svn rev #24363: trunk/src/lib/gssapi/krb5/
lhoward@MIT.EDU
lhoward at MIT.EDU
Mon Sep 27 14:51:56 EDT 2010
http://src.mit.edu/fisheye/changelog/krb5/?cs=24363
Commit By: lhoward
Log Message:
Use IAKERB OID header for all IAKERB messages including AP-REQ
Changed Files:
U trunk/src/lib/gssapi/krb5/accept_sec_context.c
U trunk/src/lib/gssapi/krb5/iakerb.c
U trunk/src/lib/gssapi/krb5/init_sec_context.c
U trunk/src/lib/gssapi/krb5/rel_oid.c
Modified: trunk/src/lib/gssapi/krb5/accept_sec_context.c
===================================================================
--- trunk/src/lib/gssapi/krb5/accept_sec_context.c 2010-09-27 18:22:02 UTC (rev 24362)
+++ trunk/src/lib/gssapi/krb5/accept_sec_context.c 2010-09-27 18:51:55 UTC (rev 24363)
@@ -543,6 +543,12 @@
input_token->length, 1))) {
mech_used = gss_mech_krb5;
} else if ((code == G_WRONG_MECH)
+ &&!(code = g_verify_token_header((gss_OID) gss_mech_iakerb,
+ &(ap_req.length),
+ &ptr, KG_TOK_CTX_AP_REQ,
+ input_token->length, 1))) {
+ mech_used = gss_mech_iakerb;
+ } else if ((code == G_WRONG_MECH)
&&!(code = g_verify_token_header((gss_OID) gss_mech_krb5_wrong,
&(ap_req.length),
&ptr, KG_TOK_CTX_AP_REQ,
Modified: trunk/src/lib/gssapi/krb5/iakerb.c
===================================================================
--- trunk/src/lib/gssapi/krb5/iakerb.c 2010-09-27 18:22:02 UTC (rev 24362)
+++ trunk/src/lib/gssapi/krb5/iakerb.c 2010-09-27 18:51:55 UTC (rev 24363)
@@ -857,7 +857,7 @@
input_token,
input_chan_bindings,
src_name,
- mech_type,
+ NULL,
output_token,
ret_flags,
time_rec,
@@ -868,6 +868,8 @@
ctx->gssc = NULL;
iakerb_release_context(ctx);
}
+ if (mech_type != NULL)
+ *mech_type = (gss_OID)gss_mech_krb5;
}
cleanup:
@@ -988,12 +990,12 @@
(gss_cred_id_t) kcred,
&ctx->gssc,
target_name,
- GSS_C_NULL_OID,
+ (gss_OID)gss_mech_iakerb,
req_flags,
time_req,
input_chan_bindings,
input_token,
- actual_mech_type,
+ NULL,
output_token,
ret_flags,
time_rec,
@@ -1003,6 +1005,8 @@
ctx->gssc = GSS_C_NO_CONTEXT;
iakerb_release_context(ctx);
}
+ if (actual_mech_type != NULL)
+ *actual_mech_type = (gss_OID)gss_mech_krb5;
} else {
if (actual_mech_type != NULL)
*actual_mech_type = (gss_OID)gss_mech_iakerb;
@@ -1024,4 +1028,3 @@
return major_status;
}
-
Modified: trunk/src/lib/gssapi/krb5/init_sec_context.c
===================================================================
--- trunk/src/lib/gssapi/krb5/init_sec_context.c 2010-09-27 18:22:02 UTC (rev 24362)
+++ trunk/src/lib/gssapi/krb5/init_sec_context.c 2010-09-27 18:51:55 UTC (rev 24363)
@@ -1012,6 +1012,8 @@
mech_type = (gss_OID) gss_mech_krb5_old;
} else if (g_OID_equal(mech_type, gss_mech_krb5_wrong)) {
mech_type = (gss_OID) gss_mech_krb5_wrong;
+ } else if (g_OID_equal(mech_type, gss_mech_iakerb)) {
+ mech_type = (gss_OID) gss_mech_iakerb;
} else {
k5_mutex_unlock(&cred->lock);
if (claimant_cred_handle == GSS_C_NO_CREDENTIAL)
Modified: trunk/src/lib/gssapi/krb5/rel_oid.c
===================================================================
--- trunk/src/lib/gssapi/krb5/rel_oid.c 2010-09-27 18:22:02 UTC (rev 24362)
+++ trunk/src/lib/gssapi/krb5/rel_oid.c 2010-09-27 18:51:55 UTC (rev 24363)
@@ -74,6 +74,7 @@
if ((*oid != gss_mech_krb5) &&
(*oid != gss_mech_krb5_old) &&
(*oid != gss_mech_krb5_wrong) &&
+ (*oid != gss_mech_iakerb) &&
(*oid != gss_nt_krb5_name) &&
(*oid != gss_nt_krb5_principal)) {
/* We don't know about this OID */
More information about the cvs-krb5
mailing list