*think* I've gotten all the places where a ccache or keytab name that's been
stored gets applied to whichever context needs it.
* gssapi_krb5.c (kg_sync_ccache_name): Add context argument instead of calling
kg_get_context.
(kg_get_ccache_name): Use a locally created krb5 context instead of calling
kg_get_context.
(kg_get_context): Deleted.
* acquire_cred.c (acquire_init_cred): Pass current context.
(krb5_gss_acquire_cred): Use a locally created krb5 context instead of calling
kg_get_context.
* add_cred.c (krb5_gss_add_cred): Call kg_sync_ccache_name.
* init_sec_context.c (krb5_gss_init_sec_context): Likewise.
* gssapiP_krb5.h (kg_sync_ccache_name): Update prototype.
(kg_get_context): Delete declaration.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16597
dc483132-0cff-0310-8789-
dd5450dbe970
+2004-07-14 Ken Raeburn <raeburn@mit.edu>
+
+ * gssapi_krb5.c (kg_sync_ccache_name): Add context argument
+ instead of calling kg_get_context.
+ (kg_get_ccache_name): Use a locally created krb5 context instead
+ of calling kg_get_context.
+ (kg_get_context): Deleted.
+ * acquire_cred.c (acquire_init_cred): Pass current context.
+ (krb5_gss_acquire_cred): Use a locally created krb5 context
+ instead of calling kg_get_context.
+ * add_cred.c (krb5_gss_add_cred): Call kg_sync_ccache_name.
+ * init_sec_context.c (krb5_gss_init_sec_context): Likewise.
+ * gssapiP_krb5.h (kg_sync_ccache_name): Update prototype.
+ (kg_get_context): Delete declaration.
+
2004-07-13 Ken Raeburn <raeburn@mit.edu>
* acquire_cred.c: Include gss_libinit.h.
/* load the GSS ccache name into the kg_context */
- if (GSS_ERROR(kg_sync_ccache_name(minor_status)))
+ if (GSS_ERROR(kg_sync_ccache_name(context, minor_status)))
return(GSS_S_FAILURE);
/* open the default credential cache */
OM_uint32 ret;
krb5_error_code code;
- if (GSS_ERROR(kg_get_context(minor_status, &context)))
- return(GSS_S_FAILURE);
+ code = krb5_init_context(&context);
+ if (code) {
+ *minor_status = code;
+ return GSS_S_FAILURE;
+ }
/* make sure all outputs are valid */
if ((desired_name != (gss_name_t) NULL) &&
(! kg_validate_name(desired_name))) {
*minor_status = (OM_uint32) G_VALIDATE_FAILED;
+ krb5_free_context(context);
return(GSS_S_CALL_BAD_STRUCTURE|GSS_S_BAD_NAME);
}
if (!req_old && !req_new) {
*minor_status = 0;
+ krb5_free_context(context);
return(GSS_S_BAD_MECH);
}
}
if ((cred =
(krb5_gss_cred_id_t) xmalloc(sizeof(krb5_gss_cred_id_rec))) == NULL) {
*minor_status = ENOMEM;
+ krb5_free_context(context);
return(GSS_S_FAILURE);
}
memset(cred, 0, sizeof(krb5_gss_cred_id_rec));
(cred_usage != GSS_C_BOTH)) {
xfree(cred);
*minor_status = (OM_uint32) G_BAD_USAGE;
+ krb5_free_context(context);
return(GSS_S_FAILURE);
}
krb5_free_principal(context, cred->princ);
xfree(cred);
/* minor_status set by acquire_accept_cred() */
+ krb5_free_context(context);
return(ret);
}
krb5_free_principal(context, cred->princ);
xfree(cred);
/* minor_status set by acquire_init_cred() */
+ krb5_free_context(context);
return(ret);
}
(void)krb5_kt_close(context, cred->keytab);
xfree(cred);
*minor_status = code;
+ krb5_free_context(context);
return(GSS_S_FAILURE);
}
krb5_free_principal(context, cred->princ);
xfree(cred);
*minor_status = code;
+ krb5_free_context(context);
return(GSS_S_FAILURE);
}
krb5_free_principal(context, cred->princ);
xfree(cred);
/* *minor_status set above */
+ krb5_free_context(context);
return(ret);
}
}
krb5_free_principal(context, cred->princ);
xfree(cred);
*minor_status = (OM_uint32) G_VALIDATE_FAILED;
+ krb5_free_context(context);
return(GSS_S_FAILURE);
}
if (actual_mechs)
*actual_mechs = ret_mechs;
+ krb5_free_context(context);
return(GSS_S_COMPLETE);
}
*minor_status = code;
return GSS_S_FAILURE;
}
+ if (GSS_ERROR(kg_sync_ccache_name(context, minor_status)))
+ return GSS_S_FAILURE;
/* verify the desired_name */
krb5_octet **buffer,
size_t *lenremain);
-OM_uint32 kg_get_context (OM_uint32 *minor_status,
- krb5_context *context);
-
-OM_uint32 kg_sync_ccache_name (OM_uint32 *minor_status);
+OM_uint32 kg_sync_ccache_name (krb5_context context, OM_uint32 *minor_status);
OM_uint32 kg_get_ccache_name (OM_uint32 *minor_status,
const char **out_name);
}
OM_uint32
-kg_get_context(minor_status, context)
- OM_uint32 *minor_status;
- krb5_context *context;
+kg_sync_ccache_name (krb5_context context, OM_uint32 *minor_status)
{
- static krb5_context kg_context = NULL;
- krb5_error_code code;
-
- if (!kg_context) {
- if ((code = krb5_init_context(&kg_context)))
- goto fail;
- }
- *context = kg_context;
- *minor_status = 0;
- return GSS_S_COMPLETE;
-
-fail:
- *minor_status = (OM_uint32) code;
- return GSS_S_FAILURE;
-}
-
-OM_uint32
-kg_sync_ccache_name (OM_uint32 *minor_status)
-{
- krb5_context context = NULL;
OM_uint32 err = 0;
- OM_uint32 minor;
/*
- * Sync up the kg_context ccache name with the GSSAPI ccache name.
+ * Sync up the context ccache name with the GSSAPI ccache name.
* If kg_ccache_name is NULL -- normal unless someone has called
* gss_krb5_ccache_name() -- then the system default ccache will
* be picked up and used by resetting the context default ccache.
* This is needed for platforms which support multiple ccaches.
*/
- if (!err) {
- if (GSS_ERROR(kg_get_context (&minor, &context))) {
- err = minor;
- }
- }
-
if (!err) {
/* kg_ccache_name == NULL resets the context default ccache */
err = krb5_cc_set_default_name(context, kg_ccache_name);
OM_uint32
kg_get_ccache_name (OM_uint32 *minor_status, const char **out_name)
{
- krb5_context context = NULL;
const char *name = NULL;
OM_uint32 err = 0;
- OM_uint32 minor;
- if (GSS_ERROR(kg_get_context (&minor, &context))) {
- err = minor;
- }
-
if (!err) {
if (kg_ccache_name != NULL) {
name = kg_ccache_name;
} else {
- /* reset the context default ccache (see text above) */
- err = krb5_cc_set_default_name (context, NULL);
- if (!err) {
+ krb5_context context = NULL;
+
+ /* Reset the context default ccache (see text above), and
+ then retrieve it. */
+ err = krb5_init_context(&context);
+ if (!err)
+ err = krb5_cc_set_default_name (context, NULL);
+ if (!err)
name = krb5_cc_default_name(context);
- }
+ if (context)
+ krb5_free_context(context);
}
}
*minor_status = kerr;
return GSS_S_FAILURE;
}
+ if (GSS_ERROR(kg_sync_ccache_name(context, minor_status)))
+ return GSS_S_FAILURE;
} else {
context = ((krb5_gss_ctx_id_rec *)*context_handle)->k5_context;
}