svn rev #21610: branches/mskrb-integ/src/ include/ lib/gssapi/spnego/ lib/krb5/os/
lhoward@MIT.EDU
lhoward at MIT.EDU
Sat Dec 27 18:35:08 EST 2008
http://src.mit.edu/fisheye/changelog/krb5/?cs=21610
Commit By: lhoward
Log Message:
Export krb5int_clean_hostname through kaccess so that SPNEGO mech can
use it, rather than gethostname(), to construct NegHints
Changed Files:
U branches/mskrb-integ/src/include/k5-int.h
U branches/mskrb-integ/src/lib/gssapi/spnego/spnego_mech.c
U branches/mskrb-integ/src/lib/krb5/os/accessor.c
Modified: branches/mskrb-integ/src/include/k5-int.h
===================================================================
--- branches/mskrb-integ/src/include/k5-int.h 2008-12-27 23:13:05 UTC (rev 21609)
+++ branches/mskrb-integ/src/include/k5-int.h 2008-12-27 23:35:06 UTC (rev 21610)
@@ -1991,6 +1991,7 @@
struct srv_dns_entry **answers);
void (*free_srv_dns_data)(struct srv_dns_entry *);
int (*use_dns_kdc)(krb5_context);
+ krb5_error_code (*clean_hostname)(krb5_context, const char *, char *, size_t);
/* krb4 compatibility stuff -- may be null if not enabled */
krb5_int32 (*krb_life_to_time)(krb5_int32, int);
@@ -2005,7 +2006,7 @@
/* Used for KDB LDAP back end. */
krb5_error_code
- (*asn1_ldap_encode_sequence_of_keys) (ldap_seqof_key_data *val,
+ (*asn1_ldap_encode_sequence_of_keys) (const ldap_seqof_key_data *val,
krb5_data **code);
krb5_error_code
@@ -2083,6 +2084,7 @@
(const krb5_sam_response_2 *rep, krb5_data **code);
krb5_error_code (*encode_krb5_enc_sam_response_enc_2)
(const krb5_enc_sam_response_enc_2 *rep, krb5_data **code);
+
} krb5int_access;
#define KRB5INT_ACCESS_VERSION \
Modified: branches/mskrb-integ/src/lib/gssapi/spnego/spnego_mech.c
===================================================================
--- branches/mskrb-integ/src/lib/gssapi/spnego/spnego_mech.c 2008-12-27 23:13:05 UTC (rev 21609)
+++ branches/mskrb-integ/src/lib/gssapi/spnego/spnego_mech.c 2008-12-27 23:35:06 UTC (rev 21610)
@@ -1039,7 +1039,6 @@
make_NegHints(OM_uint32 *minor_status,
gss_cred_id_t cred, gss_buffer_t *outbuf)
{
- char hostname[5 + MAXHOSTNAMELEN + 1];
gss_buffer_desc hintNameBuf;
gss_name_t hintName;
gss_name_t hintKerberosName;
@@ -1064,12 +1063,22 @@
if (major_status != GSS_S_COMPLETE)
return (major_status);
} else {
- memcpy(hostname, HOST_PREFIX, HOST_PREFIX_LEN);
+ krb5_error_code code;
+ krb5int_access kaccess;
+ char hostname[HOST_PREFIX_LEN + MAXHOSTNAMELEN + 1] = HOST_PREFIX;
+ code = krb5int_accessor(&kaccess, KRB5INT_ACCESS_VERSION);
+ if (code != 0) {
+ *minor_status = code;
+ return (GSS_S_FAILURE);
+ }
+
/* this breaks mutual authentication but Samba relies on it */
- if (gethostname(hostname + HOST_PREFIX_LEN,
- sizeof(hostname) - HOST_PREFIX_LEN - 1) != 0) {
- *minor_status = errno;
+ code = (*kaccess.clean_hostname)(NULL, NULL,
+ &hostname[HOST_PREFIX_LEN],
+ MAXHOSTNAMELEN);
+ if (code != 0) {
+ *minor_status = code;
return (GSS_S_FAILURE);
}
Modified: branches/mskrb-integ/src/lib/krb5/os/accessor.c
===================================================================
--- branches/mskrb-integ/src/lib/krb5/os/accessor.c 2008-12-27 23:13:05 UTC (rev 21609)
+++ branches/mskrb-integ/src/lib/krb5/os/accessor.c 2008-12-27 23:35:06 UTC (rev 21610)
@@ -67,6 +67,7 @@
SC (free_srv_dns_data, krb5int_free_srv_dns_data),
SC (use_dns_kdc, _krb5_use_dns_kdc),
#undef SC
+ S (clean_hostname, krb5int_clean_hostname),
S (krb_life_to_time, 0),
S (krb_time_to_life, 0),
More information about the cvs-krb5
mailing list