krb5_error_code KRB5_CALLCONV krb5_copy_context(krb5_context ctx, krb5_context *nctx_out) { krb5_error_code ret; krb5_context nctx; *nctx_out = NULL; if (ctx == NULL) return EINVAL; /* XXX */ nctx = malloc(sizeof(*nctx)); if (nctx == NULL) return ENOMEM; *nctx = *ctx; nctx->in_tkt_etypes = NULL; nctx->tgs_etypes = NULL; nctx->default_realm = NULL; nctx->profile = NULL; nctx->dal_handle = NULL; nctx->ser_ctx_count = 0; nctx->ser_ctx = NULL; nctx->prompt_types = NULL; nctx->os_context.default_ccname = NULL; memset(&nctx->libkrb5_plugins, 0, sizeof(nctx->libkrb5_plugins)); nctx->vtbl = NULL; nctx->locate_fptrs = NULL; memset(&nctx->err, 0, sizeof(nctx->err)); ret = k5_copy_etypes(ctx->in_tkt_etypes, &nctx->in_tkt_etypes); if (ret) goto errout; ret = k5_copy_etypes(ctx->tgs_etypes, &nctx->tgs_etypes); if (ret) goto errout; if (ctx->os_context.default_ccname != NULL) { nctx->os_context.default_ccname = strdup(ctx->os_context.default_ccname); if (nctx->os_context.default_ccname == NULL) { ret = ENOMEM; goto errout; } } ret = krb5_get_profile(ctx, &nctx->profile); if (ret) goto errout; errout: if (ret) { krb5_free_context(nctx); } else { *nctx_out = nctx; } return ret; }
bool sss_krb5_realm_has_proxy(const char *realm) { krb5_context context = NULL; krb5_error_code kerr; struct _profile_t *profile = NULL; const char *profile_path[4] = {"realms", NULL, "kdc", NULL}; char **list = NULL; bool res = false; size_t c; if (realm == NULL) { return false; } kerr = krb5_init_context(&context); if (kerr != 0) { DEBUG(SSSDBG_OP_FAILURE, "krb5_init_context failed.\n"); return false; } kerr = krb5_get_profile(context, &profile); if (kerr != 0) { DEBUG(SSSDBG_OP_FAILURE, "krb5_get_profile failed.\n"); goto done; } profile_path[1] = realm; kerr = profile_get_values(profile, profile_path, &list); if (kerr == PROF_NO_RELATION || kerr == PROF_NO_SECTION) { kerr = 0; goto done; } else if (kerr != 0) { DEBUG(SSSDBG_OP_FAILURE, "profile_get_values failed.\n"); goto done; } for (c = 0; list[c] != NULL; c++) { if (strncasecmp(KDC_PROXY_INDICATOR, list[c], KDC_PROXY_INDICATOR_LEN) == 0) { DEBUG(SSSDBG_TRACE_ALL, "Found KDC Proxy indicator [%s] in [%s].\n", KDC_PROXY_INDICATOR, list[c]); res = true; break; } } done: profile_free_list(list); profile_release(profile); krb5_free_context(context); return res; }