1
Я пытаюсь использовать gssapi32.dll в моем приложении, но я получаю исключение, когда приложение запускаgss_init_sec_context возвращать учетные данные не кэшировать найдены (Windows, C++)
имя как «HTTP/[email protected]» Я видел это имя в инструментах Kerberos билетных
, но я получаю «учетные данные не кэшировать найдены»
может быть, кто уже имеет подобную проблему? и может помочь
Windows 7 (x64) МСВС C++ 2010 Express
спасибо за совет & простите за мой английский
char* cHttp::getNegotiateToken(const char *service, const char *server) {
char *token = 0;
OM_uint32 major, minor;
gss_buffer_desc gss_buffer;
gss_buffer_desc gss_buffer_user;
gss_name_t gss_name;
gss_name_t gss_user_name;
gss_ctx_id_t gss_context = GSS_C_NO_CONTEXT;
gss_buffer_desc gss_input_token = GSS_C_EMPTY_BUFFER;
gss_buffer_desc gss_output_token = GSS_C_EMPTY_BUFFER;
OM_uint32 req_flags = GSS_C_MUTUAL_FLAG | GSS_C_REPLAY_FLAG;
static gss_OID_desc gss_krb5_mech_oid_desc =
{ 9, (void *) "\x2a\x86\x48\x86\xf7\x12\x01\x02\x02" };
if(!service || !server) {
Logger.writeLogHead(llError) << "Service and server values cannot be NULL!" << EndOfLine;
return 0;
}
gss_buffer.length = 28;//strln(service) + strln(server) + 2;
gss_buffer.value = malloc(gss_buffer.length);
gss_buffer_user.length = 26;
gss_buffer_user.value = malloc(gss_buffer_user.length);
Logger.writeLogHead(llError) << "service \"" << service << "\" server \"" << server << "\" length " << (int)gss_buffer.length << EndOfLine;
if(!gss_buffer.value) {
Logger.writeLogHead(llError) << "malloc failed" << EndOfLine;
return 0;
}
sprintf((char *)gss_buffer.value, "%s", "HTTP/[email protected]");
major = gss_import_name(&minor, &gss_buffer, GSS_C_NT_HOSTBASED_SERVICE, &gss_name);
free(gss_buffer.value);
if (major != GSS_S_COMPLETE) {
logGssError(major, minor, "gss_import_name");
return 0;
}
gss_buffer_desc out_name;
major = gss_display_name(&minor, gss_name, &out_name, NULL);
if (major != GSS_S_COMPLETE) {
logGssError(major, minor, "gss_display_name");
return 0;
}
Logger.writeLogHead(llWarning) << "Service name : " << (const char*)out_name.value << EndOfLine;
major = gss_init_sec_context(
&minor,
GSS_C_NO_CREDENTIAL,
&gss_context,
gss_name,
&gss_krb5_mech_oid_desc,
req_flags,
GSS_C_INDEFINITE,
GSS_C_NO_CHANNEL_BINDINGS,
&gss_input_token,
NULL,
&gss_output_token,
NULL,
NULL);
if (major == GSS_S_NO_CRED) {
Logger.writeLogHead(llError) << "gss_init_sec_context GSS_S_NO_CRED" << EndOfLine;
}
if (major != GSS_S_COMPLETE) {
logGssError(major, minor, "gss_init_sec_context");
return 0;
}
if (gss_output_token.length == 0) {
Logger.writeLogHead(llError) << "Token don't need to be send." << EndOfLine;
return 0;
}
// TODO: Need to make SPNEGO token (spnegohelp)
token = base64_encode((const char *)gss_output_token.value, gss_output_token.length);
major = gss_delete_sec_context(&minor, &gss_context, GSS_C_NO_BUFFER);
if (major != GSS_S_COMPLETE) {
logGssError(major, minor, "gss_delete_sec_context");
return 0;
}
major = gss_release_name(&minor,&gss_name);
if (major != GSS_S_COMPLETE) {
logGssError(major, minor, "gss_release_name");
return 0;
}
return token;
}
- отредактированный спасибо другу, - я думаю, что я будет идти по предлагаемому пути