#include "spnego_locl.h"
#include <gssapi_mech.h>
-OM_uint32 GSSAPI_CALLCONV
-_gss_spnego_release_cred(OM_uint32 *minor_status, gss_cred_id_t *cred_handle)
-{
- OM_uint32 ret;
-
- *minor_status = 0;
-
- if (cred_handle == NULL || *cred_handle == GSS_C_NO_CREDENTIAL)
- return GSS_S_COMPLETE;
-
- ret = gss_release_cred(minor_status, cred_handle);
-
- *cred_handle = GSS_C_NO_CREDENTIAL;
-
- return ret;
-}
-
/*
* For now, just a simple wrapper that avoids recursion. When
* we support gss_{get,set}_neg_mechs() we will need to expose
gss_OID_set * mechanisms
)
{
+ /*
+ * A wrapper around the mechglue is required to error out
+ * where cred_handle == GSS_C_NO_CREDENTIAL, otherwise we
+ * would infinitely recurse.
+ */
if (cred_handle == GSS_C_NO_CREDENTIAL) {
*minor_status = 0;
return GSS_S_NO_CRED;
gss_cred_usage_t * cred_usage
)
{
- if (cred_handle == GSS_C_NO_CREDENTIAL) {
- *minor_status = 0;
- return GSS_S_NO_CRED;
- }
-
- return gss_inquire_cred_by_mech(minor_status, cred_handle, mech_type,
- name, initiator_lifetime,
- acceptor_lifetime, cred_usage);
-}
-
-OM_uint32 GSSAPI_CALLCONV _gss_spnego_inquire_cred_by_oid
- (OM_uint32 * minor_status,
- gss_const_cred_id_t cred_handle,
- const gss_OID desired_object,
- gss_buffer_set_t *data_set)
-{
- if (cred_handle == GSS_C_NO_CREDENTIAL) {
- *minor_status = 0;
- return GSS_S_NO_CRED;
- }
-
- return gss_inquire_cred_by_oid(minor_status, cred_handle,
- desired_object, data_set);
+ /* Similar to _gss_spnego_inquire_cred(), wrapper is required */
+ heim_assert(gss_oid_equal(mech_type, GSS_SPNEGO_MECHANISM),
+ "Mechglue called inquire_cred_by_mech with wrong OID");
+ *minor_status = 0;
+ return GSS_S_BAD_MECH;
}
OM_uint32 GSSAPI_CALLCONV
const gss_OID object,
const gss_buffer_t value)
{
+ /* Similar to _gss_spnego_inquire_cred(), wrapper is required */
if (cred_handle == NULL || *cred_handle == GSS_C_NO_CREDENTIAL) {
*minor_status = 0;
return GSS_S_NO_CRED;
}
-OM_uint32 GSSAPI_CALLCONV
-_gss_spnego_export_cred (OM_uint32 *minor_status,
- gss_cred_id_t cred_handle,
- gss_buffer_t value)
-{
- return gss_export_cred(minor_status, cred_handle, value);
-}
-
-OM_uint32 GSSAPI_CALLCONV
-_gss_spnego_import_cred (OM_uint32 *minor_status,
- gss_buffer_t value,
- gss_cred_id_t *cred_handle)
-{
- return gss_import_cred(minor_status, value, cred_handle);
-}
-
-
OM_uint32 GSSAPI_CALLCONV
_gss_spnego_set_neg_mechs (OM_uint32 *minor_status,
gss_cred_id_t cred_handle,
{6, rk_UNCONST("\x2b\x06\x01\x05\x05\x02") },
0,
NULL, /* gm_acquire_cred */
- _gss_spnego_release_cred,
+ gss_release_cred,
_gss_spnego_init_sec_context,
_gss_spnego_accept_sec_context,
_gss_spnego_process_context_token,
_gss_spnego_canonicalize_name,
_gss_spnego_duplicate_name,
_gss_spnego_inquire_sec_context_by_oid,
- _gss_spnego_inquire_cred_by_oid,
+ gss_inquire_cred_by_oid,
_gss_spnego_set_sec_context_option,
_gss_spnego_set_cred_option,
_gss_spnego_pseudo_random,
_gss_spnego_unwrap_iov,
_gss_spnego_wrap_iov_length,
NULL,
- _gss_spnego_export_cred,
- _gss_spnego_import_cred,
+ gss_export_cred,
+ gss_import_cred,
_gss_spnego_acquire_cred_from,
NULL,
NULL,