From: Greg Hudson Date: Sun, 25 Apr 2010 00:31:32 +0000 (+0000) Subject: On the iakerb branch, fix spnego_gss_acquire_cred_with_password to X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=e276c63a73622d064041fff3983f2c42ec4cb9fc;p=thirdparty%2Fkrb5.git On the iakerb branch, fix spnego_gss_acquire_cred_with_password to wrap the resulting creds. (The wrapping didn't exist when the code was originally written.) git-svn-id: svn://anonsvn.mit.edu/krb5/branches/iakerb@23940 dc483132-0cff-0310-8789-dd5450dbe970 --- diff --git a/src/lib/gssapi/spnego/spnego_mech.c b/src/lib/gssapi/spnego/spnego_mech.c index 3e029ecd60..c9cf441e0e 100644 --- a/src/lib/gssapi/spnego/spnego_mech.c +++ b/src/lib/gssapi/spnego/spnego_mech.c @@ -2463,8 +2463,10 @@ spnego_gss_acquire_cred_with_password(OM_uint32 *minor_status, gss_OID_set *actual_mechs, OM_uint32 *time_rec) { - OM_uint32 status; - gss_OID_set amechs = GSS_C_NULL_OID_SET; + OM_uint32 status, tmpmin; + gss_OID_set amechs = GSS_C_NULL_OID_SET, dmechs; + gss_cred_id_t mcred = NULL; + spnego_gss_cred_id_t spcred = NULL; dsyslog("Entering spnego_gss_acquire_cred_with_password\n"); @@ -2474,20 +2476,35 @@ spnego_gss_acquire_cred_with_password(OM_uint32 *minor_status, if (time_rec) *time_rec = 0; + dmechs = desired_mechs; if (desired_mechs == GSS_C_NULL_OID_SET) { - status = get_available_mechs(minor_status, - desired_name, cred_usage, - output_cred_handle, &amechs); + status = get_available_mechs(minor_status, desired_name, + cred_usage, NULL, &amechs); + dmechs = amechs; } - status = gss_acquire_cred_with_password(minor_status, - desired_name, password, time_req, - desired_mechs ? desired_mechs : amechs, cred_usage, - output_cred_handle, actual_mechs, - time_rec); + status = gss_acquire_cred_with_password(minor_status, desired_name, + password, time_req, dmechs, + cred_usage, &mcred, + actual_mechs, time_rec); + if (status != GSS_S_COMPLETE) + goto cleanup; - if (amechs != GSS_C_NULL_OID_SET) - (void) gss_release_oid_set(minor_status, &amechs); + spcred = malloc(sizeof(spnego_gss_cred_id_rec)); + if (spcred == NULL) { + *minor_status = ENOMEM; + status = GSS_S_FAILURE; + goto cleanup; + } + spcred->neg_mechs = GSS_C_NULL_OID_SET; + spcred->mcred = mcred; + mcred = GSS_C_NO_CREDENTIAL; + *output_cred_handle = (gss_cred_id_t)spcred; + +cleanup: + + (void) gss_release_oid_set(&tmpmin, &amechs); + (void) gss_release_cred(&tmpmin, &mcred); dsyslog("Leaving spnego_gss_acquire_cred_with_password\n"); return (status);