gss_acquire_cred failing
ambekar@gmail.com
ambekar at gmail.com
Wed Nov 23 01:13:50 EST 2005
Hi Sam,
Thanks for response. I tried passing the string for name type instead
of krb5_principal, but gss_import_name return error.
Strange part is with krb5_principal same code work on Windows.
Here is the code snippet,
-- BEGIN--
// Variables
krb5_principal usrprincipal;
krb5_context ctx = NULL;
krb5_enctype enc_types[] = {ENCTYPE_DES_CBC_MD5, ENCTYPE_NULL};
gss_buffer_desc input_name;
int gss_rc;
OM_uint32 minor_status;
gss_OID_desc nt_principal;
gss_name_t serv_name;
gss_OID_set desiredMechs = GSS_C_NULL_OID_SET;
gss_cred_id_t output_cred_handle;
char * usr;
// get input e.g. usr,...
//Parse KRB5 principal
krb5_init_context(&ctx);
krberr = krb5_set_default_tgs_enctypes(ctx, enc_types);
krberr = krb5_parse_name(ctx, usr /*"<user>@<realm>"*/, &usrprincipal);
krb5_free_context(ctx);
nt_principal.length = 10;
nt_principal.elements=strdup("\052\206\110\206\367\022\001\002\002\002");
input_name.value = &usrprincipal;
input_name.length = sizeof(usrprincipal);
gss_rc = gss_import_name(&minor_status,&input_name, &nt_principal,
&serv_name);
if(gss_rc){
..
}
gss_rc = gss_acquire_cred(&minor_status, serv_name /*GSS_C_NO_NAME*/,
desiredMechs, GSS_C_ACCEPT, &output_cred_handle, NULL, NULL);
if(gss_rc){
..
}
---END ---
Am I doing any thing wrong here? I have tried passing,
input_name.value = &usr; //string <usr principal>@<realm>
input_name.length = strlen(usr);
With this gss_import_name throws error.
Regards
Ashwin Ambekar
More information about the Kerberos
mailing list