/* get_principal * * - return the principal associated with the named cache */ krb5_error_code KRB5_CALLCONV krb5_stdccv3_get_principal (krb5_context context, krb5_ccache id , krb5_principal *princ) { krb5_error_code err = 0; stdccCacheDataPtr ccapi_data = id->data; cc_string_t name = NULL; if (!err) { err = stdccv3_setup(context, ccapi_data); } if (!err) { err = cc_ccache_get_principal (ccapi_data->NamedCache, cc_credentials_v5, &name); } if (!err) { err = krb5_parse_name (context, name->data, princ); } if (name) { cc_string_release (name); } return cc_err_xlate (err); }
/* * Credentials file -> realm mapping * * Determine the realm by opening the named cache and parsing realm from the principal */ int KRB5_CALLCONV krb_get_tf_realm ( const char* ticket_file, char* realm) { cc_string_t principal; char pname [ANAME_SZ]; char pinst [INST_SZ]; char prealm [REALM_SZ]; int kerr = KSUCCESS; cc_int32 cc_err = ccNoError; cc_context_t cc_context = NULL; cc_int32 cc_version = 0; cc_ccache_t ccache = NULL; cc_err = cc_initialize (&cc_context, ccapi_version_3, &cc_version, NULL); if (cc_err == ccNoError) { cc_err = cc_context_open_ccache (cc_context, ticket_file, &ccache); } if (cc_err == ccNoError) { cc_err = cc_ccache_get_principal (ccache, cc_credentials_v4, &principal); } if (cc_err == ccNoError) { /* found cache. get princiapl and parse it */ kerr = kname_parse (pname, pinst, prealm, (char*) principal -> data); cc_string_release (principal); } if ((cc_err == ccNoError) && (kerr == KSUCCESS)) { strcpy (realm, prealm); } if (ccache != NULL) cc_ccache_release (ccache); if (cc_context != NULL) cc_context_release (cc_context); if (kerr != KSUCCESS) return kerr; if (cc_err != ccNoError) return GC_NOTKT; else return KSUCCESS; }
/* * Credentials file -> name, instance, realm mapping */ int KRB5_CALLCONV krb_get_tf_fullname ( const char* ticket_file, char* name, char* instance, char* realm) { cc_string_t principal; int kerr = KSUCCESS; cc_int32 cc_err = ccNoError; cc_context_t cc_context = NULL; cc_int32 cc_version; cc_ccache_t ccache = NULL; cc_err = cc_initialize (&cc_context, ccapi_version_3, &cc_version, NULL); if (cc_err == ccNoError) { cc_err = cc_context_open_ccache (cc_context, ticket_file, &ccache); } if (cc_err == ccNoError) { /* found cache. get principal and parse it */ cc_err = cc_ccache_get_principal (ccache, cc_credentials_v4, &principal); } if (cc_err == ccNoError) { kerr = kname_parse (name, instance, realm, (char*) principal -> data); cc_string_release (principal); } if (ccache != NULL) cc_ccache_release (ccache); if (cc_context != NULL) cc_context_release (cc_context); if (kerr != KSUCCESS) return kerr; if (cc_err != ccNoError) return GC_NOTKT; else return KSUCCESS; }
/* * Store a ticket into the default credentials cache * cache must exist (if it didn't exist, it would have been created by in_tkt) */ int krb4int_save_credentials_addr( char* service, char* instance, char* realm, C_Block session, int lifetime, int kvno, KTEXT ticket, KRB4_32 issue_date, KRB_UINT32 local_address) { cc_int32 cc_err = ccNoError; int kerr = KSUCCESS; cc_credentials_v4_t v4creds; cc_credentials_union creds; cc_ccache_t ccache = NULL; cc_string_t principal; cc_context_t cc_context = NULL; cc_int32 cc_version; cc_err = cc_initialize (&cc_context, ccapi_version_3, &cc_version, NULL); if (cc_err == ccNoError) { /* First try existing cache */ cc_err = cc_context_open_ccache (cc_context, TKT_FILE, &ccache); } if (cc_err == ccNoError) { /* Now we have a cache. Fill out the credentials and put them in the cache. */ /* To fill out the credentials, we need the principal */ cc_err = cc_ccache_get_principal (ccache, cc_credentials_v4, &principal); } if (cc_err == ccNoError) { kerr = kname_parse (v4creds.principal, v4creds.principal_instance, v4creds.realm, (char*) principal -> data); cc_string_release (principal); } if ((cc_err == ccNoError) && (kerr == KSUCCESS)) { strncpy (v4creds.service, service, SNAME_SZ); strncpy (v4creds.service_instance, instance, INST_SZ); strncpy (v4creds.realm, realm, REALM_SZ); memmove (v4creds.session_key, session, sizeof (C_Block)); v4creds.kvno = kvno; v4creds.string_to_key_type = cc_v4_stk_unknown; v4creds.issue_date = issue_date; v4creds.address = local_address; v4creds.lifetime = lifetime; v4creds.ticket_size = ticket -> length; memmove (v4creds.ticket, ticket -> dat, ticket -> length); creds.version = cc_credentials_v4; creds.credentials.credentials_v4 = &v4creds; cc_err = cc_ccache_store_credentials (ccache, &creds); } if (ccache != NULL) cc_ccache_release (ccache); if (cc_context != NULL) cc_context_release (cc_context); if (kerr != KSUCCESS) return kerr; if (cc_err != ccNoError) return KFAILURE; else return KSUCCESS; }