From 3829bb90e764cd72c0009cb32a8b39d0fab89d81 Mon Sep 17 00:00:00 2001 From: "kwc@citi.umich.edu" Date: Mon, 3 Jul 2006 18:34:10 -0400 Subject: [PATCH] Check that the gssapi library is usable early on. Signed-off-by: Kevin Coffman Do a call to determine mechanisms supported by the gssapi library early. This allows us to discover early in case the gssapi library is somehow misconfigured. We can bail out early and give a meaningful message rather than getting errors on each attempt at a context negotiation. --- utils/gssd/gss_util.c | 25 +++++++++++++++++++++++++ utils/gssd/gss_util.h | 1 + utils/gssd/gssd.c | 3 +++ utils/gssd/svcgssd.c | 5 +++++ 4 files changed, 34 insertions(+) diff --git a/utils/gssd/gss_util.c b/utils/gssd/gss_util.c index f62a87b..d316b4d 100644 --- a/utils/gssd/gss_util.c +++ b/utils/gssd/gss_util.c @@ -224,3 +224,28 @@ gssd_acquire_cred(char *server_name) return (maj_stat == GSS_S_COMPLETE); } + +int gssd_check_mechs(void) +{ + u_int32_t maj_stat, min_stat; + gss_OID_set supported_mechs = GSS_C_NO_OID_SET; + int retval = -1; + + maj_stat = gss_indicate_mechs(&min_stat, &supported_mechs); + if (maj_stat != GSS_S_COMPLETE) { + printerr(0, "Unable to obtain list of supported mechanisms. " + "Check that gss library is properly configured.\n"); + goto out; + } + if (supported_mechs == GSS_C_NO_OID_SET || + supported_mechs->count == 0) { + printerr(0, "Unable to obtain list of supported mechanisms. " + "Check that gss library is properly configured.\n"); + goto out; + } + maj_stat = gss_release_oid_set(&min_stat, &supported_mechs); + retval = 0; +out: + return retval; +} + diff --git a/utils/gssd/gss_util.h b/utils/gssd/gss_util.h index 9e480ac..bfe8c4a 100644 --- a/utils/gssd/gss_util.h +++ b/utils/gssd/gss_util.h @@ -40,5 +40,6 @@ extern gss_cred_id_t gssd_creds; int gssd_acquire_cred(char *server_name); void pgsserr(char *msg, u_int32_t maj_stat, u_int32_t min_stat, const gss_OID mech); +int gssd_check_mechs(void); #endif /* _GSS_UTIL_H_ */ diff --git a/utils/gssd/gssd.c b/utils/gssd/gssd.c index 8e9c72a..d6ddaae 100644 --- a/utils/gssd/gssd.c +++ b/utils/gssd/gssd.c @@ -145,6 +145,9 @@ main(int argc, char *argv[]) "support setting debug level\n"); #endif + if (gssd_check_mechs() != 0) + errx(1, "Problem with gssapi library"); + if (!fg && daemon(0, 0) < 0) errx(1, "fork"); diff --git a/utils/gssd/svcgssd.c b/utils/gssd/svcgssd.c index 4e0806c..0db3762 100644 --- a/utils/gssd/svcgssd.c +++ b/utils/gssd/svcgssd.c @@ -204,6 +204,11 @@ main(int argc, char *argv[]) "support setting debug level\n"); #endif + if (gssd_check_mechs() != 0) { + printerr(0, "ERROR: Problem with gssapi library\n"); + exit(1); + } + if (!fg) mydaemon(0, 0); -- 2.39.5