From 20c1e6c9efd8bb23d56d1dba91a373c64b851f28 Mon Sep 17 00:00:00 2001 From: Nicolas Williams Date: Mon, 13 Apr 2015 19:03:45 -0500 Subject: [PATCH] Rename context handle lifetime to endtime --- lib/gssapi/krb5/accept_sec_context.c | 8 ++++---- lib/gssapi/krb5/context_time.c | 18 +++++++++--------- lib/gssapi/krb5/export_sec_context.c | 12 ++++++++---- lib/gssapi/krb5/gsskrb5_locl.h | 2 +- lib/gssapi/krb5/import_sec_context.c | 6 +++++- lib/gssapi/krb5/init_sec_context.c | 12 ++++++------ lib/gssapi/krb5/inquire_context.c | 2 +- lib/gssapi/krb5/inquire_sec_context_by_oid.c | 3 ++- 8 files changed, 36 insertions(+), 27 deletions(-) diff --git a/lib/gssapi/krb5/accept_sec_context.c b/lib/gssapi/krb5/accept_sec_context.c index e9c5d2e9d..c55e87e1d 100644 --- a/lib/gssapi/krb5/accept_sec_context.c +++ b/lib/gssapi/krb5/accept_sec_context.c @@ -444,7 +444,7 @@ gsskrb5_acceptor_start(OM_uint32 * minor_status, if (kret == 0) kret = krb5_rd_req_out_get_keyblock(context, out, &ctx->service_keyblock); - ctx->lifetime = ctx->ticket->ticket.endtime; + ctx->endtime = ctx->ticket->ticket.endtime; krb5_rd_req_out_ctx_free(context, out); if (kret) { @@ -631,7 +631,7 @@ gsskrb5_acceptor_start(OM_uint32 * minor_status, /* Remember the flags */ - ctx->lifetime = ctx->ticket->ticket.endtime; + ctx->endtime = ctx->ticket->ticket.endtime; ctx->more_flags |= OPEN; if (mech_type) @@ -640,7 +640,7 @@ gsskrb5_acceptor_start(OM_uint32 * minor_status, if (time_rec) { ret = _gsskrb5_lifetime_left(minor_status, context, - ctx->lifetime, + ctx->endtime, time_rec); if (ret) { return ret; @@ -758,7 +758,7 @@ acceptor_wait_for_dcestyle(OM_uint32 * minor_status, ret = _gsskrb5_lifetime_left(minor_status, context, - ctx->lifetime, + ctx->endtime, &lifetime_rec); if (ret) { return ret; diff --git a/lib/gssapi/krb5/context_time.c b/lib/gssapi/krb5/context_time.c index 99b4f025a..51c6e5be9 100644 --- a/lib/gssapi/krb5/context_time.c +++ b/lib/gssapi/krb5/context_time.c @@ -36,27 +36,27 @@ OM_uint32 _gsskrb5_lifetime_left(OM_uint32 *minor_status, krb5_context context, - OM_uint32 lifetime, + OM_uint32 endtime, OM_uint32 *lifetime_rec) { - krb5_timestamp timeret; + krb5_timestamp now; krb5_error_code kret; - if (lifetime == 0) { + if (endtime == 0) { *lifetime_rec = GSS_C_INDEFINITE; return GSS_S_COMPLETE; } - kret = krb5_timeofday(context, &timeret); + kret = krb5_timeofday(context, &now); if (kret) { *minor_status = kret; return GSS_S_FAILURE; } - if (lifetime < timeret) + if (endtime < now) *lifetime_rec = 0; else - *lifetime_rec = lifetime - timeret; + *lifetime_rec = endtime - now; return GSS_S_COMPLETE; } @@ -69,18 +69,18 @@ OM_uint32 GSSAPI_CALLCONV _gsskrb5_context_time ) { krb5_context context; - OM_uint32 lifetime; + OM_uint32 endtime; OM_uint32 major_status; const gsskrb5_ctx ctx = (const gsskrb5_ctx) context_handle; GSSAPI_KRB5_INIT (&context); HEIMDAL_MUTEX_lock(&ctx->ctx_id_mutex); - lifetime = ctx->lifetime; + endtime = ctx->endtime; HEIMDAL_MUTEX_unlock(&ctx->ctx_id_mutex); major_status = _gsskrb5_lifetime_left(minor_status, context, - lifetime, time_rec); + endtime, time_rec); if (major_status != GSS_S_COMPLETE) return major_status; diff --git a/lib/gssapi/krb5/export_sec_context.c b/lib/gssapi/krb5/export_sec_context.c index eeb2743b4..b500f4230 100644 --- a/lib/gssapi/krb5/export_sec_context.c +++ b/lib/gssapi/krb5/export_sec_context.c @@ -34,9 +34,9 @@ #include "gsskrb5_locl.h" OM_uint32 GSSAPI_CALLCONV -_gsskrb5_export_sec_context ( - OM_uint32 * minor_status, - gss_ctx_id_t * context_handle, +_gsskrb5_export_sec_context( + OM_uint32 *minor_status, + gss_ctx_id_t *context_handle, gss_buffer_t interprocess_token ) { @@ -204,7 +204,11 @@ _gsskrb5_export_sec_context ( *minor_status = kret; goto failure; } - kret = krb5_store_int32 (sp, ctx->lifetime); + /* + * XXX We should put a 64-bit int here, but we don't have a + * krb5_store_int64() yet. + */ + kret = krb5_store_int32 (sp, ctx->endtime); if (kret) { *minor_status = kret; goto failure; diff --git a/lib/gssapi/krb5/gsskrb5_locl.h b/lib/gssapi/krb5/gsskrb5_locl.h index 451a915c5..411973057 100644 --- a/lib/gssapi/krb5/gsskrb5_locl.h +++ b/lib/gssapi/krb5/gsskrb5_locl.h @@ -81,7 +81,7 @@ typedef struct gsskrb5_ctx { krb5_creds *kcred; krb5_ccache ccache; struct krb5_ticket *ticket; - OM_uint32 lifetime; + time_t endtime; HEIMDAL_MUTEX ctx_id_mutex; struct gss_msg_order *order; krb5_keyblock *service_keyblock; diff --git a/lib/gssapi/krb5/import_sec_context.c b/lib/gssapi/krb5/import_sec_context.c index 3bab1802b..e34e07115 100644 --- a/lib/gssapi/krb5/import_sec_context.c +++ b/lib/gssapi/krb5/import_sec_context.c @@ -192,9 +192,13 @@ _gsskrb5_import_sec_context ( if (krb5_ret_int32 (sp, &tmp)) goto failure; ctx->more_flags = tmp; + /* + * XXX endtime should be a 64-bit int, but we don't have + * krb5_ret_int64() yet. + */ if (krb5_ret_int32 (sp, &tmp)) goto failure; - ctx->lifetime = tmp; + ctx->endtime = tmp; ret = _gssapi_msg_order_import(minor_status, sp, &ctx->order); if (ret) diff --git a/lib/gssapi/krb5/init_sec_context.c b/lib/gssapi/krb5/init_sec_context.c index 4db542ba6..0b7028006 100644 --- a/lib/gssapi/krb5/init_sec_context.c +++ b/lib/gssapi/krb5/init_sec_context.c @@ -128,7 +128,7 @@ _gsskrb5_create_ctx( ctx->service_keyblock = NULL; ctx->ticket = NULL; krb5_data_zero(&ctx->fwd_data); - ctx->lifetime = GSS_C_INDEFINITE; + ctx->endtime = 0; ctx->order = NULL; ctx->crypto = NULL; HEIMDAL_MUTEX_init(&ctx->ctx_id_mutex); @@ -254,10 +254,10 @@ gsskrb5_get_creds( return GSS_S_FAILURE; } - ctx->lifetime = ctx->kcred->times.endtime; + ctx->endtime = ctx->kcred->times.endtime; ret = _gsskrb5_lifetime_left(minor_status, context, - ctx->lifetime, &lifetime_rec); + ctx->endtime, &lifetime_rec); if (ret) return ret; if (lifetime_rec == 0) { @@ -439,7 +439,7 @@ init_auth if (ret) goto failure; - ctx->lifetime = ctx->kcred->times.endtime; + ctx->endtime = ctx->kcred->times.endtime; ret = _gss_DES3_get_mic_compat(minor_status, ctx, context); if (ret) @@ -447,7 +447,7 @@ init_auth ret = _gsskrb5_lifetime_left(minor_status, context, - ctx->lifetime, + ctx->endtime, &lifetime_rec); if (ret) goto failure; @@ -797,7 +797,7 @@ repl_mutual if (time_rec) { ret = _gsskrb5_lifetime_left(minor_status, context, - ctx->lifetime, + ctx->endtime, time_rec); } else { ret = GSS_S_COMPLETE; diff --git a/lib/gssapi/krb5/inquire_context.c b/lib/gssapi/krb5/inquire_context.c index 19127572a..e225c33ba 100644 --- a/lib/gssapi/krb5/inquire_context.c +++ b/lib/gssapi/krb5/inquire_context.c @@ -76,7 +76,7 @@ OM_uint32 GSSAPI_CALLCONV _gsskrb5_inquire_context ( if (lifetime_rec) { ret = _gsskrb5_lifetime_left(minor_status, context, - ctx->lifetime, + ctx->endtime, lifetime_rec); if (ret) goto failed; diff --git a/lib/gssapi/krb5/inquire_sec_context_by_oid.c b/lib/gssapi/krb5/inquire_sec_context_by_oid.c index ac859deb6..3e6230fa0 100644 --- a/lib/gssapi/krb5/inquire_sec_context_by_oid.c +++ b/lib/gssapi/krb5/inquire_sec_context_by_oid.c @@ -333,7 +333,8 @@ export_lucid_sec_context_v1(OM_uint32 *minor_status, if (ret) goto out; ret = krb5_store_int32(sp, (context_handle->more_flags & LOCAL) ? 1 : 0); if (ret) goto out; - ret = krb5_store_int32(sp, context_handle->lifetime); + /* XXX need krb5_store_int64() */ + ret = krb5_store_int32(sp, context_handle->endtime); if (ret) goto out; krb5_auth_con_getlocalseqnumber (context, context_handle->auth_context,