Making changes to remove the need for the auth.policy to contain

the mechanism information element. This change breaks the build since it is not complete.
2006-11-03 13:35:36 +00:00
parent 47a2358a9e
commit 01b99ffc0d
4 changed files with 72 additions and 5 deletions
--- a/CASA-auth-token/non-java/client/mechanisms/krb5/windows/get.c
+++ b/CASA-auth-token/non-java/client/mechanisms/krb5/windows/get.c
@@ -40,7 +40,8 @@ AuthTokenIf_GetAuthToken(
   IN       const void  *pIfInstance,
   IN       const char  *pContext,
   IN       const char  *pMechInfo,
-   IN       void        *pCredStoreScope,
+   IN       const char  *pHostName,
+   IN       void        *pCredStoreScope,
   INOUT    char        *pTokenBuf,
   INOUT    int         *pTokenBufLen)
 //
@@ -61,6 +62,10 @@ AuthTokenIf_GetAuthToken(
 //       may be the service principal name to which the user will be
 //       authenticating.
 //               
+//    pHostName -
+//       Pointer to null terminated string containing the name of the
+//       host where the ATS resides.
+//   
 //    pCredStoreScope -
 //       Pointer to CASA structure for scoping credential store access
 //       to specific users. This can only be leveraged when running in
@@ -102,7 +107,7 @@ AuthTokenIf_GetAuthToken(
   // Validate input parameters
   if (pIfInstance == NULL
       || pContext == NULL
-       || pMechInfo == NULL
+       || pHostName
       || pTokenBufLen == NULL
       || (pTokenBuf == NULL && *pTokenBufLen != 0))
   {
@@ -114,6 +119,23 @@ AuthTokenIf_GetAuthToken(
      goto exit;
   }

+   // Check if we need to construct the service name
+   if (pKrbServiceName == NULL
+       || strlen(pKrbServiceName) == 0)
+   {
+      // The service name will default to host/hostname
+      pKrbServiceName = malloc(5 /*"host/"*/ + strlen(pHostName) + 1 /*'/0'*/)
+      if (pKrbServiceName)
+      {
+         sprintf("host/%s", pHostName);
+      }
+      else
+      {
+         DbgTrace(0, "-AuthTokenIf_GetAuthToken- Memory allocation failure\n", 0);
+         goto exit;
+      }
+   }
+
   // Acquire a credential handle for the current user
   secStatus = AcquireCredentialsHandle(NULL,                  // no principal name
                                        "Kerberos",            // package name
@@ -234,6 +256,11 @@ AuthTokenIf_GetAuthToken(
         
 exit:

+   // Free buffer holding the Krb Service Name if necessary
+   if (pKrbServiceName
+       && pKrbServiceName != pMechInfo)
+      free(pKrbServiceName);
+
   DbgTrace(1, "-AuthTokenIf_GetAuthToken- End, retStatus = %08X\n", retStatus);

   return retStatus;