diff options
| author | Glenn Barry <Glenn.Barry@Sun.COM> | 2009-09-21 16:47:51 -0700 |
|---|---|---|
| committer | Glenn Barry <Glenn.Barry@Sun.COM> | 2009-09-21 16:47:51 -0700 |
| commit | ba7b222e36bac28710a7f43739283302b617e7f5 (patch) | |
| tree | f864f6d889ae7a00f9b8c9577cc94f7dff53e1c2 /usr/src/uts/common/gssapi/gssd_clnt_stubs.c | |
| parent | 22edf370974e46eb43b66530dd2d862b0d0a9533 (diff) | |
| download | illumos-joyent-ba7b222e36bac28710a7f43739283302b617e7f5.tar.gz | |
PSARC 2009/418 Kerberos V5 PAC API
6283931 SPNEGO needs to follow latest RFC
6808598 krb5 APIs needed to create and parse PAC data
6817447 libgss and various mechs are hiding both the real minor_status and the error token
Diffstat (limited to 'usr/src/uts/common/gssapi/gssd_clnt_stubs.c')
| -rw-r--r-- | usr/src/uts/common/gssapi/gssd_clnt_stubs.c | 50 |
1 files changed, 24 insertions, 26 deletions
diff --git a/usr/src/uts/common/gssapi/gssd_clnt_stubs.c b/usr/src/uts/common/gssapi/gssd_clnt_stubs.c index 774c2c5711..e21a21b72d 100644 --- a/usr/src/uts/common/gssapi/gssd_clnt_stubs.c +++ b/usr/src/uts/common/gssapi/gssd_clnt_stubs.c @@ -19,12 +19,10 @@ * CDDL HEADER END */ /* - * Copyright 2008 Sun Microsystems, Inc. All rights reserved. + * Copyright 2009 Sun Microsystems, Inc. All rights reserved. * Use is subject to license terms. */ -#pragma ident "%Z%%M% %I% %E% SMI" - /* * GSSAPI library stub module for gssd. */ @@ -766,6 +764,16 @@ kgss_init_sec_context_wrapped( if (minor_status != NULL) *minor_status = res.minor_status; + if (output_token != NULL && res.output_token.GSS_BUFFER_T_val != NULL) { + output_token->length = + (size_t)res.output_token.GSS_BUFFER_T_len; + output_token->value = + (void *)MALLOC(output_token->length); + (void) memcpy(output_token->value, + res.output_token.GSS_BUFFER_T_val, + output_token->length); + } + /* if the call was successful, copy out the results */ if (res.status == (OM_uint32) GSS_S_COMPLETE || res.status == (OM_uint32) GSS_S_CONTINUE_NEEDED) { @@ -779,16 +787,6 @@ kgss_init_sec_context_wrapped( res.context_handle.GSS_CTX_ID_T_val); *gssd_context_verifier = res.gssd_context_verifier; - if (output_token != NULL) { - output_token->length = - (size_t)res.output_token.GSS_BUFFER_T_len; - output_token->value = - (void *)MALLOC(output_token->length); - (void) memcpy(output_token->value, - res.output_token.GSS_BUFFER_T_val, - output_token->length); - } - if (res.status == GSS_S_COMPLETE) { if (actual_mech_type != NULL) { *actual_mech_type = @@ -1055,6 +1053,19 @@ kgss_accept_sec_context_wrapped( return (GSS_S_FAILURE); } + if (minor_status != NULL) + *minor_status = res.minor_status; + + if (output_token != NULL && res.output_token.GSS_BUFFER_T_val != NULL) { + output_token->length = + res.output_token.GSS_BUFFER_T_len; + output_token->value = + (void *) MALLOC(output_token->length); + (void) memcpy(output_token->value, + res.output_token.GSS_BUFFER_T_val, + output_token->length); + } + /* if the call was successful, copy out the results */ if (res.status == (OM_uint32) GSS_S_COMPLETE || @@ -1070,19 +1081,6 @@ kgss_accept_sec_context_wrapped( res.context_handle.GSS_CTX_ID_T_val); *gssd_context_verifier = res.gssd_context_verifier; - if (output_token != NULL) { - output_token->length = - res.output_token.GSS_BUFFER_T_len; - output_token->value = - (void *) MALLOC(output_token->length); - (void) memcpy(output_token->value, - res.output_token.GSS_BUFFER_T_val, - output_token->length); - } - - if (minor_status != NULL) - *minor_status = res.minor_status; - /* these other parameters are only ready upon GSS_S_COMPLETE */ if (res.status == (OM_uint32) GSS_S_COMPLETE) { |