From 6d185228f1f43bb1c2141ec0d88ca65d37e14bc2 Mon Sep 17 00:00:00 2001
From: Theodore Tso <tytso@mit.edu>
Date: Sun, 16 Nov 1997 01:51:14 +0000
Subject: [PATCH] * accept_sec_context.c (krb5_gss_accept_sec_context),  
 init_sec_context.c (krb5_gss_init_sec_context),   inq_cred.c
 (krb5_gss_inquire_cred): Call krb5_gss_validate_cred   	to make sure
 the credential handle is still valid.

* val_cred.c (krb5_gss_validate_cred): New file which validates
	the credential to make sure it is valid, including
	checking to make sure the credentials cache still points
	at the same krb5 principal as it did before.

* accept_sec_context.c (krb5_gss_accept_sec_context): Return
	GSS_S_FAILURE if a non-NULL context handle is passed to it.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@10285 dc483132-0cff-0310-8789-dd5450dbe970
---
 src/lib/gssapi/krb5/ChangeLog            | 10 ++++
 src/lib/gssapi/krb5/Makefile.in          |  3 ++
 src/lib/gssapi/krb5/accept_sec_context.c |  9 ++--
 src/lib/gssapi/krb5/gssapiP_krb5.h       |  5 ++
 src/lib/gssapi/krb5/init_sec_context.c   |  9 ++--
 src/lib/gssapi/krb5/inq_cred.c           |  9 ++--
 src/lib/gssapi/krb5/val_cred.c           | 66 ++++++++++++++++++++++++
 7 files changed, 99 insertions(+), 12 deletions(-)
 create mode 100644 src/lib/gssapi/krb5/val_cred.c

diff --git a/src/lib/gssapi/krb5/ChangeLog b/src/lib/gssapi/krb5/ChangeLog
index ec1708012..a641c3928 100644
--- a/src/lib/gssapi/krb5/ChangeLog
+++ b/src/lib/gssapi/krb5/ChangeLog
@@ -1,5 +1,15 @@
 Sat Nov 15 20:14:05 1997  Theodore Y. Ts'o  <tytso@mit.edu>
 
+	* accept_sec_context.c (krb5_gss_accept_sec_context), 
+	  init_sec_context.c (krb5_gss_init_sec_context),
+	  inq_cred.c (krb5_gss_inquire_cred): Call krb5_gss_validate_cred
+	  	to make sure the credential handle is still valid.
+
+	* val_cred.c (krb5_gss_validate_cred): New file which validates
+		the credential to make sure it is valid, including
+		checking to make sure the credentials cache still points
+		at the same krb5 principal as it did before.
+
 	* accept_sec_context.c (krb5_gss_accept_sec_context): Return
  		GSS_S_FAILURE if a non-NULL context handle is passed to
  		it.
diff --git a/src/lib/gssapi/krb5/Makefile.in b/src/lib/gssapi/krb5/Makefile.in
index 089b9401e..bdeb4bd3a 100644
--- a/src/lib/gssapi/krb5/Makefile.in
+++ b/src/lib/gssapi/krb5/Makefile.in
@@ -49,6 +49,7 @@ SRCS = \
 	$(srcdir)/util_crypt.c \
 	$(srcdir)/util_seed.c \
 	$(srcdir)/util_seqnum.c \
+	$(srcdir)/val_cred.c \
 	$(srcdir)/verify.c \
 	$(srcdir)/wrap_size_limit.c \
 	gssapi_err_krb5.c
@@ -92,6 +93,7 @@ OBJS = \
 	util_crypt.$(OBJEXT) \
 	util_seed.$(OBJEXT) \
 	util_seqnum.$(OBJEXT) \
+	val_cred.$(OBJECT) \
 	verify.$(OBJEXT) \
 	wrap_size_limit.$(OBJEXT) \
 	gssapi_err_krb5.$(OBJEXT)
@@ -135,6 +137,7 @@ STLIBOBJS = \
 	util_crypt.o \
 	util_seed.o \
 	util_seqnum.o \
+	val_cred.o \
 	verify.o \
 	wrap_size_limit.o \
 	gssapi_err_krb5.o
diff --git a/src/lib/gssapi/krb5/accept_sec_context.c b/src/lib/gssapi/krb5/accept_sec_context.c
index 2c7821a30..bf984d87a 100644
--- a/src/lib/gssapi/krb5/accept_sec_context.c
+++ b/src/lib/gssapi/krb5/accept_sec_context.c
@@ -213,10 +213,11 @@ krb5_gss_accept_sec_context(minor_status, context_handle,
       *minor_status = 0;
       return(GSS_S_NO_CRED);
    } else {
-      if (! kg_validate_cred_id(verifier_cred_handle)) {
-	 *minor_status = (OM_uint32) G_VALIDATE_FAILED;
-	 return(GSS_S_CALL_BAD_STRUCTURE|GSS_S_DEFECTIVE_CREDENTIAL);
-      }
+      OM_uint32 major;
+	   
+      major = krb5_gss_validate_cred(minor_status, verifier_cred_handle);
+      if (GSS_ERROR(major))
+	  return(major);
    }
 
    cred = (krb5_gss_cred_id_t) verifier_cred_handle;
diff --git a/src/lib/gssapi/krb5/gssapiP_krb5.h b/src/lib/gssapi/krb5/gssapiP_krb5.h
index b09722db1..69b003118 100644
--- a/src/lib/gssapi/krb5/gssapiP_krb5.h
+++ b/src/lib/gssapi/krb5/gssapiP_krb5.h
@@ -517,5 +517,10 @@ PROTOTYPE( (OM_uint32  *,		/* minor_status */
 	    const gss_name_t,		/* input_name */
 	    gss_name_t *		/* dest_name */
 	 ));
+
+OM_uint32 krb5_gss_validate_cred
+PROTOTYPE( (OM_uint32 *,		/* minor_status */
+	    gss_cred_id_t		/* cred */
+         ));
 	
 #endif /* _GSSAPIP_KRB5_H_ */
diff --git a/src/lib/gssapi/krb5/init_sec_context.c b/src/lib/gssapi/krb5/init_sec_context.c
index b3992bd7d..2edf1b072 100644
--- a/src/lib/gssapi/krb5/init_sec_context.c
+++ b/src/lib/gssapi/krb5/init_sec_context.c
@@ -261,10 +261,11 @@ krb5_gss_init_sec_context(minor_status, claimant_cred_handle,
 	 return(major);
       }
    } else {
-      if (! kg_validate_cred_id(claimant_cred_handle)) {
-	 *minor_status = (OM_uint32) G_VALIDATE_FAILED;
-	 return(GSS_S_CALL_BAD_STRUCTURE|GSS_S_DEFECTIVE_CREDENTIAL);
-      }
+      OM_uint32 major;
+	   
+      major = krb5_gss_validate_cred(minor_status, claimant_cred_handle);
+      if (GSS_ERROR(major))
+	  return(major);
    }
 
    cred = (krb5_gss_cred_id_t) claimant_cred_handle;
diff --git a/src/lib/gssapi/krb5/inq_cred.c b/src/lib/gssapi/krb5/inq_cred.c
index f9811c347..b2edc2571 100644
--- a/src/lib/gssapi/krb5/inq_cred.c
+++ b/src/lib/gssapi/krb5/inq_cred.c
@@ -56,10 +56,11 @@ krb5_gss_inquire_cred(minor_status, cred_handle, name, lifetime_ret,
 	 return(major);
       }
    } else {
-      if (! kg_validate_cred_id(cred_handle)) {
-	 *minor_status = (OM_uint32) G_VALIDATE_FAILED;
-	 return(GSS_S_CALL_BAD_STRUCTURE|GSS_S_NO_CRED);
-      }
+      OM_uint32 major;
+	   
+      major = krb5_gss_validate_cred(minor_status, cred_handle);
+      if (GSS_ERROR(major))
+	  return(major);
    }
 
    cred = (krb5_gss_cred_id_t) cred_handle;
diff --git a/src/lib/gssapi/krb5/val_cred.c b/src/lib/gssapi/krb5/val_cred.c
new file mode 100644
index 000000000..f7c4c94c9
--- /dev/null
+++ b/src/lib/gssapi/krb5/val_cred.c
@@ -0,0 +1,66 @@
+/*
+ * Copyright 1997 by Massachusetts Institute of Technology
+ * All Rights Reserved.
+ *
+ * Export of this software from the United States of America may
+ *   require a specific license from the United States Government.
+ *   It is the responsibility of any person or organization contemplating
+ *   export to obtain such a license before exporting.
+ * 
+ * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
+ * distribute this software and its documentation for any purpose and
+ * without fee is hereby granted, provided that the above copyright
+ * notice appear in all copies and that both that copyright notice and
+ * this permission notice appear in supporting documentation, and that
+ * the name of M.I.T. not be used in advertising or publicity pertaining
+ * to distribution of the software without specific, written prior
+ * permission.  M.I.T. makes no representations about the suitability of
+ * this software for any purpose.  It is provided "as is" without express
+ * or implied warranty.
+ * 
+ */
+
+#include "gssapiP_krb5.h"
+
+/*
+ * Check to see whether or not a GSSAPI krb5 credential is valid.  If
+ * it is not, return an error.
+ */
+
+OM_uint32
+krb5_gss_validate_cred(minor_status, cred_handle)
+     OM_uint32 *minor_status;
+     gss_cred_id_t cred_handle;
+{
+    krb5_context context;
+    krb5_gss_cred_id_t cred;
+    krb5_error_code code;
+    krb5_principal princ;
+	
+    if (GSS_ERROR(kg_get_context(minor_status, &context)))
+	return(GSS_S_FAILURE);
+
+    if (!kg_validate_cred_id(cred_handle)) {
+	*minor_status = (OM_uint32) G_VALIDATE_FAILED;
+	return(GSS_S_CALL_BAD_STRUCTURE|GSS_S_DEFECTIVE_CREDENTIAL);
+    }
+
+    cred = (krb5_gss_cred_id_t) cred_handle;
+	
+    if (cred->ccache) {
+	if ((code = krb5_cc_get_principal(context, cred->ccache, &princ))) {
+	    *minor_status = code;
+	    return(GSS_S_DEFECTIVE_CREDENTIAL);
+	}
+	if (!krb5_principal_compare(context, princ, cred->princ)) {
+	    *minor_status = KG_CCACHE_NOMATCH;
+	    return(GSS_S_DEFECTIVE_CREDENTIAL);
+	}
+    }
+    *minor_status = 0;
+    return GSS_S_COMPLETE;
+}
+
+		
+
+
-- 
2.26.2