oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

split out fetching of credentials for easier reuse for pk-init testing

Browse Source 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17772 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Love Hörnquist Åstrand
2006-06-30 20:21:24 +00:00
parent cbad9c5477
commit 1a7f7f4e24
1 changed files with 72 additions and 54 deletions
Download Patch File Download Diff File Expand all files Collapse all files

126
appl/gssmask/gssmask.c
View File

@@ -222,6 +222,74 @@ convert_krb5_to_gsm(krb5_error_code ret)
} }
} }
/*
*
*/
static int32_t
acquire_cred(struct client *c,
krb5_principal principal,
krb5_get_init_creds_opt *opt,
int32_t *handle)
{
krb5_error_code ret;
krb5_creds cred;
krb5_ccache id;
gss_cred_id_t gcred;
OM_uint32 maj_stat, min_stat;
*handle = 0;
krb5_get_init_creds_opt_set_forwardable (opt, 1);
krb5_get_init_creds_opt_set_renew_life (opt, 3600 * 24 * 30);
memset(&cred, 0, sizeof(cred));
ret = krb5_get_init_creds_password (context,
&cred,
principal,
NULL,
NULL,
NULL,
0,
NULL,
opt);
if (ret) {
logmessage(c, __FILE__, __LINE__, 0,
"krb5_get_init_creds failed: %d", ret);
return convert_krb5_to_gsm(ret);
}
ret = krb5_cc_new_unique(context, "MEMORY", NULL, &id);
if (ret)
krb5_err (context, 1, ret, "krb5_cc_initialize");
ret = krb5_cc_initialize (context, id, cred.client);
if (ret)
krb5_err (context, 1, ret, "krb5_cc_initialize");
ret = krb5_cc_store_cred (context, id, &cred);
if (ret)
krb5_err (context, 1, ret, "krb5_cc_store_cred");
krb5_free_cred_contents (context, &cred);
maj_stat = gss_krb5_import_cred(&min_stat,
id,
NULL,
NULL,
&gcred);
krb5_cc_close(context, id);
if (maj_stat) {
logmessage(c, __FILE__, __LINE__, 0,
"krb5 import creds failed with: %d", maj_stat);
return convert_gss_to_gsm(maj_stat);
}
*handle = add_handle(c, handle_cred, gcred);
return 0;
}
/* /*
@@ -505,10 +573,6 @@ HandleOP(AcquireCreds)
krb5_principal principal; krb5_principal principal;
krb5_get_init_creds_opt *opt; krb5_get_init_creds_opt *opt;
krb5_error_code ret; krb5_error_code ret;
krb5_creds cred;
krb5_ccache id;
gss_cred_id_t gcred;
OM_uint32 maj_stat, min_stat;
retstring(c, name); retstring(c, name);
retstring(c, password); retstring(c, password);
@@ -523,66 +587,20 @@ HandleOP(AcquireCreds)
goto out; goto out;
} }
memset(&cred, 0, sizeof(cred));
ret = krb5_get_init_creds_opt_alloc (context, &opt); ret = krb5_get_init_creds_opt_alloc (context, &opt);
if (ret) if (ret)
krb5_err(context, 1, ret, "krb5_get_init_creds_opt_alloc"); krb5_err(context, 1, ret, "krb5_get_init_creds_opt_alloc");
krb5_get_init_creds_opt_set_forwardable (opt, 1); krb5_get_init_creds_opt_set_pa_password(context, opt, password, NULL);
krb5_get_init_creds_opt_set_renew_life (opt, 3600 * 24 * 30);
ret = krb5_get_init_creds_password (context, gsm_error = acquire_cred(c, principal, opt, &handle);
&cred,
principal,
password,
NULL,
NULL,
0,
NULL,
opt);
if (ret) {
logmessage(c, __FILE__, __LINE__, 0,
"krb5_get_init_creds failed: %d", ret);
gsm_error = convert_krb5_to_gsm(ret);
goto out;
}
ret = krb5_cc_new_unique(context, "MEMORY", NULL, &id);
if (ret)
krb5_err (context, 1, ret, "krb5_cc_initialize");
ret = krb5_cc_initialize (context, id, cred.client);
if (ret)
krb5_err (context, 1, ret, "krb5_cc_initialize");
ret = krb5_cc_store_cred (context, id, &cred);
if (ret)
krb5_err (context, 1, ret, "krb5_cc_store_cred");
krb5_free_cred_contents (context, &cred);
maj_stat = gss_krb5_import_cred(&min_stat,
id,
NULL,
NULL,
&gcred);
if (maj_stat) {
gsm_error = convert_gss_to_gsm(maj_stat);
logmessage(c, __FILE__, __LINE__, 0,
"krb5 import creds failed with: %d", maj_stat);
}
krb5_cc_close(context, id);
handle = add_handle(c, handle_cred, gcred);
gsm_error = 0;
out: out:
logmessage(c, __FILE__, __LINE__, 0, logmessage(c, __FILE__, __LINE__, 0,
"AcquireCreds handle: %d return code: %d", handle, gsm_error); "AcquireCreds handle: %d return code: %d", handle, gsm_error);
if (principal)
krb5_free_principal(context, principal);
free(name); free(name);
free(password); free(password);