Example #1
0
/* get_principal
 *
 * - return the principal associated with the named cache
 */
krb5_error_code KRB5_CALLCONV 
krb5_stdccv3_get_principal (krb5_context context, 
                            krb5_ccache id , 
                            krb5_principal *princ) 
{
    krb5_error_code err = 0;
    stdccCacheDataPtr ccapi_data = id->data;
    cc_string_t name = NULL;
    
    if (!err) {
        err = stdccv3_setup(context, ccapi_data);
    }
    
    if (!err) {
        err = cc_ccache_get_principal (ccapi_data->NamedCache, cc_credentials_v5, &name);
    }
    
    if (!err) {
        err = krb5_parse_name (context, name->data, princ);
    }
    
    if (name) { cc_string_release (name); }
    
    return cc_err_xlate (err);
}
Example #2
0
/*
 * Credentials file -> realm mapping
 *
 * Determine the realm by opening the named cache and parsing realm from the principal
 */
int KRB5_CALLCONV
krb_get_tf_realm (
	const char*		ticket_file,
	char*			realm)
{
	cc_string_t		principal;
	char			pname [ANAME_SZ];
	char			pinst [INST_SZ];
	char			prealm [REALM_SZ];
    int				kerr = KSUCCESS;
	cc_int32		cc_err = ccNoError;
	cc_context_t	cc_context = NULL;
    cc_int32		cc_version = 0;
    cc_ccache_t		ccache = NULL;
	
	cc_err = cc_initialize (&cc_context, ccapi_version_3, &cc_version, NULL);
	
    if (cc_err == ccNoError) {
        cc_err = cc_context_open_ccache (cc_context, ticket_file, &ccache);
	}

    if (cc_err == ccNoError) {
        cc_err = cc_ccache_get_principal (ccache, cc_credentials_v4, &principal);
	}

    if (cc_err == ccNoError) {
        /* found cache. get princiapl and parse it */
        kerr = kname_parse (pname, pinst, prealm, (char*) principal -> data);
        cc_string_release (principal);
    }
    
    if ((cc_err == ccNoError) && (kerr == KSUCCESS)) {
        strcpy (realm, prealm);
    }
    
    if (ccache != NULL) 
        cc_ccache_release (ccache);
    if (cc_context != NULL) 
        cc_context_release (cc_context);
    
    if (kerr != KSUCCESS)
        return kerr;
	if (cc_err != ccNoError)
		return GC_NOTKT;
    else
        return KSUCCESS;
}
Example #3
0
/*
 * Credentials file -> name, instance, realm mapping
 */
int KRB5_CALLCONV
krb_get_tf_fullname (
	const char*		ticket_file,
	char*			name,
	char*			instance,
	char*			realm)
{
	cc_string_t		principal;
	int				kerr = KSUCCESS;
	cc_int32		cc_err = ccNoError;
	cc_context_t	cc_context = NULL;
    cc_int32		cc_version;
    cc_ccache_t		ccache = NULL;
	
	cc_err = cc_initialize (&cc_context, ccapi_version_3, &cc_version, NULL);
	
    if (cc_err == ccNoError) {
        cc_err = cc_context_open_ccache (cc_context, ticket_file, &ccache);
	}

    if (cc_err == ccNoError) {
        /* found cache. get principal and parse it */
        cc_err = cc_ccache_get_principal (ccache, cc_credentials_v4, &principal);
	}

    if (cc_err == ccNoError) {
        kerr = kname_parse (name, instance, realm, (char*) principal -> data);
        cc_string_release (principal);
	}
    
    if (ccache != NULL)
        cc_ccache_release (ccache);    
    if (cc_context != NULL)
        cc_context_release (cc_context);
    
    if (kerr != KSUCCESS)
        return kerr;
	if (cc_err != ccNoError)
		return GC_NOTKT;
    else
        return KSUCCESS;
}
Example #4
0
/*
 * Store a ticket into the default credentials cache
 * cache must exist (if it didn't exist, it would have been created by in_tkt)
 */
int
krb4int_save_credentials_addr(
	char*			service,
	char*			instance,
	char*			realm,
	C_Block			session,
	int				lifetime,
	int				kvno,
	KTEXT			ticket,
	KRB4_32			issue_date,
	KRB_UINT32		local_address)
{
	cc_int32				cc_err = ccNoError;
	int						kerr = KSUCCESS;
	cc_credentials_v4_t		v4creds;
	cc_credentials_union	creds;
	cc_ccache_t				ccache = NULL;
	cc_string_t				principal;
	cc_context_t			cc_context = NULL;
    cc_int32				cc_version;
	
	cc_err = cc_initialize (&cc_context, ccapi_version_3, &cc_version, NULL);
	
	if (cc_err == ccNoError) {
        /* First try existing cache */
        cc_err = cc_context_open_ccache (cc_context, TKT_FILE, &ccache);
	}
	
    if (cc_err == ccNoError) {
        /* Now we have a cache. Fill out the credentials and put them in the cache. */
        /* To fill out the credentials, we need the principal */
        cc_err = cc_ccache_get_principal (ccache, cc_credentials_v4, &principal);
	}
    
    if (cc_err == ccNoError) {
        kerr = kname_parse (v4creds.principal, v4creds.principal_instance, v4creds.realm, (char*) principal -> data);
        cc_string_release (principal);
	}
    
	if ((cc_err == ccNoError) && (kerr == KSUCCESS)) {
		strncpy (v4creds.service, service, SNAME_SZ);
        strncpy (v4creds.service_instance, instance, INST_SZ);
        strncpy (v4creds.realm, realm, REALM_SZ);
        memmove (v4creds.session_key, session, sizeof (C_Block));
        v4creds.kvno = kvno;
        v4creds.string_to_key_type = cc_v4_stk_unknown;
        v4creds.issue_date = issue_date;
        v4creds.address = local_address;
        v4creds.lifetime = lifetime;
        v4creds.ticket_size = ticket -> length;
        memmove (v4creds.ticket, ticket -> dat, ticket -> length);
        
        creds.version = cc_credentials_v4;
        creds.credentials.credentials_v4 = &v4creds;
        
        cc_err = cc_ccache_store_credentials (ccache, &creds);
    }
	
    if (ccache != NULL)
        cc_ccache_release (ccache);
    if (cc_context != NULL)
        cc_context_release (cc_context);
    
    if (kerr != KSUCCESS)
        return kerr;
	if (cc_err != ccNoError)
		return KFAILURE;
    else
        return KSUCCESS;
}