oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

more functionality

Browse Source 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@2733 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Assar Westerlund
1997-08-07 20:22:53 +00:00
parent e15128e29e
commit 275f9c7aa4
1 changed files with 81 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

99
lib/krb5/init_creds_pw.c
View File

@@ -40,6 +40,41 @@
RCSID("$Id$"); RCSID("$Id$");
static const char *
get_config_string (krb5_context context,
char *realm,
char *name,
const char *def)
{
const char *ret;
ret = krb5_config_get_string (context->cf,
"libdefaults",
realm,
name,
NULL);
if (ret)
return ret;
ret = krb5_config_get_string (context->cf,
"libdefaults",
name,
NULL);
if (ret)
return ret;
return def;
}
static int
ison (const char *s)
{
return strcasecmp (s, "y") == 0
|| strcasecmp (s, "yes") == 0
|| strcasecmp (s, "t") == 0
|| strcasecmp (s, "true") == 0
|| strcasecmp (s, "1") == 0
|| strcasecmp (s, "on") == 0;
}
static krb5_error_code static krb5_error_code
init_cred (krb5_context context, init_cred (krb5_context context,
krb5_creds *cred, krb5_creds *cred,
@@ -50,22 +85,10 @@ init_cred (krb5_context context,
{ {
krb5_error_code ret; krb5_error_code ret;
krb5_realm *client_realm; krb5_realm *client_realm;
int tmp;
memset (cred, 0, sizeof(*cred)); memset (cred, 0, sizeof(*cred));
if (start_time)
cred->times.starttime = time(NULL) + start_time;
if (options->flags & KRB5_GET_INIT_CREDS_OPT_TKT_LIFE)
cred->times.endtime = time(NULL) + options->tkt_life;
else
cred->times.endtime = 0;
if (options->flags & KRB5_GET_INIT_CREDS_OPT_RENEW_LIFE)
cred->times.renew_till = time(NULL) + options->renew_life;
else
cred->times.renew_till = 0;
if (client) if (client)
cred->client = client; cred->client = client;
else { /* XXX -> get_default_principal */ else { /* XXX -> get_default_principal */
@@ -99,6 +122,31 @@ init_cred (krb5_context context,
client_realm = krb5_princ_realm (context, cred->client); client_realm = krb5_princ_realm (context, cred->client);
if (start_time)
cred->times.starttime = time(NULL) + start_time;
if (options->flags & KRB5_GET_INIT_CREDS_OPT_TKT_LIFE)
tmp = options->tkt_life;
else
tmp = parse_time(get_config_string (context,
*client_realm,
"ticket_lifetime",
"36000"),
NULL);
cred->times.endtime = time(NULL) + tmp;
tmp = 0;
if (options->flags & KRB5_GET_INIT_CREDS_OPT_RENEW_LIFE)
tmp = options->renew_life;
else
tmp = parse_time(get_config_string (context,
*client_realm,
"renew_lifetime",
"0"),
NULL);
if (tmp)
cred->times.renew_till = time(NULL) + tmp;
if (in_tkt_service) { if (in_tkt_service) {
ret = krb5_parse_name (context, in_tkt_service, &cred->server); ret = krb5_parse_name (context, in_tkt_service, &cred->server);
if (ret) if (ret)
@@ -120,7 +168,7 @@ init_cred (krb5_context context,
return 0; return 0;
out: out:
krb5_free_creds (context, cred); krb5_free_creds_contents (context, cred);
return ret; return ret;
} }
@@ -144,21 +192,36 @@ krb5_get_init_creds_password(krb5_context context,
krb5_kdc_rep kdc_reply; krb5_kdc_rep kdc_reply;
char buf[BUFSIZ]; char buf[BUFSIZ];
krb5_data password_data; krb5_data password_data;
const char *tmp_str;
krb5_realm *client_realm;
ret = init_cred (context, &this_cred, client, start_time, ret = init_cred (context, &this_cred, client, start_time,
in_tkt_service, options); in_tkt_service, options);
if (ret) if (ret)
return ret; return ret;
client_realm = krb5_princ_realm (context, this_cred.client);
flags.i = 0; flags.i = 0;
if (options->flags & KRB5_GET_INIT_CREDS_OPT_FORWARDABLE) if (options->flags & KRB5_GET_INIT_CREDS_OPT_FORWARDABLE)
flags.b.forwardable = 1; flags.b.forwardable = 1;
else
flags.b.forwardable = ison(get_config_string (context,
*client_realm,
"forwardable",
"no"));
if (options->flags & KRB5_GET_INIT_CREDS_OPT_PROXIABLE) if (options->flags & KRB5_GET_INIT_CREDS_OPT_PROXIABLE)
flags.b.proxiable = 1; flags.b.proxiable = 1;
if (options->flags & KRB5_GET_INIT_CREDS_OPT_RENEW_LIFE) else
flags.b.renewable = 1; flags.b.proxiable = ison(get_config_string (context,
*client_realm,
"proxiable",
"no"));
if (this_cred.times.renew_till)
flags.b.renewable = 1;
if (options->flags & KRB5_GET_INIT_CREDS_OPT_ADDRESS_LIST) if (options->flags & KRB5_GET_INIT_CREDS_OPT_ADDRESS_LIST)
addrs = options->address_list; addrs = options->address_list;
if (options->flags & KRB5_GET_INIT_CREDS_OPT_ETYPE_LIST) { if (options->flags & KRB5_GET_INIT_CREDS_OPT_ETYPE_LIST) {
@@ -225,12 +288,12 @@ krb5_get_init_creds_password(krb5_context context,
if (creds) if (creds)
*creds = this_cred; *creds = this_cred;
else else
krb5_free_creds (context, &this_cred); krb5_free_creds_contents (context, &this_cred);
return 0; return 0;
out: out:
free (pre_auth_types); free (pre_auth_types);
free (etypes); free (etypes);
krb5_free_creds (context, &this_cred); krb5_free_creds_contents (context, &this_cred);
return ret; return ret;
} }