* acquire_cred.c (acquire_init_cred):

   If a specific principal has been requested, attempt to acquire
    tickets and set the ccache name in the context to the ccache
    containing the tickets if obtained. (KFM/KFW)

 * ccdefault.c:
    (krb5int_cc_default) - add KFW support for multiple ccaches

ticket: 3223
tags: pullup

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17468 dc483132-0cff-0310-8789-dd5450dbe970

diff --git a/src/lib/gssapi/krb5/ChangeLog b/src/lib/gssapi/krb5/ChangeLog
index 1a8eda6ecba8f0f73a4fce0ef34bfb4621107174..ec6b1341fb67a5d2f71b03dadcd903bda3cd2663 100644 (file)
--- a/src/lib/gssapi/krb5/ChangeLog
+++ b/src/lib/gssapi/krb5/ChangeLog
@@ -1,3 +1,10 @@
+2005-10-20  Alexandra Ellwood <lxs@mit.edu>, Jeffrey Altman <jaltman@mit.edu>
+       
+       * acquire_cred.c (acquire_init_cred):
+         If a specific principal has been requested, attempt to acquire
+          tickets and set the ccache name in the context to the ccache
+          containing the tickets if obtained. (KFM/KFW)  
+
 2005-10-20  Jeffrey Altman <jaltman@mit.edu>
 
        * gssapi_krb5.hin: add missing GSS_DLLIMP to exported symbols

diff --git a/src/lib/gssapi/krb5/acquire_cred.c b/src/lib/gssapi/krb5/acquire_cred.c
index 5318b6d77ff3a002c53c0b2129b1f66a4fa4688a..c293b278398e4263a5066f441af28de876396906 100644 (file)
--- a/src/lib/gssapi/krb5/acquire_cred.c
+++ b/src/lib/gssapi/krb5/acquire_cred.c
@@ -79,8 +79,11 @@
 #include <strings.h>
 #endif
 
-#ifdef USE_LOGIN_LIBRARY
+#if defined(USE_LOGIN_LIBRARY)
 #include <Kerberos/KerberosLoginPrivate.h>
+#elif defined(USE_LEASH)
+static void (*pLeash_AcquireInitialTicketsIfNeeded)(krb5_context,krb5_principal,char*,int) = NULL;
+static HANDLE hLeashDLL = INVALID_HANDLE_VALUE;
 #endif
 
 k5_mutex_t gssint_krb5_keytab_lock = K5_MUTEX_PARTIAL_INITIALIZER;
@@ -227,8 +230,9 @@ acquire_init_cred(context, minor_status, desired_name, output_princ, cred)
    if (GSS_ERROR(kg_sync_ccache_name(context, minor_status)))
        return(GSS_S_FAILURE);
 
-#ifdef USE_LOGIN_LIBRARY
+#if defined(USE_LOGIN_LIBRARY) || defined(USE_LEASH)
    if (desired_name != NULL) {
+#if defined(USE_LOGIN_LIBRARY)
        char *ccache_name = NULL;
        KLPrincipal kl_desired_princ = NULL;
        
@@ -253,18 +257,39 @@ acquire_init_cred(context, minor_status, desired_name, output_princ, cred)
    
        if (kl_desired_princ != NULL) { KLDisposePrincipal (kl_desired_princ); }
        if (ccache_name      != NULL) { KLDisposeString (ccache_name); }
-       
-   } else {
-#endif
-    /* open the default credential cache */
+#elif defined(USE_LEASH)
+       if ( hLeashDLL == INVALID_HANDLE_VALUE ) {
+          hLeashDLL = LoadLibrary("leashw32.dll");
+          if ( hLeashDLL != INVALID_HANDLE_VALUE ) {
+              (FARPROC) pLeash_AcquireInitialTicketsIfNeeded =
+                  GetProcAddress(hLeashDLL, "not_an_API_Leash_AcquireInitialTicketsIfNeeded");
+          }
+       }
+    
+       if ( pLeash_AcquireInitialTicketsIfNeeded ) {
+          char ccname[256]="";
+          pLeash_AcquireInitialTicketsIfNeeded(context, (krb5_principal) desired_name, ccname, sizeof(ccname));
+          if (!ccname[0]) {
+              *minor_status = KRB5_CC_NOTFOUND;
+              return(GSS_S_CRED_UNAVAIL);
+          }
+
+          if ((code = krb5_cc_resolve (context, ccname, &ccache))) {
+              *minor_status = code;
+              return(GSS_S_CRED_UNAVAIL);
+          }
+       }
+#endif /* USE_LEASH */
+   } else
+#endif /* USE_LOGIN_LIBRARY || USE_LEASH */
+   {
+       /* open the default credential cache */
    
-   if ((code = krb5int_cc_default(context, &ccache))) {
-      *minor_status = code;
-      return(GSS_S_CRED_UNAVAIL);
-   }
-#ifdef USE_LOGIN_LIBRARY
+       if ((code = krb5int_cc_default(context, &ccache))) {
+          *minor_status = code;
+          return(GSS_S_CRED_UNAVAIL);
+       }
    }
-#endif
 
    /* turn off OPENCLOSE mode while extensive frobbing is going on */
 

diff --git a/src/lib/krb5/ccache/ChangeLog b/src/lib/krb5/ccache/ChangeLog
index 66627280bfc87ac878a65226101fc7dcdfd1e6d7..e4b98a10564de93db28843444f92f70faa9c705f 100644 (file)
--- a/src/lib/krb5/ccache/ChangeLog
+++ b/src/lib/krb5/ccache/ChangeLog
@@ -1,3 +1,7 @@
+2005-10-27  Jeffrey Altman <jaltman@mit.edu>
+       * ccdefault.c: 
+          (krb5int_cc_default) - add KFW support for multiple ccaches
+
 2005-10-20  Jeffrey Altman <jaltman@mit.edu>
 
        * cc_mslsa.c: 

diff --git a/src/lib/krb5/ccache/ccdefault.c b/src/lib/krb5/ccache/ccdefault.c
index 8a45a243b8df7d5dfdf19db5243c1a9453be894c..3c363229a404768e8eef1d9727dd9ad1040621fb 100644 (file)
--- a/src/lib/krb5/ccache/ccdefault.c
+++ b/src/lib/krb5/ccache/ccdefault.c
@@ -29,20 +29,17 @@
 
 #include "k5-int.h"
 
-#ifdef USE_LOGIN_LIBRARY
+#if defined(USE_LOGIN_LIBRARY)
 #include "KerberosLoginPrivate.h"
-#else
-#ifdef USE_LEASH
-static void (*pLeash_AcquireInitialTicketsIfNeeded)(krb5_context,krb5_principal) = NULL;
+#elif defined(USE_LEASH)
+static void (*pLeash_AcquireInitialTicketsIfNeeded)(krb5_context,krb5_principal,char*,int) = NULL;
 static HANDLE hLeashDLL = INVALID_HANDLE_VALUE;
 #endif
-#endif
 
 
 krb5_error_code KRB5_CALLCONV
 krb5_cc_default(krb5_context context, krb5_ccache *ccache)
 {
-       krb5_error_code retval;
        krb5_os_context os_ctx;
 
        if (!context || context->magic != KV5M_CONTEXT)
@@ -88,7 +85,6 @@ krb5int_cc_default(krb5_context context, krb5_ccache *ccache)
     }
 #else
 #ifdef USE_LEASH
-
     if ( hLeashDLL == INVALID_HANDLE_VALUE ) {
         hLeashDLL = LoadLibrary("leashw32.dll");
         if ( hLeashDLL != INVALID_HANDLE_VALUE ) {
@@ -98,7 +94,13 @@ krb5int_cc_default(krb5_context context, krb5_ccache *ccache)
     }
     
     if ( pLeash_AcquireInitialTicketsIfNeeded ) {
-        pLeash_AcquireInitialTicketsIfNeeded(context, NULL);
+       char ccname[256]="";
+        pLeash_AcquireInitialTicketsIfNeeded(context, NULL, ccname, sizeof(ccname));
+       if (ccname[0]) {
+            if (strcmp (krb5_cc_default_name (context),ccname) != 0) {
+                krb5_cc_set_default_name (context, ccname);
+            }
+       }
     }
 #endif
 #endif