FCN_WARNING,
title, ARRAYLENGTH(title));
- bt.pszText = text;
+
LoadString(hResModule, IDS_CFG_FCN_W_NOTFOUND,
text, ARRAYLENGTH(text));
- bt.ttiIcon = TTI_WARNING;
-
- SendDlgItemMessage(hwnd, IDC_CFG_FCNAME,
- EM_SHOWBALLOONTIP,
- 0,
- (LPARAM) &bt);
-
+#if _WIN32_WINNT >= 0x501
+ if (IS_COMMCTL6())
+ {
+ EDITBALLOONTIP bt;
+
+ bt.cbStruct = sizeof(bt);
+ bt.pszTitle = title;
+ bt.pszText = text;
+ bt.ttiIcon = TTI_WARNING;
+
+ SendDlgItemMessage(hwnd, IDC_CFG_FCNAME,
+ EM_SHOWBALLOONTIP,
+ 0,
+ (LPARAM) &bt);
+ } else {
+#endif
+ MessageBox(hwnd, text, title, MB_OK | MB_ICONWARNING);
+#if _WIN32_WINNT >= 0x501
+ }
+#endif
} else if (PathIsRelative(path)) {
- EDITBALLOONTIP bt;
wchar_t title[64];
wchar_t text[128];
- bt.cbStruct = sizeof(bt);
- bt.pszTitle = title;
LoadString(hResModule, IDS_CFG_FCN_WARNING,
title, ARRAYLENGTH(title));
- bt.pszText = text;
LoadString(hResModule, IDS_CFG_FCN_W_RELATIVE,
text, ARRAYLENGTH(text));
- bt.ttiIcon = TTI_WARNING;
- SendDlgItemMessage(hwnd, IDC_CFG_FCNAME,
- EM_SHOWBALLOONTIP,
- 0,
- (LPARAM) &bt);
+#if _WIN32_WINNT >= 0x501
+ if (IS_COMMCTL6())
+ {
+ EDITBALLOONTIP bt;
+
+ bt.cbStruct = sizeof(bt);
+ bt.pszTitle = title;
+ bt.pszText = text;
+ bt.ttiIcon = TTI_WARNING;
+
+ SendDlgItemMessage(hwnd, IDC_CFG_FCNAME,
+ EM_SHOWBALLOONTIP,
+ 0,
+ (LPARAM) &bt);
+ } else {
+#endif
+ MessageBox(hwnd, text, title, MB_OK | MB_ICONWARNING);
+#if _WIN32_WINNT >= 0x501
+ }
+#endif
}
k5_add_file_cc(&d->work, path);
diff --git a/src/windows/identity/plugins/krb5/krb5funcs.c b/src/windows/identity/plugins/krb5/krb5funcs.c index d1a897d63..3dfea750c 100644 --- a/src/windows/identity/plugins/krb5/krb5funcs.c +++ b/src/windows/identity/plugins/krb5/krb5funcs.c @@ -206,17 +206,17 @@ int com_addr(void) static long get_tickets_from_cache(krb5_context ctx,
krb5_ccache cache)
{
- krb5_error_code code;
- krb5_principal KRBv5Principal;
- krb5_flags flags = 0;
- krb5_cc_cursor KRBv5Cursor;
- krb5_creds KRBv5Credentials;
+ krb5_error_code code;
+ krb5_principal KRBv5Principal;
+ krb5_flags flags = 0;
+ krb5_cc_cursor KRBv5Cursor;
+ krb5_creds KRBv5Credentials;
krb5_ticket *tkt=NULL;
- char *ClientName;
- char *PrincipalName;
- wchar_t wbuf[256]; /* temporary conversion buffer */
- wchar_t *wcc_name = NULL; /* credential cache name */
- char *sServerName;
+ char *ClientName;
+ char *PrincipalName;
+ wchar_t wbuf[256]; /* temporary conversion buffer */
+ wchar_t wcc_name[KRB5_MAXCCH_CCNAME]; /* credential cache name */
+ char *sServerName;
khm_handle ident = NULL;
khm_handle cred = NULL;
time_t tt;
@@ -231,18 +231,28 @@ static long get_tickets_from_cache(krb5_context ctx, #endif
{
- char * cc_name;
- size_t namelen;
+ const char * cc_name;
+ const char * cc_type;
cc_name = (*pkrb5_cc_get_name)(ctx, cache);
if(cc_name) {
- namelen = strlen(cc_name);
- namelen = (namelen + 1 + 5) * sizeof(wchar_t);
- /* the +5 is for the possible addtion of API: or FILE:
- during the cannonicalization process */
- wcc_name = PMALLOC(namelen);
- AnsiStrToUnicode(wcc_name, namelen, cc_name);
- khm_krb5_canon_cc_name(wcc_name, namelen);
+ cc_type = (*pkrb5_cc_get_type)(ctx, cache);
+ if (cc_type) {
+ StringCbPrintf(wcc_name, sizeof(wcc_name), L"%S:%S", cc_type, cc_name);
+ } else {
+ AnsiStrToUnicode(wcc_name, sizeof(wcc_name), cc_name);
+ khm_krb5_canon_cc_name(wcc_name, sizeof(wcc_name));
+ }
+ } else {
+ cc_type = (*pkrb5_cc_get_type)(ctx, cache);
+ if (cc_type) {
+ StringCbPrintf(wcc_name, sizeof(wcc_name), L"%S:", cc_type);
+ } else {
+#ifdef DEBUG
+ assert(FALSE);
+#endif
+ StringCbCopy(wcc_name, sizeof(wcc_name), L"");
+ }
}
}
@@ -543,8 +553,6 @@ static long get_tickets_from_cache(krb5_context ctx, }
_exit:
- if(wcc_name)
- PFREE(wcc_name);
return code;
}
@@ -1507,30 +1515,60 @@ khm_krb5_ms2mit(BOOL save_creds) char *princ_name = NULL;
BOOL rc = FALSE;
+#ifdef DEBUG
+ kherr_debug_printf(L"Begin : khm_krb5_ms2mit. save_cred=%d\n", (int) save_creds);
+#endif
if ( !pkrb5_init_context )
goto cleanup;
if (code = pkrb5_init_context(&kcontext))
goto cleanup;
+#ifdef DEBUG
+ kherr_debug_printf(L"Resolving MSLSA\n");
+#endif
if (code = pkrb5_cc_resolve(kcontext, "MSLSA:", &mslsa_ccache))
goto cleanup;
if ( save_creds ) {
- if (code = pkrb5_cc_get_principal(kcontext, mslsa_ccache, &princ))
+#ifdef DEBUG
+ kherr_debug_printf(L"Getting principal\n");
+#endif
+ if (code = pkrb5_cc_get_principal(kcontext, mslsa_ccache, &princ))
goto cleanup;
- if (code = pkrb5_unparse_name(kcontext, princ, &princ_name))
+#ifdef DEBUG
+ kherr_debug_printf(L"Unparsing name\n");
+#endif
+ if (code = pkrb5_unparse_name(kcontext, princ, &princ_name))
goto cleanup;
+#ifdef DEBUG
+ kherr_debug_printf(L"Unparsed [%S]. Resolving target cache\n", princ_name);
+#endif
/* TODO: actually look up the preferred ccache name */
- if ((code = pkrb5_cc_resolve(kcontext, princ_name, &ccache)) ||
- (code = pkrb5_cc_default(kcontext, &ccache)))
- goto cleanup;
+ if (code = pkrb5_cc_resolve(kcontext, princ_name, &ccache)) {
+#ifdef DEBUG
+ kherr_debug_printf(L"Cannot resolve cache [%S] with code=%d. Trying default.\n", princ_name, code);
+#endif
+
+ if (code = pkrb5_cc_default(kcontext, &ccache)) {
+#ifdef DEBUG
+ kherr_debug_printf(L"Failed to resolve default ccache. Code=%d", code);
+#endif
+ goto cleanup;
+ }
+ }
+#ifdef DEBUG
+ kherr_debug_printf(L"Initializing ccache\n");
+#endif
if (code = pkrb5_cc_initialize(kcontext, ccache, princ))
goto cleanup;
+#ifdef DEBUG
+ kherr_debug_printf(L"Copying credentials\n");
+#endif
if (code = pkrb5_cc_copy_creds(kcontext, mslsa_ccache, ccache))
goto cleanup;
@@ -1540,8 +1578,8 @@ khm_krb5_ms2mit(BOOL save_creds) if ((code = pkrb5_cc_start_seq_get(kcontext, mslsa_ccache, &cursor)))
goto cleanup;
- while (!(code = pkrb5_cc_next_cred(kcontext, mslsa_ccache, &cursor, &creds)))
- {
+ while (!(code = pkrb5_cc_next_cred(kcontext, mslsa_ccache,
+ &cursor, &creds))) {
if ( creds.ticket_flags & TKT_FLG_INITIAL ) {
rc = TRUE;
pkrb5_free_cred_contents(kcontext, &creds);
@@ -1553,6 +1591,10 @@ khm_krb5_ms2mit(BOOL save_creds) }
cleanup:
+#ifdef DEBUG
+ kherr_debug_printf(L" Received code=%d", code);
+#endif
+
if (princ_name)
pkrb5_free_unparsed_name(kcontext, princ_name);
if (princ)
diff --git a/src/windows/identity/plugins/krb5/krb5identpro.c b/src/windows/identity/plugins/krb5/krb5identpro.c index dd4782e6f..858243daf 100644 --- a/src/windows/identity/plugins/krb5/krb5identpro.c +++ b/src/windows/identity/plugins/krb5/krb5identpro.c @@ -438,7 +438,7 @@ ui_cb(khui_new_creds * nc, NULL,
&cb_ms);
- if (rv != KHM_ERROR_TOO_LONG)
+ if (rv != KHM_ERROR_TOO_LONG || cb_ms <= sizeof(wchar_t) * 2)
goto _add_lru_realms;
ms = PMALLOC(cb_ms);
diff --git a/src/windows/identity/plugins/krb5/krb5main.c b/src/windows/identity/plugins/krb5/krb5main.c index 7bf121dd0..d324857fe 100644 --- a/src/windows/identity/plugins/krb5/krb5main.c +++ b/src/windows/identity/plugins/krb5/krb5main.c @@ -60,6 +60,8 @@ khm_handle csp_params = NULL; BOOL is_k5_identpro = TRUE;
+khm_ui_4 k5_commctl_version;
+
kmm_module_locale locales[] = {
LOCALE_DEF(MAKELANGID(LANG_ENGLISH,SUBLANG_ENGLISH_US), L"krb5cred_en_us.dll", KMM_MLOC_FLAG_DEFAULT)
};
@@ -86,6 +88,8 @@ KHMEXP khm_int32 KHMAPI init_module(kmm_module h_module) { } else
goto _exit;
+ k5_commctl_version = khm_get_commctl_version(NULL);
+
/* register the plugin */
ZeroMemory(&pi, sizeof(pi));
pi.name = KRB5_PLUGIN_NAME;
diff --git a/src/windows/identity/plugins/krb5/krb5newcreds.c b/src/windows/identity/plugins/krb5/krb5newcreds.c index fc36d2c20..a08fb91d9 100644 --- a/src/windows/identity/plugins/krb5/krb5newcreds.c +++ b/src/windows/identity/plugins/krb5/krb5newcreds.c @@ -1771,6 +1771,18 @@ k5_msg_cred_dialog(khm_int32 msg_type, khm_krb5_list_tickets(&ctx);
+ /* If there is no default identity, then make this the default */
+ kcdb_identity_refresh(nc->identities[0]);
+ {
+ khm_handle tdefault = NULL;
+
+ if (KHM_SUCCEEDED(kcdb_identity_get_default(&tdefault))) {
+ kcdb_identity_release(tdefault);
+ } else {
+ kcdb_identity_set_default(nc->identities[0]);
+ }
+ }
+
/* also add the principal and the realm in to the
LRU lists */
rv = kcdb_identity_get_name(nc->identities[0],
@@ -1808,11 +1820,14 @@ k5_msg_cred_dialog(khm_int32 msg_type, assert(KHM_SUCCEEDED(rv));
if (multi_string_find(wbuf,
- idname,
- KHM_CASE_SENSITIVE)
- != NULL)
- /* it's already there */
- goto _add_realm_to_LRU;
+ idname,
+ KHM_CASE_SENSITIVE)
+ != NULL) {
+ /* it's already there. We remove it here
+ and add it at the top of the LRU
+ list. */
+ multi_string_delete(wbuf, idname, KHM_CASE_SENSITIVE);
+ }
} else {
multi_string_init(wbuf, cb_ms);
}
@@ -1825,13 +1840,14 @@ k5_msg_cred_dialog(khm_int32 msg_type, L"LRUPrincipals",
wbuf);
- _add_realm_to_LRU:
-
atsign = wcschr(idname, L'@');
- assert(atsign != NULL);
+ if (atsign != NULL)
+ goto _done_with_LRU;
atsign++;
- assert(*atsign != L'\0');
+
+ if (*atsign == L'\0')
+ goto _done_with_LRU;
cb = cb_ms;
rv = khc_read_multi_string(csp_params,
@@ -1854,25 +1870,28 @@ k5_msg_cred_dialog(khm_int32 msg_type, assert(KHM_SUCCEEDED(rv));
} else if (rv == KHM_ERROR_SUCCESS) {
if (multi_string_find(wbuf,
- atsign,
- KHM_CASE_SENSITIVE)
- != NULL)
- goto _done_with_LRU;
+ atsign,
+ KHM_CASE_SENSITIVE)
+ != NULL) {
+ /* remove the realm and add it at the top
+ later. */
+ multi_string_delete(wbuf, atsign, KHM_CASE_SENSITIVE);
+ }
} else {
multi_string_init(wbuf, cb_ms);
}
cb = cb_ms;
rv = multi_string_prepend(wbuf,
- &cb,
- atsign);
+ &cb,
+ atsign);
if (rv == KHM_ERROR_TOO_LONG) {
- wbuf = realloc(wbuf, cb);
+ wbuf = PREALLOC(wbuf, cb);
rv = multi_string_prepend(wbuf,
- &cb,
- atsign);
+ &cb,
+ atsign);
assert(KHM_SUCCEEDED(rv));
}
@@ -2201,7 +2220,15 @@ k5_msg_cred_dialog(khm_int32 msg_type, case KMSG_CRED_IMPORT:
{
- khm_krb5_ms2mit(TRUE);
+ khm_int32 t = 0;
+
+#ifdef DEBUG
+ assert(csp_params);
+#endif
+ khc_read_int32(csp_params, L"MsLsaImport", &t);
+
+ if (t == 1)
+ khm_krb5_ms2mit(TRUE);
}
break;
}
diff --git a/src/windows/identity/plugins/krb5/krb5plugin.c b/src/windows/identity/plugins/krb5/krb5plugin.c index ecfde2f5a..e58e69f34 100644 --- a/src/windows/identity/plugins/krb5/krb5plugin.c +++ b/src/windows/identity/plugins/krb5/krb5plugin.c @@ -31,6 +31,10 @@ #include<strsafe.h>
#include<krb5.h>
+#ifdef DEBUG
+#include<assert.h>
+#endif
+
khm_int32 credtype_id_krb5 = KCDB_CREDTYPE_INVALID;
khm_boolean krb5_initialized = FALSE;
khm_handle krb5_credset = NULL;
@@ -141,10 +145,20 @@ k5_msg_system(khm_int32 msg_type, khm_int32 msg_subtype, }
if(k5_main_fiber != NULL) {
-#if (_WIN32_WINNT >= 0x0501)
- ConvertFiberToThread();
+
+ if (k5_kinit_fiber) {
+#ifdef DEBUG
+ assert(k5_kinit_fiber != GetCurrentFiber());
+#endif
+#if CLEANUP_FIBERS_ON_EXIT
+ DeleteFiber(k5_kinit_fiber);
+ CloseHandle(k5_kinit_fiber);
#endif
+ k5_kinit_fiber = NULL;
+ }
+
k5_main_fiber = NULL;
+
}
if(k5_sub != NULL) {
diff --git a/src/windows/identity/plugins/krb5/krbcred.h b/src/windows/identity/plugins/krb5/krbcred.h index 7efc360a0..7ab035c8c 100644 --- a/src/windows/identity/plugins/krb5/krbcred.h +++ b/src/windows/identity/plugins/krb5/krbcred.h @@ -93,6 +93,10 @@ extern khm_int32 attr_id_addr_list; extern khm_int32 attr_id_krb5_flags;
extern khm_int32 attr_id_krb5_ccname;
+extern khm_ui_4 k5_commctl_version;
+
+#define IS_COMMCTL6() (k5_commctl_version >= 0x60000)
+
/* Configuration spaces */
#define CSNAME_KRB5CRED L"Krb5Cred"
#define CSNAME_PARAMS L"Parameters"
|