use new addressless, convert pa-pac option to use the same tri-state

option as the new addressless option. git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17985 ec53bebd-3082-4978-b11e-865c3cabbd6b
2006-09-04 10:57:02 +00:00
parent 4b009281f6
commit 03b6a76a85
2 changed files with 36 additions and 12 deletions
--- a/lib/krb5/init_creds_pw.c
+++ b/lib/krb5/init_creds_pw.c
@@ -52,7 +52,7 @@ typedef struct krb5_get_init_creds_ctx {
    const char *password;
    krb5_s2k_proc key_proc;

-    krb5_get_init_creds_req_pac req_pac;
+    krb5_get_init_creds_tristate req_pac;

    krb5_pk_init_ctx pk_init_ctx;
 } krb5_get_init_creds_ctx;
@@ -256,6 +256,8 @@ print_expire (krb5_context context,
    }
 }

+static krb5_addresses no_addrs = { 0, NULL };
+
 static krb5_error_code
 get_init_creds_common(krb5_context context,
 		      krb5_principal client,
@@ -284,7 +286,7 @@ get_init_creds_common(krb5_context context,
 	ctx->req_pac = options->opt_private->req_pac;
 	ctx->pk_init_ctx = options->opt_private->pk_init_ctx;
    } else
-	ctx->req_pac = KRB5_PA_PAC_DONT_CARE;
+	ctx->req_pac = KRB5_INIT_CREDS_TRISTATE_UNSET;

    if (ctx->key_proc == NULL)
 	ctx->key_proc = default_s2k_func;
@@ -313,8 +315,30 @@ get_init_creds_common(krb5_context context,
 	ctx->flags.b.postdated = 1;
    if (ctx->cred.times.renew_till)
 	ctx->flags.b.renewable = 1;
-    if (options->flags & KRB5_GET_INIT_CREDS_OPT_ADDRESS_LIST)
+    if (options->flags & KRB5_GET_INIT_CREDS_OPT_ADDRESS_LIST) {
 	ctx->addrs = options->address_list;
+	printf("list\n");
+    } else if (options->opt_private) {
+	printf("addresslessness\n");
+	switch (options->opt_private->addressless) {
+	case KRB5_INIT_CREDS_TRISTATE_UNSET:
+#if KRB5_ADDRESSLESS_DEFAULT == TRUE
+	    ctx->addrs = &no_addrs;
+#else
+	    ctx->addrs = NULL;
+#endif
+	printf("unset\n");
+	    break;
+	case KRB5_INIT_CREDS_TRISTATE_FALSE:
+	    ctx->addrs = NULL;
+	printf("false\n");
+	    break;
+	case KRB5_INIT_CREDS_TRISTATE_TRUE:
+	    ctx->addrs = &no_addrs;
+	printf("true\n");
+	    break;
+	}
+    }
    if (options->flags & KRB5_GET_INIT_CREDS_OPT_ETYPE_LIST) {
 	etypes = malloc((options->etype_list_length + 1)
 			* sizeof(krb5_enctype));
@@ -1029,12 +1053,12 @@ pa_data_add_pac_request(krb5_context context,
    void *buf;
    
    switch (ctx->req_pac) {
-    case KRB5_PA_PAC_DONT_CARE:
+    case KRB5_INIT_CREDS_TRISTATE_UNSET:
 	return 0; /* don't bother */
-    case KRB5_PA_PAC_REQ_TRUE:
+    case KRB5_INIT_CREDS_TRISTATE_TRUE:
 	req.include_pac = 1;
 	break;
-    case KRB5_PA_PAC_REQ_FALSE:
+    case KRB5_INIT_CREDS_TRISTATE_FALSE:
 	req.include_pac = 0;
    }	

--- a/lib/krb5/krb5_locl.h
+++ b/lib/krb5/krb5_locl.h
@@ -171,10 +171,10 @@ struct _krb5_krb_auth_data;
 #define KRB5_BUFSIZ 1024

 typedef enum {
-    KRB5_PA_PAC_DONT_CARE = 0, 
-    KRB5_PA_PAC_REQ_TRUE,
-    KRB5_PA_PAC_REQ_FALSE
-} krb5_get_init_creds_req_pac;
+    KRB5_INIT_CREDS_TRISTATE_UNSET = 0,
+    KRB5_INIT_CREDS_TRISTATE_TRUE,
+    KRB5_INIT_CREDS_TRISTATE_FALSE
+} krb5_get_init_creds_tristate;

 struct _krb5_get_init_creds_opt_private {
    int refcount;
@@ -182,12 +182,12 @@ struct _krb5_get_init_creds_opt_private {
    const char *password;
    krb5_s2k_proc key_proc;
    /* PA_PAC_REQUEST */
-    krb5_get_init_creds_req_pac req_pac;
+    krb5_get_init_creds_tristate req_pac;
    /* PKINIT */
    krb5_pk_init_ctx pk_init_ctx;
    int canonicalize;
-    /* */
    KRB_ERROR *error;
+    krb5_get_init_creds_tristate addressless;
 };

 /*