#include "gssapiP_eap.h"
-#include <pwd.h>
+#ifdef WIN32
+# include <shlobj.h> /* may need to use ShFolder.h instead */
+# include <stdio.h>
+#else
+# include <pwd.h>
+#endif
OM_uint32
gssEapAllocCred(OM_uint32 *minor, gss_cred_id_t *pCred)
}
if (GSSEAP_MUTEX_INIT(&cred->mutex) != 0) {
- *minor = errno;
+ *minor = GSSEAP_GET_LAST_ERROR();
gssEapReleaseCred(&tmpMinor, &cred);
return GSS_S_FAILURE;
}
{
OM_uint32 major, tmpMinor;
FILE *fp = NULL;
- char pwbuf[BUFSIZ], buf[BUFSIZ];
+ char buf[BUFSIZ];
char *ccacheName;
- struct passwd *pw = NULL, pwd;
int i = 0;
+#ifndef WIN32
+ struct passwd *pw = NULL, pwd;
+ char pwbuf[BUFSIZ];
+#endif
defaultIdentity->length = 0;
defaultIdentity->value = NULL;
ccacheName = getenv("GSSEAP_IDENTITY");
if (ccacheName == NULL) {
+#ifdef WIN32
+ TCHAR szPath[MAX_PATH];
+
+ if (!SUCCEEDED(SHGetFolderPath(NULL,
+ CSIDL_APPDATA, /* |CSIDL_FLAG_CREATE */
+ NULL, /* User access token */
+ 0, /* SHGFP_TYPE_CURRENT */
+ szPath))) {
+ major = GSS_S_CRED_UNAVAIL;
+ *minor = GSSEAP_GET_LAST_ERROR(); /* XXX */
+ goto cleanup;
+ }
+
+ snprintf(buf, sizeof(buf), "%s/.gss_eap_id", szPath);
+#else
if (getpwuid_r(getuid(), &pwd, pwbuf, sizeof(pwbuf), &pw) != 0 ||
pw == NULL || pw->pw_dir == NULL) {
major = GSS_S_CRED_UNAVAIL;
- *minor = errno;
+ *minor = GSSEAP_GET_LAST_ERROR();
goto cleanup;
}
snprintf(buf, sizeof(buf), "%s/.gss_eap_id", pw->pw_dir);
+#endif /* WIN32 */
ccacheName = buf;
}
GSSEAP_MUTEX_UNLOCK(&desiredName->mutex);
}
+#ifdef GSSEAP_ENABLE_ACCEPTOR
+ if (cred->flags & CRED_FLAG_ACCEPT) {
+ struct rs_context *radContext;
+
+ major = gssEapCreateRadiusContext(minor, cred, &radContext);
+ if (GSS_ERROR(major))
+ goto cleanup;
+
+ rs_context_destroy(radContext);
+ }
+#endif
+
if (pActualMechs != NULL) {
major = duplicateOidSet(minor, cred->mechanisms, pActualMechs);
if (GSS_ERROR(major))
OM_uint32 minor;
int present = 0;
- assert(mech != GSS_C_NO_OID);
+ GSSEAP_ASSERT(mech != GSS_C_NO_OID);
if (cred == GSS_C_NO_CREDENTIAL || cred->mechanisms == GSS_C_NO_OID_SET)
return TRUE;
return major;
}
+OM_uint32
+gssEapSetCredService(OM_uint32 *minor,
+ gss_cred_id_t cred,
+ const gss_name_t target)
+{
+ OM_uint32 major, tmpMinor;
+ gss_name_t newTarget = GSS_C_NO_NAME;
+
+ if (cred->flags & CRED_FLAG_RESOLVED) {
+ major = GSS_S_FAILURE;
+ *minor = GSSEAP_CRED_RESOLVED;
+ goto cleanup;
+ }
+
+ if (target != GSS_C_NO_NAME) {
+ major = gssEapDuplicateName(minor, target, &newTarget);
+ if (GSS_ERROR(major))
+ goto cleanup;
+
+ cred->flags |= CRED_FLAG_TARGET;
+ } else {
+ cred->flags &= ~(CRED_FLAG_TARGET);
+ }
+
+ gssEapReleaseName(&tmpMinor, &cred->target);
+ cred->target = newTarget;
+
+ major = GSS_S_COMPLETE;
+ *minor = 0;
+
+cleanup:
+ return major;
+}
+
static OM_uint32
gssEapDuplicateCred(OM_uint32 *minor,
const gss_cred_id_t src,
if (major == GSS_S_CRED_UNAVAIL)
#endif
major = staticIdentityFileResolveInitiatorCred(minor, resolvedCred);
- if (GSS_ERROR(major))
+ if (GSS_ERROR(major) && major != GSS_S_CRED_UNAVAIL)
goto cleanup;
+ /* If we have a caller-supplied password, the credential is resolved. */
if ((resolvedCred->flags & CRED_FLAG_PASSWORD) == 0) {
major = GSS_S_CRED_UNAVAIL;
*minor = GSSEAP_NO_DEFAULT_CRED;
projects / moonshot.git / blobdiff