// AcquireCred implements gss_acquire_cred API, as per
// https://tools.ietf.org/html/rfc2743#page-31. outputCredHandle, actualMechs
// must be .Release()-ed by the caller
func (lib *Lib) AcquireCred(desiredName *Name, timeReq time.Duration,
desiredMechs *OIDSet, credUsage CredUsage) (outputCredHandle *CredId,
actualMechs *OIDSet, timeRec time.Duration, err error) {
min := C.OM_uint32(0)
actualMechs = lib.NewOIDSet()
outputCredHandle = lib.NewCredId()
timerec := C.OM_uint32(0)
maj := C.wrap_gss_acquire_cred(lib.Fp_gss_acquire_cred,
&min,
desiredName.C_gss_name_t,
C.OM_uint32(timeReq.Seconds()),
desiredMechs.C_gss_OID_set,
C.gss_cred_usage_t(credUsage),
&outputCredHandle.C_gss_cred_id_t,
&actualMechs.C_gss_OID_set,
&timerec)
err = lib.stashLastStatus(maj, min)
if err != nil {
return nil, nil, 0, err
}
return outputCredHandle, actualMechs, time.Duration(timerec) * time.Second, nil
}
// AddCred implements gss_add_cred API, as per
// https://tools.ietf.org/html/rfc2743#page-36. outputCredHandle, actualMechs
// must be .Release()-ed by the caller
func (lib *Lib) AddCred(inputCredHandle *CredId,
desiredName *Name, desiredMech *OID, credUsage CredUsage,
initiatorTimeReq time.Duration, acceptorTimeReq time.Duration) (
outputCredHandle *CredId, actualMechs *OIDSet,
initiatorTimeRec time.Duration, acceptorTimeRec time.Duration,
err error) {
min := C.OM_uint32(0)
actualMechs = lib.NewOIDSet()
outputCredHandle = lib.NewCredId()
initSeconds := C.OM_uint32(0)
acceptSeconds := C.OM_uint32(0)
maj := C.wrap_gss_add_cred(lib.Fp_gss_add_cred,
&min,
inputCredHandle.C_gss_cred_id_t,
desiredName.C_gss_name_t,
desiredMech.C_gss_OID,
C.gss_cred_usage_t(credUsage),
C.OM_uint32(initiatorTimeReq.Seconds()),
C.OM_uint32(acceptorTimeReq.Seconds()),
&outputCredHandle.C_gss_cred_id_t,
&actualMechs.C_gss_OID_set,
&initSeconds,
&acceptSeconds)
err = lib.stashLastStatus(maj, min)
if err != nil {
return nil, nil, 0, 0, err
}
return outputCredHandle,
actualMechs,
time.Duration(initSeconds) * time.Second,
time.Duration(acceptSeconds) * time.Second,
nil
}