From 55816d8d33dc7350869be59894ae5b5683b9ada0 Mon Sep 17 00:00:00 2001 From: Greg Hudson Date: Thu, 20 May 2010 15:13:06 +0000 Subject: [PATCH] In gss_acquire_cred_with_password() and gss_add_cred_with_password(), require desired_name to be set, and always honor it. This is consistent with the Sun implementation and simplifies the code. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24072 dc483132-0cff-0310-8789-dd5450dbe970 --- .../gssapi/mechglue/g_acquire_cred_with_pw.c | 61 +++++++------------ 1 file changed, 23 insertions(+), 38 deletions(-) diff --git a/src/lib/gssapi/mechglue/g_acquire_cred_with_pw.c b/src/lib/gssapi/mechglue/g_acquire_cred_with_pw.c index f86630382..3030ee741 100644 --- a/src/lib/gssapi/mechglue/g_acquire_cred_with_pw.c +++ b/src/lib/gssapi/mechglue/g_acquire_cred_with_pw.c @@ -64,6 +64,9 @@ val_acq_cred_pw_args( /* Validate arguments. */ + if (desired_name == GSS_C_NO_NAME) + return (GSS_S_BAD_NAME); + if (minor_status == NULL) return (GSS_S_CALL_INACCESSIBLE_WRITE); @@ -270,6 +273,9 @@ val_add_cred_pw_args( /* Validate arguments. */ + if (desired_name == GSS_C_NO_NAME) + return (GSS_S_BAD_NAME); + if (minor_status == NULL) return (GSS_S_CALL_INACCESSIBLE_WRITE); @@ -371,24 +377,20 @@ gss_add_cred_with_password(minor_status, input_cred_handle, if (gssint_get_mechanism_cred(union_cred, desired_mech) != GSS_C_NO_CREDENTIAL) return (GSS_S_DUPLICATE_ELEMENT); - - /* may need to create a mechanism specific name */ - if (desired_name) { - union_name = (gss_union_name_t)desired_name; - if (union_name->mech_type && - g_OID_equal(union_name->mech_type, - &mech->mech_type)) - internal_name = union_name->mech_name; - else { - if (gssint_import_internal_name(minor_status, - &mech->mech_type, union_name, - &allocated_name) != GSS_S_COMPLETE) - return (GSS_S_BAD_NAME); - internal_name = allocated_name; - } - } } + /* may need to create a mechanism specific name */ + union_name = (gss_union_name_t)desired_name; + if (union_name->mech_type && g_OID_equal(union_name->mech_type, + &mech->mech_type)) + internal_name = union_name->mech_name; + else { + if (gssint_import_internal_name(minor_status, + &mech->mech_type, union_name, + &allocated_name) != GSS_S_COMPLETE) + return (GSS_S_BAD_NAME); + internal_name = allocated_name; + } if (cred_usage == GSS_C_ACCEPT) time_req = acceptor_time_req; @@ -420,28 +422,11 @@ gss_add_cred_with_password(minor_status, input_cred_handle, union_cred->auxinfo.time_rec = time_rec; union_cred->auxinfo.cred_usage = cred_usage; - /* - * we must set the name; if name is not supplied - * we must do inquire cred to get it - */ - if (internal_name == NULL) { - if (mech->gss_inquire_cred == NULL || - ((status = mech->gss_inquire_cred( - &temp_minor_status, cred, - &allocated_name, NULL, NULL, - NULL)) != GSS_S_COMPLETE)) - goto errout; - internal_name = allocated_name; - } - - if (internal_name != GSS_C_NO_NAME) { - status = mech->gss_display_name(&temp_minor_status, internal_name, - &union_cred->auxinfo.name, - &union_cred->auxinfo.name_type); - - if (status != GSS_S_COMPLETE) - goto errout; - } + status = mech->gss_display_name(&temp_minor_status, internal_name, + &union_cred->auxinfo.name, + &union_cred->auxinfo.name_type); + if (status != GSS_S_COMPLETE) + goto errout; } /* now add the new credential elements */ -- 2.26.2