diff options
| author | Greg Hudson <ghudson@mit.edu> | 2010-04-20 07:38:12 +0000 |
|---|---|---|
| committer | Greg Hudson <ghudson@mit.edu> | 2010-04-20 07:38:12 +0000 |
| commit | ffd48f9077b245d9d8f245f76775c508937a8f0d (patch) | |
| tree | 5fac6d2b4dc99858663c0f8a3e78248d129bf3c6 | |
| parent | 048c45e81be65f31cd698de6b3536e35f7f1599a (diff) | |
| download | krb5-ffd48f9077b245d9d8f245f76775c508937a8f0d.zip krb5-ffd48f9077b245d9d8f245f76775c508937a8f0d.tar.gz krb5-ffd48f9077b245d9d8f245f76775c508937a8f0d.tar.bz2 | |
Add KRB5_INIT_CREDS_STEP_FLAG_CONTINUE for parity with Heimdal.
Rename KRB5_TKT_CREDS_CONTINUE to KRB5_TKT_CREDS_STEP_FLAG_CONTINUE
for consistency.
Adjust init_creds context to be less confusing in light of the above.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23906 dc483132-0cff-0310-8789-dd5450dbe970
| -rw-r--r-- | src/include/krb5/krb5.hin | 10 | ||||
| -rw-r--r-- | src/lib/krb5/krb/get_creds.c | 4 | ||||
| -rw-r--r-- | src/lib/krb5/krb/get_in_tkt.c | 17 | ||||
| -rw-r--r-- | src/lib/krb5/krb/init_creds_ctx.h | 4 |
4 files changed, 17 insertions, 18 deletions
diff --git a/src/include/krb5/krb5.hin b/src/include/krb5/krb5.hin index 945d424..98ffb70 100644 --- a/src/include/krb5/krb5.hin +++ b/src/include/krb5/krb5.hin @@ -2370,6 +2370,8 @@ krb5_get_init_creds_password(krb5_context context, krb5_creds *creds, struct _krb5_init_creds_context; typedef struct _krb5_init_creds_context *krb5_init_creds_context; +#define KRB5_INIT_CREDS_STEP_FLAG_CONTINUE 0x1 /* More responses needed */ + void KRB5_CALLCONV krb5_init_creds_free(krb5_context context, krb5_init_creds_context ctx); @@ -2474,16 +2476,16 @@ krb5_tkt_creds_get_creds(krb5_context context, krb5_tkt_creds_context ctx, void KRB5_CALLCONV krb5_tkt_creds_free(krb5_context context, krb5_tkt_creds_context ctx); -#define KRB5_TKT_CREDS_CONTINUE 1 /* Another KDC response is needed. */ +#define KRB5_TKT_CREDS_STEP_FLAG_CONTINUE 0x1 /* More responses needed. */ /** * Process a response and generate the next request to acquire credentials. * * On the first call, @a in should be empty or NULL. If more responses are * needed, the @a flags output parameter will contain @a - * KRB5_TKT_CREDS_CONTINUE. In this case, the caller must transport @a out to - * a KDC for @a realm and receive a response, which should be provided as @a - * in to the next call. + * KRB5_TKT_CREDS_STEP_FLAG_CONTINUE. In that case, the caller must transport + * @a out to a KDC for @a realm and receive a response, which should be + * provided as @a in to the next call. * * @param[in] context A krb5 library context (see krb5_init_context()) * @param[in] ctx A TGS acquisition context (see krb5_tkt_creds_init()) diff --git a/src/lib/krb5/krb/get_creds.c b/src/lib/krb5/krb/get_creds.c index e9356f1..e283917 100644 --- a/src/lib/krb5/krb/get_creds.c +++ b/src/lib/krb5/krb/get_creds.c @@ -221,7 +221,7 @@ set_caller_request(krb5_context context, krb5_tkt_creds_context ctx) *ctx->caller_out = out_copy; *ctx->caller_realm = realm_copy; - *ctx->caller_flags = KRB5_TKT_CREDS_CONTINUE; + *ctx->caller_flags = KRB5_TKT_CREDS_STEP_FLAG_CONTINUE; return 0; cleanup: @@ -1140,7 +1140,7 @@ krb5_tkt_creds_get(krb5_context context, krb5_tkt_creds_context ctx) &flags); if (code == KRB5KRB_ERR_RESPONSE_TOO_BIG && !tcp_only) tcp_only = 1; - else if (code != 0 || !(flags & KRB5_TKT_CREDS_CONTINUE)) + else if (code != 0 || !(flags & KRB5_TKT_CREDS_STEP_FLAG_CONTINUE)) break; krb5_free_data_contents(context, &reply); diff --git a/src/lib/krb5/krb/get_in_tkt.c b/src/lib/krb5/krb/get_in_tkt.c index b1b837d..2b98e45 100644 --- a/src/lib/krb5/krb/get_in_tkt.c +++ b/src/lib/krb5/krb/get_in_tkt.c @@ -1083,7 +1083,7 @@ init_creds_get(krb5_context context, &flags); if (code == KRB5KRB_ERR_RESPONSE_TOO_BIG && !tcp_only) tcp_only = 1; - else if (code != 0 || (flags & 1) == 0) + else if (code != 0 || !(flags & KRB5_INIT_CREDS_STEP_FLAG_CONTINUE)) break; krb5_free_data_contents(context, &reply); @@ -1119,7 +1119,7 @@ krb5_init_creds_get_creds(krb5_context context, krb5_init_creds_context ctx, krb5_creds *creds) { - if ((ctx->flags & KRB5_INIT_CREDS_STEP_FLAG_COMPLETE) == 0) + if (!ctx->complete) return KRB5_NO_TKT_SUPPLIED; return krb5int_copy_creds_contents(context, &ctx->cred, creds); @@ -1130,7 +1130,7 @@ krb5_init_creds_get_times(krb5_context context, krb5_init_creds_context ctx, krb5_ticket_times *times) { - if ((ctx->flags & KRB5_INIT_CREDS_STEP_FLAG_COMPLETE) == 0) + if (!ctx->complete) return KRB5_NO_TKT_SUPPLIED; *times = ctx->cred.times; @@ -1979,7 +1979,7 @@ init_creds_step_reply(krb5_context context, /* success */ code = 0; - ctx->flags |= KRB5_INIT_CREDS_STEP_FLAG_COMPLETE; + ctx->complete = TRUE; cleanup: krb5_free_pa_data(context, padata); @@ -2014,8 +2014,8 @@ krb5_init_creds_step(krb5_context context, realm->data = NULL; realm->length = 0; - if (ctx->flags & KRB5_INIT_CREDS_STEP_FLAG_COMPLETE) - goto cleanup; + if (ctx->complete) + return EINVAL; if (in->length != 0) { code = init_creds_step_reply(context, ctx, in); @@ -2029,7 +2029,7 @@ krb5_init_creds_step(krb5_context context, } goto copy_realm; } - if (code != 0 || (ctx->flags & KRB5_INIT_CREDS_STEP_FLAG_COMPLETE)) + if (code != 0 || ctx->complete) goto cleanup; } @@ -2065,8 +2065,7 @@ cleanup: } } - *flags = (ctx->flags & KRB5_INIT_CREDS_STEP_FLAG_COMPLETE) ? 0 : 1; - + *flags = ctx->complete ? 0 : KRB5_INIT_CREDS_STEP_FLAG_CONTINUE; return code; } diff --git a/src/lib/krb5/krb/init_creds_ctx.h b/src/lib/krb5/krb/init_creds_ctx.h index 1d41a44..6a76298 100644 --- a/src/lib/krb5/krb/init_creds_ctx.h +++ b/src/lib/krb5/krb/init_creds_ctx.h @@ -14,7 +14,7 @@ struct _krb5_init_creds_context { krb5_deltat start_time; krb5_deltat tkt_life; krb5_deltat renew_life; - unsigned int flags; + krb5_boolean complete; unsigned int loopcount; krb5_data password; krb5_error *err_reply; @@ -35,8 +35,6 @@ struct _krb5_init_creds_context { krb5_boolean sent_nontrivial_preauth; }; -#define KRB5_INIT_CREDS_STEP_FLAG_COMPLETE 0x1 - krb5_error_code krb5_get_as_key_password(krb5_context context, krb5_principal client, |