static krb5_error_code get_from_os(char *name_buf, unsigned int name_size) { krb5_error_code result = 0; cc_context_t cc_context = NULL; cc_string_t default_name = NULL; cc_int32 ccerr = cc_initialize (&cc_context, ccapi_version_3, NULL, NULL); if (ccerr == ccNoError) { ccerr = cc_context_get_default_ccache_name (cc_context, &default_name); } if (ccerr == ccNoError) { if (strlen (default_name -> data) + 5 > name_size) { result = ENOMEM; goto cleanup; } else { snprintf (name_buf, name_size, "API:%s", default_name -> data); } } cleanup: if (cc_context != NULL) { cc_context_release (cc_context); } if (default_name != NULL) { cc_string_release (default_name); } return result; }
int KRB5_CALLCONV krb_in_tkt ( char* pname, char* pinst, char* realm) { char principal [MAX_K_NAME_SZ + 1]; cc_int32 err = ccNoError; cc_context_t cc_context = NULL; cc_int32 cc_version; cc_ccache_t ccache = NULL; err = cc_initialize (&cc_context, ccapi_version_3, &cc_version, NULL); if (err == ccNoError) { sprintf (principal, "%s%s%s@%s", pname, (pinst [0] == '\0') ? "" : ".", pinst, realm); } if (err == ccNoError) { err = cc_context_create_ccache (cc_context, TKT_FILE, cc_credentials_v4, principal, &ccache); } if (ccache != NULL) cc_ccache_release (ccache); if (cc_context != NULL) cc_context_release (cc_context); if (err != ccNoError) return KFAILURE; else return KSUCCESS; }
/* * Destroy credentials file * * Implementation in dest_tkt.c */ int KRB5_CALLCONV dest_tkt (void) { cc_int32 cc_err = ccNoError; cc_context_t cc_context = NULL; cc_int32 cc_version; cc_ccache_t ccache = NULL; cc_err = cc_initialize (&cc_context, ccapi_version_3, &cc_version, NULL); if (cc_err == ccNoError) { cc_err = cc_context_open_ccache (cc_context, TKT_FILE, &ccache); } if (cc_err == ccNoError) { cc_ccache_destroy (ccache); } if (ccache != NULL) cc_ccache_release (ccache); if (cc_context != NULL) cc_context_release (cc_context); if (cc_err != ccNoError) return RET_TKFIL; else return KSUCCESS; }
/* * Deletion from credentials file */ int KRB5_CALLCONV krb_delete_cred ( char* sname, char* sinstance, char* srealm) { cc_credentials_t theCreds = NULL; cc_credentials_iterator_t iterator = NULL; cc_int32 cc_err = ccNoError; cc_context_t cc_context = NULL; cc_int32 cc_version; cc_ccache_t ccache = NULL; cc_err = cc_initialize (&cc_context, ccapi_version_3, &cc_version, NULL); if (cc_err == ccNoError) { cc_err = cc_context_open_ccache (cc_context, TKT_FILE, &ccache); } if (cc_err == ccNoError) { cc_err = cc_ccache_new_credentials_iterator (ccache, &iterator); } if (cc_err == ccNoError) { for (;;) { /* get next creds */ cc_err = cc_credentials_iterator_next (iterator, &theCreds); if (cc_err != ccNoError) { break; } if ((theCreds -> data -> version == cc_credentials_v4) && (strcmp (theCreds -> data -> credentials.credentials_v4 -> service, sname) == 0) && (strcmp (theCreds -> data -> credentials.credentials_v4 -> service_instance, sinstance) == 0) && (strcmp (theCreds -> data -> credentials.credentials_v4 -> realm, srealm) == 0)) { cc_ccache_remove_credentials (ccache, theCreds); cc_credentials_release (theCreds); break; } cc_credentials_release (theCreds); } } if (iterator != NULL) cc_credentials_iterator_release (iterator); if (ccache != NULL) cc_ccache_release (ccache); if (cc_context != NULL) cc_context_release (cc_context); if (cc_err != ccNoError) return KFAILURE; else return KSUCCESS; }
static krb5_error_code stdcc_setup(krb5_context context, stdccCacheDataPtr ccapi_data) { int err; /* make sure the API has been intialized */ if (gCntrlBlock == NULL) { #ifdef CC_API_VER2 err = cc_initialize(&gCntrlBlock, CC_API_VER_2, NULL, NULL); #else err = cc_initialize(&gCntrlBlock, CC_API_VER_1, NULL, NULL); #endif if (err != CC_NOERROR) return cc_err_xlate(err); } /* * No ccapi_data structure, so we don't need to make sure the * ccache exists. */ if (!ccapi_data) return 0; /* * The ccache already exists */ if (ccapi_data->NamedCache) return 0; err = cc_open(gCntrlBlock, ccapi_data->cache_name, CC_CRED_V5, 0L, &ccapi_data->NamedCache); if (err == CC_NOTFOUND) err = CC_NO_EXIST; if (err == CC_NOERROR) return 0; ccapi_data->NamedCache = NULL; return cc_err_xlate(err); }
krb5_error_code KRB5_CALLCONV krb5_stdccv3_context_unlock (krb5_context context) { krb5_error_code err = 0; if (!err && !gCntrlBlock) { err = cc_initialize (&gCntrlBlock, ccapi_version_max, &gCCVersion, NULL); } if (!err) { err = cc_context_unlock(gCntrlBlock); } return cc_err_xlate(err); }
/* * Destroy all credential caches * * Implementation in memcache.c */ int KRB5_CALLCONV dest_all_tkts (void) { int count = 0; cc_ccache_iterator_t iterator = NULL; cc_int32 cc_err = ccNoError; cc_context_t cc_context = NULL; cc_int32 cc_version; cc_ccache_t ccache = NULL; cc_err = cc_initialize (&cc_context, ccapi_version_3, &cc_version, NULL); if (cc_err == ccNoError) { cc_err = cc_context_new_ccache_iterator (cc_context, &iterator); } if (cc_err == ccNoError) { for (;;) { /* get next ccache */ cc_err = cc_ccache_iterator_next (iterator, &ccache); if (cc_err != ccNoError) break; cc_ccache_destroy (ccache); count++; } } if (iterator != NULL) cc_credentials_iterator_release (iterator); if (cc_context != NULL) cc_context_release (cc_context); if ((cc_err == ccIteratorEnd) && (count == 0)) { /* first time, nothing to destroy */ return KFAILURE; } else { if (cc_err == ccIteratorEnd) { /* done */ return KSUCCESS; } else { /* error */ return KFAILURE; } } }
/* * Number of credentials in credentials cache */ int KRB5_CALLCONV krb_get_num_cred (void) { cc_credentials_t theCreds = NULL; int count = 0; cc_credentials_iterator_t iterator = NULL; cc_int32 cc_err = ccNoError; cc_context_t cc_context = NULL; cc_int32 cc_version; cc_ccache_t ccache = NULL; cc_err = cc_initialize (&cc_context, ccapi_version_3, &cc_version, NULL); if (cc_err == ccNoError) { cc_err = cc_context_open_ccache (cc_context, TKT_FILE, &ccache); } if (cc_err == ccNoError) { cc_err = cc_ccache_new_credentials_iterator (ccache, &iterator); } if (cc_err == ccNoError) { for (;;) { /* get next creds */ cc_err = cc_credentials_iterator_next (iterator, &theCreds); if (cc_err != ccNoError) break; if (theCreds -> data -> version == cc_credentials_v4) count++; cc_credentials_release (theCreds); } } if (iterator != NULL) cc_credentials_iterator_release (iterator); if (ccache != NULL) cc_ccache_release (ccache); if (cc_context != NULL) cc_context_release (cc_context); if (cc_err != ccNoError) return 0; else return count; }
/* * Credentials file -> realm mapping * * Determine the realm by opening the named cache and parsing realm from the principal */ int KRB5_CALLCONV krb_get_tf_realm ( const char* ticket_file, char* realm) { cc_string_t principal; char pname [ANAME_SZ]; char pinst [INST_SZ]; char prealm [REALM_SZ]; int kerr = KSUCCESS; cc_int32 cc_err = ccNoError; cc_context_t cc_context = NULL; cc_int32 cc_version = 0; cc_ccache_t ccache = NULL; cc_err = cc_initialize (&cc_context, ccapi_version_3, &cc_version, NULL); if (cc_err == ccNoError) { cc_err = cc_context_open_ccache (cc_context, ticket_file, &ccache); } if (cc_err == ccNoError) { cc_err = cc_ccache_get_principal (ccache, cc_credentials_v4, &principal); } if (cc_err == ccNoError) { /* found cache. get princiapl and parse it */ kerr = kname_parse (pname, pinst, prealm, (char*) principal -> data); cc_string_release (principal); } if ((cc_err == ccNoError) && (kerr == KSUCCESS)) { strcpy (realm, prealm); } if (ccache != NULL) cc_ccache_release (ccache); if (cc_context != NULL) cc_context_release (cc_context); if (kerr != KSUCCESS) return kerr; if (cc_err != ccNoError) return GC_NOTKT; else return KSUCCESS; }
/* * Credentials file -> name, instance, realm mapping */ int KRB5_CALLCONV krb_get_tf_fullname ( const char* ticket_file, char* name, char* instance, char* realm) { cc_string_t principal; int kerr = KSUCCESS; cc_int32 cc_err = ccNoError; cc_context_t cc_context = NULL; cc_int32 cc_version; cc_ccache_t ccache = NULL; cc_err = cc_initialize (&cc_context, ccapi_version_3, &cc_version, NULL); if (cc_err == ccNoError) { cc_err = cc_context_open_ccache (cc_context, ticket_file, &ccache); } if (cc_err == ccNoError) { /* found cache. get principal and parse it */ cc_err = cc_ccache_get_principal (ccache, cc_credentials_v4, &principal); } if (cc_err == ccNoError) { kerr = kname_parse (name, instance, realm, (char*) principal -> data); cc_string_release (principal); } if (ccache != NULL) cc_ccache_release (ccache); if (cc_context != NULL) cc_context_release (cc_context); if (kerr != KSUCCESS) return kerr; if (cc_err != ccNoError) return GC_NOTKT; else return KSUCCESS; }
static krb5_error_code stdccv3_setup (krb5_context context, stdccCacheDataPtr ccapi_data) { krb5_error_code err = 0; if (!err && !gCntrlBlock) { err = cc_initialize (&gCntrlBlock, ccapi_version_max, &gCCVersion, NULL); } if (!err && ccapi_data && !ccapi_data->NamedCache) { /* ccache has not been opened yet. open it. */ err = cc_context_open_ccache (gCntrlBlock, ccapi_data->cache_name, &ccapi_data->NamedCache); } if (!err && ccapi_data && ccapi_data->NamedCache) { err = stdccv3_get_timeoffset (context, ccapi_data->NamedCache); } return err; /* Don't translate. Callers will translate for us */ }
static void UpdateDefaultCache (void) { cc_string_t name; cc_int32 cc_err = ccNoError; cc_context_t cc_context = NULL; cc_int32 cc_version; cc_err = cc_initialize (&cc_context, ccapi_version_3, &cc_version, NULL); if (cc_err == ccNoError) { cc_err = cc_context_get_default_ccache_name (cc_context, &name); } if (cc_err == ccNoError) { krb_set_tkt_string ((char*) name -> data); cc_string_release (name); } if (cc_context != NULL) cc_context_release (cc_context); }
/*+************************************************************************* ** ** Fill_combo ** ** Fills the combo box with the contents of the host list. Item 0 goes ** into the edit portion and the rest go into the libt box. ** ***************************************************************************/ static void fill_combo (HWND hDlg) { int i; // Index char buff[256]; #ifdef USE_LEASH krb5_error_code retval; apiCB * cc_ctx = 0; struct _infoNC ** pNCi = 0; #endif SendDlgItemMessage(hDlg, GSS_HOST_NAME, CB_RESETCONTENT, 0, 0); SetDlgItemText(hDlg, GSS_HOST_NAME, szHost); SendDlgItemMessage(hDlg, GSS_HOST_NAME, CB_SETEDITSEL, 0, 0); for (i = 1; i < MAX_SAVED; ++i) { // Fill in the list box if (*hosts[i] == '\0') break; SendDlgItemMessage(hDlg, GSS_HOST_NAME, CB_ADDSTRING, 0, (LPARAM) ((LPSTR) hosts[i])); } SendDlgItemMessage(hDlg, GSS_SERVICE_NAME, CB_RESETCONTENT, 0, 0); SetDlgItemText(hDlg, GSS_SERVICE_NAME, szService); SendDlgItemMessage(hDlg, GSS_SERVICE_NAME, CB_SETEDITSEL, 0, 0); for (i = 1; i < MAX_SAVED; ++i) { // Fill in the list box if (*svcs[i] == '\0') break; SendDlgItemMessage(hDlg, GSS_SERVICE_NAME, CB_ADDSTRING, 0, (LPARAM) ((LPSTR) svcs[i])); } SendDlgItemMessage(hDlg, GSS_MECHANISM, CB_RESETCONTENT, 0, 0); SetDlgItemText(hDlg, GSS_MECHANISM, szMech); SendDlgItemMessage(hDlg, GSS_MECHANISM, CB_SETEDITSEL, 0, 0); for (i = 1; i < MAX_SAVED; ++i) { // Fill in the list box if (*mechs[i] == '\0') break; SendDlgItemMessage(hDlg, GSS_MECHANISM, CB_ADDSTRING, 0, (LPARAM) ((LPSTR) mechs[i])); } SendDlgItemMessage(hDlg, GSS_CCACHE_NAME, CB_RESETCONTENT, 0, 0); SetDlgItemText(hDlg, GSS_CCACHE_NAME, szCCache); SendDlgItemMessage(hDlg, GSS_CCACHE_NAME, CB_SETEDITSEL, 0, 0); #ifdef USE_LEASH retval = cc_initialize(&cc_ctx, CC_API_VER_2, NULL, NULL); if (retval) goto skip_ccache; retval = cc_get_NC_info(cc_ctx, &pNCi); if (retval) goto clean_ccache; for ( i=0; pNCi[i]; i++ ) { if (pNCi[i]->vers == CC_CRED_V5) { sprintf(buff,"API:%s",pNCi[i]->name); SendDlgItemMessage(hDlg, GSS_CCACHE_NAME, CB_ADDSTRING, 0, (LPARAM) ((LPSTR) buff)); } } clean_ccache: if (pNCi) cc_free_NC_info(cc_ctx, &pNCi); if (cc_ctx) cc_shutdown(&cc_ctx); skip_ccache: #endif /* USE_LEASH */ if ( szCCache[0] ) SendDlgItemMessage(hDlg, GSS_CCACHE_NAME, CB_ADDSTRING, 0, (LPARAM) ((LPSTR) szCCache)); SendDlgItemMessage(hDlg, GSS_CCACHE_NAME, CB_ADDSTRING, 0, (LPARAM) ((LPSTR) "MSLSA:")); SendDlgItemMessage(hDlg, GSS_MESSAGE, CB_RESETCONTENT, 0, 0); SetDlgItemText(hDlg, GSS_MESSAGE, szMessage); SendDlgItemMessage(hDlg, GSS_MESSAGE, CB_SETEDITSEL, 0, 0); for (i = 1; i < MAX_SAVED; ++i) { // Fill in the list box if (*msgs[i] == '\0') break; SendDlgItemMessage(hDlg, GSS_MESSAGE, CB_ADDSTRING, 0, (LPARAM) ((LPSTR) msgs[i])); } wsprintf(buff, "%d", port); SetDlgItemText(hDlg, GSS_PORT, buff); CheckDlgButton(hDlg, GSS_VERBOSE, verbose); CheckDlgButton(hDlg, GSS_DELEGATION, delegate); CheckDlgButton(hDlg, GSS_MUTUAL, mutual); CheckDlgButton(hDlg, GSS_REPLAY, replay); CheckDlgButton(hDlg, GSS_SEQUENCE, sequence); CheckDlgButton(hDlg, GSS_VERSION_ONE, gssv1); CheckDlgButton(hDlg, GSS_NO_AUTH, noauth); CheckDlgButton(hDlg, GSS_NO_WRAP, nowrap); CheckDlgButton(hDlg, GSS_NO_ENCRYPT, nocrypt); CheckDlgButton(hDlg, GSS_NO_MIC, nomic); if ( noauth ) { // disable the other no_xxx options EnableWindow(GetDlgItem(hDlg, GSS_NO_WRAP), FALSE); EnableWindow(GetDlgItem(hDlg, GSS_NO_ENCRYPT), FALSE); EnableWindow(GetDlgItem(hDlg, GSS_NO_MIC), FALSE); } else { // enable the other no_xxx options EnableWindow(GetDlgItem(hDlg, GSS_NO_WRAP), TRUE); EnableWindow(GetDlgItem(hDlg, GSS_NO_ENCRYPT), TRUE); EnableWindow(GetDlgItem(hDlg, GSS_NO_MIC), TRUE); } SendDlgItemMessage(hDlg, GSS_CALL_COUNT, TBM_SETRANGEMIN, (WPARAM) FALSE, (LPARAM) 1); SendDlgItemMessage(hDlg, GSS_CALL_COUNT, TBM_SETRANGEMAX, (WPARAM) FALSE, (LPARAM) 20); SendDlgItemMessage(hDlg, GSS_CALL_COUNT, TBM_SETPOS, (WPARAM) FALSE, (LPARAM) ccount); sprintf(buff,"Call Count: %d",ccount); SetWindowText(GetDlgItem(hDialog, IDC_STATIC_CCOUNT),buff); SendDlgItemMessage(hDlg, GSS_MESSAGE_COUNT, TBM_SETRANGEMIN, (WPARAM) FALSE, (LPARAM) 1); SendDlgItemMessage(hDlg, GSS_MESSAGE_COUNT, TBM_SETRANGEMAX, (WPARAM) FALSE, (LPARAM) 20); SendDlgItemMessage(hDlg, GSS_MESSAGE_COUNT, TBM_SETPOS, (WPARAM) FALSE, (LPARAM) mcount); sprintf(buff,"Message Count: %d",mcount); SetWindowText(GetDlgItem(hDialog, IDC_STATIC_MSG_COUNT),buff); }
/* * Retrieval from credentials cache */ int KRB5_CALLCONV krb_get_cred ( char* service, char* instance, char* realm, CREDENTIALS* creds) { int kerr = KSUCCESS; cc_int32 cc_err = ccNoError; cc_credentials_t theCreds = NULL; cc_credentials_iterator_t iterator = NULL; cc_context_t cc_context = NULL; cc_int32 cc_version; cc_ccache_t ccache = NULL; #ifdef USE_LOGIN_LIBRARY // If we are requesting a tgt, prompt for it if (strncmp (service, KRB_TICKET_GRANTING_TICKET, ANAME_SZ) == 0) { OSStatus err; char *cacheName; KLPrincipal outPrincipal; err = __KLInternalAcquireInitialTicketsForCache (TKT_FILE, kerberosVersion_V4, NULL, &outPrincipal, &cacheName); if (err == klNoErr) { krb_set_tkt_string (cacheName); // Tickets for the krb4 principal went here KLDisposeString (cacheName); KLDisposePrincipal (outPrincipal); } else { return GC_NOTKT; } } #endif /* USE_LOGIN_LIBRARY */ cc_err = cc_initialize (&cc_context, ccapi_version_3, &cc_version, NULL); if (cc_err == ccNoError) { cc_err = cc_context_open_ccache (cc_context, TKT_FILE, &ccache); } if (cc_err == ccNoError) { cc_err = cc_ccache_new_credentials_iterator (ccache, &iterator); } if (cc_err == ccNoError) { for (;;) { /* get next creds */ cc_err = cc_credentials_iterator_next (iterator, &theCreds); if (cc_err == ccIteratorEnd) { kerr = GC_NOTKT; break; } if (cc_err != ccNoError) { kerr = KFAILURE; break; } /* version, service, instance, realm check */ if ((theCreds -> data -> version == cc_credentials_v4) && (strcmp (theCreds -> data -> credentials.credentials_v4 -> service, service) == 0) && (strcmp (theCreds -> data -> credentials.credentials_v4 -> service_instance, instance) == 0) && (strcmp (theCreds -> data -> credentials.credentials_v4 -> realm, realm) == 0)) { /* Match! */ strcpy (creds -> service, service); strcpy (creds -> instance, instance); strcpy (creds -> realm, realm); memmove (creds -> session, theCreds -> data -> credentials.credentials_v4 -> session_key, sizeof (C_Block)); creds -> lifetime = theCreds -> data -> credentials.credentials_v4 -> lifetime; creds -> kvno = theCreds -> data -> credentials.credentials_v4 -> kvno; creds -> ticket_st.length = theCreds -> data -> credentials.credentials_v4 -> ticket_size; memmove (creds -> ticket_st.dat, theCreds -> data -> credentials.credentials_v4 -> ticket, creds -> ticket_st.length); creds -> issue_date = theCreds -> data -> credentials.credentials_v4 -> issue_date; strcpy (creds -> pname, theCreds -> data -> credentials.credentials_v4 -> principal); strcpy (creds -> pinst, theCreds -> data -> credentials.credentials_v4 -> principal_instance); creds -> stk_type = theCreds -> data -> credentials.credentials_v4 -> string_to_key_type; cc_credentials_release (theCreds); kerr = KSUCCESS; break; } else { cc_credentials_release (theCreds); } } } if (iterator != NULL) cc_credentials_iterator_release (iterator); if (ccache != NULL) cc_ccache_release (ccache); if (cc_context != NULL) cc_context_release (cc_context); if (kerr != KSUCCESS) return kerr; if (cc_err != ccNoError) return GC_NOTKT; else return KSUCCESS; }
/* * Store a ticket into the default credentials cache * cache must exist (if it didn't exist, it would have been created by in_tkt) */ int krb4int_save_credentials_addr( char* service, char* instance, char* realm, C_Block session, int lifetime, int kvno, KTEXT ticket, KRB4_32 issue_date, KRB_UINT32 local_address) { cc_int32 cc_err = ccNoError; int kerr = KSUCCESS; cc_credentials_v4_t v4creds; cc_credentials_union creds; cc_ccache_t ccache = NULL; cc_string_t principal; cc_context_t cc_context = NULL; cc_int32 cc_version; cc_err = cc_initialize (&cc_context, ccapi_version_3, &cc_version, NULL); if (cc_err == ccNoError) { /* First try existing cache */ cc_err = cc_context_open_ccache (cc_context, TKT_FILE, &ccache); } if (cc_err == ccNoError) { /* Now we have a cache. Fill out the credentials and put them in the cache. */ /* To fill out the credentials, we need the principal */ cc_err = cc_ccache_get_principal (ccache, cc_credentials_v4, &principal); } if (cc_err == ccNoError) { kerr = kname_parse (v4creds.principal, v4creds.principal_instance, v4creds.realm, (char*) principal -> data); cc_string_release (principal); } if ((cc_err == ccNoError) && (kerr == KSUCCESS)) { strncpy (v4creds.service, service, SNAME_SZ); strncpy (v4creds.service_instance, instance, INST_SZ); strncpy (v4creds.realm, realm, REALM_SZ); memmove (v4creds.session_key, session, sizeof (C_Block)); v4creds.kvno = kvno; v4creds.string_to_key_type = cc_v4_stk_unknown; v4creds.issue_date = issue_date; v4creds.address = local_address; v4creds.lifetime = lifetime; v4creds.ticket_size = ticket -> length; memmove (v4creds.ticket, ticket -> dat, ticket -> length); creds.version = cc_credentials_v4; creds.credentials.credentials_v4 = &v4creds; cc_err = cc_ccache_store_credentials (ccache, &creds); } if (ccache != NULL) cc_ccache_release (ccache); if (cc_context != NULL) cc_context_release (cc_context); if (kerr != KSUCCESS) return kerr; if (cc_err != ccNoError) return KFAILURE; else return KSUCCESS; }
/* * Retrieval from credentials file * This function is _not_!! well-defined under CCache API, because * there is no guarantee about order of credentials remaining the same. */ int KRB5_CALLCONV krb_get_nth_cred ( char* sname, char* sinstance, char* srealm, int n) { cc_credentials_t theCreds = NULL; int count = 0; cc_credentials_iterator_t iterator = NULL; cc_int32 cc_err = ccNoError; cc_context_t cc_context = NULL; cc_int32 cc_version; cc_ccache_t ccache = NULL; if (n < 1) return KFAILURE; cc_err = cc_initialize (&cc_context, ccapi_version_3, &cc_version, NULL); if (cc_err == ccNoError) { cc_err = cc_context_open_ccache (cc_context, TKT_FILE, &ccache); } if (cc_err == ccNoError) { cc_err = cc_ccache_new_credentials_iterator (ccache, &iterator); } if (cc_err == ccNoError) { for (count = 0; count < n;) { /* get next creds */ cc_err = cc_credentials_iterator_next (iterator, &theCreds); if (cc_err != ccNoError) break; if (theCreds -> data -> version == cc_credentials_v4) count++; if (count < n - 1) cc_credentials_release (theCreds); } } if (cc_err == ccNoError) { strcpy (sname, theCreds -> data -> credentials.credentials_v4 -> service); strcpy (sinstance, theCreds -> data -> credentials.credentials_v4 -> service_instance); strcpy (srealm, theCreds -> data -> credentials.credentials_v4 -> realm); } if (theCreds != NULL) cc_credentials_release (theCreds); if (iterator != NULL) cc_credentials_iterator_release (iterator); if (ccache != NULL) cc_ccache_release (ccache); if (cc_context != NULL) cc_context_release (cc_context); if (cc_err != ccNoError) return KFAILURE; else return KSUCCESS; }
int check_cc_ccache_iterator_next(void) { cc_int32 err = 0; cc_context_t context = NULL; cc_ccache_t ccache = NULL; cc_ccache_iterator_t iterator = NULL; unsigned int i; BEGIN_TEST("cc_ccache_iterator_next"); err = cc_initialize(&context, ccapi_version_3, NULL, NULL); if (!err) { err = destroy_all_ccaches(context); } // iterate with no ccaches if (!err) { err = cc_context_new_ccache_iterator(context, &iterator); } check_once_cc_ccache_iterator_next(iterator, 0, ccNoError, "iterating over an empty collection"); if (iterator) { cc_ccache_iterator_release(iterator); iterator = NULL; } // iterate with one ccache if (!err) { destroy_all_ccaches(context); err = cc_context_create_new_ccache(context, cc_credentials_v5, "*****@*****.**", &ccache); } if (ccache) { cc_ccache_release(ccache); ccache = NULL; } if (!err) { err = cc_context_new_ccache_iterator(context, &iterator); } check_once_cc_ccache_iterator_next(iterator, 1, ccNoError, "iterating over a collection of 1 ccache"); if (iterator) { cc_ccache_iterator_release(iterator); iterator = NULL; } // iterate with several ccaches if (!err) { destroy_all_ccaches(context); } for(i = 0; !err && (i < 1000); i++) { if (i%100 == 0) fprintf(stdout, "."); err = cc_context_create_new_ccache(context, cc_credentials_v5, "*****@*****.**", &ccache); if (ccache) { cc_ccache_release(ccache); ccache = NULL; } } if (!err) { err = cc_context_new_ccache_iterator(context, &iterator); } check_once_cc_ccache_iterator_next(iterator, 1000, ccNoError, "iterating over a collection of 1000 ccache"); if (iterator) { cc_ccache_iterator_release(iterator); iterator = NULL; } if (ccache) { cc_ccache_release(ccache); } if (iterator) { cc_ccache_iterator_release(iterator); } if (context) { destroy_all_ccaches(context); cc_context_release(context); } END_TEST_AND_RETURN }
void main(void) { // XXX (3) - infoNC not properly filled out when returned. infoNC** allCacheInfo = 0; // XXX (2) - bug in krbcc32 infoNC* cacheInfo; ccache_p* theCache = 0; ccache_cit* iterator = 0; cred_union* theCreds = 0; cc_uint32 err; unsigned long index; apiCB* context = 0; // XXX (1) - bug in krbcc32 cc_int32 version; printf ("Dumping all credential caches... (times are in GMT)\n"); err = cc_initialize (&context, CC_API_VER_2, &version, NULL); // XXX (1) if (err != CC_NOERROR) { printf ("*** cc_initialize returned %d ***\n", err); return; } err = cc_get_NC_info (context, &allCacheInfo); // XXX (2) - another bug if (err != CC_NOERROR) { printf ("*** cc_get_NC_info returned %d ***\n", err); return; } for (index = 0; allCacheInfo [index] != 0; index++) { cacheInfo = allCacheInfo [index]; switch (cacheInfo->vers) { case CC_CRED_V4: printf ("\tv4 credentials\n"); break; case CC_CRED_V5: printf ("\tv5 credentials\n"); break; default: printf ("\t*** bogus credentials type %d***\n", cacheInfo->vers); continue; } printf ("\tfor %s\n\tin %s\n", cacheInfo->principal, cacheInfo->name); err = cc_open (context, cacheInfo->name, cacheInfo->vers, 0L, &theCache); if (err != CC_NOERROR) { printf ("\t*** cc_open returned %d ***\n", err); continue; } err = cc_seq_fetch_creds_begin (context, theCache, &iterator); if (err != CC_NOERROR) { printf ("\t*** cc_seq_fetch_creds_begin returned %d ***\n", err); continue; } for (;;) { err = cc_seq_fetch_creds_next (context, &theCreds, iterator); if (err == CC_END) break; if (err != CC_NOERROR) { printf ("\t\t*** seq_fetch_creds returned %d ***\n", err); continue; } switch (theCreds->cred_type) { case CC_CRED_V4: { char start [26]; char end [26]; printf ("\t\t%s - %s: %s.%s@%s\n", datestring (start, theCreds->cred.pV4Cred->issue_date), datestring (end, theCreds->cred.pV4Cred->issue_date + theCreds->cred.pV4Cred->lifetime * 5 * 60), theCreds->cred.pV4Cred->service, theCreds->cred.pV4Cred->service_instance, theCreds->cred.pV4Cred->realm); break; } case CC_CRED_V5: { char start [26]; char end [26]; printf ("\t\t%s - %s: %s\n", datestring (start, theCreds->cred.pV5Cred->starttime), datestring (end, theCreds->cred.pV5Cred->endtime), theCreds->cred.pV5Cred->server); break; } } cc_free_creds (context, &theCreds); } cc_seq_fetch_creds_end (context, &iterator); cc_close (context, &theCache); printf ("\n"); } cc_free_NC_info (context, &allCacheInfo); cc_shutdown (&context); }