diff options
author | Andrew Bartlett <abartlet@samba.org> | 2008-03-19 10:17:42 +1100 |
---|---|---|
committer | Andrew Bartlett <abartlet@samba.org> | 2008-03-19 10:17:42 +1100 |
commit | 9e6b0c28712ee77ce878809c8576826a3ba08d95 (patch) | |
tree | 1a325e474fbc22b1a1cadaf53a3af2c36e8d5ad2 /source4/heimdal/lib/gssapi/mech | |
parent | 3530099cf226d591b687715b63b144d243e52083 (diff) | |
download | samba-9e6b0c28712ee77ce878809c8576826a3ba08d95.tar.gz samba-9e6b0c28712ee77ce878809c8576826a3ba08d95.tar.bz2 samba-9e6b0c28712ee77ce878809c8576826a3ba08d95.zip |
Merge lorikeet-heimdal -r 787 into Samba4 tree.
Andrew Bartlett
(This used to be commit d88b530522d3cef67c24422bd5182fb875d87ee2)
Diffstat (limited to 'source4/heimdal/lib/gssapi/mech')
-rw-r--r-- | source4/heimdal/lib/gssapi/mech/context.c | 18 | ||||
-rw-r--r-- | source4/heimdal/lib/gssapi/mech/gss_accept_sec_context.c | 6 | ||||
-rw-r--r-- | source4/heimdal/lib/gssapi/mech/gss_krb5.c | 43 | ||||
-rw-r--r-- | source4/heimdal/lib/gssapi/mech/gss_mech_switch.c | 2 | ||||
-rw-r--r-- | source4/heimdal/lib/gssapi/mech/gss_release_oid_set.c | 4 |
5 files changed, 64 insertions, 9 deletions
diff --git a/source4/heimdal/lib/gssapi/mech/context.c b/source4/heimdal/lib/gssapi/mech/context.c index e4517bee44..926630c42d 100644 --- a/source4/heimdal/lib/gssapi/mech/context.c +++ b/source4/heimdal/lib/gssapi/mech/context.c @@ -1,7 +1,7 @@ #include "mech/mech_locl.h" #include "heim_threads.h" -RCSID("$Id: context.c 21248 2007-06-21 00:45:13Z lha $"); +RCSID("$Id: context.c 22600 2008-02-21 12:46:24Z lha $"); struct mg_thread_ctx { gss_OID mech; @@ -107,6 +107,13 @@ _gss_mg_error(gssapi_mech_interface m, OM_uint32 maj, OM_uint32 min) OM_uint32 message_content; struct mg_thread_ctx *mg; + /* + * Mechs without gss_display_status() does + * gss_mg_collect_error() by themself. + */ + if (m->gm_display_status == NULL) + return ; + mg = _gss_mechglue_thread(); if (mg == NULL) return; @@ -139,3 +146,12 @@ _gss_mg_error(gssapi_mech_interface m, OM_uint32 maj, OM_uint32 min) mg->min_error.length = 0; } } + +void +gss_mg_collect_error(gss_OID mech, OM_uint32 maj, OM_uint32 min) +{ + gssapi_mech_interface m = __gss_get_mechanism(mech); + if (m == NULL) + return; + _gss_mg_error(m, maj, min); +} diff --git a/source4/heimdal/lib/gssapi/mech/gss_accept_sec_context.c b/source4/heimdal/lib/gssapi/mech/gss_accept_sec_context.c index d1e243d8b8..a6b1ded5ca 100644 --- a/source4/heimdal/lib/gssapi/mech/gss_accept_sec_context.c +++ b/source4/heimdal/lib/gssapi/mech/gss_accept_sec_context.c @@ -27,7 +27,7 @@ */ #include "mech_locl.h" -RCSID("$Id: gss_accept_sec_context.c 21237 2007-06-20 11:21:09Z lha $"); +RCSID("$Id: gss_accept_sec_context.c 22071 2007-11-14 20:04:50Z lha $"); static OM_uint32 parse_header(const gss_buffer_t input_token, gss_OID mech_oid) @@ -38,7 +38,7 @@ parse_header(const gss_buffer_t input_token, gss_OID mech_oid) /* * Token must start with [APPLICATION 0] SEQUENCE. - * But if it doesn't assume its DCE-STYLE Kerberos! + * But if it doesn't assume it is DCE-STYLE Kerberos! */ if (len == 0) return (GSS_S_DEFECTIVE_TOKEN); @@ -102,7 +102,7 @@ choose_mech(const gss_buffer_t input, gss_OID mech_oid) OM_uint32 status; /* - * First try to parse the gssapi token header and see if its a + * First try to parse the gssapi token header and see if it's a * correct header, use that in the first hand. */ diff --git a/source4/heimdal/lib/gssapi/mech/gss_krb5.c b/source4/heimdal/lib/gssapi/mech/gss_krb5.c index 9e77f42982..03081cb70f 100644 --- a/source4/heimdal/lib/gssapi/mech/gss_krb5.c +++ b/source4/heimdal/lib/gssapi/mech/gss_krb5.c @@ -27,7 +27,7 @@ */ #include "mech_locl.h" -RCSID("$Id: gss_krb5.c 21123 2007-06-18 20:05:26Z lha $"); +RCSID("$Id: gss_krb5.c 21889 2007-08-09 07:43:24Z lha $"); #include <krb5.h> #include <roken.h> @@ -253,7 +253,6 @@ free_key(gss_krb5_lucid_key_t *key) memset(key, 0, sizeof(*key)); } - OM_uint32 gss_krb5_export_lucid_sec_context(OM_uint32 *minor_status, gss_ctx_id_t *context_handle, @@ -824,3 +823,43 @@ gsskrb5_set_default_realm(const char *realm) return (GSS_S_COMPLETE); } + +OM_uint32 +gss_krb5_get_tkt_flags(OM_uint32 *minor_status, + gss_ctx_id_t context_handle, + OM_uint32 *tkt_flags) +{ + + OM_uint32 major_status; + gss_buffer_set_t data_set = GSS_C_NO_BUFFER_SET; + + if (context_handle == GSS_C_NO_CONTEXT) { + *minor_status = EINVAL; + return GSS_S_FAILURE; + } + + major_status = + gss_inquire_sec_context_by_oid (minor_status, + context_handle, + GSS_KRB5_GET_TKT_FLAGS_X, + &data_set); + if (major_status) + return major_status; + + if (data_set == GSS_C_NO_BUFFER_SET || + data_set->count != 1 || + data_set->elements[0].length < 4) { + gss_release_buffer_set(minor_status, &data_set); + *minor_status = EINVAL; + return GSS_S_FAILURE; + } + + { + const u_char *p = data_set->elements[0].value; + *tkt_flags = (p[0] << 0) | (p[1] << 8) | (p[2] << 16) | (p[3] << 24); + } + + gss_release_buffer_set(minor_status, &data_set); + return GSS_S_COMPLETE; +} + diff --git a/source4/heimdal/lib/gssapi/mech/gss_mech_switch.c b/source4/heimdal/lib/gssapi/mech/gss_mech_switch.c index f1a18afb13..fe65ad1ae1 100644 --- a/source4/heimdal/lib/gssapi/mech/gss_mech_switch.c +++ b/source4/heimdal/lib/gssapi/mech/gss_mech_switch.c @@ -28,7 +28,7 @@ #include "mech_locl.h" #include <heim_threads.h> -RCSID("$Id: gss_mech_switch.c 21700 2007-07-26 19:08:34Z lha $"); +RCSID("$Id: gss_mech_switch.c 21698 2007-07-26 19:07:11Z lha $"); #ifndef _PATH_GSS_MECH #define _PATH_GSS_MECH "/etc/gss/mech" diff --git a/source4/heimdal/lib/gssapi/mech/gss_release_oid_set.c b/source4/heimdal/lib/gssapi/mech/gss_release_oid_set.c index 4372e62294..388cfdbf4c 100644 --- a/source4/heimdal/lib/gssapi/mech/gss_release_oid_set.c +++ b/source4/heimdal/lib/gssapi/mech/gss_release_oid_set.c @@ -27,7 +27,7 @@ */ #include "mech_locl.h" -RCSID("$Id: gss_release_oid_set.c 19963 2007-01-17 16:01:22Z lha $"); +RCSID("$Id: gss_release_oid_set.c 22144 2007-12-04 17:31:55Z lha $"); OM_uint32 gss_release_oid_set(OM_uint32 *minor_status, @@ -35,7 +35,7 @@ gss_release_oid_set(OM_uint32 *minor_status, { *minor_status = 0; - if (*set) { + if (set && *set) { if ((*set)->elements) free((*set)->elements); free(*set); |