Modified the Krb5 mechanisms to allow it to receive multiple settings via the authentication policy mechanism information string. This will allow to add

new settings in the future without breaking existing clients.
This commit is contained in:
Juan Carlos Luciani 2007-03-21 22:19:05 +00:00
parent 65a6c74d20
commit e1001dfc6f

View File

@ -96,7 +96,7 @@ AuthTokenIf_GetAuthToken(
//=======================================================================-- //=======================================================================--
{ {
CasaStatus retStatus; CasaStatus retStatus;
char *pKrbServiceName = pMechInfo; char *pKrbServiceName = NULL;
SECURITY_STATUS secStatus; SECURITY_STATUS secStatus;
TimeStamp expiry; TimeStamp expiry;
CredHandle hCredentials = {0}; CredHandle hCredentials = {0};
@ -118,6 +118,37 @@ AuthTokenIf_GetAuthToken(
goto exit; goto exit;
} }
// Process any mechanism information that may have been provided
if (pMechInfo)
{
// Mechanism information has been provided. Mechanism information
// consists of semicolon delimited settings. The settings are formated
// using the format settingName=settingvalue. No white space is allowed
// as part of the mechanism information.
char *pNextSettingToken;
char *pSettingValueToken = strtok_s(pMechInfo, ";", &pNextSettingToken);
while (pSettingValueToken != NULL)
{
char *pNextToken;
char *pSettingName = strtok_s(pSettingValueToken, "=", &pNextToken);
char *pSettingValue = strtok_s(NULL, "=", &pNextToken);
if (pSettingValue)
{
// Process the setting
if (strcmpi(pSettingName, "SVC_PRINCIPAL") == 0)
{
pKrbServiceName = pSettingValue;
}
}
else
{
printf("Bad setting\n");
}
pSettingValueToken = strtok_s(NULL, ";", &pNextSettingToken);
}
}
// Check if we need to construct the service name // Check if we need to construct the service name
if (pKrbServiceName == NULL if (pKrbServiceName == NULL
|| strlen(pKrbServiceName) == 0) || strlen(pKrbServiceName) == 0)