Add GSSAcquireCred to the JSON protocol description

Also, add a default mechanism for the GSSAcquireCred call.

diff --git a/json_gssapi/json_protocol.txt b/json_gssapi/json_protocol.txt
index 270dac6..a69fb7f 100644 (file)
--- a/json_gssapi/json_protocol.txt
+++ b/json_gssapi/json_protocol.txt
@@ -145,3 +145,39 @@ Example messages:
   handle comes from previous calls to gss_init_sec_contest, and the
   input token comes from the acceptor.
 
+
+
+GSS Acquire Cred
+------------------------------------------------------------------------
+
+Arguments:
+    desired_name     The Base64 handle to a GSS name generated by
+                     gss_import_name.  This name represents the name to
+                     be used in the credential.
+    cred_usage       One of three values:
+                     GSS_C_ACCEPT - used to accept security contexts
+                     GSS_C_INITIATE - Used to initiate security contexts
+                     GSS_C_BOTH - Used for both.
+    time_req         The number of seconds this credential should remain
+                     valid.  Omitting or setting a value of 0 results in
+                     the default of two hours.
+    desired_mechs    An array of OIDs for the desired security mechanisms
+                     for use with this credential.  Omitting will use the
+                     default set of mechanisms, which is what most uses
+                     will want.  Include only if you know that you need
+                     it.
+
+This call returns values:
+    major_status      Major status return code; 0 on success.
+    minor_status      Minor status return code; 0 on success.
+    cred_handle       The Base64 encoded string representing the GSSAPI
+                      credential object.  (Note that this is a hash
+                      table lookup key for the object, not the object
+                      itself)
+    actual_mechs      An array of strings representing the OIDs for
+                      which the credential is valid.
+    time_rec          The number of seconds for which this credential
+                      will remain valid.
+
+Example message:
+  {"method":"gss_acquire_cred","arguments":{"cred_usage":"GSS_C_INITIATE","desired_name":""}}

diff --git a/json_gssapi/src/commands/GSSAcquireCred.cpp b/json_gssapi/src/commands/GSSAcquireCred.cpp
index fe86d15..ed86a17 100644 (file)
--- a/json_gssapi/src/commands/GSSAcquireCred.cpp
+++ b/json_gssapi/src/commands/GSSAcquireCred.cpp
@@ -14,6 +14,7 @@
 GSSAcquireCred::GSSAcquireCred(gss_acq_cred_type fn) : function(fn)
 {
   desired_name = GSS_C_NO_NAME;
+  desiredMechs.addOID( GSSOID((char *)"{ 1 3 6 1 5 5 15 1 1 18 }") );
 }
 
 GSSAcquireCred::GSSAcquireCred ( const GSSAcquireCred& other )
@@ -81,17 +82,20 @@ bool GSSAcquireCred::loadParameters(JSONObject *params)
   /*****************
    * desired_mechs *
    *****************/
-  if ( params->get("arguments").get("desired_mechs").isArray() )
+  if ( ! params->get("arguments").get("desired_mechs").isNull() )
   {
-    for (nDesiredMechs = 0; 
-         nDesiredMechs < params->get("arguments").get("desired_mechs").size();
-         nDesiredMechs++)
+    if ( params->get("arguments").get("desired_mechs").isArray() )
     {
-      std::string mechStr = params->get("arguments").get("desired_mechs")[nDesiredMechs].string();
-      desiredMechs.addOID( GSSOID(mechStr).toGss() );
-    }
-  } else
-    throw std::invalid_argument("Unrecognized desired_mechs array.");
+      for (nDesiredMechs = 0; 
+          nDesiredMechs < params->get("arguments").get("desired_mechs").size();
+          nDesiredMechs++)
+      {
+        std::string mechStr = params->get("arguments").get("desired_mechs")[nDesiredMechs].string();
+        desiredMechs.addOID( GSSOID(mechStr).toGss() );
+      }
+    } else
+      throw std::invalid_argument("Unrecognized desired_mechs array.");
+  }
 
   /****************
    * desired_name *