m = ctx->gc_mech;
}
- if (cred) {
+ if (m->gm_flags & GM_USE_MG_CRED) {
+ acceptor_mc = acceptor_cred_handle;
+ } else if (cred) {
HEIM_TAILQ_FOREACH(mc, &cred->gc_mc, gmc_link)
if (mc->gmc_mech == m)
break;
if (mech_ret_flags & GSS_C_DELEG_FLAG) {
if (!delegated_cred_handle) {
- m->gm_release_cred(minor_status, &delegated_mc);
+ if (m->gm_flags & GM_USE_MG_CRED)
+ gss_release_cred(minor_status, &delegated_mc);
+ else
+ m->gm_release_cred(minor_status, &delegated_mc);
mech_ret_flags &=
~(GSS_C_DELEG_FLAG|GSS_C_DELEG_POLICY_FLAG);
+ } else if ((m->gm_flags & GM_USE_MG_CRED) != 0) {
+ /*
+ * If credential is uses mechglue cred, assume it
+ * returns one too.
+ */
+ *delegated_cred_handle = delegated_mc;
} else if (gss_oid_equal(mech_ret_type, &m->gm_mech_oid) == 0) {
/*
* If the returned mech_type is not the same
*acceptor_time_rec = 0;
if (actual_mechs)
*actual_mechs = GSS_C_NO_OID_SET;
- if ((m = __gss_get_mechanism(desired_mech)) == NULL)
+ if ((m = __gss_get_mechanism(desired_mech)) == NULL ||
+ (m->gm_flags & GM_USE_MG_CRED))
return GSS_S_BAD_MECH;
if (input_cred_handle == GSS_C_NO_CREDENTIAL &&
output_cred_handle == NULL) {
HEIM_TAILQ_FOREACH(mc, &cred->gc_mc, gmc_link) {
gssapi_mech_interface m = mc->gmc_mech;
- if (m == NULL)
+ if (m == NULL || (m->gm_flags & GM_USE_MG_CRED) != 0)
continue;
if (desired_mech != GSS_C_NO_OID &&