static int get_cred(struct kafs_data *data, const char *name, const char *inst, const char *realm, uid_t uid, struct kafs_token *kt) { CREDENTIALS c; KTEXT_ST tkt; int ret = krb_get_cred((char*)name, (char*)inst, (char*)realm, &c); if (ret) { ret = krb_mk_req(&tkt, (char*)name, (char*)inst, (char*)realm, 0); if (ret == KSUCCESS) ret = krb_get_cred((char*)name, (char*)inst, (char*)realm, &c); } if (ret == 0) ret = _kafs_v4_to_kt(&c, uid, kt); return ret; }
static krb5_error_code v5_convert(krb5_context context, krb5_ccache id, krb5_creds *cred, uid_t uid, const char *cell, struct kafs_token *kt) { krb5_error_code ret; char *c, *val; c = strdup(cell); if (c == NULL) return ENOMEM; _kafs_foldup(c, c); krb5_appdefault_string (context, "libkafs", c, "afs-use-524", "2b", &val); free(c); if (strcasecmp(val, "local") == 0 || strcasecmp(val, "2b") == 0) ret = v5_to_kt(cred, uid, kt, 1); else if(strcasecmp(val, "yes") == 0 || strcasecmp(val, "true") == 0 || atoi(val)) { struct credentials cred4; if (id == NULL) ret = krb524_convert_creds_kdc(context, cred, &cred4); else ret = krb524_convert_creds_kdc_ccache(context, id, cred, &cred4); if (ret) goto out; ret = _kafs_v4_to_kt(&cred4, uid, kt); } else ret = v5_to_kt(cred, uid, kt, 0); out: free(val); return ret; }
int kafs_settoken(const char *cell, uid_t uid, CREDENTIALS *c) { struct kafs_token kt; int ret; kt.ticket = NULL; ret = _kafs_v4_to_kt(c, uid, &kt); if (ret) return ret; if (kt.ct.EndTimestamp < time(NULL)) { free(kt.ticket); return 0; } ret = kafs_settoken_rxkad(cell, &kt.ct, kt.ticket, kt.ticket_len); free(kt.ticket); return ret; }