Beispiel #1
0
KLStatus
KLAcquireNewInitialTicketsWithPassword(KLPrincipal      inPrincipal,
				       KLLoginOptions   inLoginOptions,
				       const char      *inPassword,
				       char           **outCredCacheName)
{
    krb5_context context = mshim_ctx();
    krb5_error_code ret;
    krb5_ccache cache;
    krb5_creds creds;
    char *service = NULL;
    krb5_get_init_creds_opt *opt = NULL;

    LOG_ENTRY();

    if (inLoginOptions) {
	service = inLoginOptions->service;
	opt = inLoginOptions->opt;
    }

    ret = heim_krb5_get_init_creds_password(context, &creds,
					    inPrincipal, inPassword,
					    NULL, NULL, 0,
					    service,
					    opt);
    if (ret)
	return ret;

    ret = heim_krb5_cc_cache_match(context, inPrincipal, &cache);
    if (ret)
	ret = heim_krb5_cc_new_unique(context, NULL, NULL, &cache);
    if (ret)
	goto out;
	
    ret = heim_krb5_cc_initialize(context, cache, creds.client);
    if(ret)
	goto out;

    ret = heim_krb5_cc_store_cred(context, cache, &creds);
    if (ret)
	goto out;

    if (outCredCacheName)
	*outCredCacheName = strdup(heim_krb5_cc_get_name(context, cache));

 out:
    if (cache) {
	if (ret)
	    krb5_cc_destroy((mit_krb5_context)context, (mit_krb5_ccache)cache);
	else
	    heim_krb5_cc_close(context, cache);
    }
    heim_krb5_free_cred_contents(context, &creds);

    return ret;
}
Beispiel #2
0
mit_krb5_error_code KRB5_CALLCONV
krb5_get_init_creds_password(mit_krb5_context context,
			     mit_krb5_creds *creds,
			     mit_krb5_principal client,
			     char *password,
			     mit_krb5_prompter_fct prompter,
			     void *data,
			     mit_krb5_deltat start_time,
			     char *in_tkt_service,
			     mit_krb5_get_init_creds_opt *mopt)
{
    struct comb_principal *p = (struct comb_principal *)client;
    krb5_get_init_creds_opt *opt = NULL;
    krb5_error_code ret;
    krb5_creds hcreds;
    krb5_prompter_fct pfct = NULL;

    LOG_ENTRY();

    opt = mshim_gic_opt(HC(context), mopt);

    memset(creds, 0, sizeof(*creds));
    memset(&hcreds, 0, sizeof(hcreds));

    if (prompter == krb5_prompter_posix)
	pfct = heim_krb5_prompter_posix;
    else if (prompter == NULL)
	pfct = NULL;
    else {
	if (opt)
	    heim_krb5_get_init_creds_opt_free(HC(context), opt);
	return EINVAL;
    }

    ret = heim_krb5_get_init_creds_password(HC(context), &hcreds, p->heim, password, 
					    pfct, NULL, start_time, in_tkt_service, opt);
    if (opt)
	heim_krb5_get_init_creds_opt_free(HC(context), opt);
    if (ret)
	return ret;

    mshim_hcred2mcred(HC(context), &hcreds, creds);

    heim_krb5_free_cred_contents(HC(context), &hcreds);

    return ret;
}
Beispiel #3
0
mit_krb5_error_code KRB5_CALLCONV
krb5_get_in_tkt_with_password(mit_krb5_context context,
			      mit_krb5_flags flags,
			      mit_krb5_address * const *addr,
			      mit_krb5_enctype *enctype,
			      mit_krb5_preauthtype *preauth,
			      const char *password,
			      mit_krb5_ccache cache,
			      mit_krb5_creds *cred,
			      mit_krb5_kdc_rep **rep)
{
    struct comb_principal *p;
    krb5_error_code ret;
    krb5_creds hcreds;

    LOG_ENTRY();

    if (rep)
	*rep = NULL;

    if (cred->client)
	p = (struct comb_principal *)cred->client;
    else
	return KRB5_PRINC_NOMATCH;

    memset(&hcreds, 0, sizeof(hcreds));

    ret = heim_krb5_get_init_creds_password(HC(context), &hcreds, p->heim, password,
					    NULL, NULL, 0, NULL, NULL);
    if (ret)
	return ret;
    
    if (cache)
	heim_krb5_cc_store_cred(HC(context), (krb5_ccache)cache, &hcreds);

    heim_krb5_free_cred_contents(HC(context), &hcreds);

    return 0;
}