OM_uint32 GSSAPI_CALLCONV
gssspi_acquire_cred_with_password(OM_uint32 *minor,
const gss_name_t desired_name,
const gss_buffer_t password,
OM_uint32 time_req,
const gss_OID_set desired_mechs,
gss_cred_usage_t cred_usage,
gss_cred_id_t *output_cred_handle,
gss_OID_set *actual_mechs,
OM_uint32 *time_rec)
{
OM_uint32 major, tmpMinor;
major = gssEapAcquireCred(minor, desired_name,
time_req, desired_mechs, cred_usage,
output_cred_handle, actual_mechs, time_rec);
if (GSS_ERROR(major))
goto cleanup;
major = gssEapSetCredPassword(minor, *output_cred_handle, password);
if (GSS_ERROR(major))
goto cleanup;
cleanup:
if (GSS_ERROR(major))
gssEapReleaseCred(&tmpMinor, output_cred_handle);
return major;
}
static OM_uint32
staticIdentityFileResolveInitiatorCred(OM_uint32 *minor, gss_cred_id_t cred)
{
OM_uint32 major, tmpMinor;
gss_buffer_desc defaultIdentity = GSS_C_EMPTY_BUFFER;
gss_name_t defaultIdentityName = GSS_C_NO_NAME;
gss_buffer_desc defaultPassword = GSS_C_EMPTY_BUFFER;
int isDefaultIdentity = 0;
major = readStaticIdentityFile(minor, &defaultIdentity, &defaultPassword);
if (GSS_ERROR(major))
goto cleanup;
major = gssEapImportName(minor, &defaultIdentity, GSS_C_NT_USER_NAME,
gssEapPrimaryMechForCred(cred), &defaultIdentityName);
if (GSS_ERROR(major))
goto cleanup;
if (defaultIdentityName == GSS_C_NO_NAME) {
if (cred->name == GSS_C_NO_NAME) {
major = GSS_S_CRED_UNAVAIL;
*minor = GSSEAP_NO_DEFAULT_IDENTITY;
goto cleanup;
}
} else {
if (cred->name == GSS_C_NO_NAME) {
cred->name = defaultIdentityName;
defaultIdentityName = GSS_C_NO_NAME;
isDefaultIdentity = 1;
} else {
major = gssEapCompareName(minor, cred->name,
defaultIdentityName, &isDefaultIdentity);
if (GSS_ERROR(major))
goto cleanup;
}
}
if (isDefaultIdentity &&
(cred->flags & CRED_FLAG_PASSWORD) == 0) {
major = gssEapSetCredPassword(minor, cred, &defaultPassword);
if (GSS_ERROR(major))
goto cleanup;
}
cleanup:
gssEapReleaseName(&tmpMinor, &defaultIdentityName);
zeroAndReleasePassword(&defaultPassword);
gss_release_buffer(&tmpMinor, &defaultIdentity);
return major;
}