/*
* store
*
* store some credentials in our cache
*/
krb5_error_code KRB5_CALLCONV
krb5_stdccv3_store (krb5_context context, krb5_ccache id, krb5_creds *creds )
{
krb5_error_code err = 0;
stdccCacheDataPtr ccapi_data = id->data;
cc_credentials_union *cred_union = NULL;
if (!err) {
err = stdccv3_setup (context, ccapi_data);
}
if (!err) {
/* copy the fields from the almost identical structures */
err = copy_krb5_creds_to_cc_cred_union (context, creds, &cred_union);
}
if (!err) {
err = cc_ccache_store_credentials (ccapi_data->NamedCache, cred_union);
}
if (!err) {
cache_changed();
}
if (cred_union) { cred_union_release (cred_union); }
return cc_err_xlate (err);
}
int check_cc_credentials_iterator_next(void) {
cc_int32 err = 0;
cc_context_t context = NULL;
cc_ccache_t ccache = NULL;
cc_credentials_union creds_union;
cc_credentials_iterator_t iterator = NULL;
unsigned int i;
BEGIN_TEST("cc_credentials_iterator_next");
err = cc_initialize(&context, ccapi_version_3, NULL, NULL);
if (!err) {
err = destroy_all_ccaches(context);
}
// iterate with no creds
if (!err) {
err = cc_context_create_new_ccache(context, cc_credentials_v5, "*****@*****.**", &ccache);
}
if (!err) {
err = cc_ccache_new_credentials_iterator(ccache, &iterator);
}
check_once_cc_credentials_iterator_next(iterator, 0, ccNoError, "iterating over an empty ccache");
if (iterator) {
cc_ccache_iterator_release(iterator);
iterator = NULL;
}
if (ccache) {
cc_ccache_release(ccache);
ccache = NULL;
}
// iterate with one cred
if (!err) {
destroy_all_ccaches(context);
err = cc_context_create_new_ccache(context, cc_credentials_v5, "*****@*****.**", &ccache);
}
if (!err) {
new_v5_creds_union(&creds_union, "BAR.ORG");
err = cc_ccache_store_credentials(ccache, &creds_union);
release_v5_creds_union(&creds_union);
}
if (!err) {
err = cc_ccache_new_credentials_iterator(ccache, &iterator);
}
check_once_cc_credentials_iterator_next(iterator, 1, ccNoError, "iterating over a ccache with 1 cred");
if (iterator) {
cc_credentials_iterator_release(iterator);
iterator = NULL;
}
if (ccache) {
cc_ccache_release(ccache);
ccache = NULL;
}
// iterate with several creds
if (!err) {
destroy_all_ccaches(context);
err = cc_context_create_new_ccache(context, cc_credentials_v5, "*****@*****.**", &ccache);
}
for(i = 0; !err && (i < 1000); i++) {
if (i%100 == 0) fprintf(stdout, ".");
new_v5_creds_union(&creds_union, "BAR.ORG");
err = cc_ccache_store_credentials(ccache, &creds_union);
release_v5_creds_union(&creds_union);
}
if (!err) {
err = cc_ccache_new_credentials_iterator(ccache, &iterator);
}
check_once_cc_credentials_iterator_next(iterator, 1000, ccNoError, "iterating over a ccache with 1000 creds");
if (ccache) { cc_ccache_release(ccache); }
if (iterator) { cc_credentials_iterator_release(iterator); }
if (context) {
destroy_all_ccaches(context);
cc_context_release(context);
}
END_TEST_AND_RETURN
}
/*
* Store a ticket into the default credentials cache
* cache must exist (if it didn't exist, it would have been created by in_tkt)
*/
int
krb4int_save_credentials_addr(
char* service,
char* instance,
char* realm,
C_Block session,
int lifetime,
int kvno,
KTEXT ticket,
KRB4_32 issue_date,
KRB_UINT32 local_address)
{
cc_int32 cc_err = ccNoError;
int kerr = KSUCCESS;
cc_credentials_v4_t v4creds;
cc_credentials_union creds;
cc_ccache_t ccache = NULL;
cc_string_t principal;
cc_context_t cc_context = NULL;
cc_int32 cc_version;
cc_err = cc_initialize (&cc_context, ccapi_version_3, &cc_version, NULL);
if (cc_err == ccNoError) {
/* First try existing cache */
cc_err = cc_context_open_ccache (cc_context, TKT_FILE, &ccache);
}
if (cc_err == ccNoError) {
/* Now we have a cache. Fill out the credentials and put them in the cache. */
/* To fill out the credentials, we need the principal */
cc_err = cc_ccache_get_principal (ccache, cc_credentials_v4, &principal);
}
if (cc_err == ccNoError) {
kerr = kname_parse (v4creds.principal, v4creds.principal_instance, v4creds.realm, (char*) principal -> data);
cc_string_release (principal);
}
if ((cc_err == ccNoError) && (kerr == KSUCCESS)) {
strncpy (v4creds.service, service, SNAME_SZ);
strncpy (v4creds.service_instance, instance, INST_SZ);
strncpy (v4creds.realm, realm, REALM_SZ);
memmove (v4creds.session_key, session, sizeof (C_Block));
v4creds.kvno = kvno;
v4creds.string_to_key_type = cc_v4_stk_unknown;
v4creds.issue_date = issue_date;
v4creds.address = local_address;
v4creds.lifetime = lifetime;
v4creds.ticket_size = ticket -> length;
memmove (v4creds.ticket, ticket -> dat, ticket -> length);
creds.version = cc_credentials_v4;
creds.credentials.credentials_v4 = &v4creds;
cc_err = cc_ccache_store_credentials (ccache, &creds);
}
if (ccache != NULL)
cc_ccache_release (ccache);
if (cc_context != NULL)
cc_context_release (cc_context);
if (kerr != KSUCCESS)
return kerr;
if (cc_err != ccNoError)
return KFAILURE;
else
return KSUCCESS;
}