void _gss_scram_iter_creds_f(OM_uint32 flags, void *userctx , void (*cred_iter)(void *, gss_OID, gss_cred_id_t)) { krb5_error_code ret; krb5_context context = NULL; krb5_storage *request, *response; krb5_data response_data; ret = krb5_init_context(&context); if (ret) goto done; ret = krb5_kcm_storage_request(context, KCM_OP_GET_SCRAM_USER_LIST, &request); if (ret) goto done; ret = krb5_kcm_call(context, request, &response, &response_data); krb5_storage_free(request); if (ret) goto done; while (1) { uint32_t morep; kcmuuid_t uuid; char *user = NULL; krb5_ssize_t sret; ret = krb5_ret_uint32(response, &morep); if (ret) goto out; if (!morep) goto out; ret = krb5_ret_stringz(response, &user); if (ret) goto out; sret = krb5_storage_read(response, uuid, sizeof(uuid)); if (sret != sizeof(uuid)) goto out; cred_iter(userctx, GSS_SCRAM_MECHANISM, (gss_cred_id_t)user); } out: krb5_storage_free(response); krb5_data_free(&response_data); done: if (context) krb5_free_context(context); (*cred_iter)(userctx, NULL, NULL); }
void GSSAPI_CALLCONV _gss_ntlm_iter_creds_f(OM_uint32 flags, void *userctx , void (*cred_iter)(void *, gss_OID, gss_cred_id_t)) { #ifdef HAVE_KCM krb5_error_code ret; krb5_context context = NULL; krb5_storage *request, *response; krb5_data response_data; ret = krb5_init_context(&context); if (ret) goto done; ret = krb5_kcm_storage_request(context, KCM_OP_GET_NTLM_USER_LIST, &request); if (ret) goto done; ret = krb5_kcm_call(context, request, &response, &response_data); krb5_storage_free(request); if (ret) goto done; while (1) { uint32_t morep; char *user = NULL, *domain = NULL; ntlm_cred dn; ret = krb5_ret_uint32(response, &morep); if (ret) goto out; if (!morep) goto out; ret = krb5_ret_stringz(response, &user); if (ret) goto out; ret = krb5_ret_stringz(response, &domain); if (ret) { free(user); goto out; } dn = calloc(1, sizeof(*dn)); if (dn == NULL) { free(user); free(domain); goto out; } dn->username = user; dn->domain = domain; cred_iter(userctx, GSS_NTLM_MECHANISM, (gss_cred_id_t)dn); } out: krb5_storage_free(response); krb5_data_free(&response_data); done: if (context) krb5_free_context(context); #endif /* HAVE_KCM */ (*cred_iter)(userctx, NULL, NULL); }