pull up r17466 and r17468 from trunk
authorTom Yu <tlyu@mit.edu>
Mon, 31 Oct 2005 21:48:08 +0000 (21:48 +0000)
committerTom Yu <tlyu@mit.edu>
Mon, 31 Oct 2005 21:48:08 +0000 (21:48 +0000)
ticket: 3223
version_fixed: 1.4.3

git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-4@17471 dc483132-0cff-0310-8789-dd5450dbe970

src/lib/gssapi/krb5/ChangeLog
src/lib/gssapi/krb5/acquire_cred.c
src/lib/krb5/ccache/ChangeLog
src/lib/krb5/ccache/ccdefault.c
src/patchlevel.h

index 1a8eda6ecba8f0f73a4fce0ef34bfb4621107174..ec6b1341fb67a5d2f71b03dadcd903bda3cd2663 100644 (file)
@@ -1,3 +1,10 @@
+2005-10-20  Alexandra Ellwood <lxs@mit.edu>, Jeffrey Altman <jaltman@mit.edu>
+       
+       * acquire_cred.c (acquire_init_cred):
+         If a specific principal has been requested, attempt to acquire
+          tickets and set the ccache name in the context to the ccache
+          containing the tickets if obtained. (KFM/KFW)  
+
 2005-10-20  Jeffrey Altman <jaltman@mit.edu>
 
        * gssapi_krb5.hin: add missing GSS_DLLIMP to exported symbols
index 56d6a473c88a74baebed557a5c5161e981224718..c293b278398e4263a5066f441af28de876396906 100644 (file)
 #include <strings.h>
 #endif
 
+#if defined(USE_LOGIN_LIBRARY)
+#include <Kerberos/KerberosLoginPrivate.h>
+#elif defined(USE_LEASH)
+static void (*pLeash_AcquireInitialTicketsIfNeeded)(krb5_context,krb5_principal,char*,int) = NULL;
+static HANDLE hLeashDLL = INVALID_HANDLE_VALUE;
+#endif
+
 k5_mutex_t gssint_krb5_keytab_lock = K5_MUTEX_PARTIAL_INITIALIZER;
 static char *krb5_gss_keytab = NULL;
 
@@ -223,11 +230,65 @@ acquire_init_cred(context, minor_status, desired_name, output_princ, cred)
    if (GSS_ERROR(kg_sync_ccache_name(context, minor_status)))
        return(GSS_S_FAILURE);
 
-    /* open the default credential cache */
+#if defined(USE_LOGIN_LIBRARY) || defined(USE_LEASH)
+   if (desired_name != NULL) {
+#if defined(USE_LOGIN_LIBRARY)
+       char *ccache_name = NULL;
+       KLPrincipal kl_desired_princ = NULL;
+       
+       if ((code = __KLCreatePrincipalFromKerberos5Principal ((krb5_principal) desired_name,
+                                                              &kl_desired_princ))) {
+           *minor_status = code;
+           return(GSS_S_CRED_UNAVAIL);
+       }
+       
+       if ((code = KLAcquireInitialTickets (kl_desired_princ, NULL, NULL, &ccache_name))) {
+           KLDisposePrincipal (kl_desired_princ);
+           *minor_status = code;
+           return(GSS_S_CRED_UNAVAIL);
+       }
+       
+       if ((code = krb5_cc_resolve (context, ccache_name, &ccache))) {
+           KLDisposeString (ccache_name);
+           KLDisposePrincipal (kl_desired_princ);
+           *minor_status = code;
+           return(GSS_S_CRED_UNAVAIL);
+       }
    
-   if ((code = krb5int_cc_default(context, &ccache))) {
-      *minor_status = code;
-      return(GSS_S_CRED_UNAVAIL);
+       if (kl_desired_princ != NULL) { KLDisposePrincipal (kl_desired_princ); }
+       if (ccache_name      != NULL) { KLDisposeString (ccache_name); }
+#elif defined(USE_LEASH)
+       if ( hLeashDLL == INVALID_HANDLE_VALUE ) {
+          hLeashDLL = LoadLibrary("leashw32.dll");
+          if ( hLeashDLL != INVALID_HANDLE_VALUE ) {
+              (FARPROC) pLeash_AcquireInitialTicketsIfNeeded =
+                  GetProcAddress(hLeashDLL, "not_an_API_Leash_AcquireInitialTicketsIfNeeded");
+          }
+       }
+    
+       if ( pLeash_AcquireInitialTicketsIfNeeded ) {
+          char ccname[256]="";
+          pLeash_AcquireInitialTicketsIfNeeded(context, (krb5_principal) desired_name, ccname, sizeof(ccname));
+          if (!ccname[0]) {
+              *minor_status = KRB5_CC_NOTFOUND;
+              return(GSS_S_CRED_UNAVAIL);
+          }
+
+          if ((code = krb5_cc_resolve (context, ccname, &ccache))) {
+              *minor_status = code;
+              return(GSS_S_CRED_UNAVAIL);
+          }
+       }
+#endif /* USE_LEASH */
+   } else
+#endif /* USE_LOGIN_LIBRARY || USE_LEASH */
+   {
+       /* open the default credential cache */
+   
+       if ((code = krb5int_cc_default(context, &ccache))) {
+          *minor_status = code;
+          return(GSS_S_CRED_UNAVAIL);
+       }
    }
 
    /* turn off OPENCLOSE mode while extensive frobbing is going on */
index ff19622c54140651edb365d7f0f426ce5b04026c..1cf631a6110568425a5dfcdf4787429fceaa7cd9 100644 (file)
@@ -1,3 +1,7 @@
+2005-10-27  Jeffrey Altman <jaltman@mit.edu>
+       * ccdefault.c: 
+          (krb5int_cc_default) - add KFW support for multiple ccaches
+
 2005-10-20  Jeffrey Altman <jaltman@mit.edu>
 
        * cc_mslsa.c: 
index 8a45a243b8df7d5dfdf19db5243c1a9453be894c..3c363229a404768e8eef1d9727dd9ad1040621fb 100644 (file)
 
 #include "k5-int.h"
 
-#ifdef USE_LOGIN_LIBRARY
+#if defined(USE_LOGIN_LIBRARY)
 #include "KerberosLoginPrivate.h"
-#else
-#ifdef USE_LEASH
-static void (*pLeash_AcquireInitialTicketsIfNeeded)(krb5_context,krb5_principal) = NULL;
+#elif defined(USE_LEASH)
+static void (*pLeash_AcquireInitialTicketsIfNeeded)(krb5_context,krb5_principal,char*,int) = NULL;
 static HANDLE hLeashDLL = INVALID_HANDLE_VALUE;
 #endif
-#endif
 
 
 krb5_error_code KRB5_CALLCONV
 krb5_cc_default(krb5_context context, krb5_ccache *ccache)
 {
-       krb5_error_code retval;
        krb5_os_context os_ctx;
 
        if (!context || context->magic != KV5M_CONTEXT)
@@ -88,7 +85,6 @@ krb5int_cc_default(krb5_context context, krb5_ccache *ccache)
     }
 #else
 #ifdef USE_LEASH
-
     if ( hLeashDLL == INVALID_HANDLE_VALUE ) {
         hLeashDLL = LoadLibrary("leashw32.dll");
         if ( hLeashDLL != INVALID_HANDLE_VALUE ) {
@@ -98,7 +94,13 @@ krb5int_cc_default(krb5_context context, krb5_ccache *ccache)
     }
     
     if ( pLeash_AcquireInitialTicketsIfNeeded ) {
-        pLeash_AcquireInitialTicketsIfNeeded(context, NULL);
+       char ccname[256]="";
+        pLeash_AcquireInitialTicketsIfNeeded(context, NULL, ccname, sizeof(ccname));
+       if (ccname[0]) {
+            if (strcmp (krb5_cc_default_name (context),ccname) != 0) {
+                krb5_cc_set_default_name (context, ccname);
+            }
+       }
     }
 #endif
 #endif
index 8f38a0e87c04d6a8b99d72f10a638c321265d6c3..0a10efb34406270c9a30e0e8716d5158ba93c35c 100644 (file)
@@ -53,6 +53,6 @@
 #define KRB5_MAJOR_RELEASE 1
 #define KRB5_MINOR_RELEASE 4
 #define KRB5_PATCHLEVEL 3
-#define KRB5_RELTAIL "beta1"
+#define KRB5_RELTAIL "beta1-postrelease"
 /* #undef KRB5_RELDATE */
-#define KRB5_RELTAG "krb5-1-4-3-beta1"
+#define KRB5_RELTAG "krb5-1-4"