svn commit: lorikeet r276 - in branches/tmp/heimdal-gssapi/lib/gssapi: .

abartlet at samba.org abartlet at samba.org
Wed May 11 10:52:33 GMT 2005


Author: abartlet
Date: 2005-05-11 10:52:32 +0000 (Wed, 11 May 2005)
New Revision: 276

WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=lorikeet&rev=276

Log:
I can't find a function in Heimdal to return the CIFS session keys I
want, so I've added one.

Not yet used, this is a sync-up with metze.

Andrew Bartlett

Modified:
   branches/tmp/heimdal-gssapi/lib/gssapi/gssapi.h
   branches/tmp/heimdal-gssapi/lib/gssapi/wrap.c


Changeset:
Modified: branches/tmp/heimdal-gssapi/lib/gssapi/gssapi.h
===================================================================
--- branches/tmp/heimdal-gssapi/lib/gssapi/gssapi.h	2005-05-11 05:02:57 UTC (rev 275)
+++ branches/tmp/heimdal-gssapi/lib/gssapi/gssapi.h	2005-05-11 10:52:32 UTC (rev 276)
@@ -789,6 +789,11 @@
 	 gss_ctx_id_t /*context_handle*/,
 	 int /*ad_type*/,
 	 gss_buffer_t /*ad_data*/);
+OM_uint32
+gsskrb5_get_initiator_subkey
+        (OM_uint32 * /*minor_status*/,
+	 const gss_ctx_id_t context_handle,
+	 gss_buffer_t /* subkey */);
 
 #define GSS_C_KRB5_COMPAT_DES3_MIC 1
 

Modified: branches/tmp/heimdal-gssapi/lib/gssapi/wrap.c
===================================================================
--- branches/tmp/heimdal-gssapi/lib/gssapi/wrap.c	2005-05-11 05:02:57 UTC (rev 275)
+++ branches/tmp/heimdal-gssapi/lib/gssapi/wrap.c	2005-05-11 10:52:32 UTC (rev 276)
@@ -36,6 +36,47 @@
 RCSID("$Id: wrap.c,v 1.31 2005/01/05 02:52:12 lukeh Exp $");
 
 OM_uint32
+gsskrb5_get_initiator_subkey(OM_uint32 *minor_status,
+			     gss_ctx_id_t context_handle,
+			     gss_buffer_t key)
+{
+    krb5_error_code ret;
+    krb5_keyblock *skey = NULL;
+
+    HEIMDAL_MUTEX_lock(&context_handle->ctx_id_mutex);
+    if (context_handle->more_flags & LOCAL) {
+	ret = krb5_auth_con_getlocalsubkey(gssapi_krb5_context,
+					   context_handle->auth_context, 
+					   &skey);
+	if (ret) {
+		*minor_status = ret;
+		return GSS_KRB5_S_KG_NO_SUBKEY; /* XXX */
+	}
+	
+    } else {
+	ret = krb5_auth_con_getremotesubkey(gssapi_krb5_context,
+					    context_handle->auth_context, 
+					    &skey);
+	if (ret) {
+		*minor_status = ret;
+		return GSS_KRB5_S_KG_NO_SUBKEY; /* XXX */
+	}
+    
+    }
+    HEIMDAL_MUTEX_unlock(&context_handle->ctx_id_mutex);
+    key->length = skey->keyvalue.length;
+    key->value  = malloc (key->length);
+    if (!key->value) {
+	    krb5_free_keyblock(gssapi_krb5_context, skey);
+	    *minor_status = ENOMEM;
+	    return GSS_S_FAILURE;
+    }
+    memcpy(key->value, skey->keyvalue.data, key->length);
+    krb5_free_keyblock(gssapi_krb5_context, skey);
+    return 0;
+}
+
+OM_uint32
 gss_krb5_get_subkey(const gss_ctx_id_t context_handle,
 		    krb5_keyblock **key)
 {



More information about the samba-cvs mailing list