+Fri Mar 26 22:17:20 1999 Theodore Y. Ts'o <tytso@mit.edu>
+
+ * acquire_cred.c (krb5_gss_acquire_cred): Don't use strcmp to
+ compare against principal components (they aren't null
+ terminated!)
+
Thu Mar 25 22:43:54 1999 Theodore Y. Ts'o <tytso@mit.edu>
* gssapi_krb5.c: Rearrange OID's so that the V1V2 mechanism set
{
krb5_error_code code;
krb5_ccache ccache;
- krb5_principal princ;
+ krb5_principal princ, tmp_princ;
krb5_flags flags;
krb5_cc_cursor cur;
krb5_creds creds;
got_endtime = 0;
+ code = krb5_build_principal_ext(context, &tmp_princ,
+ krb5_princ_realm(context, princ)->length,
+ krb5_princ_realm(context, princ)->data,
+ 6, "krbtgt",
+ krb5_princ_realm(context, princ)->length,
+ krb5_princ_realm(context, princ)->data,
+ 0);
+ if (code) {
+ (void)krb5_cc_close(context, ccache);
+ *minor_status = code;
+ return(GSS_S_FAILURE);
+ }
while (!(code = krb5_cc_next_cred(context, ccache, &cur, &creds))) {
- if ((creds.server->length == 2) &&
- (strcmp(creds.server->realm.data, princ->realm.data) == 0) &&
- (strcmp((char *) creds.server->data[0].data, "krbtgt") == 0) &&
- (strcmp((char *) creds.server->data[1].data,
- princ->realm.data) == 0)) {
+ if (krb5_principal_compare(context, tmp_princ, creds.server)) {
cred->tgt_expire = creds.times.endtime;
got_endtime = 1;
*minor_status = 0;
}
krb5_free_cred_contents(context, &creds);
}
+ krb5_free_principal(context, tmp_princ);
if (code && code != KRB5_CC_END) {
/* this means some error occurred reading the ccache */