X-Git-Url: http://www.project-moonshot.org/gitweb/?a=blobdiff_plain;f=mech_eap%2Futil_cred.c;h=487aa4738e78570d300a95876f86d85ec4d8b394;hb=26311844916784cc0781b1a304b590dff5742fcb;hp=8f8b99b3fb9aa71850bbc4848c47a182217caf8b;hpb=b43821e500eaeabafc30acc9cf97ccc8452c1793;p=mech_eap.git diff --git a/mech_eap/util_cred.c b/mech_eap/util_cred.c index 8f8b99b..487aa47 100644 --- a/mech_eap/util_cred.c +++ b/mech_eap/util_cred.c @@ -130,8 +130,7 @@ gssEapReleaseCred(OM_uint32 *minor, gss_cred_id_t *pCred) static OM_uint32 readStaticIdentityFile(OM_uint32 *minor, gss_buffer_t defaultIdentity, - gss_buffer_t defaultPassword, - gss_buffer_t defaultPrivateKey) + gss_buffer_t defaultPassword) { OM_uint32 major, tmpMinor; FILE *fp = NULL; @@ -151,11 +150,6 @@ readStaticIdentityFile(OM_uint32 *minor, defaultPassword->value = NULL; } - if (defaultPrivateKey != GSS_C_NO_BUFFER) { - defaultPrivateKey->length = 0; - defaultPrivateKey->value = NULL; - } - ccacheName = getenv("GSSEAP_IDENTITY"); if (ccacheName == NULL) { #ifdef WIN32 @@ -211,8 +205,6 @@ readStaticIdentityFile(OM_uint32 *minor, dst = defaultIdentity; else if (i == 1) dst = defaultPassword; - else if (i == 2) - dst = defaultPrivateKey; else break; @@ -241,7 +233,6 @@ cleanup: if (GSS_ERROR(major)) { gss_release_buffer(&tmpMinor, defaultIdentity); zeroAndReleasePassword(defaultPassword); - gss_release_buffer(&tmpMinor, defaultPrivateKey); } memset(buf, 0, sizeof(buf)); @@ -252,13 +243,14 @@ cleanup: gss_OID gssEapPrimaryMechForCred(gss_cred_id_t cred) { - gss_OID nameMech = GSS_C_NO_OID; + gss_OID credMech = GSS_C_NO_OID; - if (cred->mechanisms != GSS_C_NO_OID_SET && + if (cred != GSS_C_NO_CREDENTIAL && + cred->mechanisms != GSS_C_NO_OID_SET && cred->mechanisms->count == 1) - nameMech = &cred->mechanisms->elements[0]; + credMech = &cred->mechanisms->elements[0]; - return nameMech; + return credMech; } OM_uint32 @@ -382,8 +374,7 @@ staticIdentityFileResolveDefaultIdentity(OM_uint32 *minor, *pName = GSS_C_NO_NAME; - major = readStaticIdentityFile(minor, &defaultIdentity, - GSS_C_NO_BUFFER, GSS_C_NO_BUFFER); + major = readStaticIdentityFile(minor, &defaultIdentity, GSS_C_NO_BUFFER); if (major == GSS_S_COMPLETE) { major = gssEapImportName(minor, &defaultIdentity, GSS_C_NT_USER_NAME, nameMech, pName); @@ -721,11 +712,9 @@ staticIdentityFileResolveInitiatorCred(OM_uint32 *minor, gss_cred_id_t cred) gss_buffer_desc defaultIdentity = GSS_C_EMPTY_BUFFER; gss_name_t defaultIdentityName = GSS_C_NO_NAME; gss_buffer_desc defaultPassword = GSS_C_EMPTY_BUFFER; - gss_buffer_desc defaultPrivateKey = GSS_C_EMPTY_BUFFER; int isDefaultIdentity = FALSE; - major = readStaticIdentityFile(minor, &defaultIdentity, - &defaultPassword, &defaultPrivateKey); + major = readStaticIdentityFile(minor, &defaultIdentity, &defaultPassword); if (GSS_ERROR(major)) goto cleanup; @@ -747,32 +736,24 @@ staticIdentityFileResolveInitiatorCred(OM_uint32 *minor, gss_cred_id_t cred) isDefaultIdentity = TRUE; } else { major = gssEapCompareName(minor, cred->name, - defaultIdentityName, &isDefaultIdentity); + defaultIdentityName, 0, + &isDefaultIdentity); if (GSS_ERROR(major)) goto cleanup; } } - if (isDefaultIdentity) { - if (defaultPrivateKey.length != 0) { - major = gssEapSetCredClientCertificate(minor, cred, GSS_C_NO_BUFFER, - &defaultPrivateKey); - if (GSS_ERROR(major)) - goto cleanup; - } - - if ((cred->flags & CRED_FLAG_PASSWORD) == 0) { - major = gssEapSetCredPassword(minor, cred, &defaultPassword); - if (GSS_ERROR(major)) - goto cleanup; - } + if (isDefaultIdentity && + (cred->flags & CRED_FLAG_PASSWORD) == 0) { + major = gssEapSetCredPassword(minor, cred, &defaultPassword); + if (GSS_ERROR(major)) + goto cleanup; } cleanup: gssEapReleaseName(&tmpMinor, &defaultIdentityName); zeroAndReleasePassword(&defaultPassword); gss_release_buffer(&tmpMinor, &defaultIdentity); - gss_release_buffer(&tmpMinor, &defaultPrivateKey); return major; }