From dc40ef3e64bda1aa7712d874a31be523d9f095eb Mon Sep 17 00:00:00 2001 From: Tom Yu Date: Mon, 31 Oct 2005 21:48:08 +0000 Subject: [PATCH] pull up r17466 and r17468 from trunk ticket: 3223 version_fixed: 1.4.3 git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-4@17471 dc483132-0cff-0310-8789-dd5450dbe970 --- src/lib/gssapi/krb5/ChangeLog | 7 +++ src/lib/gssapi/krb5/acquire_cred.c | 69 ++++++++++++++++++++++++++++-- src/lib/krb5/ccache/ChangeLog | 4 ++ src/lib/krb5/ccache/ccdefault.c | 18 ++++---- src/patchlevel.h | 4 +- 5 files changed, 88 insertions(+), 14 deletions(-) diff --git a/src/lib/gssapi/krb5/ChangeLog b/src/lib/gssapi/krb5/ChangeLog index 1a8eda6ec..ec6b1341f 100644 --- a/src/lib/gssapi/krb5/ChangeLog +++ b/src/lib/gssapi/krb5/ChangeLog @@ -1,3 +1,10 @@ +2005-10-20 Alexandra Ellwood , Jeffrey Altman + + * acquire_cred.c (acquire_init_cred): + If a specific principal has been requested, attempt to acquire + tickets and set the ccache name in the context to the ccache + containing the tickets if obtained. (KFM/KFW) + 2005-10-20 Jeffrey Altman * gssapi_krb5.hin: add missing GSS_DLLIMP to exported symbols diff --git a/src/lib/gssapi/krb5/acquire_cred.c b/src/lib/gssapi/krb5/acquire_cred.c index 56d6a473c..c293b2783 100644 --- a/src/lib/gssapi/krb5/acquire_cred.c +++ b/src/lib/gssapi/krb5/acquire_cred.c @@ -79,6 +79,13 @@ #include #endif +#if defined(USE_LOGIN_LIBRARY) +#include +#elif defined(USE_LEASH) +static void (*pLeash_AcquireInitialTicketsIfNeeded)(krb5_context,krb5_principal,char*,int) = NULL; +static HANDLE hLeashDLL = INVALID_HANDLE_VALUE; +#endif + k5_mutex_t gssint_krb5_keytab_lock = K5_MUTEX_PARTIAL_INITIALIZER; static char *krb5_gss_keytab = NULL; @@ -223,11 +230,65 @@ acquire_init_cred(context, minor_status, desired_name, output_princ, cred) if (GSS_ERROR(kg_sync_ccache_name(context, minor_status))) return(GSS_S_FAILURE); - /* open the default credential cache */ +#if defined(USE_LOGIN_LIBRARY) || defined(USE_LEASH) + if (desired_name != NULL) { +#if defined(USE_LOGIN_LIBRARY) + char *ccache_name = NULL; + KLPrincipal kl_desired_princ = NULL; + + if ((code = __KLCreatePrincipalFromKerberos5Principal ((krb5_principal) desired_name, + &kl_desired_princ))) { + *minor_status = code; + return(GSS_S_CRED_UNAVAIL); + } + + if ((code = KLAcquireInitialTickets (kl_desired_princ, NULL, NULL, &ccache_name))) { + KLDisposePrincipal (kl_desired_princ); + *minor_status = code; + return(GSS_S_CRED_UNAVAIL); + } + + if ((code = krb5_cc_resolve (context, ccache_name, &ccache))) { + KLDisposeString (ccache_name); + KLDisposePrincipal (kl_desired_princ); + *minor_status = code; + return(GSS_S_CRED_UNAVAIL); + } - if ((code = krb5int_cc_default(context, &ccache))) { - *minor_status = code; - return(GSS_S_CRED_UNAVAIL); + if (kl_desired_princ != NULL) { KLDisposePrincipal (kl_desired_princ); } + if (ccache_name != NULL) { KLDisposeString (ccache_name); } +#elif defined(USE_LEASH) + if ( hLeashDLL == INVALID_HANDLE_VALUE ) { + hLeashDLL = LoadLibrary("leashw32.dll"); + if ( hLeashDLL != INVALID_HANDLE_VALUE ) { + (FARPROC) pLeash_AcquireInitialTicketsIfNeeded = + GetProcAddress(hLeashDLL, "not_an_API_Leash_AcquireInitialTicketsIfNeeded"); + } + } + + if ( pLeash_AcquireInitialTicketsIfNeeded ) { + char ccname[256]=""; + pLeash_AcquireInitialTicketsIfNeeded(context, (krb5_principal) desired_name, ccname, sizeof(ccname)); + if (!ccname[0]) { + *minor_status = KRB5_CC_NOTFOUND; + return(GSS_S_CRED_UNAVAIL); + } + + if ((code = krb5_cc_resolve (context, ccname, &ccache))) { + *minor_status = code; + return(GSS_S_CRED_UNAVAIL); + } + } +#endif /* USE_LEASH */ + } else +#endif /* USE_LOGIN_LIBRARY || USE_LEASH */ + { + /* open the default credential cache */ + + if ((code = krb5int_cc_default(context, &ccache))) { + *minor_status = code; + return(GSS_S_CRED_UNAVAIL); + } } /* turn off OPENCLOSE mode while extensive frobbing is going on */ diff --git a/src/lib/krb5/ccache/ChangeLog b/src/lib/krb5/ccache/ChangeLog index ff19622c5..1cf631a61 100644 --- a/src/lib/krb5/ccache/ChangeLog +++ b/src/lib/krb5/ccache/ChangeLog @@ -1,3 +1,7 @@ +2005-10-27 Jeffrey Altman + * ccdefault.c: + (krb5int_cc_default) - add KFW support for multiple ccaches + 2005-10-20 Jeffrey Altman * cc_mslsa.c: diff --git a/src/lib/krb5/ccache/ccdefault.c b/src/lib/krb5/ccache/ccdefault.c index 8a45a243b..3c363229a 100644 --- a/src/lib/krb5/ccache/ccdefault.c +++ b/src/lib/krb5/ccache/ccdefault.c @@ -29,20 +29,17 @@ #include "k5-int.h" -#ifdef USE_LOGIN_LIBRARY +#if defined(USE_LOGIN_LIBRARY) #include "KerberosLoginPrivate.h" -#else -#ifdef USE_LEASH -static void (*pLeash_AcquireInitialTicketsIfNeeded)(krb5_context,krb5_principal) = NULL; +#elif defined(USE_LEASH) +static void (*pLeash_AcquireInitialTicketsIfNeeded)(krb5_context,krb5_principal,char*,int) = NULL; static HANDLE hLeashDLL = INVALID_HANDLE_VALUE; #endif -#endif krb5_error_code KRB5_CALLCONV krb5_cc_default(krb5_context context, krb5_ccache *ccache) { - krb5_error_code retval; krb5_os_context os_ctx; if (!context || context->magic != KV5M_CONTEXT) @@ -88,7 +85,6 @@ krb5int_cc_default(krb5_context context, krb5_ccache *ccache) } #else #ifdef USE_LEASH - if ( hLeashDLL == INVALID_HANDLE_VALUE ) { hLeashDLL = LoadLibrary("leashw32.dll"); if ( hLeashDLL != INVALID_HANDLE_VALUE ) { @@ -98,7 +94,13 @@ krb5int_cc_default(krb5_context context, krb5_ccache *ccache) } if ( pLeash_AcquireInitialTicketsIfNeeded ) { - pLeash_AcquireInitialTicketsIfNeeded(context, NULL); + char ccname[256]=""; + pLeash_AcquireInitialTicketsIfNeeded(context, NULL, ccname, sizeof(ccname)); + if (ccname[0]) { + if (strcmp (krb5_cc_default_name (context),ccname) != 0) { + krb5_cc_set_default_name (context, ccname); + } + } } #endif #endif diff --git a/src/patchlevel.h b/src/patchlevel.h index 8f38a0e87..0a10efb34 100644 --- a/src/patchlevel.h +++ b/src/patchlevel.h @@ -53,6 +53,6 @@ #define KRB5_MAJOR_RELEASE 1 #define KRB5_MINOR_RELEASE 4 #define KRB5_PATCHLEVEL 3 -#define KRB5_RELTAIL "beta1" +#define KRB5_RELTAIL "beta1-postrelease" /* #undef KRB5_RELDATE */ -#define KRB5_RELTAG "krb5-1-4-3-beta1" +#define KRB5_RELTAG "krb5-1-4" -- 2.26.2