KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_init_context_flags(unsigned int flags, krb5_context *context) { static heim_base_once_t init_context = HEIM_BASE_ONCE_INIT; krb5_context p; krb5_error_code ret; char **files = NULL; *context = NULL; p = calloc(1, sizeof(*p)); if (!p) return ENOMEM; p->mutex = malloc(sizeof(HEIMDAL_MUTEX)); if (p->mutex == NULL) { free(p); return ENOMEM; } HEIMDAL_MUTEX_init(p->mutex); HEIMDAL_MUTEX_lock(&homedir_mutex); if (allow_homedir) p->flags |= KRB5_CTX_F_HOMEDIR_ACCESS; HEIMDAL_MUTEX_unlock(&homedir_mutex); if ((flags & KRB5_CONTEXT_FLAG_NO_CONFIG) == 0) { ret = krb5_get_default_config_files(&files); if (ret) goto out; } ret = krb5_set_config_files(p, files); krb5_free_config_files(files); if (ret) goto out; heim_base_once_f(&init_context, p, init_context_once); /* init error tables */ krb5_init_ets(p); cc_ops_register(p); kt_ops_register(p); #ifdef PKINIT ret = hx509_context_init(&p->hx509ctx); if (ret) goto out; #endif if (rk_SOCK_INIT()) p->flags |= KRB5_CTX_F_SOCKETS_INITIALIZED; out: if (ret) { krb5_free_context(p); p = NULL; } *context = p; return ret; }
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_init_context(krb5_context *context) { static heim_base_once_t init_context = HEIM_BASE_ONCE_INIT; krb5_context p; krb5_error_code ret; char **files; *context = NULL; p = calloc(1, sizeof(*p)); if(!p) return ENOMEM; p->mutex = malloc(sizeof(HEIMDAL_MUTEX)); if (p->mutex == NULL) { free(p); return ENOMEM; } HEIMDAL_MUTEX_init(p->mutex); p->flags |= KRB5_CTX_F_HOMEDIR_ACCESS; ret = krb5_get_default_config_files(&files); if(ret) goto out; ret = krb5_set_config_files(p, files); krb5_free_config_files(files); if(ret) goto out; /* done enough to load plugins */ heim_base_once_f(&init_context, p, init_context_once); /* init error tables */ krb5_init_ets(p); cc_ops_register(p); kt_ops_register(p); #ifdef PKINIT ret = hx509_context_init(&p->hx509ctx); if (ret) goto out; #endif if (rk_SOCK_INIT()) p->flags |= KRB5_CTX_F_SOCKETS_INITIALIZED; out: if(ret) { krb5_free_context(p); p = NULL; } *context = p; return ret; }
static int krb5_init(void *context) { struct authctxt *authctxt = (struct authctxt *)context; krb5_error_code problem; if (authctxt->krb5_ctx == NULL) { problem = krb5_init_context(&authctxt->krb5_ctx); if (problem) return (problem); krb5_init_ets(authctxt->krb5_ctx); } return (0); }
static int krb5_init(void *context) { Authctxt *authctxt = (Authctxt *)context; krb5_error_code problem; if (authctxt->krb5_ctx == NULL) { problem = krb5_init_context(&authctxt->krb5_ctx); if (problem) return (problem); #ifdef KRB5_INIT_ETS krb5_init_ets(authctxt->krb5_ctx); #endif } return (0); }
static int ssh_gssapi_krb5_init(void) { krb5_error_code problem; if (krb_context != NULL) return 1; problem = krb5_init_context(&krb_context); if (problem) { logit("Cannot initialize krb5 context"); return 0; } krb5_init_ets(krb_context); return 1; }
static int ssh_gssapi_krb5_init() { krb5_error_code problem; if (krb_context != NULL) return 1; problem = krb5_init_context(&krb_context); if (problem) { logit("Cannot initialize krb5 context"); return 0; } #ifdef KRB5_INIT_ETS krb5_init_ets(krb_context); #endif return 1; }
static int krb5_init(void *context) { Authctxt *authctxt = (Authctxt *)context; krb5_error_code problem; static int cleanup_registered = 0; if (authctxt->krb5_ctx == NULL) { problem = krb5_init_context(&authctxt->krb5_ctx); if (problem) return (problem); krb5_init_ets(authctxt->krb5_ctx); } if (!cleanup_registered) { fatal_add_cleanup(krb5_cleanup_proc, authctxt); cleanup_registered = 1; } return (0); }
static int change_host(Display *dpy, char *name, Bool add) { XHostAddress ha; char *lname; int namelen, i, family = FamilyWild; #ifdef K5AUTH krb5_principal princ; krb5_data kbuf; #endif #ifdef NEEDSOCKETS #ifndef AMTCPCONN static struct in_addr addr; /* so we can point at it */ #if defined(IPv6) && defined(AF_INET6) static struct in6_addr addr6; /* so we can point at it */ #else struct hostent *hp; #endif #else static ipaddr_t addr; #endif #endif char *cp; #ifdef DNETCONN struct dn_naddr *dnaddrp; struct nodeent *np; static struct dn_naddr dnaddr; #endif /* DNETCONN */ static char *add_msg = "being added to access control list"; static char *remove_msg = "being removed from access control list"; namelen = strlen(name); if ((lname = (char *)malloc(namelen+1)) == NULL) { fprintf (stderr, "%s: malloc bombed in change_host\n", ProgramName); exit (1); } for (i = 0; i < namelen; i++) { lname[i] = tolower(name[i]); } lname[namelen] = '\0'; if (!strncmp("inet:", lname, 5)) { #if defined(TCPCONN) || defined(STREAMSCONN) || defined(AMTCPCONN) family = FamilyInternet; name += 5; #else fprintf (stderr, "%s: not compiled for TCP/IP\n", ProgramName); return 0; #endif } else if (!strncmp("inet6:", lname, 6)) { #if (defined(TCPCONN) || defined(STREAMSCONN)) && \ defined(IPv6) && defined(AF_INET6) family = FamilyInternet6; name += 6; #else fprintf (stderr, "%s: not compiled for IPv6\n", ProgramName); return 0; #endif } else if (!strncmp("dnet:", lname, 5)) { #ifdef DNETCONN family = FamilyDECnet; name += 5; #else fprintf (stderr, "%s: not compiled for DECnet\n", ProgramName); return 0; #endif } else if (!strncmp("nis:", lname, 4)) { #ifdef SECURE_RPC family = FamilyNetname; name += 4; #else fprintf (stderr, "%s: not compiled for Secure RPC\n", ProgramName); return 0; #endif } else if (!strncmp("krb:", lname, 4)) { #ifdef K5AUTH family = FamilyKrb5Principal; name +=4; #else fprintf (stderr, "%s: not compiled for Kerberos 5\n", ProgramName); return 0; #endif } else if (!strncmp("local:", lname, 6)) { family = FamilyLocalHost; } if (family == FamilyWild && (cp = strchr(lname, ':'))) { *cp = '\0'; fprintf (stderr, "%s: unknown address family \"%s\"\n", ProgramName, lname); return 0; } free(lname); #ifdef DNETCONN if (family == FamilyDECnet || (cp = strchr(name, ':')) && (*(cp + 1) == ':') && !(*cp = '\0')) { ha.family = FamilyDECnet; if (dnaddrp = dnet_addr(name)) { dnaddr = *dnaddrp; } else { if ((np = getnodebyname (name)) == NULL) { fprintf (stderr, "%s: unable to get node name for \"%s::\"\n", ProgramName, name); return 0; } dnaddr.a_len = np->n_length; memmove( dnaddr.a_addr, np->n_addr, np->n_length); } ha.length = sizeof(struct dn_naddr); ha.address = (char *)&dnaddr; if (add) { XAddHost (dpy, &ha); printf ("%s:: %s\n", name, add_msg); } else { XRemoveHost (dpy, &ha); printf ("%s:: %s\n", name, remove_msg); } return 1; } #endif /* DNETCONN */ #ifdef K5AUTH if (family == FamilyKrb5Principal) { krb5_error_code retval; retval = krb5_parse_name(name, &princ); if (retval) { krb5_init_ets(); /* init krb errs for error_message() */ fprintf(stderr, "%s: cannot parse Kerberos name: %s\n", ProgramName, error_message(retval)); return 0; } XauKrb5Encode(princ, &kbuf); ha.length = kbuf.length; ha.address = kbuf.data; ha.family = family; if (add) XAddHost(dpy, &ha); else XRemoveHost(dpy, &ha); krb5_free_principal(princ); free(kbuf.data); printf( "%s %s\n", name, add ? add_msg : remove_msg); return 1; } #endif if (family == FamilyLocalHost) { ha.length = 0; ha.address = ""; ha.family = family; if (add) XAddHost(dpy, &ha); else XRemoveHost(dpy, &ha); printf( "non-network local connections %s\n", add ? add_msg : remove_msg); return 1; } /* * If it has an '@', it's a netname */ if ((family == FamilyNetname && (cp = strchr(name, '@'))) || (cp = strchr(name, '@'))) { char *netname = name; #ifdef SECURE_RPC static char username[MAXNETNAMELEN]; if (!cp[1]) { struct passwd *pwd; static char domainname[128]; *cp = '\0'; pwd = getpwnam(name); if (!pwd) { fprintf(stderr, "no such user \"%s\"\n", name); return 0; } getdomainname(domainname, sizeof(domainname)); if (!user2netname(username, pwd->pw_uid, domainname)) { fprintf(stderr, "failed to get netname for \"%s\"\n", name); return 0; } netname = username; } #endif ha.family = FamilyNetname; ha.length = strlen(netname); ha.address = netname; if (add) XAddHost (dpy, &ha); else XRemoveHost (dpy, &ha); if (netname != name) printf ("%s@ (%s) %s\n", name, netname, add ? add_msg : remove_msg); else printf ("%s %s\n", netname, add ? add_msg : remove_msg); return 1; } #ifdef NEEDSOCKETS /* * First see if inet_addr() can grok the name; if so, then use it. */ #ifndef AMTCPCONN if (((family == FamilyWild) || (family == FamilyInternet)) && ((addr.s_addr = inet_addr(name)) != -1)) { #else if (((family == FamilyWild) || (family == FamilyInternet)) && ((addr = inet_addr(name)) != -1)) { #endif ha.family = FamilyInternet; ha.length = 4; /* but for Cray would be sizeof(addr.s_addr) */ ha.address = (char *)&addr; /* but for Cray would be &addr.s_addr */ if (add) { XAddHost (dpy, &ha); printf ("%s %s\n", name, add_msg); } else { XRemoveHost (dpy, &ha); printf ("%s %s\n", name, remove_msg); } return 1; } #if defined(IPv6) && defined(AF_INET6) /* * Check to see if inet_pton() can grok it as an IPv6 address */ else if (((family == FamilyWild) || (family == FamilyInternet6)) && (inet_pton(AF_INET6, name, &addr6.s6_addr) == 1)) { ha.family = FamilyInternet6; ha.length = sizeof(addr6.s6_addr); ha.address = (char *) &addr6.s6_addr; if (add) { XAddHost (dpy, &ha); printf ("%s %s\n", name, add_msg); } else { XRemoveHost (dpy, &ha); printf ("%s %s\n", name, remove_msg); } return 1; } else { /* * Is it in the namespace? * * If no family was specified, use both Internet v4 & v6 addresses. * Otherwise, use only addresses matching specified family. */ struct addrinfo *addresses; struct addrinfo *a; Bool didit = False; if (getaddrinfo(name, NULL, NULL, &addresses) != 0) return 0; for (a = addresses; a != NULL; a = a->ai_next) { if ( ((a->ai_family == AF_INET) && (family != FamilyInternet6)) || ((a->ai_family == AF_INET6) && (family != FamilyInternet)) ) { char ad[INET6_ADDRSTRLEN]; ha.family = XFamily(a->ai_family); if (a->ai_family == AF_INET6) { ha.address = (char *) &((struct sockaddr_in6 *) a->ai_addr)->sin6_addr; ha.length = sizeof (((struct sockaddr_in6 *) a->ai_addr)->sin6_addr); } else { ha.address = (char *) &((struct sockaddr_in *) a->ai_addr)->sin_addr; ha.length = sizeof (((struct sockaddr_in *) a->ai_addr)->sin_addr); } inet_ntop(a->ai_family, ha.address, ad, sizeof(ad)); /* printf("Family: %d\nLength: %d\n", a->ai_family, ha.length); */ /* printf("Address: %s\n", ad); */ if (add) { XAddHost (dpy, &ha); } else { XRemoveHost (dpy, &ha); } didit = True; } } if (didit == True) { printf ("%s %s\n", name, add ? add_msg : remove_msg); } else { const char *familyMsg = ""; if (family == FamilyInternet6) { familyMsg = "inet6 "; } else if (family == FamilyInternet) { familyMsg = "inet "; } fprintf(stderr, "%s: unable to get %saddress for \"%s\"\n", ProgramName, familyMsg, name); } freeaddrinfo(addresses); return 1; } #else /* !IPv6 */ /* * Is it in the namespace? */ else if (((hp = gethostbyname(name)) == (struct hostent *)NULL) || hp->h_addrtype != AF_INET) { return 0; } else { ha.family = XFamily(hp->h_addrtype); ha.length = hp->h_length; #ifdef h_addr /* new 4.3bsd version of gethostent */ { char **list; /* iterate over the hosts */ for (list = hp->h_addr_list; *list; list++) { ha.address = *list; if (add) { XAddHost (dpy, &ha); } else { XRemoveHost (dpy, &ha); } } } #else ha.address = hp->h_addr; if (add) { XAddHost (dpy, &ha); } else { XRemoveHost (dpy, &ha); } #endif printf ("%s %s\n", name, add ? add_msg : remove_msg); return 1; } #endif /* IPv6 */ #else /* NEEDSOCKETS */ return 0; #endif /* NEEDSOCKETS */ }
/*ARGSUSED*/ void Krb5InitAuth (unsigned short name_len, char *name) { krb5_init_ets(); /* initialize error_message() tables */ }
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_copy_context(krb5_context context, krb5_context *out) { krb5_error_code ret; krb5_context p; *out = NULL; p = calloc(1, sizeof(*p)); if (p == NULL) return krb5_enomem(context); p->mutex = malloc(sizeof(HEIMDAL_MUTEX)); if (p->mutex == NULL) { free(p); return krb5_enomem(context); } HEIMDAL_MUTEX_init(p->mutex); if (context->default_cc_name) p->default_cc_name = strdup(context->default_cc_name); if (context->default_cc_name_env) p->default_cc_name_env = strdup(context->default_cc_name_env); if (context->etypes) { ret = copy_etypes(context, context->etypes, &p->etypes); if (ret) goto out; } if (context->etypes_des) { ret = copy_etypes(context, context->etypes_des, &p->etypes_des); if (ret) goto out; } if (context->default_realms) { ret = krb5_copy_host_realm(context, context->default_realms, &p->default_realms); if (ret) goto out; } ret = _krb5_config_copy(context, context->cf, &p->cf); if (ret) goto out; /* XXX should copy */ krb5_init_ets(p); cc_ops_copy(p, context); kt_ops_copy(p, context); #if 0 /* XXX */ if(context->warn_dest != NULL) ; if(context->debug_dest != NULL) ; #endif ret = krb5_set_extra_addresses(p, context->extra_addresses); if (ret) goto out; ret = krb5_set_extra_addresses(p, context->ignore_addresses); if (ret) goto out; ret = _krb5_copy_send_to_kdc_func(p, context); if (ret) goto out; *out = p; return 0; out: krb5_free_context(p); return ret; }
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_init_context(krb5_context *context) { static heim_base_once_t init_context = HEIM_BASE_ONCE_INIT; krb5_context p; krb5_error_code ret; char **files; uint8_t rnd; *context = NULL; /** * krb5_init_context() will get one random byte to make sure our * random is alive. Assumption is that once the non blocking * source allows us to pull bytes, its all seeded and allows us to * pull more bytes. * * Most Kerberos users calls krb5_init_context(), so this is * useful point where we can do the checking. */ ret = krb5_generate_random(&rnd, sizeof(rnd)); if (ret) return ret; p = calloc(1, sizeof(*p)); if(!p) return ENOMEM; p->mutex = malloc(sizeof(HEIMDAL_MUTEX)); if (p->mutex == NULL) { free(p); return ENOMEM; } HEIMDAL_MUTEX_init(p->mutex); p->flags |= KRB5_CTX_F_HOMEDIR_ACCESS; ret = krb5_get_default_config_files(&files); if(ret) goto out; ret = krb5_set_config_files(p, files); krb5_free_config_files(files); if(ret) goto out; /* done enough to load plugins */ heim_base_once_f(&init_context, p, init_context_once); /* init error tables */ krb5_init_ets(p); cc_ops_register(p); kt_ops_register(p); #ifdef PKINIT ret = hx509_context_init(&p->hx509ctx); if (ret) goto out; #endif if (rk_SOCK_INIT()) p->flags |= KRB5_CTX_F_SOCKETS_INITIALIZED; out: if(ret) { krb5_free_context(p); p = NULL; } *context = p; return ret; }
/* * Function: Initialize the current instance of the KWIN application. * * Parameters: * hinstance - the instance to initialize * * ncmdshow - show flag to indicate wheather to come up minimized * or not. * * Returns: TRUE if initialized sucessfully, false otherwise. */ static BOOL init_instance(HINSTANCE hinstance, int ncmdshow) { WORD versionrequested; WSADATA wsadata; int rc; int i; versionrequested = 0x0101; /* We need version 1.1 */ rc = WSAStartup(versionrequested, &wsadata); if (rc != 0) { MessageBox(NULL, "Couldn't initialize Winsock library", "", MB_OK | MB_ICONSTOP); return FALSE; } if (versionrequested != wsadata.wVersion) { WSACleanup(); MessageBox(NULL, "Winsock version 1.1 not available", "", MB_OK | MB_ICONSTOP); return FALSE; } #ifdef KRB5 { krb5_error_code code; code = krb5_init_context(&k5_context); if (!code) { #if 0 /* Not needed under windows */ krb5_init_ets(k5_context); #endif code = k5_init_ccache(&k5_ccache); } if (code) { com_err(NULL, code, "while initializing program"); return FALSE; } k5_name_from_ccache(k5_ccache); } #endif cns_load_registry(); /* * Set up expiration action */ alert = cns_res.alert; beep = cns_res.beep; /* * ticket options */ forwardable = cns_res.forwardable; noaddresses = cns_res.noaddresses; /* * Load clock icons */ for (i = IDI_FIRST_CLOCK; i <= IDI_LAST_CLOCK; i++) kwin_icons[i - IDI_FIRST_CLOCK] = LoadIcon(hinstance, MAKEINTRESOURCE(i)); #ifdef KRB4 krb_start_session(NULL); #endif return TRUE; }
main() { krb5_init_ets(); tkt_test_1(); }