static int
pkinit_server_plugin_init_realm(krb5_context context, const char *realmname,
pkinit_kdc_context *pplgctx)
{
krb5_error_code retval = ENOMEM;
pkinit_kdc_context plgctx = NULL;
*pplgctx = NULL;
plgctx = (pkinit_kdc_context) calloc(1, sizeof(*plgctx));
if (plgctx == NULL)
goto errout;
pkiDebug("%s: initializing context at %p for realm '%s'\n",
__FUNCTION__, plgctx, realmname);
memset(plgctx, 0, sizeof(*plgctx));
plgctx->magic = PKINIT_CTX_MAGIC;
plgctx->realmname = strdup(realmname);
if (plgctx->realmname == NULL)
goto errout;
plgctx->realmname_len = strlen(plgctx->realmname);
retval = pkinit_init_plg_crypto(&plgctx->cryptoctx);
if (retval)
goto errout;
retval = pkinit_init_plg_opts(&plgctx->opts);
if (retval)
goto errout;
retval = pkinit_init_identity_crypto(&plgctx->idctx);
if (retval)
goto errout;
retval = pkinit_init_identity_opts(&plgctx->idopts);
if (retval)
goto errout;
retval = pkinit_init_kdc_profile(context, plgctx);
if (retval)
goto errout;
retval = pkinit_identity_initialize(context, plgctx->cryptoctx, NULL,
plgctx->idopts, plgctx->idctx, 0, NULL);
if (retval)
goto errout;
pkiDebug("%s: returning context at %p for realm '%s'\n",
__FUNCTION__, plgctx, realmname);
*pplgctx = plgctx;
retval = 0;
errout:
if (retval)
pkinit_server_plugin_fini_realm(context, plgctx);
return retval;
}
krb5_error_code
pkinit_dup_identity_opts(pkinit_identity_opts *src_opts,
pkinit_identity_opts **dest_opts)
{
pkinit_identity_opts *newopts;
krb5_error_code retval;
*dest_opts = NULL;
retval = pkinit_init_identity_opts(&newopts);
if (retval)
return retval;
retval = ENOMEM;
if (src_opts->identity != NULL) {
newopts->identity = strdup(src_opts->identity);
if (newopts->identity == NULL)
goto cleanup;
}
retval = copy_list(&newopts->anchors, src_opts->anchors);
if (retval)
goto cleanup;
retval = copy_list(&newopts->intermediates,src_opts->intermediates);
if (retval)
goto cleanup;
retval = copy_list(&newopts->crls, src_opts->crls);
if (retval)
goto cleanup;
if (src_opts->ocsp != NULL) {
newopts->ocsp = strdup(src_opts->ocsp);
if (newopts->ocsp == NULL)
goto cleanup;
}
if (src_opts->cert_filename != NULL) {
newopts->cert_filename = strdup(src_opts->cert_filename);
if (newopts->cert_filename == NULL)
goto cleanup;
}
if (src_opts->key_filename != NULL) {
newopts->key_filename = strdup(src_opts->key_filename);
if (newopts->key_filename == NULL)
goto cleanup;
}
#ifndef WITHOUT_PKCS11
if (src_opts->p11_module_name != NULL) {
newopts->p11_module_name = strdup(src_opts->p11_module_name);
if (newopts->p11_module_name == NULL)
goto cleanup;
}
newopts->slotid = src_opts->slotid;
if (src_opts->token_label != NULL) {
newopts->token_label = strdup(src_opts->token_label);
if (newopts->token_label == NULL)
goto cleanup;
}
if (src_opts->cert_id_string != NULL) {
newopts->cert_id_string = strdup(src_opts->cert_id_string);
if (newopts->cert_id_string == NULL)
goto cleanup;
}
if (src_opts->cert_label != NULL) {
newopts->cert_label = strdup(src_opts->cert_label);
if (newopts->cert_label == NULL)
goto cleanup;
}
#endif
*dest_opts = newopts;
return 0;
cleanup:
pkinit_fini_identity_opts(newopts);
return retval;
}