rpms / python-kerberos

Clone
Source Code
GIT

Files

  1.   ef5b631aee7d11350fd45525136de12632fc9d8e
  2.   SOURCES
  3.   PyKerberos-inquire.patch
Blob Blame History Raw 
diff -rupN python-kerberos-1.1.orig/src/kerberos.c python-kerberos-1.1/src/kerberos.c
--- python-kerberos-1.1.orig/src/kerberos.c	2014-01-16 20:52:24.684000000 -0700
+++ python-kerberos-1.1/src/kerberos.c	2014-01-16 20:53:14.182000000 -0700
@@ -250,6 +250,30 @@ static PyObject *authGSSClientWrap(PyObj
 	return Py_BuildValue("i", result);
 }
 
+static PyObject *authGSSClientInquireCred(PyObject *self, PyObject *args)
+{
+	gss_client_state *state;
+	PyObject *pystate;
+	int result = 0;
+	if (!PyArg_ParseTuple(args, "O", &pystate))
+		return NULL;
+
+	if (!PyCObject_Check(pystate)) {
+		PyErr_SetString(PyExc_TypeError, "Expected a context object");
+		return NULL;
+	}
+
+	state = (gss_client_state *)PyCObject_AsVoidPtr(pystate);
+	if (state == NULL)
+		return NULL;
+
+	result = authenticate_gss_client_inquire_cred(state);
+	if (result == AUTH_GSS_ERROR)
+		return NULL;
+
+	return Py_BuildValue("i", result);
+}
+
 static PyObject *authGSSServerInit(PyObject *self, PyObject *args)
 {
     const char *service;
@@ -379,12 +403,16 @@ static PyMethodDef KerberosMethods[] = {
      "Get the response from the last client-side GSSAPI step."},
     {"authGSSClientUserName",  authGSSClientUserName, METH_VARARGS,
      "Get the user name from the last client-side GSSAPI step."},
+    {"authGSSClientInquireCred",  authGSSClientInquireCred, METH_VARARGS,
+     "Get the current user name, if any, without a client-side GSSAPI step"},
     {"authGSSServerInit",  authGSSServerInit, METH_VARARGS,
      "Initialize server-side GSSAPI operations."},
     {"authGSSClientWrap",  authGSSClientWrap, METH_VARARGS,
      "Do a GSSAPI wrap."},
     {"authGSSClientUnwrap",  authGSSClientUnwrap, METH_VARARGS,
      "Do a GSSAPI unwrap."},
+    {"authGSSClientInquireCred", authGSSClientInquireCred, METH_VARARGS,
+     "Get the current user name, if any."},
     {"authGSSServerClean",  authGSSServerClean, METH_VARARGS,
      "Terminate server-side GSSAPI operations."},
     {"authGSSServerStep",  authGSSServerStep, METH_VARARGS,
diff -rupN python-kerberos-1.1.orig/src/kerberosgss.c python-kerberos-1.1/src/kerberosgss.c
--- python-kerberos-1.1.orig/src/kerberosgss.c	2014-01-16 20:52:24.739000000 -0700
+++ python-kerberos-1.1/src/kerberosgss.c	2014-01-16 20:53:14.183000000 -0700
@@ -388,6 +388,60 @@ end:
 	return ret;
 }
 
+int authenticate_gss_client_inquire_cred(gss_client_state* state)
+{
+    OM_uint32 maj_stat;
+    OM_uint32 min_stat;
+    gss_cred_id_t client_creds = GSS_C_NO_CREDENTIAL;
+    gss_buffer_desc name_token = GSS_C_EMPTY_BUFFER;
+    gss_name_t name = GSS_C_NO_NAME;
+    int ret = AUTH_GSS_COMPLETE;
+
+    // Get credentials
+    maj_stat = gss_acquire_cred(&min_stat, GSS_C_NO_NAME, GSS_C_INDEFINITE,
+                               GSS_C_NO_OID_SET, GSS_C_INITIATE, &client_creds, NULL, NULL);
+
+    if (GSS_ERROR(maj_stat))
+    {
+       set_gss_error(maj_stat, min_stat);
+       ret = AUTH_GSS_ERROR;
+       goto end;
+    }
+
+    // Get the name
+    maj_stat = gss_inquire_cred(&min_stat, client_creds, &name, 
+                                NULL, NULL, NULL);
+
+    if (GSS_ERROR(maj_stat))
+    {
+       set_gss_error(maj_stat, min_stat);
+       ret = AUTH_GSS_ERROR;
+       goto end;
+    }
+
+    maj_stat = gss_display_name(&min_stat, name, &name_token, NULL);
+
+    if (GSS_ERROR(maj_stat))
+    {
+        set_gss_error(maj_stat, min_stat);
+        ret = AUTH_GSS_ERROR;
+        goto end;
+    }
+
+    state->username = strndup(name_token.value, name_token.length);
+    if (!state->username) {
+        set_gss_error(GSS_S_FAILURE, ENOMEM);
+        ret = AUTH_GSS_ERROR;
+    }
+
+end:
+    (void)gss_release_cred(&min_stat, &client_creds);
+    (void)gss_release_buffer(&min_stat, &name_token);
+    (void)gss_release_name(&min_stat, &name);
+
+    return ret;
+}
+
 int authenticate_gss_server_init(const char *service, gss_server_state *state)
 {
     OM_uint32 maj_stat;
diff -rupN python-kerberos-1.1.orig/src/kerberosgss.h python-kerberos-1.1/src/kerberosgss.h
--- python-kerberos-1.1.orig/src/kerberosgss.h	2014-01-16 20:52:24.759000000 -0700
+++ python-kerberos-1.1/src/kerberosgss.h	2014-01-16 20:53:37.505000000 -0700
@@ -55,6 +55,7 @@ int authenticate_gss_client_clean(gss_cl
 int authenticate_gss_client_step(gss_client_state *state, const char *challenge);
 int authenticate_gss_client_unwrap(gss_client_state* state, const char* challenge); 
 int authenticate_gss_client_wrap(gss_client_state* state, const char* challenge, const char* user);
+int authenticate_gss_client_inquire_cred(gss_client_state* state);
 
 int authenticate_gss_server_init(const char* service, gss_server_state* state);
 int authenticate_gss_server_clean(gss_server_state *state);

Powered by Pagure 5.13.3

SSH Hostkey/Fingerprint | Documentation