void get_top(size_t k, time_t time, ResultContainer &top_size) { std::vector<typename treap_t::p_node_type> top_nodes; { std::unique_lock<std::mutex> locker(m_lock); treap_to_container(m_treap.top(), top_nodes); for (auto it = top_nodes.begin(); it != top_nodes.end(); ++it) { auto n = *it; if (check_expiration(n, time, m_period)) { m_treap.erase(n); delete n; --m_num_events; } else { top_size.push_back(*n); } } } k = std::min(top_size.size(), k); std::function<decltype(weight_compare)> comparator_weight(weight_compare); std::partial_sort(top_size.begin(), top_size.begin() + k, top_size.end(), std::not2(comparator_weight)); top_size.resize(k); }
static int display_v5_ccache (krb5_context context, krb5_ccache ccache, int do_test, int do_verbose, int do_flags, int do_hidden, int do_json) { krb5_error_code ret; krb5_principal principal; int exit_status = 0; ret = krb5_cc_get_principal (context, ccache, &principal); if (ret) { if (do_json) { printf("{}"); return 0; } if(ret == ENOENT) { if (!do_test) krb5_warnx(context, N_("No ticket file: %s", ""), krb5_cc_get_name(context, ccache)); return 1; } else krb5_err (context, 1, ret, "krb5_cc_get_principal"); } if (do_test) exit_status = check_expiration(context, ccache, NULL); else print_tickets (context, ccache, principal, do_verbose, do_flags, do_hidden, do_json); ret = krb5_cc_close (context, ccache); if (ret) krb5_err (context, 1, ret, "krb5_cc_close"); krb5_free_principal (context, principal); return exit_status; }
static int list_caches(krb5_context context, struct klist_options *opt) { krb5_cccol_cursor cursor; const char *cdef_name; char *def_name; krb5_error_code ret; krb5_ccache id; rtbl_t ct; cdef_name = krb5_cc_default_name(context); if (cdef_name == NULL) krb5_errx(context, 1, "krb5_cc_default_name"); def_name = strdup(cdef_name); ret = krb5_cccol_cursor_new(context, &cursor); if (ret == KRB5_CC_NOSUPP) return 0; else if (ret) krb5_err (context, 1, ret, "krb5_cc_cache_get_first"); ct = rtbl_create(); rtbl_add_column(ct, COL_DEFCACHE, 0); rtbl_add_column(ct, COL_NAME, 0); rtbl_add_column(ct, COL_CACHENAME, 0); rtbl_add_column(ct, COL_EXPIRES, 0); rtbl_add_column(ct, COL_DEFCACHE, 0); rtbl_set_prefix(ct, " "); rtbl_set_column_prefix(ct, COL_DEFCACHE, ""); rtbl_set_column_prefix(ct, COL_NAME, " "); if (opt->json_flag) rtbl_set_flags(ct, RTBL_JSON); while (krb5_cccol_cursor_next(context, cursor, &id) == 0) { int expired = 0; char *name; time_t t; expired = check_expiration(context, id, &t); ret = krb5_cc_get_friendly_name(context, id, &name); if (ret == 0) { const char *str; char *fname; rtbl_add_column_entry(ct, COL_NAME, name); free(name); if (expired) str = N_(">>> Expired <<<", ""); else str = printable_time(t); rtbl_add_column_entry(ct, COL_EXPIRES, str); ret = krb5_cc_get_full_name(context, id, &fname); if (ret) krb5_err (context, 1, ret, "krb5_cc_get_full_name"); rtbl_add_column_entry(ct, COL_CACHENAME, fname); if (opt->json_flag) ; else if (strcmp(fname, def_name) == 0) rtbl_add_column_entry(ct, COL_DEFCACHE, "*"); else rtbl_add_column_entry(ct, COL_DEFCACHE, ""); krb5_xfree(fname); } krb5_cc_close(context, id); } krb5_cccol_cursor_free(context, &cursor); free(def_name); rtbl_format(ct, stdout); rtbl_destroy(ct); if (opt->json_flag) printf("\n"); return 0; }
/* * Cleartext password information has been requested. Look this up in * the config file. Set authen_data->status. * * Any strings pointed to by authen_data must come from the heap. They * will get freed by the caller. * * Return 0 if data->status is valid, otherwise 1 */ static int do_sendpass_fn(struct authen_data *data) { char *name; char *p; int expired; char *exp_date; char *secret; data->status = TAC_PLUS_AUTHEN_STATUS_FAIL; /* We must have a username */ if (!data->NAS_id->username[0]) { /* choose_authen should have already asked for a username, so this is * a gross error */ data->status = TAC_PLUS_AUTHEN_STATUS_ERROR; data->server_msg = tac_strdup("No username supplied"); report(LOG_ERR, "%s: No username for sendpass_fn", session.peer); return(0); } name = data->NAS_id->username; exp_date = cfg_get_expires(name, TAC_PLUS_RECURSE); /* The user exists. Check the expiration date, if any */ expired = check_expiration(exp_date); switch (expired) { case PW_EXPIRED: data->status = TAC_PLUS_AUTHEN_STATUS_FAIL; data->server_msg = tac_strdup("Password has expired"); return(0); default: data->status = TAC_PLUS_AUTHEN_STATUS_ERROR; data->server_msg = tac_strdup("Bad return value for password " "expiration check"); report(LOG_ERR, "%s: Bogus return value %d from check_expiration", session.peer, expired); return(0); case PW_OK: case PW_EXPIRING: /* The user exists, and has not expired. Return her secret info */ switch (data->type) { case TAC_PLUS_AUTHEN_TYPE_CHAP: secret = cfg_get_chap_secret(name, TAC_PLUS_RECURSE); if (!secret) secret = cfg_get_global_secret(name, TAC_PLUS_RECURSE); break; #ifdef MSCHAP case TAC_PLUS_AUTHEN_TYPE_MSCHAP: secret = cfg_get_mschap_secret(name, TAC_PLUS_RECURSE); if (!secret) secret = cfg_get_global_secret(name, TAC_PLUS_RECURSE); break; #endif /* MSCHAP */ case TAC_PLUS_AUTHEN_TYPE_ARAP: secret = cfg_get_arap_secret(name, TAC_PLUS_RECURSE); if (!secret) secret = cfg_get_global_secret(name, TAC_PLUS_RECURSE); break; case TAC_PLUS_AUTHEN_TYPE_PAP: secret = cfg_get_opap_secret(name, TAC_PLUS_RECURSE); break; default: data->status = TAC_PLUS_AUTHEN_STATUS_ERROR; data->server_msg = tac_strdup("Illegal authentication type"); report(LOG_ERR, "%s: Illegal authentication type %d", session.peer, data->type); return(0); } if (!secret) { data->status = TAC_PLUS_AUTHEN_STATUS_FAIL; data->server_msg = tac_strdup("No secret"); return(0); } p = tac_find_substring("cleartext ", secret); if (!p) { /* Should never happen */ data->status = TAC_PLUS_AUTHEN_STATUS_ERROR; data->server_msg = tac_strdup("Illegal secret format"); report(LOG_ERR, "%s: Illegal secret format %s", session.peer, secret); return(0); } data->server_data = tac_strdup(p); data->server_dlen = strlen(data->server_data); data->status = TAC_PLUS_AUTHEN_STATUS_PASS; if (expired == PW_EXPIRING) { data->server_msg = tac_strdup("Secret will expire soon"); } return(0); } /* never reached */ }