const char* principal::getRealm() const{
#ifdef HEIMDAL
return krb5_realm_data(_principal)->realm;
#else
return _principal->realm.data;
#endif
}
/*
* Get a ticket granting ticket and stuff it in the cache
*/
static const char *
get_tgt(
char * keytab_name,
char * principal_name)
{
krb5_context context;
krb5_error_code ret;
krb5_principal client = NULL, server = NULL;
krb5_creds creds;
krb5_keytab keytab;
krb5_ccache ccache;
krb5_timestamp now;
#ifdef KRB5_HEIMDAL_INCLUDES
krb5_data tgtname = { KRB5_TGS_NAME_SIZE, KRB5_TGS_NAME };
#else
krb5_data tgtname = { 0, KRB5_TGS_NAME_SIZE, KRB5_TGS_NAME };
#endif
static char *error = NULL;
if (error != NULL) {
amfree(error);
error = NULL;
}
if ((ret = krb5_init_context(&context)) != 0) {
error = vstrallocf(_("error initializing krb5 context: %s"),
error_message(ret));
return (error);
}
/*krb5_init_ets(context);*/
if(!keytab_name) {
error = vstrallocf(_("error -- no krb5 keytab defined"));
return(error);
}
if(!principal_name) {
error = vstrallocf(_("error -- no krb5 principal defined"));
return(error);
}
/*
* Resolve keytab file into a keytab object
*/
if ((ret = krb5_kt_resolve(context, keytab_name, &keytab)) != 0) {
error = vstrallocf(_("error resolving keytab %s: %s"), keytab_name,
error_message(ret));
return (error);
}
/*
* Resolve the amanda service held in the keytab into a principal
* object
*/
ret = krb5_parse_name(context, principal_name, &client);
if (ret != 0) {
error = vstrallocf(_("error parsing %s: %s"), principal_name,
error_message(ret));
return (error);
}
#ifdef KRB5_HEIMDAL_INCLUDES
ret = krb5_build_principal_ext(context, &server,
krb5_realm_length(*krb5_princ_realm(context, client)),
krb5_realm_data(*krb5_princ_realm(context, client)),
tgtname.length, tgtname.data,
krb5_realm_length(*krb5_princ_realm(context, client)),
krb5_realm_data(*krb5_princ_realm(context, client)),
0);
#else
ret = krb5_build_principal_ext(context, &server,
krb5_princ_realm(context, client)->length,
krb5_princ_realm(context, client)->data,
tgtname.length, tgtname.data,
krb5_princ_realm(context, client)->length,
krb5_princ_realm(context, client)->data,
0);
#endif
if (ret != 0) {
error = vstrallocf(_("error while building server name: %s"),
error_message(ret));
return (error);
}
ret = krb5_timeofday(context, &now);
if (ret != 0) {
error = vstrallocf(_("error getting time of day: %s"), error_message(ret));
return (error);
}
memset(&creds, 0, SIZEOF(creds));
creds.times.starttime = 0;
creds.times.endtime = now + AMANDA_TKT_LIFETIME;
creds.client = client;
creds.server = server;
/*
* Get a ticket for the service, using the keytab
*/
ret = krb5_get_in_tkt_with_keytab(context, 0, NULL, NULL, NULL,
keytab, 0, &creds, 0);
if (ret != 0) {
error = vstrallocf(_("error getting ticket for %s: %s"),
principal_name, error_message(ret));
goto cleanup2;
}
if ((ret = krb5_cc_default(context, &ccache)) != 0) {
error = vstrallocf(_("error initializing ccache: %s"), error_message(ret));
goto cleanup;
}
if ((ret = krb5_cc_initialize(context, ccache, client)) != 0) {
error = vstrallocf(_("error initializing ccache: %s"), error_message(ret));
goto cleanup;
}
if ((ret = krb5_cc_store_cred(context, ccache, &creds)) != 0) {
error = vstrallocf(_("error storing creds in ccache: %s"),
error_message(ret));
/* FALLTHROUGH */
}
krb5_cc_close(context, ccache);
cleanup:
krb5_free_cred_contents(context, &creds);
cleanup2:
#if 0
krb5_free_principal(context, client);
krb5_free_principal(context, server);
#endif
krb5_free_context(context);
return (error);
}
