diff --git a/dlls/kerberos/krb5_ap.c b/dlls/kerberos/krb5_ap.c index 4aadd77bcbc..b4671193631 100644 --- a/dlls/kerberos/krb5_ap.c +++ b/dlls/kerberos/krb5_ap.c @@ -192,6 +192,7 @@ MAKE_FUNCPTR(gss_delete_sec_context); MAKE_FUNCPTR(gss_import_name); MAKE_FUNCPTR(gss_init_sec_context); MAKE_FUNCPTR(gss_release_buffer); +MAKE_FUNCPTR(gss_release_cred); MAKE_FUNCPTR(gss_release_name); #undef MAKE_FUNCPTR @@ -216,6 +217,7 @@ static BOOL load_gssapi_krb5(void) LOAD_FUNCPTR(gss_import_name) LOAD_FUNCPTR(gss_init_sec_context) LOAD_FUNCPTR(gss_release_buffer) + LOAD_FUNCPTR(gss_release_cred) LOAD_FUNCPTR(gss_release_name) #undef LOAD_FUNCPTR @@ -419,6 +421,27 @@ static NTSTATUS NTAPI kerberos_SpAcquireCredentialsHandle( #endif } +static NTSTATUS NTAPI kerberos_SpFreeCredentialsHandle( LSA_SEC_HANDLE credential ) +{ +#ifdef SONAME_LIBGSSAPI_KRB5 + OM_uint32 ret, minor_status; + gss_cred_id_t cred_handle; + + TRACE( "(%lx)\n", credential ); + + if (!credential) return SEC_E_INVALID_HANDLE; + if (!(cred_handle = credhandle_sspi_to_gss( credential ))) return SEC_E_OK; + + ret = pgss_release_cred( &minor_status, &cred_handle ); + TRACE( "gss_release_cred returned %08x minor status %08x\n", ret, minor_status ); + + return status_gss_to_sspi( ret ); +#else + FIXME( "(%lx)\n", credential ); + return SEC_E_UNSUPPORTED_FUNCTION; +#endif +} + static NTSTATUS NTAPI kerberos_SpInitLsaModeContext( LSA_SEC_HANDLE credential, LSA_SEC_HANDLE context, UNICODE_STRING *target_name, ULONG context_req, ULONG target_data_rep, SecBufferDesc *input, LSA_SEC_HANDLE *new_context, SecBufferDesc *output, ULONG *context_attr, TimeStamp *ts_expiry, @@ -624,7 +647,7 @@ static SECPKG_FUNCTION_TABLE kerberos_table = NULL, /* AcceptCredentials */ kerberos_SpAcquireCredentialsHandle, NULL, /* SpQueryCredentialsAttributes */ - NULL, /* FreeCredentialsHandle */ + kerberos_SpFreeCredentialsHandle, NULL, /* SaveCredentials */ NULL, /* GetCredentials */ NULL, /* DeleteCredentials */