KLStatus KLAcquireNewInitialTicketsWithPassword(KLPrincipal inPrincipal, KLLoginOptions inLoginOptions, const char *inPassword, char **outCredCacheName) { krb5_context context = mshim_ctx(); krb5_error_code ret; krb5_ccache cache; krb5_creds creds; char *service = NULL; krb5_get_init_creds_opt *opt = NULL; LOG_ENTRY(); if (inLoginOptions) { service = inLoginOptions->service; opt = inLoginOptions->opt; } ret = heim_krb5_get_init_creds_password(context, &creds, inPrincipal, inPassword, NULL, NULL, 0, service, opt); if (ret) return ret; ret = heim_krb5_cc_cache_match(context, inPrincipal, &cache); if (ret) ret = heim_krb5_cc_new_unique(context, NULL, NULL, &cache); if (ret) goto out; ret = heim_krb5_cc_initialize(context, cache, creds.client); if(ret) goto out; ret = heim_krb5_cc_store_cred(context, cache, &creds); if (ret) goto out; if (outCredCacheName) *outCredCacheName = strdup(heim_krb5_cc_get_name(context, cache)); out: if (cache) { if (ret) krb5_cc_destroy((mit_krb5_context)context, (mit_krb5_ccache)cache); else heim_krb5_cc_close(context, cache); } heim_krb5_free_cred_contents(context, &creds); return ret; }
mit_krb5_error_code KRB5_CALLCONV krb5_get_init_creds_password(mit_krb5_context context, mit_krb5_creds *creds, mit_krb5_principal client, char *password, mit_krb5_prompter_fct prompter, void *data, mit_krb5_deltat start_time, char *in_tkt_service, mit_krb5_get_init_creds_opt *mopt) { struct comb_principal *p = (struct comb_principal *)client; krb5_get_init_creds_opt *opt = NULL; krb5_error_code ret; krb5_creds hcreds; krb5_prompter_fct pfct = NULL; LOG_ENTRY(); opt = mshim_gic_opt(HC(context), mopt); memset(creds, 0, sizeof(*creds)); memset(&hcreds, 0, sizeof(hcreds)); if (prompter == krb5_prompter_posix) pfct = heim_krb5_prompter_posix; else if (prompter == NULL) pfct = NULL; else { if (opt) heim_krb5_get_init_creds_opt_free(HC(context), opt); return EINVAL; } ret = heim_krb5_get_init_creds_password(HC(context), &hcreds, p->heim, password, pfct, NULL, start_time, in_tkt_service, opt); if (opt) heim_krb5_get_init_creds_opt_free(HC(context), opt); if (ret) return ret; mshim_hcred2mcred(HC(context), &hcreds, creds); heim_krb5_free_cred_contents(HC(context), &hcreds); return ret; }
mit_krb5_error_code KRB5_CALLCONV krb5_get_in_tkt_with_password(mit_krb5_context context, mit_krb5_flags flags, mit_krb5_address * const *addr, mit_krb5_enctype *enctype, mit_krb5_preauthtype *preauth, const char *password, mit_krb5_ccache cache, mit_krb5_creds *cred, mit_krb5_kdc_rep **rep) { struct comb_principal *p; krb5_error_code ret; krb5_creds hcreds; LOG_ENTRY(); if (rep) *rep = NULL; if (cred->client) p = (struct comb_principal *)cred->client; else return KRB5_PRINC_NOMATCH; memset(&hcreds, 0, sizeof(hcreds)); ret = heim_krb5_get_init_creds_password(HC(context), &hcreds, p->heim, password, NULL, NULL, 0, NULL, NULL); if (ret) return ret; if (cache) heim_krb5_cc_store_cred(HC(context), (krb5_ccache)cache, &hcreds); heim_krb5_free_cred_contents(HC(context), &hcreds); return 0; }