OM_uint32 gssi_inquire_cred_by_oid(OM_uint32 *minor_status,
const gss_cred_id_t cred_handle,
const gss_OID desired_object,
gss_buffer_set_t *data_set)
{
struct gpp_cred_handle *cred = NULL;
OM_uint32 maj, min;
GSSI_TRACE();
*minor_status = 0;
if (cred_handle == GSS_C_NO_CREDENTIAL) {
return GSS_S_CALL_INACCESSIBLE_READ;
}
cred = (struct gpp_cred_handle *)cred_handle;
/* NOTE: For now we can do this only for local credentials,
* but as far as I know there is no real oid defined, at least
* for the krb5 mechs, so this may be a mooot point */
if (!cred->local) {
return GSS_S_UNAVAILABLE;
}
maj = gss_inquire_cred_by_oid(&min, cred->local, desired_object, data_set);
*minor_status = gpp_map_error(min);
return maj;
}
OM_uint32
gss_krb5_copy_ccache(OM_uint32 *minor_status,
gss_cred_id_t cred,
krb5_ccache out)
{
gss_buffer_set_t data_set = GSS_C_NO_BUFFER_SET;
krb5_context context;
krb5_error_code kret;
krb5_ccache id;
OM_uint32 ret;
char *str;
ret = gss_inquire_cred_by_oid(minor_status,
cred,
GSS_KRB5_COPY_CCACHE_X,
&data_set);
if (ret)
return ret;
if (data_set == GSS_C_NO_BUFFER_SET || data_set->count != 1) {
gss_release_buffer_set(minor_status, &data_set);
*minor_status = EINVAL;
return GSS_S_FAILURE;
}
kret = krb5_init_context(&context);
if (kret) {
*minor_status = kret;
gss_release_buffer_set(minor_status, &data_set);
return GSS_S_FAILURE;
}
kret = asprintf(&str, "%.*s", (int)data_set->elements[0].length,
(char *)data_set->elements[0].value);
gss_release_buffer_set(minor_status, &data_set);
if (kret == -1) {
*minor_status = ENOMEM;
return GSS_S_FAILURE;
}
kret = krb5_cc_resolve(context, str, &id);
free(str);
if (kret) {
*minor_status = kret;
return GSS_S_FAILURE;
}
kret = krb5_cc_copy_cache(context, id, out);
krb5_cc_close(context, id);
krb5_free_context(context);
if (kret) {
*minor_status = kret;
return GSS_S_FAILURE;
}
return ret;
}
OM_uint32
ntlm_gss_inquire_cred_by_oid(
OM_uint32 *minor_status,
const gss_cred_id_t cred_handle,
const gss_OID desired_object,
gss_buffer_set_t *data_set)
{
OM_uint32 ret;
ret = gss_inquire_cred_by_oid(minor_status,
cred_handle,
desired_object,
data_set);
return (ret);
}
OM_uint32 GSSAPI_CALLCONV _gss_spnego_inquire_cred_by_oid
(OM_uint32 * minor_status,
const gss_cred_id_t cred_handle,
const gss_OID desired_object,
gss_buffer_set_t *data_set)
{
OM_uint32 ret;
if (cred_handle == GSS_C_NO_CREDENTIAL) {
*minor_status = 0;
return GSS_S_NO_CRED;
}
ret = gss_inquire_cred_by_oid(minor_status,
cred_handle,
desired_object,
data_set);
return ret;
}
OM_uint32 _gss_spnego_inquire_cred_by_oid
(OM_uint32 * minor_status,
const gss_cred_id_t cred_handle,
const gss_OID desired_object,
gss_buffer_set_t *data_set)
{
gssspnego_cred cred;
OM_uint32 ret;
if (cred_handle == GSS_C_NO_CREDENTIAL) {
*minor_status = 0;
return GSS_S_NO_CRED;
}
cred = (gssspnego_cred)cred_handle;
ret = gss_inquire_cred_by_oid(minor_status,
cred->negotiated_cred_id,
desired_object,
data_set);
return ret;
}
