krb5_cc_cursor cur;
krb5_creds creds;
int got_endtime;
+ int caller_provided_ccache_name = 0;
cred->ccache = NULL;
if (GSS_ERROR(kg_sync_ccache_name(context, minor_status)))
return(GSS_S_FAILURE);
+ /* check to see if the caller provided a ccache name if so
+ * we will just use that and not search the cache collection */
+ if (GSS_ERROR(kg_caller_provided_ccache_name (minor_status, &caller_provided_ccache_name))) {
+ return(GSS_S_FAILURE);
+ }
+
#if defined(USE_LOGIN_LIBRARY) || defined(USE_LEASH)
- if (desired_name != NULL) {
+ if (desired_name && !caller_provided_ccache_name) {
#if defined(USE_LOGIN_LIBRARY)
KLStatus err = klNoErr;
- KLPrincipal kl_desired_princ = NULL;
- char *default_name = krb5_cc_default_name (context);
char *ccache_name = NULL;
-
+ KLPrincipal kl_desired_princ = NULL;
+
err = __KLCreatePrincipalFromKerberos5Principal ((krb5_principal) desired_name,
&kl_desired_princ);
if (!err) {
- if (default_name) {
- err = __KLAcquireInitialTicketsForCacheAndPrincipal (default_name, kerberosVersion_V5,
- kl_desired_princ, NULL, NULL,
- &ccache_name);
- } else {
- err = KLAcquireInitialTickets (kl_desired_princ, NULL, NULL, &ccache_name);
- }
+ err = KLAcquireInitialTickets (kl_desired_princ, NULL, NULL, &ccache_name);
}
-
+
if (!err) {
err = krb5_cc_resolve (context, ccache_name, &ccache);
}
return(GSS_S_CRED_UNAVAIL);
}
- if (ccache_name != NULL) { KLDisposeString (ccache_name); }
if (kl_desired_princ != NULL) { KLDisposePrincipal (kl_desired_princ); }
+ if (ccache_name != NULL) { KLDisposeString (ccache_name); }
#elif defined(USE_LEASH)
if ( hLeashDLL == INVALID_HANDLE_VALUE ) {
return (*minor_status == 0) ? GSS_S_COMPLETE : GSS_S_FAILURE;
}
+/* This function returns whether or not the caller set a cccache name. Used by
+ * gss_acquire_cred to figure out if the caller wants to only look at this
+ * ccache or search the cache collection for the desired name */
+OM_uint32
+kg_caller_provided_ccache_name (OM_uint32 *minor_status,
+int *out_caller_provided_name)
+{
+ if (out_caller_provided_name) {
+ *out_caller_provided_name =
+ (k5_getspecific(K5_KEY_GSS_KRB5_CCACHE_NAME) != NULL);
+ }
+
+ *minor_status = 0;
+ return GSS_S_COMPLETE;
+}
+
OM_uint32
kg_get_ccache_name (OM_uint32 *minor_status, const char **out_name)
{