* OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
* PERFORMANCE OF THIS SOFTWARE.
*/
-#include "config.h"
+
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+#endif /* HAVE_CONFIG_H */
+
#include <errno.h>
#include <stdio.h>
#include <ctype.h>
#include <netdb.h>
#include <fcntl.h>
#include <gssapi/gssapi.h>
+#if defined(HAVE_KRB5) && !defined(GSS_C_NT_HOSTBASED_SERVICE)
+#include <gssapi/gssapi_generic.h>
+#define GSS_C_NT_HOSTBASED_SERVICE gss_nt_service_name
+#endif
#include "gss_util.h"
#include "err_util.h"
#include "gssd.h"
char maj_buf[30], min_buf[30];
char *maj, *min;
u_int32_t msg_ctx = 0;
+ int msg_verbosity = 0;
/* Get major status message */
maj_stat1 = gss_display_status(&min_stat1, major,
min = min_gss_buf.value;
}
- printerr(0, "ERROR: GSS-API: error in %s(): %s - %s\n",
+ if (major == GSS_S_CREDENTIALS_EXPIRED)
+ msg_verbosity = 1;
+ printerr(msg_verbosity, "ERROR: GSS-API: error in %s(): %s - %s\n",
m, maj, min);
if (maj_gss_buf.length != 0)
}
int
-gssd_acquire_cred(char *server_name)
+gssd_acquire_cred(char *server_name, const gss_OID oid)
{
gss_buffer_desc name;
gss_name_t target_name;
u_int32_t maj_stat, min_stat;
u_int32_t ignore_maj_stat, ignore_min_stat;
+ gss_buffer_desc pbuf;
name.value = (void *)server_name;
name.length = strlen(server_name);
maj_stat = gss_import_name(&min_stat, &name,
- (const gss_OID) GSS_C_NT_HOSTBASED_SERVICE,
+ oid,
&target_name);
if (maj_stat != GSS_S_COMPLETE) {
GSS_C_NULL_OID_SET, GSS_C_ACCEPT,
&gssd_creds, NULL, NULL);
- ignore_maj_stat = gss_release_name(&ignore_min_stat, &target_name);
-
- if (maj_stat != GSS_S_COMPLETE)
+ if (maj_stat != GSS_S_COMPLETE) {
pgsserr("gss_acquire_cred", maj_stat, min_stat, g_mechOid);
+ ignore_maj_stat = gss_display_name(&ignore_min_stat,
+ target_name, &pbuf, NULL);
+ if (ignore_maj_stat == GSS_S_COMPLETE) {
+ printerr(1, "Unable to obtain credentials for '%.*s'\n",
+ pbuf.length, pbuf.value);
+ ignore_maj_stat = gss_release_buffer(&ignore_min_stat,
+ &pbuf);
+ }
+ }
+
+ ignore_maj_stat = gss_release_name(&ignore_min_stat, &target_name);
return (maj_stat == GSS_S_COMPLETE);
}
+
+int gssd_check_mechs(void)
+{
+ u_int32_t maj_stat, min_stat;
+ gss_OID_set supported_mechs = GSS_C_NO_OID_SET;
+ int retval = -1;
+
+ maj_stat = gss_indicate_mechs(&min_stat, &supported_mechs);
+ if (maj_stat != GSS_S_COMPLETE) {
+ printerr(0, "Unable to obtain list of supported mechanisms. "
+ "Check that gss library is properly configured.\n");
+ goto out;
+ }
+ if (supported_mechs == GSS_C_NO_OID_SET ||
+ supported_mechs->count == 0) {
+ printerr(0, "Unable to obtain list of supported mechanisms. "
+ "Check that gss library is properly configured.\n");
+ goto out;
+ }
+ maj_stat = gss_release_oid_set(&min_stat, &supported_mechs);
+ retval = 0;
+out:
+ return retval;
+}
+
projects / nfs-utils.git / blobdiff