From: Sam Hartman <hartmans@mit.edu>
Date: Wed, 23 Dec 2009 21:10:26 +0000 (+0000)
Subject: Implement support for the anonymous name type in GSS-API
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=1392110b1809ef5b47a08271c7219c1c7c201db0;p=thirdparty%2Fkrb5.git

Implement support for the anonymous name type in GSS-API

* Import GSS_C_NT_ANONYMOUS as WELLKNOWN/ANONYMOUS@WELLKNOWN:ANONYMOUS
* the display text of the anonymous name is the krb5 principal, but the nametype is set to GSS_C_NT_ANONYMOUS

git-svn-id: svn://anonsvn.mit.edu/krb5/branches/anonymous@23503 dc483132-0cff-0310-8789-dd5450dbe970
---

diff --git a/src/lib/gssapi/krb5/disp_name.c b/src/lib/gssapi/krb5/disp_name.c
index ac576f5b46..79b14f1a93 100644
--- a/src/lib/gssapi/krb5/disp_name.c
+++ b/src/lib/gssapi/krb5/disp_name.c
@@ -34,6 +34,8 @@ krb5_gss_display_name(minor_status, input_name, output_name_buffer,
     krb5_context context;
     krb5_error_code code;
     char *str;
+    krb5_gss_name_t k5name = (krb5_gss_name_t) input_name;
+    gss_OID nametype = (gss_OID) gss_nt_krb5_name;
 
     code = krb5_gss_init_context(&context);
     if (code) {
@@ -49,6 +51,11 @@ krb5_gss_display_name(minor_status, input_name, output_name_buffer,
         krb5_free_context(context);
         return(GSS_S_CALL_BAD_STRUCTURE|GSS_S_BAD_NAME);
     }
+    if (krb5_princ_type(context, k5name->princ) == KRB5_NT_WELLKNOWN) {
+        if (krb5_principal_compare(context, k5name->princ,
+                                   krb5_anonymous_principal()))
+            nametype = GSS_C_NT_ANONYMOUS;
+    }
 
     if ((code = krb5_unparse_name(context,
                                   ((krb5_gss_name_t) input_name)->princ,
@@ -72,6 +79,6 @@ krb5_gss_display_name(minor_status, input_name, output_name_buffer,
 
     *minor_status = 0;
     if (output_name_type)
-        *output_name_type = (gss_OID) gss_nt_krb5_name;
+        *output_name_type = (gss_OID) nametype;
     return(GSS_S_COMPLETE);
 }
diff --git a/src/lib/gssapi/krb5/import_name.c b/src/lib/gssapi/krb5/import_name.c
index cd2748b561..57282d9160 100644
--- a/src/lib/gssapi/krb5/import_name.c
+++ b/src/lib/gssapi/krb5/import_name.c
@@ -154,7 +154,16 @@ krb5_gss_import_name(minor_status, input_name_buffer,
             krb5_free_context(context);
             return(GSS_S_FAILURE);
         }
-    } else {
+    } else if ((input_name_type != NULL) &&
+               g_OID_equal(input_name_type, GSS_C_NT_ANONYMOUS)) {
+        code = krb5_copy_principal(context, krb5_anonymous_principal(), &princ);
+        if (code != 0) {
+            krb5_free_context(context);
+            *minor_status = code;
+            return GSS_S_FAILURE;
+            }
+    }
+    else {
 #ifndef NO_PASSWORD
         uid_t uid;
         struct passwd pwx;