diff --git a/CASA-auth-token/client/library/mech_if.h b/CASA-auth-token/client/library/mech_if.h index 3f183548..4ee59e3f 100644 --- a/CASA-auth-token/client/library/mech_if.h +++ b/CASA-auth-token/client/library/mech_if.h @@ -87,7 +87,7 @@ CasaStatus (SSCS_CALL *PFNAuthTokenIf_GetAuthToken)( IN const void *pIfInstance, IN const char *pContext, - IN const char *pMechInfo, + IN char *pMechInfo, IN const char *pHostName, IN void *pCredStoreScope, INOUT char *pTokenBuf, diff --git a/CASA-auth-token/client/library/mechanisms/krb5/linux/get.c b/CASA-auth-token/client/library/mechanisms/krb5/linux/get.c index ce03edd9..a26c20c6 100644 --- a/CASA-auth-token/client/library/mechanisms/krb5/linux/get.c +++ b/CASA-auth-token/client/library/mechanisms/krb5/linux/get.c @@ -125,7 +125,7 @@ CasaStatus SSCS_CALL AuthTokenIf_GetAuthToken( IN const void *pIfInstance, IN const char *pContext, - IN const char *pMechInfo, + IN char *pMechInfo, IN const char *pHostName, IN void *pCredStoreScope, INOUT char *pTokenBuf, @@ -186,7 +186,8 @@ AuthTokenIf_GetAuthToken( //=======================================================================-- { CasaStatus retStatus; - char *pKrbServiceName = (char*) pMechInfo; + char *pKrbServiceName = NULL; + bool freeKrbSvcNameBuf = false; OM_uint32 gssMajStat; OM_uint32 gssMinStat; gss_buffer_desc gssBuffer; @@ -209,6 +210,37 @@ AuthTokenIf_GetAuthToken( goto exit; } + // Process any mechanism information that may have been provided + if (pMechInfo) + { + // Mechanism information has been provided. Mechanism information + // consists of semicolon delimited settings. The settings are formated + // using the format settingName=settingvalue. No white space is allowed + // as part of the mechanism information. + char *pNextSettingToken; + char *pSettingValueToken = strtok_s(pMechInfo, ";", &pNextSettingToken); + while (pSettingValueToken != NULL) + { + char *pNextToken; + char *pSettingName = strtok_r(pSettingValueToken, "=", &pNextToken); + char *pSettingValue = strtok_r(NULL, "=", &pNextToken); + if (pSettingValue) + { + // Process the setting + if (strcmpi(pSettingName, "SVC_PRINCIPAL") == 0) + { + pKrbServiceName = pSettingValue; + } + } + else + { + printf("Bad setting\n"); + } + + pSettingValueToken = strtok_s(NULL, ";", &pNextSettingToken); + } + } + // Check if we need to construct the service name if (pKrbServiceName == NULL || strlen(pKrbServiceName) == 0) @@ -217,6 +249,7 @@ AuthTokenIf_GetAuthToken( pKrbServiceName = malloc(5 /*"host/"*/ + strlen(pHostName) + 1 /*'/0'*/); if (pKrbServiceName) { + freeKrbSvcNameBuf = true; sprintf(pKrbServiceName, "host/%s", pHostName); } else @@ -359,8 +392,7 @@ AuthTokenIf_GetAuthToken( exit: // Free buffer holding the Krb Service Name if necessary - if (pKrbServiceName - && pKrbServiceName != pMechInfo) + if (freeKrbSvcNameBuf) free(pKrbServiceName); DbgTrace(1, "-AuthTokenIf_GetAuthToken- End, retStatus = %08X\n", retStatus); diff --git a/CASA-auth-token/client/library/mechanisms/krb5/windows/get.c b/CASA-auth-token/client/library/mechanisms/krb5/windows/get.c index 378f1104..10287b62 100644 --- a/CASA-auth-token/client/library/mechanisms/krb5/windows/get.c +++ b/CASA-auth-token/client/library/mechanisms/krb5/windows/get.c @@ -39,7 +39,7 @@ CasaStatus SSCS_CALL AuthTokenIf_GetAuthToken( IN const void *pIfInstance, IN const char *pContext, - IN const char *pMechInfo, + IN char *pMechInfo, IN const char *pHostName, IN void *pCredStoreScope, INOUT char *pTokenBuf, @@ -97,6 +97,7 @@ AuthTokenIf_GetAuthToken( { CasaStatus retStatus; char *pKrbServiceName = NULL; + bool freeKrbSvcNameBuf = false; SECURITY_STATUS secStatus; TimeStamp expiry; CredHandle hCredentials = {0}; @@ -130,8 +131,8 @@ AuthTokenIf_GetAuthToken( while (pSettingValueToken != NULL) { char *pNextToken; - char *pSettingName = strtok_s(pSettingValueToken, "=", &pNextToken); - char *pSettingValue = strtok_s(NULL, "=", &pNextToken); + char *pSettingName = strtok_r(pSettingValueToken, "=", &pNextToken); + char *pSettingValue = strtok_r(NULL, "=", &pNextToken); if (pSettingValue) { // Process the setting @@ -157,6 +158,7 @@ AuthTokenIf_GetAuthToken( pKrbServiceName = malloc(5 /*"host/"*/ + strlen(pHostName) + 1 /*'/0'*/); if (pKrbServiceName) { + freeKrbSvcNameBuf = true; sprintf(pKrbServiceName, "host/%s", pHostName); } else @@ -310,8 +312,7 @@ AuthTokenIf_GetAuthToken( exit: // Free buffer holding the Krb Service Name if necessary - if (pKrbServiceName - && pKrbServiceName != pMechInfo) + if (freeKrbSvcNameBuf) free(pKrbServiceName); DbgTrace(1, "-AuthTokenIf_GetAuthToken- End, retStatus = %08X\n", retStatus); diff --git a/CASA-auth-token/client/library/mechanisms/krb5/windows/platform.h b/CASA-auth-token/client/library/mechanisms/krb5/windows/platform.h index 7f0255a7..8cc0ab9a 100644 --- a/CASA-auth-token/client/library/mechanisms/krb5/windows/platform.h +++ b/CASA-auth-token/client/library/mechanisms/krb5/windows/platform.h @@ -80,6 +80,7 @@ FILE *pDebugFile; \ #define bool BOOLEAN #define true TRUE #define false FALSE +#define strtok_r strtok_s //===[ Inlines functions ]=============================================== diff --git a/CASA-auth-token/client/library/mechanisms/pwd/get.c b/CASA-auth-token/client/library/mechanisms/pwd/get.c index 5a9b4ab5..2c012d4f 100644 --- a/CASA-auth-token/client/library/mechanisms/pwd/get.c +++ b/CASA-auth-token/client/library/mechanisms/pwd/get.c @@ -220,7 +220,7 @@ CasaStatus SSCS_CALL AuthTokenIf_GetAuthToken( IN const void *pIfInstance, IN const char *pContext, - IN const char *pMechInfo, + IN char *pMechInfo, IN const char *pHostName, IN void *pCredStoreScope, INOUT char *pTokenBuf, @@ -307,12 +307,12 @@ AuthTokenIf_GetAuthToken( // using the format settingName=settingvalue. No white space is allowed // as part of the mechanism information. char *pNextSettingToken; - char *pSettingValueToken = strtok_s(pMechInfo, ";", &pNextSettingToken); + char *pSettingValueToken = strtok_r(pMechInfo, ";", &pNextSettingToken); while (pSettingValueToken != NULL) { char *pNextToken; - char *pSettingName = strtok_s(pSettingValueToken, "=", &pNextToken); - char *pSettingValue = strtok_s(NULL, "=", &pNextToken); + char *pSettingName = strtok_r(pSettingValueToken, "=", &pNextToken); + char *pSettingValue = strtok_r(NULL, "=", &pNextToken); if (pSettingValue) { // Process the setting diff --git a/CASA-auth-token/client/library/mechanisms/pwd/windows/platform.h b/CASA-auth-token/client/library/mechanisms/pwd/windows/platform.h index 98ea3a12..e6ea4268 100644 --- a/CASA-auth-token/client/library/mechanisms/pwd/windows/platform.h +++ b/CASA-auth-token/client/library/mechanisms/pwd/windows/platform.h @@ -78,6 +78,7 @@ FILE *pDebugFile; \ #define bool BOOLEAN #define true TRUE #define false FALSE +#define strtok_r strtok_s //===[ Inlines functions ]===============================================