/*
* destroy
*
* - free our storage and the cache
*/
krb5_error_code KRB5_CALLCONV
krb5_stdccv3_destroy (krb5_context context,
krb5_ccache id)
{
krb5_error_code err = 0;
stdccCacheDataPtr ccapi_data = id->data;
if (!err) {
err = stdccv3_setup(context, ccapi_data);
}
if (!err) {
if (ccapi_data) {
if (ccapi_data->cache_name) {
free(ccapi_data->cache_name);
}
if (ccapi_data->NamedCache) {
/* destroy the named cache */
err = cc_ccache_destroy(ccapi_data->NamedCache);
if (err == ccErrCCacheNotFound) {
err = 0; /* ccache maybe already destroyed */
}
cache_changed();
}
free(ccapi_data);
id->data = NULL;
}
free(id);
}
return cc_err_xlate(err);
}
/*
* store
*
* store some credentials in our cache
*/
krb5_error_code KRB5_CALLCONV
krb5_stdccv3_store (krb5_context context, krb5_ccache id, krb5_creds *creds )
{
krb5_error_code err = 0;
stdccCacheDataPtr ccapi_data = id->data;
cc_credentials_union *cred_union = NULL;
if (!err) {
err = stdccv3_setup (context, ccapi_data);
}
if (!err) {
/* copy the fields from the almost identical structures */
err = copy_krb5_creds_to_cc_cred_union (context, creds, &cred_union);
}
if (!err) {
err = cc_ccache_store_credentials (ccapi_data->NamedCache, cred_union);
}
if (!err) {
cache_changed();
}
if (cred_union) { cred_union_release (cred_union); }
return cc_err_xlate (err);
}
/*
* store
*
* store some credentials in our cache
*/
krb5_error_code KRB5_CALLCONV krb5_stdcc_store
(krb5_context context, krb5_ccache id, krb5_creds *creds )
{
krb5_error_code retval;
stdccCacheDataPtr ccapi_data = id->data;
cred_union *cu = NULL;
int err;
if ((retval = stdcc_setup(context, ccapi_data)))
return retval;
/* copy the fields from the almost identical structures */
dupK5toCC(context, creds, &cu);
/*
* finally store the credential
* store will copy (that is duplicate) everything
*/
err = cc_store(gCntrlBlock,
((stdccCacheDataPtr)(id->data))->NamedCache, *cu);
if (err != CC_NOERROR)
return cc_err_xlate(err);
/* free the cred union using our local version of cc_free_creds()
since we allocated it locally */
err = krb5int_free_cc_cred_union(&cu);
cache_changed();
return err;
}
/*
* remove
*
* - remove the specified credentials from the NC
*/
krb5_error_code KRB5_CALLCONV
krb5_stdccv3_remove (krb5_context context,
krb5_ccache id,
krb5_flags whichfields,
krb5_creds *in_creds)
{
krb5_error_code err = 0;
stdccCacheDataPtr ccapi_data = id->data;
cc_credentials_iterator_t iterator = NULL;
int found = 0;
if (!err) {
err = stdccv3_setup(context, ccapi_data);
}
if (!err) {
err = cc_ccache_new_credentials_iterator(ccapi_data->NamedCache,
&iterator);
}
/* Note: CCAPI v3 ccaches can contain both v4 and v5 creds */
while (!err && !found) {
cc_credentials_t credentials = NULL;
err = cc_credentials_iterator_next (iterator, &credentials);
if (!err && (credentials->data->version == cc_credentials_v5)) {
krb5_creds creds;
err = copy_cc_cred_union_to_krb5_creds(context,
credentials->data, &creds);
if (!err) {
found = krb5int_cc_creds_match_request(context,
whichfields,
in_creds,
&creds);
krb5_free_cred_contents (context, &creds);
}
if (!err && found) {
err = cc_ccache_remove_credentials (ccapi_data->NamedCache, credentials);
}
}
if (credentials) { cc_credentials_release (credentials); }
}
if (err == ccIteratorEnd) { err = ccErrCredentialsNotFound; }
if (iterator) {
err = cc_credentials_iterator_release(iterator);
}
if (!err) {
cache_changed ();
}
return cc_err_xlate (err);
}
/*
* initialize
*
* initialize the cache, check to see if one already exists for this
* principal if not set our principal to this principal. This
* searching enables ticket sharing
*/
krb5_error_code KRB5_CALLCONV
krb5_stdccv3_initialize (krb5_context context,
krb5_ccache id,
krb5_principal princ)
{
krb5_error_code err = 0;
stdccCacheDataPtr ccapi_data = id->data;
char *name = NULL;
cc_ccache_t ccache = NULL;
if (id == NULL) { err = KRB5_CC_NOMEM; }
if (!err) {
err = stdccv3_setup (context, NULL);
}
if (!err) {
err = krb5_unparse_name(context, princ, &name);
}
if (!err) {
err = cc_context_create_ccache (gCntrlBlock, ccapi_data->cache_name,
cc_credentials_v5, name,
&ccache);
}
if (!err) {
err = stdccv3_set_timeoffset (context, ccache);
}
if (!err) {
if (ccapi_data->NamedCache) {
err = cc_ccache_release (ccapi_data->NamedCache);
}
ccapi_data->NamedCache = ccache;
ccache = NULL; /* take ownership */
cache_changed ();
}
if (ccache) { cc_ccache_release (ccache); }
if (name ) { krb5_free_unparsed_name(context, name); }
return cc_err_xlate(err);
}
/*
* initialize
*
* initialize the cache, check to see if one already exists for this
* principal if not set our principal to this principal. This
* searching enables ticket sharing
*/
krb5_error_code KRB5_CALLCONV krb5_stdcc_initialize
(krb5_context context, krb5_ccache id, krb5_principal princ)
{
stdccCacheDataPtr ccapi_data = NULL;
int err;
char *cName = NULL;
krb5_error_code retval;
if ((retval = stdcc_setup(context, NULL)))
return retval;
/* test id for null */
if (id == NULL) return KRB5_CC_NOMEM;
if ((retval = krb5_unparse_name(context, princ, &cName)))
return retval;
ccapi_data = id->data;
if (ccapi_data->NamedCache)
cc_close(gCntrlBlock, &ccapi_data->NamedCache);
err = cc_create(gCntrlBlock, ccapi_data->cache_name, cName,
CC_CRED_V5, 0L, &ccapi_data->NamedCache);
if (err != CC_NOERROR) {
krb5_free_unparsed_name(context, cName);
return cc_err_xlate(err);
}
#if 0
/*
* Some implementations don't set the principal name
* correctly, so we force set it to the correct value.
*/
err = cc_set_principal(gCntrlBlock, ccapi_data->NamedCache,
CC_CRED_V5, cName);
#endif
krb5_free_unparsed_name(context, cName);
cache_changed();
return cc_err_xlate(err);
}
