oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

use krb5_get_init_creds_opt_alloc/krb5_get_init_creds_opt_free

Browse Source 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@12737 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Love Hörnquist Åstrand
2003-09-03 00:31:42 +00:00
parent f287772b22
commit 61e14619de
9 changed files with 74 additions and 45 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
appl/popper/pop_pass.c
View File

@@ -37,15 +37,20 @@ static int
krb5_verify_password (POP *p) krb5_verify_password (POP *p)
{ {
krb5_preauthtype pre_auth_types[] = {KRB5_PADATA_ENC_TIMESTAMP}; krb5_preauthtype pre_auth_types[] = {KRB5_PADATA_ENC_TIMESTAMP};
krb5_get_init_creds_opt get_options; krb5_get_init_creds_opt *get_options;
krb5_verify_init_creds_opt verify_options; krb5_verify_init_creds_opt verify_options;
krb5_error_code ret; krb5_error_code ret;
krb5_principal client, server; krb5_principal client, server;
krb5_creds creds; krb5_creds creds;
krb5_get_init_creds_opt_init (&get_options); ret = krb5_get_init_creds_opt_alloc (&get_options);
if (ret) {
pop_log(p, POP_PRIORITY, "krb5_get_init_creds_opt_init: %s",
krb5_get_err_text (p->context, ret));
return 1;
}
krb5_get_init_creds_opt_set_preauth_list (&get_options, krb5_get_init_creds_opt_set_preauth_list (get_options,
pre_auth_types, pre_auth_types,
1); 1);
@@ -66,7 +71,8 @@ krb5_verify_password (POP *p)
NULL, NULL,
0, 0,
NULL, NULL,
&get_options); get_options);
krb5_get_init_creds_opt_free(get_options);
if (ret) { if (ret) {
pop_log(p, POP_PRIORITY, pop_log(p, POP_PRIORITY,
"krb5_get_init_creds_password: %s", "krb5_get_init_creds_password: %s",

15
kpasswd/kpasswd-generator.c
View File

@@ -88,17 +88,17 @@ generate_requests (const char *filename, unsigned nreq)
for (i = 0; i < nreq; ++i) { for (i = 0; i < nreq; ++i) {
char *name = words[rand() % nwords]; char *name = words[rand() % nwords];
krb5_get_init_creds_opt opt; krb5_get_init_creds_opt *opt;
krb5_creds cred; krb5_creds cred;
krb5_principal principal; krb5_principal principal;
int result_code; int result_code;
krb5_data result_code_string, result_string; krb5_data result_code_string, result_string;
char *old_pwd, *new_pwd; char *old_pwd, *new_pwd;
krb5_get_init_creds_opt_init (&opt); krb5_get_init_creds_opt_alloc (&opt);
krb5_get_init_creds_opt_set_tkt_life (&opt, 300); krb5_get_init_creds_opt_set_tkt_life (opt, 300);
krb5_get_init_creds_opt_set_forwardable (&opt, FALSE); krb5_get_init_creds_opt_set_forwardable (opt, FALSE);
krb5_get_init_creds_opt_set_proxiable (&opt, FALSE); krb5_get_init_creds_opt_set_proxiable (opt, FALSE);
ret = krb5_parse_name (context, name, &principal); ret = krb5_parse_name (context, name, &principal);
if (ret) if (ret)
@@ -115,7 +115,7 @@ generate_requests (const char *filename, unsigned nreq)
NULL, NULL,
0, 0,
"kadmin/changepw", "kadmin/changepw",
&opt); opt);
if( ret == KRB5KRB_AP_ERR_BAD_INTEGRITY if( ret == KRB5KRB_AP_ERR_BAD_INTEGRITY
|| ret == KRB5KRB_AP_ERR_MODIFIED) { || ret == KRB5KRB_AP_ERR_MODIFIED) {
char *tmp; char *tmp;
@@ -132,7 +132,7 @@ generate_requests (const char *filename, unsigned nreq)
NULL, NULL,
0, 0,
"kadmin/changepw", "kadmin/changepw",
&opt); opt);
} }
if (ret) if (ret)
krb5_err (context, 1, ret, "krb5_get_init_creds_password"); krb5_err (context, 1, ret, "krb5_get_init_creds_password");
@@ -149,6 +149,7 @@ generate_requests (const char *filename, unsigned nreq)
free (old_pwd); free (old_pwd);
free (new_pwd); free (new_pwd);
krb5_free_creds_contents (context, &cred); krb5_free_creds_contents (context, &cred);
krb5_get_init_creds_opt_free(opt);
} }
} }

20
kpasswd/kpasswd.c
View File

@@ -119,7 +119,7 @@ main (int argc, char **argv)
krb5_principal principal; krb5_principal principal;
krb5_principal admin_principal; krb5_principal admin_principal;
int optind = 0; int optind = 0;
krb5_get_init_creds_opt opt; krb5_get_init_creds_opt *opt;
krb5_creds cred; krb5_creds cred;
krb5_ccache id; krb5_ccache id;
int exit_value; int exit_value;
@@ -135,12 +135,6 @@ main (int argc, char **argv)
exit(0); exit(0);
} }
krb5_get_init_creds_opt_init (&opt);
krb5_get_init_creds_opt_set_tkt_life (&opt, 300);
krb5_get_init_creds_opt_set_forwardable (&opt, FALSE);
krb5_get_init_creds_opt_set_proxiable (&opt, FALSE);
admin_principal = NULL; admin_principal = NULL;
argc -= optind; argc -= optind;
@@ -150,6 +144,14 @@ main (int argc, char **argv)
if (ret) if (ret)
errx (1, "krb5_init_context failed: %d", ret); errx (1, "krb5_init_context failed: %d", ret);
ret = krb5_get_init_creds_opt_alloc (&opt);
if (ret)
krb5_err(context, 1, ret, "krb5_get_init_creds_opt_alloc");
krb5_get_init_creds_opt_set_tkt_life (opt, 300);
krb5_get_init_creds_opt_set_forwardable (opt, FALSE);
krb5_get_init_creds_opt_set_proxiable (opt, FALSE);
if (admin_principal_str) { if (admin_principal_str) {
ret = krb5_parse_name (context, admin_principal_str, &admin_principal); ret = krb5_parse_name (context, admin_principal_str, &admin_principal);
if (ret) if (ret)
@@ -174,7 +176,7 @@ main (int argc, char **argv)
NULL, NULL,
0, 0,
"kadmin/changepw", "kadmin/changepw",
&opt); opt);
switch (ret) { switch (ret) {
case 0: case 0:
break; break;
@@ -188,6 +190,8 @@ main (int argc, char **argv)
krb5_err(context, 1, ret, "krb5_get_init_creds"); krb5_err(context, 1, ret, "krb5_get_init_creds");
} }
krb5_get_init_creds_opt_free(opt);
ret = krb5_cc_initialize(context, id, admin_principal); ret = krb5_cc_initialize(context, id, admin_principal);
if (ret) if (ret)
krb5_err(context, 1, ret, "krb5_cc_initialize"); krb5_err(context, 1, ret, "krb5_cc_initialize");

10
kuser/kverify.c
View File

@@ -60,7 +60,7 @@ main(int argc, char **argv)
krb5_error_code ret; krb5_error_code ret;
krb5_creds cred; krb5_creds cred;
krb5_preauthtype pre_auth_types[] = {KRB5_PADATA_ENC_TIMESTAMP}; krb5_preauthtype pre_auth_types[] = {KRB5_PADATA_ENC_TIMESTAMP};
krb5_get_init_creds_opt get_options; krb5_get_init_creds_opt *get_options;
krb5_verify_init_creds_opt verify_options; krb5_verify_init_creds_opt verify_options;
int optind = 0; int optind = 0;
@@ -81,9 +81,11 @@ main(int argc, char **argv)
if (ret) if (ret)
errx (1, "krb5_init_context failed: %d", ret); errx (1, "krb5_init_context failed: %d", ret);
krb5_get_init_creds_opt_init (&get_options); ret = krb5_get_init_creds_opt_alloc (&get_options);
if (ret)
krb5_err(context, 1, ret, "krb5_get_init_creds_opt_alloc");
krb5_get_init_creds_opt_set_preauth_list (&get_options, krb5_get_init_creds_opt_set_preauth_list (get_options,
pre_auth_types, pre_auth_types,
1); 1);
@@ -97,7 +99,7 @@ main(int argc, char **argv)
NULL, NULL,
0, 0,
NULL, NULL,
&get_options); get_options);
if (ret) if (ret)
errx (1, "krb5_get_init_creds: %s", krb5_get_err_text(context, ret)); errx (1, "krb5_get_init_creds: %s", krb5_get_err_text(context, ret));

9
lib/gssapi/acquire_cred.c
View File

@@ -71,7 +71,7 @@ static OM_uint32 acquire_initiator_cred
OM_uint32 ret; OM_uint32 ret;
krb5_creds cred; krb5_creds cred;
krb5_principal def_princ; krb5_principal def_princ;
krb5_get_init_creds_opt opt; krb5_get_init_creds_opt *opt;
krb5_ccache ccache; krb5_ccache ccache;
krb5_keytab keytab; krb5_keytab keytab;
krb5_error_code kret; krb5_error_code kret;
@@ -117,9 +117,12 @@ static OM_uint32 acquire_initiator_cred
kret = get_keytab(&keytab); kret = get_keytab(&keytab);
if (kret) if (kret)
goto end; goto end;
krb5_get_init_creds_opt_init(&opt); kret = krb5_get_init_creds_opt_alloc(&opt);
if (ret)
goto end;
kret = krb5_get_init_creds_keytab(gssapi_krb5_context, &cred, kret = krb5_get_init_creds_keytab(gssapi_krb5_context, &cred,
handle->principal, keytab, 0, NULL, &opt); handle->principal, keytab, 0, NULL, opt);
krb5_get_init_creds_opt_free(opt);
if (kret) if (kret)
goto end; goto end;
kret = krb5_cc_gen_new(gssapi_krb5_context, &krb5_mcc_ops, kret = krb5_cc_gen_new(gssapi_krb5_context, &krb5_mcc_ops,

9
lib/gssapi/krb5/acquire_cred.c
View File

@@ -71,7 +71,7 @@ static OM_uint32 acquire_initiator_cred
OM_uint32 ret; OM_uint32 ret;
krb5_creds cred; krb5_creds cred;
krb5_principal def_princ; krb5_principal def_princ;
krb5_get_init_creds_opt opt; krb5_get_init_creds_opt *opt;
krb5_ccache ccache; krb5_ccache ccache;
krb5_keytab keytab; krb5_keytab keytab;
krb5_error_code kret; krb5_error_code kret;
@@ -117,9 +117,12 @@ static OM_uint32 acquire_initiator_cred
kret = get_keytab(&keytab); kret = get_keytab(&keytab);
if (kret) if (kret)
goto end; goto end;
krb5_get_init_creds_opt_init(&opt); kret = krb5_get_init_creds_opt_alloc(&opt);
if (ret)
goto end;
kret = krb5_get_init_creds_keytab(gssapi_krb5_context, &cred, kret = krb5_get_init_creds_keytab(gssapi_krb5_context, &cred,
handle->principal, keytab, 0, NULL, &opt); handle->principal, keytab, 0, NULL, opt);
krb5_get_init_creds_opt_free(opt);
if (kret) if (kret)
goto end; goto end;
kret = krb5_cc_gen_new(gssapi_krb5_context, &krb5_mcc_ops, kret = krb5_cc_gen_new(gssapi_krb5_context, &krb5_mcc_ops,

21
lib/kadm5/init_c.c
View File

@@ -141,19 +141,21 @@ get_new_cache(krb5_context context,
{ {
krb5_error_code ret; krb5_error_code ret;
krb5_creds cred; krb5_creds cred;
krb5_get_init_creds_opt opt; krb5_get_init_creds_opt *opt;
krb5_ccache id; krb5_ccache id;
krb5_get_init_creds_opt_init (&opt); ret = krb5_get_init_creds_opt_alloc (&opt);
if (ret)
return ret;
krb5_get_init_creds_opt_set_default_flags(context, "kadmin", krb5_get_init_creds_opt_set_default_flags(context, "kadmin",
krb5_principal_get_realm(context, krb5_principal_get_realm(context,
client), client),
&opt); opt);
krb5_get_init_creds_opt_set_forwardable (&opt, FALSE); krb5_get_init_creds_opt_set_forwardable (opt, FALSE);
krb5_get_init_creds_opt_set_proxiable (&opt, FALSE); krb5_get_init_creds_opt_set_proxiable (opt, FALSE);
if(password == NULL && prompter == NULL) { if(password == NULL && prompter == NULL) {
krb5_keytab kt; krb5_keytab kt;
@@ -161,15 +163,17 @@ get_new_cache(krb5_context context,
ret = krb5_kt_default(context, &kt); ret = krb5_kt_default(context, &kt);
else else
ret = krb5_kt_resolve(context, keytab, &kt); ret = krb5_kt_resolve(context, keytab, &kt);
if(ret) if(ret) {
krb5_get_init_creds_opt_free(opt);
return ret; return ret;
}
ret = krb5_get_init_creds_keytab (context, ret = krb5_get_init_creds_keytab (context,
&cred, &cred,
client, client,
kt, kt,
0, 0,
server_name, server_name,
&opt); opt);
krb5_kt_close(context, kt); krb5_kt_close(context, kt);
} else { } else {
ret = krb5_get_init_creds_password (context, ret = krb5_get_init_creds_password (context,
@@ -180,8 +184,9 @@ get_new_cache(krb5_context context,
NULL, NULL,
0, 0,
server_name, server_name,
&opt); opt);
} }
krb5_get_init_creds_opt_free(opt);
switch(ret){ switch(ret){
case 0: case 0:
break; break;

8
lib/kadm5/ipropd_slave.c
View File

@@ -69,7 +69,7 @@ get_creds(krb5_context context, const char *keytab_str,
krb5_keytab keytab; krb5_keytab keytab;
krb5_principal client; krb5_principal client;
krb5_error_code ret; krb5_error_code ret;
krb5_get_init_creds_opt init_opts; krb5_get_init_creds_opt *init_opts;
krb5_creds creds; krb5_creds creds;
char *server; char *server;
char keytab_buf[256]; char keytab_buf[256];
@@ -89,15 +89,17 @@ get_creds(krb5_context context, const char *keytab_str,
KRB5_NT_SRV_HST, &client); KRB5_NT_SRV_HST, &client);
if (ret) krb5_err(context, 1, ret, "krb5_sname_to_principal"); if (ret) krb5_err(context, 1, ret, "krb5_sname_to_principal");
krb5_get_init_creds_opt_init(&init_opts); ret = krb5_get_init_creds_opt_alloc(&init_opts);
if (ret) krb5_err(context, 1, ret, "krb5_get_init_creds_opt_alloc");
asprintf (&server, "%s/%s", IPROP_NAME, host); asprintf (&server, "%s/%s", IPROP_NAME, host);
if (server == NULL) if (server == NULL)
krb5_errx (context, 1, "malloc: no memory"); krb5_errx (context, 1, "malloc: no memory");
ret = krb5_get_init_creds_keytab(context, &creds, client, keytab, ret = krb5_get_init_creds_keytab(context, &creds, client, keytab,
0, server, &init_opts); 0, server, init_opts);
free (server); free (server);
krb5_get_init_creds_opt_free(init_opts);
if(ret) krb5_err(context, 1, ret, "krb5_get_init_creds"); if(ret) krb5_err(context, 1, ret, "krb5_get_init_creds");
ret = krb5_kt_close(context, keytab); ret = krb5_kt_close(context, keytab);

13
lib/krb5/verify_user.c
View File

@@ -1,5 +1,5 @@
/* /*
* Copyright (c) 1997-2002 Kungliga Tekniska H<>gskolan * Copyright (c) 1997-2003 Kungliga Tekniska H<>gskolan
* (Royal Institute of Technology, Stockholm, Sweden). * (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved. * All rights reserved.
* *
@@ -136,13 +136,15 @@ verify_user_opt_int(krb5_context context,
{ {
krb5_error_code ret; krb5_error_code ret;
krb5_get_init_creds_opt opt; krb5_get_init_creds_opt *opt;
krb5_creds cred; krb5_creds cred;
krb5_get_init_creds_opt_init (&opt); ret = krb5_get_init_creds_opt_alloc (&opt);
if (ret)
return ret;
krb5_get_init_creds_opt_set_default_flags(context, NULL, krb5_get_init_creds_opt_set_default_flags(context, NULL,
*krb5_princ_realm(context, principal), *krb5_princ_realm(context, principal),
&opt); opt);
ret = krb5_get_init_creds_password (context, ret = krb5_get_init_creds_password (context,
&cred, &cred,
principal, principal,
@@ -151,7 +153,8 @@ verify_user_opt_int(krb5_context context,
NULL, NULL,
0, 0,
NULL, NULL,
&opt); opt);
krb5_get_init_creds_opt_free(opt);
if(ret) if(ret)
return ret; return ret;
#define OPT(V, D) ((vopt && (vopt->V)) ? (vopt->V) : (D)) #define OPT(V, D) ((vopt && (vopt->V)) ? (vopt->V) : (D))