From: Simo Sorce Date: Thu, 7 Jun 2012 16:54:43 +0000 (-0400) Subject: Pass the actual mech oid in creds functions X-Git-Tag: krb5-1.11-alpha1~344 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=22881a18581623cd4742d9197c90b106645d67a9;p=thirdparty%2Fkrb5.git Pass the actual mech oid in creds functions This way the mechanism handler knows what mech type is intended. This allows plugin that implement multiple mechanisms or interposer plugins to know what they are being asked to do. --- diff --git a/src/lib/gssapi/mechglue/g_acquire_cred.c b/src/lib/gssapi/mechglue/g_acquire_cred.c index c28bf720e3..d228a7731e 100644 --- a/src/lib/gssapi/mechglue/g_acquire_cred.c +++ b/src/lib/gssapi/mechglue/g_acquire_cred.c @@ -373,6 +373,7 @@ gss_add_cred_from(minor_status, input_cred_handle, gss_cred_id_t cred = NULL; gss_OID new_mechs_array = NULL; gss_cred_id_t * new_cred_array = NULL; + gss_OID_set target_mechs = GSS_C_NO_OID_SET; status = val_add_cred_args(minor_status, input_cred_handle, @@ -439,15 +440,24 @@ gss_add_cred_from(minor_status, input_cred_handle, else time_req = 0; + status = gss_create_empty_oid_set(minor_status, &target_mechs); + if (status != GSS_S_COMPLETE) + goto errout; + + status = gss_add_oid_set_member(minor_status, + &mech->mech_type, &target_mechs); + if (status != GSS_S_COMPLETE) + goto errout; + if (mech->gss_acquire_cred_from) { status = mech->gss_acquire_cred_from(minor_status, internal_name, - time_req, GSS_C_NULL_OID_SET, + time_req, target_mechs, cred_usage, cred_store, &cred, NULL, &time_rec); } else if (cred_store == GSS_C_NO_CRED_STORE) { status = mech->gss_acquire_cred(minor_status, internal_name, time_req, - GSS_C_NULL_OID_SET, cred_usage, &cred, - NULL, &time_rec); + target_mechs, cred_usage, &cred, NULL, + &time_rec); } else { return GSS_S_UNAVAILABLE; } diff --git a/src/lib/gssapi/mechglue/g_acquire_cred_with_pw.c b/src/lib/gssapi/mechglue/g_acquire_cred_with_pw.c index 6ac650b35e..35ec25c849 100644 --- a/src/lib/gssapi/mechglue/g_acquire_cred_with_pw.c +++ b/src/lib/gssapi/mechglue/g_acquire_cred_with_pw.c @@ -339,6 +339,7 @@ gss_add_cred_with_password(minor_status, input_cred_handle, gss_cred_id_t cred = NULL; gss_OID new_mechs_array = NULL; gss_cred_id_t * new_cred_array = NULL; + gss_OID_set target_mechs = GSS_C_NO_OID_SET; status = val_add_cred_pw_args(minor_status, input_cred_handle, @@ -402,15 +403,24 @@ gss_add_cred_with_password(minor_status, input_cred_handle, else time_req = 0; + status = gss_create_empty_oid_set(minor_status, &target_mechs); + if (status != GSS_S_COMPLETE) + goto errout; + + status = gss_add_oid_set_member(minor_status, + &mech->mech_type, &target_mechs); + if (status != GSS_S_COMPLETE) + goto errout; + status = mech_ext->gssspi_acquire_cred_with_password(minor_status, - internal_name, - password, - time_req, - GSS_C_NULL_OID_SET, - cred_usage, - &cred, - NULL, - &time_rec); + internal_name, + password, + time_req, + target_mechs, + cred_usage, + &cred, + NULL, + &time_rec); if (status != GSS_S_COMPLETE) { map_error(minor_status, mech); goto errout; @@ -506,6 +516,9 @@ errout: &mech->mech_type, &allocated_name); + if (target_mechs) + (void)gss_release_oid_set(&temp_minor_status, &target_mechs); + if (input_cred_handle == GSS_C_NO_CREDENTIAL && union_cred) free(union_cred);