From 7a095e23811bddd3f4c2485df25d2045228b9219 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Love=20H=C3=B6rnquist=20=C3=85strand?= <lha@kth.se>
Date: Tue, 22 Jul 2003 12:18:26 +0000
Subject: [PATCH] add ticket access functions

git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@12483 ec53bebd-3082-4978-b11e-865c3cabbd6b
---
 lib/krb5/Makefile.am   |   1 +
 lib/krb5/krb5.3        |   9 ++++
 lib/krb5/krb5_ticket.3 | 105 +++++++++++++++++++++++++++++++++++++++++
 lib/krb5/ticket.c      |  37 +++++++++++++++
 4 files changed, 152 insertions(+)
 create mode 100644 lib/krb5/krb5_ticket.3

diff --git a/lib/krb5/Makefile.am b/lib/krb5/Makefile.am
index e969e80c8..c25fc236a 100644
--- a/lib/krb5/Makefile.am
+++ b/lib/krb5/Makefile.am
@@ -174,6 +174,7 @@ man_MANS =					\
 	krb5_parse_name.3			\
 	krb5_principal.3			\
 	krb5_set_default_realm.3		\
+	krb5_ticket.3				\
 	krb5_timeofday.3			\
 	krb5_unparse_name.3			\
 	krb5_verify_user.3			\
diff --git a/lib/krb5/krb5.3 b/lib/krb5/krb5.3
index 507fc9799..0440b70a7 100644
--- a/lib/krb5/krb5.3
+++ b/lib/krb5/krb5.3
@@ -107,9 +107,13 @@ krb5_c_encrypt.3
 krb5_c_encrypt_length.3
 krb5_c_enctype_compare.3
 krb5_c_get_checksum.3
+krb5_c_is_coll_proof_cksum.3
+krb5_c_is_keyed_cksum.3
 krb5_c_make_checksum.3
 krb5_c_make_random_key.3
 krb5_c_set_checksum.3
+krb5_c_valid_cksumtype.3
+krb5_c_valid_enctype.3
 krb5_c_verify_checksum.3
 krb5_cc_close.3
 krb5_cc_copy_cache.3
@@ -145,6 +149,7 @@ krb5_copy_address.3
 krb5_copy_addresses.3
 krb5_copy_checksum.3
 krb5_copy_data.3
+krb5_copy_ticket.3
 krb5_create_checksum.3
 krb5_crypto_destroy.3
 krb5_crypto_init.3
@@ -170,6 +175,7 @@ krb5_free_data_contents.3
 krb5_free_host_realm.3
 krb5_free_krbhst.3
 krb5_free_principal.3
+krb5_free_ticket.3
 krb5_get_all_client_addrs.3
 krb5_get_all_server_addrs.3
 krb5_get_default_realm.3
@@ -237,6 +243,9 @@ krb5_sockaddr2address.3
 krb5_sockaddr2port.3
 krb5_sockaddr_uninteresting.3
 krb5_string_to_enctype.3
+krb5_ticket.3
+krb5_ticket_get_client.3
+krb5_ticket_get_server.3
 krb5_timeofday.3
 krb5_unparse_name.3
 krb5_us_timeofday.3
diff --git a/lib/krb5/krb5_ticket.3 b/lib/krb5/krb5_ticket.3
new file mode 100644
index 000000000..6ed9d1b3e
--- /dev/null
+++ b/lib/krb5/krb5_ticket.3
@@ -0,0 +1,105 @@
+.\" Copyright (c) 2003 Kungliga Tekniska Högskolan
+.\" (Royal Institute of Technology, Stockholm, Sweden).
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\"
+.\" 1. Redistributions of source code must retain the above copyright
+.\"    notice, this list of conditions and the following disclaimer.
+.\"
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\"    notice, this list of conditions and the following disclaimer in the
+.\"    documentation and/or other materials provided with the distribution.
+.\"
+.\" 3. Neither the name of the Institute nor the names of its contributors
+.\"    may be used to endorse or promote products derived from this software
+.\"    without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\"
+.\" $Id$
+.\"
+.Dd July 22, 2003
+.Dt KRB5_TICKET 3
+.Os HEIMDAL
+.Sh NAME
+.Nm krb5_ticket ,
+.Nm krb5_free_ticket ,
+.Nm krb5_copy_ticket ,
+.Nm krb5_ticket_get_client ,
+.Nm krb5_ticket_get_server
+.Nd kerberos 5 ticket access and handling functions.
+.Sh LIBRARY
+Kerberos 5 Library (libkrb5, -lkrb5)
+.Sh SYNOPSIS
+.In krb5.h
+.Pp
+.Li krb5_ticket ;
+.Pp
+.Ft krb5_error_code
+.Fo krb5_free_ticket
+.Fa "krb5_context context"
+.Fa "krb5_ticket *ticket"
+.Fc
+.Ft krb5_error_code
+.Fo krb5_copy_ticket
+.Fa "krb5_context context"
+.Fa "const krb5_ticket *from"
+.Fa "krb5_ticket **to"
+.Fc
+.Ft krb5_error_code
+.Fo krb5_ticket_get_client
+.Fa "krb5_context context"
+.Fa "const krb5_ticket *ticket"
+.Fa "krb5_principal *client"
+.Fc
+.Ft krb5_error_code
+.Fo krb5_ticket_get_server
+.Fa "krb5_context context"
+.Fa "const krb5_ticket *ticket"
+.Fa "krb5_principal *server"
+.Fc
+.Sh DESCRIPTION
+.Li krb5_ticket
+holds a kerberos ticket.
+The internals of the structure should never be accessed directly,
+functions exist for extracting information.
+.Pp
+.Fn krb5_free_ticket
+frees the contents of the
+.Fa ticket .
+.Pp
+.Fn krb5_copy_ticket
+copies the content of the ticket
+.Fa from
+to the ticket
+.Fa to .
+The content of
+.Fa to
+should be freed with
+.Fn krb5_free_ticket .
+.Fa to
+itself should be freed with
+.Xr free 3 .
+.Pp
+.Fn krb5_ticket_get_client
+and
+.Fn krb5_ticket_get_server
+returns a copy of the client/server principal from the ticket.
+The principal returned should be free using
+.Xr krb5_free_principal 3 .
+.\" .Sh EXAMPLES
+.Sh SEE ALSO
+.Xr krb5 3
diff --git a/lib/krb5/ticket.c b/lib/krb5/ticket.c
index f699cee2b..f0b0a0c0d 100644
--- a/lib/krb5/ticket.c
+++ b/lib/krb5/ticket.c
@@ -74,3 +74,40 @@ krb5_copy_ticket(krb5_context context,
     *to = tmp;
     return 0;
 }
+
+krb5_error_code
+krb5_ticket_get_client(krb5_context context,
+		       const krb5_ticket *ticket,
+		       krb5_principal *client)
+{
+    return krb5_copy_principal(context, ticket->client, client);
+}
+
+krb5_error_code
+krb5_ticket_get_server(krb5_context context,
+		       const krb5_ticket *ticket,
+		       krb5_principal *server)
+{
+    return krb5_copy_principal(context, ticket->server, server);
+}
+
+krb5_error_code
+krb5_ticket_get_authorization_data_type(krb5_context context, krb5_ticket *ticket,
+					int type, krb5_data *data)
+{
+    int i;
+
+    data->length = 0;
+    data->data = NULL;
+
+    if (ticket->ticket.authorization_data == NULL)
+	return ENOENT; /* XXX */
+
+    for (i = 0; i < ticket->ticket.authorization_data->len; i++) {
+	if (ticket->ticket.authorization_data->val[i].ad_type == type) {
+	    return copy_octet_string(&ticket->ticket.authorization_data->val[i].ad_data,
+				     data);
+	}
+    }
+    return ENOENT; /* XXX */
+}