diff options
| author | Tom Yu <tlyu@mit.edu> | 2009-10-31 00:48:38 +0000 |
|---|---|---|
| committer | Tom Yu <tlyu@mit.edu> | 2009-10-31 00:48:38 +0000 |
| commit | 02d6bcbc98a214e7aeaaa9f45f0db8784a7b743b (patch) | |
| tree | 61b9147863cd8be3eff63903dc36cae168254bd5 /src/include/CredentialsCache.h | |
| parent | 162ab371748cba0cc6f172419bd6e71fa04bb878 (diff) | |
| download | krb5-02d6bcbc98a214e7aeaaa9f45f0db8784a7b743b.zip krb5-02d6bcbc98a214e7aeaaa9f45f0db8784a7b743b.tar.gz krb5-02d6bcbc98a214e7aeaaa9f45f0db8784a7b743b.tar.bz2 | |
make mark-cstyle
make reindent
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23100 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/include/CredentialsCache.h')
| -rw-r--r-- | src/include/CredentialsCache.h | 820 |
1 files changed, 410 insertions, 410 deletions
diff --git a/src/include/CredentialsCache.h b/src/include/CredentialsCache.h index cd573e7..656b436 100644 --- a/src/include/CredentialsCache.h +++ b/src/include/CredentialsCache.h @@ -23,7 +23,7 @@ * this software for any purpose. It is provided "as is" without express * or implied warranty. */ - + #ifndef __CREDENTIALSCACHE__ #define __CREDENTIALSCACHE__ @@ -35,7 +35,7 @@ * The object for kCCAPICacheCollectionChangedNotification is NULL. * The object for kCCAPICCacheChangedNotification is a CFString containing the * name of the ccache. - * + * * Note: Notifications are not sent if the CCacheServer crashes. */ #define kCCAPICacheCollectionChangedNotification CFSTR ("CCAPICacheCollectionChangedNotification") #define kCCAPICCacheChangedNotification CFSTR ("CCAPICCacheChangedNotification") @@ -54,7 +54,7 @@ extern "C" { #if TARGET_OS_MAC #pragma pack(push,2) -#endif +#endif #if defined(_WIN32) #define CCACHE_API __declspec(dllexport) @@ -64,7 +64,7 @@ extern "C" { #error time_t has been defined as a 64-bit integer which is incompatible with Kerberos on this platform. #endif /* _TIME_T_DEFINED */ #define _USE_32BIT_TIME_T -#endif +#endif #else #define CCACHE_API #endif @@ -100,89 +100,89 @@ extern "C" { * * \li \ref cc_string_reference * \li \ref cc_string_f "cc_string_t Functions" - * + * * \section introduction Introduction * - * This is the specification for an API which provides Credentials Cache - * services for both Kerberos v5 and v4. The idea behind this API is that - * multiple Kerberos implementations can share a single collection of - * credentials caches, mediated by this API specification. On the Mac OS - * and Microsoft Windows platforms this will allow single-login, even when + * This is the specification for an API which provides Credentials Cache + * services for both Kerberos v5 and v4. The idea behind this API is that + * multiple Kerberos implementations can share a single collection of + * credentials caches, mediated by this API specification. On the Mac OS + * and Microsoft Windows platforms this will allow single-login, even when * more than one Kerberos shared library is in use on a particular system. * - * Abstractly, a credentials cache collection contains one or more credentials - * caches, or ccaches. A ccache is uniquely identified by its name, which is - * a string internal to the API and not intended to be presented to users. + * Abstractly, a credentials cache collection contains one or more credentials + * caches, or ccaches. A ccache is uniquely identified by its name, which is + * a string internal to the API and not intended to be presented to users. * The user presentable identifier of a ccache is its principal. * - * Unlike the previous versions of the API, version 3 of the API stores both + * Unlike the previous versions of the API, version 3 of the API stores both * Kerberos v4 and v5 credentials in the same ccache. * - * At any given time, one ccache is the "default" ccache. The exact meaning - * of a default ccache is OS-specific; refer to implementation requirements + * At any given time, one ccache is the "default" ccache. The exact meaning + * of a default ccache is OS-specific; refer to implementation requirements * for details. * * \section error_handling Error Handling * - * All functions of the API return some of the error constants listed FIXME; - * the exact list of error constants returned by any API function is provided + * All functions of the API return some of the error constants listed FIXME; + * the exact list of error constants returned by any API function is provided * in the function descriptions below. - * - * When returning an error constant other than ccNoError or ccIteratorEnd, API + * + * When returning an error constant other than ccNoError or ccIteratorEnd, API * functions never modify any of the values passed in by reference. * * \section synchronization_atomicity Synchronization and Atomicity - * + * * Every function in the API is atomic. In order to make a series of calls * atomic, callers should lock the ccache or cache collection they are working - * with to advise other callers not to modify that container. Note that - * advisory locks are per container so even if you have a read lock on the cache - * collection other callers can obtain write locks on ccaches in that cache + * with to advise other callers not to modify that container. Note that + * advisory locks are per container so even if you have a read lock on the cache + * collection other callers can obtain write locks on ccaches in that cache * collection. - * - * Note that iterators do not iterate over ccaches and credentials atomically - * because locking ccaches and the cache collection over every iteration would - * degrade performance considerably under high load. However, iterators do - * guarantee a consistent view of items they are iterating over. Iterators - * will never return duplicate entries or skip entries when items are removed - * or added to the container they are iterating over. - * + * + * Note that iterators do not iterate over ccaches and credentials atomically + * because locking ccaches and the cache collection over every iteration would + * degrade performance considerably under high load. However, iterators do + * guarantee a consistent view of items they are iterating over. Iterators + * will never return duplicate entries or skip entries when items are removed + * or added to the container they are iterating over. + * * An application can always lock a ccache or the cache collection to guarantee - * that other callers participating in the advisory locking system do not + * that other callers participating in the advisory locking system do not * modify the ccache or cache collection. - * + * * Implementations should not use copy-on-write techniques to implement locks - * because those techniques imply that same parts of the ccache collection - * remain visible to some callers even though they are not present in the - * collection, which is a potential security risk. For example, a copy-on-write - * technique might make a copy of the entire collection when a read lock is - * acquired, so as to allow the owner of the lock to access the collection in - * an apparently unmodified state, while also allowing others to make - * modifications to the collection. However, this would also enable the owner - * of the lock to indefinitely (until the expiration time) use credentials that + * because those techniques imply that same parts of the ccache collection + * remain visible to some callers even though they are not present in the + * collection, which is a potential security risk. For example, a copy-on-write + * technique might make a copy of the entire collection when a read lock is + * acquired, so as to allow the owner of the lock to access the collection in + * an apparently unmodified state, while also allowing others to make + * modifications to the collection. However, this would also enable the owner + * of the lock to indefinitely (until the expiration time) use credentials that * have actually been deleted from the collection. - * + * * \section memory_management Object Memory Management - * - * The lifetime of an object returned by the API is until release() is called - * for it. Releasing one object has no effect on existence of any other object. - * For example, a ccache obtained within a context continue to exist when the + * + * The lifetime of an object returned by the API is until release() is called + * for it. Releasing one object has no effect on existence of any other object. + * For example, a ccache obtained within a context continue to exist when the * context is released. - * - * Every object returned by the API (cc_context_t, cc_ccache_t, cc_ccache_iterator_t, - * cc_credentials_t, cc_credentials_iterator_t, cc_string_t) is owned by the - * caller of the API, and it is the responsibility of the caller to call release() + * + * Every object returned by the API (cc_context_t, cc_ccache_t, cc_ccache_iterator_t, + * cc_credentials_t, cc_credentials_iterator_t, cc_string_t) is owned by the + * caller of the API, and it is the responsibility of the caller to call release() * for every object to prevent memory leaks. - * + * * \section opaque_types Opaque Types - * - * All of the opaque high-level types in CCache API are implemented as structures - * of function pointers and private data. To perform some operation on a type, the - * caller of the API has to first obtain an instance of that type, and then call the - * appropriate function pointer from that instance. For example, to call - * get_change_time() on a cc_context_t, one would call cc_initialize() which creates + * + * All of the opaque high-level types in CCache API are implemented as structures + * of function pointers and private data. To perform some operation on a type, the + * caller of the API has to first obtain an instance of that type, and then call the + * appropriate function pointer from that instance. For example, to call + * get_change_time() on a cc_context_t, one would call cc_initialize() which creates * a new cc_context_t and then call its get_change_time(), like this: - * + * * \code * cc_context_t context; * cc_int32 err = cc_initialize (&context, ccapi_version_3, nil, nil); @@ -190,10 +190,10 @@ extern "C" { * time = context->functions->get_change_time (context) * \endcode * - * All API functions also have convenience preprocessor macros, which make the API - * seem completely function-based. For example, cc_context_get_change_time - * (context, time) is equivalent to context->functions->get_change_time - * (context, time). The convenience macros follow the following naming convention: + * All API functions also have convenience preprocessor macros, which make the API + * seem completely function-based. For example, cc_context_get_change_time + * (context, time) is equivalent to context->functions->get_change_time + * (context, time). The convenience macros follow the following naming convention: * * The API function some_function() * \code @@ -207,39 +207,39 @@ extern "C" { * result = cc_type_some_function (an_object, args) * \endcode * - * The specifications below include the names for both the functions and the - * convenience macros, in that order. For clarity, it is recommended that clients + * The specifications below include the names for both the functions and the + * convenience macros, in that order. For clarity, it is recommended that clients * using the API use the convenience macros, but that is merely a stylistic choice. * - * Implementing the API in this manner allows us to extend and change the interface + * Implementing the API in this manner allows us to extend and change the interface * in the future, while preserving compatibility with older clients. * - * For example, consider the case when the signature or the semantics of a cc_ccache_t - * function is changed. The API version number is incremented. The library - * implementation contains both a function with the old signature and semantics and - * a function with the new signature and semantics. When a context is created, the API - * version number used in that context is stored in the context, and therefore it can - * be used whenever a ccache is created in that context. When a ccache is created in a - * context with the old API version number, the function pointer structure for the - * ccache is filled with pointers to functions implementing the old semantics; when a - * ccache is created in a context with the new API version number, the function pointer - * structure for the ccache is filled with poitners to functions implementing the new + * For example, consider the case when the signature or the semantics of a cc_ccache_t + * function is changed. The API version number is incremented. The library + * implementation contains both a function with the old signature and semantics and + * a function with the new signature and semantics. When a context is created, the API + * version number used in that context is stored in the context, and therefore it can + * be used whenever a ccache is created in that context. When a ccache is created in a + * context with the old API version number, the function pointer structure for the + * ccache is filled with pointers to functions implementing the old semantics; when a + * ccache is created in a context with the new API version number, the function pointer + * structure for the ccache is filled with poitners to functions implementing the new * semantics. * - * Similarly, if a function is added to the API, the version number in the context can - * be used to decide whether to include the implementation of the new function in the + * Similarly, if a function is added to the API, the version number in the context can + * be used to decide whether to include the implementation of the new function in the * appropriate function pointer structure or not. */ - + /*! * \defgroup ccapi_constants_reference Constants * @{ */ - + /*! - * API version numbers + * API version numbers * - * These constants are passed into cc_initialize() to indicate the version + * These constants are passed into cc_initialize() to indicate the version * of the API the caller wants to use. * * CCAPI v1 and v2 are deprecated and should not be used. @@ -253,67 +253,67 @@ enum { ccapi_version_7 = 7, ccapi_version_max = ccapi_version_7 }; - -/*! - * Error codes + +/*! + * Error codes */ enum { - - ccNoError = 0, /*!< Success. */ - ccIteratorEnd = 201, /*!< Iterator is done iterating. */ + ccNoError = 0, /*!< Success. */ + + ccIteratorEnd = 201, /*!< Iterator is done iterating. */ ccErrBadParam, /*!< Bad parameter (NULL or invalid pointer where valid pointer expected). */ ccErrNoMem, /*!< Not enough memory to complete the operation. */ ccErrInvalidContext, /*!< Context is invalid (e.g., it was released). */ ccErrInvalidCCache, /*!< CCache is invalid (e.g., it was released or destroyed). */ /* 206 */ - ccErrInvalidString, /*!< String is invalid (e.g., it was released). */ + ccErrInvalidString, /*!< String is invalid (e.g., it was released). */ ccErrInvalidCredentials, /*!< Credentials are invalid (e.g., they were released), or they have a bad version. */ ccErrInvalidCCacheIterator, /*!< CCache iterator is invalid (e.g., it was released). */ ccErrInvalidCredentialsIterator, /*!< Credentials iterator is invalid (e.g., it was released). */ ccErrInvalidLock, /*!< Lock is invalid (e.g., it was released). */ /* 211 */ - ccErrBadName, /*!< Bad credential cache name format. */ + ccErrBadName, /*!< Bad credential cache name format. */ ccErrBadCredentialsVersion, /*!< Credentials version is invalid. */ ccErrBadAPIVersion, /*!< Unsupported API version. */ ccErrContextLocked, /*!< Context is already locked. */ ccErrContextUnlocked, /*!< Context is not locked by the caller. */ /* 216 */ - ccErrCCacheLocked, /*!< CCache is already locked. */ + ccErrCCacheLocked, /*!< CCache is already locked. */ ccErrCCacheUnlocked, /*!< CCache is not locked by the caller. */ ccErrBadLockType, /*!< Bad lock type. */ ccErrNeverDefault, /*!< CCache was never default. */ ccErrCredentialsNotFound, /*!< Matching credentials not found in the ccache. */ /* 221 */ - ccErrCCacheNotFound, /*!< Matching ccache not found in the collection. */ + ccErrCCacheNotFound, /*!< Matching ccache not found in the collection. */ ccErrContextNotFound, /*!< Matching cache collection not found. */ ccErrServerUnavailable, /*!< CCacheServer is unavailable. */ ccErrServerInsecure, /*!< CCacheServer has detected that it is running as the wrong user. */ ccErrServerCantBecomeUID, /*!< CCacheServer failed to start running as the user. */ - + /* 226 */ - ccErrTimeOffsetNotSet, /*!< KDC time offset not set for this ccache. */ + ccErrTimeOffsetNotSet, /*!< KDC time offset not set for this ccache. */ ccErrBadInternalMessage, /*!< The client and CCacheServer can't communicate (e.g., a version mismatch). */ ccErrNotImplemented, /*!< API function not supported by this implementation. */ ccErrClientNotFound /*!< CCacheServer has no record of the caller's process (e.g., the server crashed). */ }; -/*! - * Credentials versions +/*! + * Credentials versions * - * These constants are used in several places in the API to discern - * between Kerberos v4 and Kerberos v5. Not all values are valid - * inputs and outputs for all functions; function specifications + * These constants are used in several places in the API to discern + * between Kerberos v4 and Kerberos v5. Not all values are valid + * inputs and outputs for all functions; function specifications * below detail the allowed values. * - * Kerberos version constants will always be a bit-field, and can be + * Kerberos version constants will always be a bit-field, and can be * tested as such; for example the following test will tell you if * a ccacheVersion includes v5 credentials: - * + * * if ((ccacheVersion & cc_credentials_v5) != 0) */ enum cc_credential_versions { @@ -322,9 +322,9 @@ enum cc_credential_versions { cc_credentials_v4_v5 = 3 }; -/*! - * Lock types - * +/*! + * Lock types + * * These constants are used in the locking functions to describe the * type of lock requested. Note that all CCAPI locks are advisory * so only callers using the lock calls will be blocked by each other. @@ -338,14 +338,14 @@ enum cc_lock_types { cc_lock_downgrade = 3 }; -/*! - * Locking Modes +/*! + * Locking Modes * - * These constants are used in the advisory locking functions to - * describe whether or not the lock function should block waiting for - * a lock or return an error immediately. For example, attempting to - * acquire a lock with a non-blocking call will result in an error if the - * lock cannot be acquired; otherwise, the call will block until the lock + * These constants are used in the advisory locking functions to + * describe whether or not the lock function should block waiting for + * a lock or return an error immediately. For example, attempting to + * acquire a lock with a non-blocking call will result in an error if the + * lock cannot be acquired; otherwise, the call will block until the lock * can be acquired. */ enum cc_lock_modes { @@ -353,10 +353,10 @@ enum cc_lock_modes { cc_lock_block = 1 }; -/*! +/*! * Sizes of fields in cc_credentials_v4_t. */ -enum { +enum { /* Make sure all of these are multiples of four (for alignment sanity) */ cc_v4_name_size = 40, cc_v4_instance_size = 40, @@ -396,8 +396,8 @@ typedef int64_t cc_int64; /*! Signed 64-bit integer type */ typedef uint64_t cc_uint64; #endif -/*! - * The cc_time_t type is used to represent a time in seconds. The time must +/*! + * The cc_time_t type is used to represent a time in seconds. The time must * be stored as the number of seconds since midnight GMT on January 1, 1970. */ typedef cc_uint32 cc_time_t; @@ -407,10 +407,10 @@ typedef cc_uint32 cc_time_t; /*! * \defgroup cc_context_reference cc_context_t Overview * @{ - * - * The cc_context_t type gives the caller access to a ccache collection. - * Before being able to call any functions in the CCache API, the caller - * needs to acquire an instance of cc_context_t by calling cc_initialize(). + * + * The cc_context_t type gives the caller access to a ccache collection. + * Before being able to call any functions in the CCache API, the caller + * needs to acquire an instance of cc_context_t by calling cc_initialize(). * * For API function documentation see \ref cc_context_f. */ @@ -431,11 +431,11 @@ typedef cc_context_d *cc_context_t; /*! * \defgroup cc_ccache_reference cc_ccache_t Overview * @{ - * - * The cc_ccache_t type represents a reference to a ccache. - * Callers can access a ccache and the credentials stored in it - * via a cc_ccache_t. A cc_ccache_t can be acquired via - * cc_context_open_ccache(), cc_context_open_default_ccache(), or + * + * The cc_ccache_t type represents a reference to a ccache. + * Callers can access a ccache and the credentials stored in it + * via a cc_ccache_t. A cc_ccache_t can be acquired via + * cc_context_open_ccache(), cc_context_open_default_ccache(), or * cc_ccache_iterator_next(). * * For API function documentation see \ref cc_ccache_f. @@ -457,10 +457,10 @@ typedef cc_ccache_d *cc_ccache_t; /*! * \defgroup cc_ccache_iterator_reference cc_ccache_iterator_t Overview * @{ - * - * The cc_ccache_iterator_t type represents an iterator that - * iterates over a set of ccaches and returns them in all in some - * order. A new instance of this type can be obtained by calling + * + * The cc_ccache_iterator_t type represents an iterator that + * iterates over a set of ccaches and returns them in all in some + * order. A new instance of this type can be obtained by calling * cc_context_new_ccache_iterator(). * * For API function documentation see \ref cc_ccache_iterator_f. @@ -481,30 +481,30 @@ typedef cc_ccache_iterator_d *cc_ccache_iterator_t; /*! * \defgroup cc_credentials_reference cc_credentials_t Overview * @{ - * - * The cc_credentials_t type is used to store a single set of - * credentials for either Kerberos v4 or Kerberos v5. In addition - * to its only function, release(), it contains a pointer to a - * cc_credentials_union structure. A cc_credentials_union - * structure contains an integer of the enumerator type - * cc_credentials_version, which is either #cc_credentials_v4 or - * #cc_credentials_v5, and a pointer union, which contains either a - * cc_credentials_v4_t pointer or a cc_credentials_v5_t pointer, - * depending on the value in version. - * + * + * The cc_credentials_t type is used to store a single set of + * credentials for either Kerberos v4 or Kerberos v5. In addition + * to its only function, release(), it contains a pointer to a + * cc_credentials_union structure. A cc_credentials_union + * structure contains an integer of the enumerator type + * cc_credentials_version, which is either #cc_credentials_v4 or + * #cc_credentials_v5, and a pointer union, which contains either a + * cc_credentials_v4_t pointer or a cc_credentials_v5_t pointer, + * depending on the value in version. + * * Variables of the type cc_credentials_t are allocated by the CCAPI - * implementation, and should be released with their release() - * function. API functions which receive credentials structures - * from the caller always accept cc_credentials_union, which is + * implementation, and should be released with their release() + * function. API functions which receive credentials structures + * from the caller always accept cc_credentials_union, which is * allocated by the caller, and accordingly disposed by the caller. * * For API functions see \ref cc_credentials_f. */ /*! - * If a cc_credentials_t variable is used to store Kerberos v4 - * credentials, then credentials.credentials_v4 points to a v4 - * credentials structure. This structure is similar to a + * If a cc_credentials_t variable is used to store Kerberos v4 + * credentials, then credentials.credentials_v4 points to a v4 + * credentials structure. This structure is similar to a * krb4 API CREDENTIALS structure. */ struct cc_credentials_v4_t { @@ -535,20 +535,20 @@ struct cc_credentials_v4_t { cc_int32 ticket_size; /*! Ticket data */ unsigned char ticket [cc_v4_ticket_size]; -}; +}; typedef struct cc_credentials_v4_t cc_credentials_v4_t; /*! * The CCAPI data structure. This structure is similar to a krb5_data structure. - * In a v5 credentials structure, cc_data structures are used - * to store tagged variable-length binary data. Specifically, - * for cc_credentials_v5.ticket and - * cc_credentials_v5.second_ticket, the cc_data.type field must - * be zero. For the cc_credentials_v5.addresses, - * cc_credentials_v5.authdata, and cc_credentials_v5.keyblock, - * the cc_data.type field should be the address type, - * authorization data type, and encryption type, as defined by - * the Kerberos v5 protocol definition. + * In a v5 credentials structure, cc_data structures are used + * to store tagged variable-length binary data. Specifically, + * for cc_credentials_v5.ticket and + * cc_credentials_v5.second_ticket, the cc_data.type field must + * be zero. For the cc_credentials_v5.addresses, + * cc_credentials_v5.authdata, and cc_credentials_v5.keyblock, + * the cc_data.type field should be the address type, + * authorization data type, and encryption type, as defined by + * the Kerberos v5 protocol definition. */ struct cc_data { /*! The type of the data as defined by the krb5_data structure. */ @@ -557,13 +557,13 @@ struct cc_data { cc_uint32 length; /*! The data buffer. */ void* data; -}; +}; typedef struct cc_data cc_data; /*! * If a cc_credentials_t variable is used to store Kerberos v5 c - * redentials, and then credentials.credentials_v5 points to a - * v5 credentials structure. This structure is similar to a + * redentials, and then credentials.credentials_v5 points to a + * v5 credentials structure. This structure is similar to a * krb5_creds structure. */ struct cc_credentials_v5_t { @@ -585,7 +585,7 @@ struct cc_credentials_v5_t { cc_uint32 is_skey; /*! Ticket flags, as defined by the Kerberos 5 API. */ cc_uint32 ticket_flags; - /*! The the list of network addresses of hosts that are allowed to authenticate + /*! The the list of network addresses of hosts that are allowed to authenticate * using this ticket. */ cc_data** addresses; /*! Ticket data. */ @@ -594,7 +594,7 @@ struct cc_credentials_v5_t { cc_data second_ticket; /*! Authorization data. */ cc_data** authdata; -}; +}; typedef struct cc_credentials_v5_t cc_credentials_v5_t; struct cc_credentials_union { @@ -628,8 +628,8 @@ typedef cc_credentials_d *cc_credentials_t; * \defgroup cc_credentials_iterator_reference cc_credentials_iterator_t * @{ * The cc_credentials_iterator_t type represents an iterator that - * iterates over a set of credentials. A new instance of this type - * can be obtained by calling cc_ccache_new_credentials_iterator(). + * iterates over a set of credentials. A new instance of this type + * can be obtained by calling cc_ccache_new_credentials_iterator(). * * For API function documentation see \ref cc_credentials_iterator_f. */ @@ -649,11 +649,11 @@ typedef cc_credentials_iterator_d *cc_credentials_iterator_t; /*! * \defgroup cc_string_reference cc_string_t Overview * @{ - * The cc_string_t represents a C string returned by the API. - * It has a pointer to the string data and a release() function. - * This type is used for both principal names and ccache names - * returned by the API. Principal names may contain UTF-8 encoded - * strings for internationalization purposes. + * The cc_string_t represents a C string returned by the API. + * It has a pointer to the string data and a release() function. + * This type is used for both principal names and ccache names + * returned by the API. Principal names may contain UTF-8 encoded + * strings for internationalization purposes. * * For API function documentation see \ref cc_string_f. */ @@ -672,7 +672,7 @@ typedef cc_string_d *cc_string_t; /*!@}*/ /*! - * Function pointer table for cc_context_t. For more information see + * Function pointer table for cc_context_t. For more information see * \ref cc_context_reference. */ struct cc_context_f { @@ -682,19 +682,19 @@ struct cc_context_f { * \brief \b cc_context_release(): Release memory associated with a cc_context_t. */ cc_int32 (*release) (cc_context_t io_context); - + /*! * \param in_context the context object for the cache collection to examine. * \param out_time on exit, the time of the most recent change for the entire ccache collection. * \return On success, #ccNoError. On failure, an error code representing the failure. * \brief \b cc_context_get_change_time(): Get the last time the cache collection changed. - * - * This function returns the time of the most recent change for the entire ccache collection. - * By maintaining a local copy the caller can deduce whether or not the ccache collection has + * + * This function returns the time of the most recent change for the entire ccache collection. + * By maintaining a local copy the caller can deduce whether or not the ccache collection has * been modified since the previous call to cc_context_get_change_time(). - * + * * The time returned by cc_context_get_changed_time() increases whenever: - * + * * \li a ccache is created * \li a ccache is destroyed * \li a credential is stored @@ -702,76 +702,76 @@ struct cc_context_f { * \li a ccache principal is changed * \li the default ccache is changed * - * \note In order to be able to compare two values returned by cc_context_get_change_time(), - * the caller must use the same context to acquire them. Callers should maintain a single - * context in memory for cc_context_get_change_time() calls rather than creating a new + * \note In order to be able to compare two values returned by cc_context_get_change_time(), + * the caller must use the same context to acquire them. Callers should maintain a single + * context in memory for cc_context_get_change_time() calls rather than creating a new * context for every call. - * + * * \sa wait_for_change */ cc_int32 (*get_change_time) (cc_context_t in_context, cc_time_t *out_time); - + /*! * \param in_context the context object for the cache collection. * \param out_name on exit, the name of the default ccache. * \return On success, #ccNoError. On failure, an error code representing the failure. * \brief \b cc_context_get_default_ccache_name(): Get the name of the default ccache. - * - * This function returns the name of the default ccache. When the default ccache - * exists, its name is returned. If there are no ccaches in the collection, and - * thus there is no default ccache, the name that the default ccache should have - * is returned. The ccache with that name will be used as the default ccache by + * + * This function returns the name of the default ccache. When the default ccache + * exists, its name is returned. If there are no ccaches in the collection, and + * thus there is no default ccache, the name that the default ccache should have + * is returned. The ccache with that name will be used as the default ccache by * all processes which initialized Kerberos libraries before the ccache was created. - * - * If there is no default ccache, and the client is creating a new ccache, it + * + * If there is no default ccache, and the client is creating a new ccache, it * should be created with the default name. If there already is a default ccache, - * and the client wants to create a new ccache (as opposed to reusing an existing - * ccache), it should be created with any unique name; #create_new_ccache() + * and the client wants to create a new ccache (as opposed to reusing an existing + * ccache), it should be created with any unique name; #create_new_ccache() * can be used to accomplish that more easily. - * - * If the first ccache is created with a name other than the default name, then - * the processes already running will not notice the credentials stored in the + * + * If the first ccache is created with a name other than the default name, then + * the processes already running will not notice the credentials stored in the * new ccache, which is normally undesirable. */ cc_int32 (*get_default_ccache_name) (cc_context_t in_context, cc_string_t *out_name); - + /*! * \param in_context the context object for the cache collection. * \param in_name the name of the ccache to open. * \param out_ccache on exit, a ccache object for the ccache - * \return On success, #ccNoError. If no ccache named \a in_name exists, + * \return On success, #ccNoError. If no ccache named \a in_name exists, * #ccErrCCacheNotFound. On failure, an error code representing the failure. * \brief \b cc_context_open_ccache(): Open a ccache. - * - * Opens an already existing ccache identified by its name. It returns a reference + * + * Opens an already existing ccache identified by its name. It returns a reference * to the ccache in \a out_ccache. * - * The list of all ccache names, principals, and credentials versions may be retrieved - * by calling cc_context_new_cache_iterator(), cc_ccache_get_name(), + * The list of all ccache names, principals, and credentials versions may be retrieved + * by calling cc_context_new_cache_iterator(), cc_ccache_get_name(), * cc_ccache_get_principal(), and cc_ccache_get_cred_version(). */ cc_int32 (*open_ccache) (cc_context_t in_context, const char *in_name, cc_ccache_t *out_ccache); - + /*! * \param in_context the context object for the cache collection. * \param out_ccache on exit, a ccache object for the default ccache - * \return On success, #ccNoError. If no default ccache exists, + * \return On success, #ccNoError. If no default ccache exists, * #ccErrCCacheNotFound. On failure, an error code representing the failure. * \brief \b cc_context_open_default_ccache(): Open the default ccache. - * + * * Opens the default ccache. It returns a reference to the ccache in *ccache. - * - * This function performs the same function as calling + * + * This function performs the same function as calling * cc_context_get_default_ccache_name followed by cc_context_open_ccache, * but it performs it atomically. */ cc_int32 (*open_default_ccache) (cc_context_t in_context, cc_ccache_t *out_ccache); - + /*! * \param in_context the context object for the cache collection. * \param in_name the name of the new ccache to create @@ -780,51 +780,51 @@ struct cc_context_f { * \param out_ccache on exit, a ccache object for the newly created ccache * \return On success, #ccNoError. On failure, an error code representing the failure. * \brief \b cc_context_create_ccache(): Create a new ccache. - * - * Create a new credentials cache. The ccache is uniquely identified by its name. - * The principal given is also associated with the ccache and the credentials - * version specified. A NULL name is not allowed (and ccErrBadName is returned - * if one is passed in). Only cc_credentials_v4 and cc_credentials_v5 are valid - * input values for cred_vers. If you want to create a new ccache that will hold - * both versions of credentials, call cc_context_create_ccache() with one version, + * + * Create a new credentials cache. The ccache is uniquely identified by its name. + * The principal given is also associated with the ccache and the credentials + * version specified. A NULL name is not allowed (and ccErrBadName is returned + * if one is passed in). Only cc_credentials_v4 and cc_credentials_v5 are valid + * input values for cred_vers. If you want to create a new ccache that will hold + * both versions of credentials, call cc_context_create_ccache() with one version, * and then cc_ccache_set_principal() with the other version. - * - * If you want to create a new ccache (with a unique name), you should use - * cc_context_create_new_ccache() instead. If you want to create or reinitialize + * + * If you want to create a new ccache (with a unique name), you should use + * cc_context_create_new_ccache() instead. If you want to create or reinitialize * the default cache, you should use cc_context_create_default_ccache(). - * + * * If name is non-NULL and there is already a ccache named name: - * + * * \li the credentials in the ccache whose version is cred_vers are removed * \li the principal (of the existing ccache) associated with cred_vers is set to principal * \li a handle for the existing ccache is returned and all existing handles for the ccache remain valid * * If no ccache named name already exists: - * + * * \li a new empty ccache is created * \li the principal of the new ccache associated with cred_vers is set to principal * \li a handle for the new ccache is returned * - * For a new ccache, the name should be any unique string. The name is not + * For a new ccache, the name should be any unique string. The name is not * intended to be presented to users. - * - * If the created ccache is the first ccache in the collection, it is made - * the default ccache. Note that normally it is undesirable to create the first - * ccache with a name different from the default ccache name (as returned by - * cc_context_get_default_ccache_name()); see the description of + * + * If the created ccache is the first ccache in the collection, it is made + * the default ccache. Note that normally it is undesirable to create the first + * ccache with a name different from the default ccache name (as returned by + * cc_context_get_default_ccache_name()); see the description of * cc_context_get_default_ccache_name() for details. - * - * The principal should be a C string containing an unparsed Kerberos principal - * in the format of the appropriate Kerberos version, i.e. \verbatim foo.bar/@BAZ - * \endverbatim for Kerberos v4 and \verbatim foo/bar/@BAZ \endverbatim - * for Kerberos v5. + * + * The principal should be a C string containing an unparsed Kerberos principal + * in the format of the appropriate Kerberos version, i.e. \verbatim foo.bar/@BAZ + * \endverbatim for Kerberos v4 and \verbatim foo/bar/@BAZ \endverbatim + * for Kerberos v5. */ cc_int32 (*create_ccache) (cc_context_t in_context, const char *in_name, cc_uint32 in_cred_vers, - const char *in_principal, + const char *in_principal, cc_ccache_t *out_ccache); - + /*! * \param in_context the context object for the cache collection. * \param in_cred_vers the version of the credentials the new default ccache will hold @@ -833,19 +833,19 @@ struct cc_context_f { * \return On success, #ccNoError. On failure, an error code representing the failure. * \brief \b cc_context_create_default_ccache(): Create a new default ccache. * - * Create the default credentials cache. The behavior of this function is - * similar to that of cc_create_ccache(). If there is a default ccache - * (which is always the case except when there are no ccaches at all in - * the collection), it is initialized with the specified credentials version - * and principal, as per cc_create_ccache(); otherwise, a new ccache is - * created, and its name is the name returned by + * Create the default credentials cache. The behavior of this function is + * similar to that of cc_create_ccache(). If there is a default ccache + * (which is always the case except when there are no ccaches at all in + * the collection), it is initialized with the specified credentials version + * and principal, as per cc_create_ccache(); otherwise, a new ccache is + * created, and its name is the name returned by * cc_context_get_default_ccache_name(). */ cc_int32 (*create_default_ccache) (cc_context_t in_context, cc_uint32 in_cred_vers, - const char *in_principal, + const char *in_principal, cc_ccache_t *out_ccache); - + /*! * \param in_context the context object for the cache collection. * \param in_cred_vers the version of the credentials the new ccache will hold @@ -854,36 +854,36 @@ struct cc_context_f { * \return On success, #ccNoError. On failure, an error code representing the failure. * \brief \b cc_context_create_new_ccache(): Create a new uniquely named ccache. * - * Create a new unique credentials cache. The behavior of this function - * is similar to that of cc_create_ccache(). If there are no ccaches, and - * therefore no default ccache, the new ccache is created with the default - * ccache name as would be returned by get_default_ccache_name(). If there - * are some ccaches, and therefore there is a default ccache, the new ccache - * is created with a new unique name. Clearly, this function never reinitializes + * Create a new unique credentials cache. The behavior of this function + * is similar to that of cc_create_ccache(). If there are no ccaches, and + * therefore no default ccache, the new ccache is created with the default + * ccache name as would be returned by get_default_ccache_name(). If there + * are some ccaches, and therefore there is a default ccache, the new ccache + * is created with a new unique name. Clearly, this function never reinitializes * a ccache, since it always uses a unique name. */ cc_int32 (*create_new_ccache) (cc_context_t in_context, cc_uint32 in_cred_vers, - const char *in_principal, + const char *in_principal, cc_ccache_t *out_ccache); - + /*! * \param in_context the context object for the cache collection. * \param out_iterator on exit, a ccache iterator object for the ccache collection. * \return On success, #ccNoError. On failure, an error code representing the failure. * \brief \b cc_context_new_ccache_iterator(): Get an iterator for the cache collection. * - * Used to allocate memory and initialize iterator. Successive calls to iterator's + * Used to allocate memory and initialize iterator. Successive calls to iterator's * next() function will return ccaches in the collection. * - * If changes are made to the collection while an iterator is being used - * on it, the iterator must return at least the intersection, and at most - * the union, of the set of ccaches that were present when the iteration + * If changes are made to the collection while an iterator is being used + * on it, the iterator must return at least the intersection, and at most + * the union, of the set of ccaches that were present when the iteration * began and the set of ccaches that are present when it ends. */ cc_int32 (*new_ccache_iterator) (cc_context_t in_context, cc_ccache_iterator_t *out_iterator); - + /*! * \param in_context the context object for the cache collection. * \param in_lock_type the type of lock to obtain. @@ -891,49 +891,49 @@ struct cc_context_f { * \return On success, #ccNoError. On failure, an error code representing the failure. * \brief \b cc_context_lock(): Lock the cache collection. * - * Attempts to acquire an advisory lock for the ccache collection. Allowed values + * Attempts to acquire an advisory lock for the ccache collection. Allowed values * for lock_type are: - * + * * \li cc_lock_read: a read lock. * \li cc_lock_write: a write lock * \li cc_lock_upgrade: upgrade an already-obtained read lock to a write lock * \li cc_lock_downgrade: downgrade an already-obtained write lock to a read lock - * - * If block is cc_lock_block, lock() will not return until the lock is acquired. - * If block is cc_lock_noblock, lock() will return immediately, either acquiring - * the lock and returning ccNoError, or failing to acquire the lock and returning + * + * If block is cc_lock_block, lock() will not return until the lock is acquired. + * If block is cc_lock_noblock, lock() will return immediately, either acquiring + * the lock and returning ccNoError, or failing to acquire the lock and returning * an error explaining why. * * Locks apply only to the list of ccaches, not the contents of those ccaches. To * prevent callers participating in the advisory locking from changing the credentials * in a cache you must also lock that ccache with cc_ccache_lock(). This is so - * that you can get the list of ccaches without preventing applications from + * that you can get the list of ccaches without preventing applications from * simultaneously obtaining service tickets. - * - * To avoid having to deal with differences between thread semantics on different - * platforms, locks are granted per context, rather than per thread or per process. - * That means that different threads of execution have to acquire separate contexts + * + * To avoid having to deal with differences between thread semantics on different + * platforms, locks are granted per context, rather than per thread or per process. + * That means that different threads of execution have to acquire separate contexts * in order to be able to synchronize with each other. * * The lock should be unlocked by using cc_context_unlock(). - * - * \note All locks are advisory. For example, callers which do not call - * cc_context_lock() and cc_context_unlock() will not be prevented from writing + * + * \note All locks are advisory. For example, callers which do not call + * cc_context_lock() and cc_context_unlock() will not be prevented from writing * to the cache collection when you have a read lock. This is because the CCAPI - * locking was added after the first release and thus adding mandatory locks would + * locking was added after the first release and thus adding mandatory locks would * have changed the user experience and performance of existing applications. */ cc_int32 (*lock) (cc_context_t in_context, cc_uint32 in_lock_type, cc_uint32 in_block); - + /*! * \param in_context the context object for the cache collection. * \return On success, #ccNoError. On failure, an error code representing the failure. * \brief \b cc_context_unlock(): Unlock the cache collection. */ cc_int32 (*unlock) (cc_context_t in_cc_context); - + /*! * \param in_context a context object. * \param in_compare_to_context a context object to compare with \a in_context. @@ -944,20 +944,20 @@ struct cc_context_f { cc_int32 (*compare) (cc_context_t in_cc_context, cc_context_t in_compare_to_context, cc_uint32 *out_equal); - + /*! * \param in_context a context object. * \return On success, #ccNoError. On failure, an error code representing the failure. * \brief \b cc_context_wait_for_change(): Wait for the next change in the cache collection. * - * This function blocks until the next change is made to the cache collection - * ccache collection. By repeatedly calling cc_context_wait_for_change() from - * a worker thread the caller can effectively receive callbacks whenever the + * This function blocks until the next change is made to the cache collection + * ccache collection. By repeatedly calling cc_context_wait_for_change() from + * a worker thread the caller can effectively receive callbacks whenever the * cache collection changes. This is considerably more efficient than polling * with cc_context_get_change_time(). - * + * * cc_context_wait_for_change() will return whenever: - * + * * \li a ccache is created * \li a ccache is destroyed * \li a credential is stored @@ -965,19 +965,19 @@ struct cc_context_f { * \li a ccache principal is changed * \li the default ccache is changed * - * \note In order to make sure that the caller doesn't miss any changes, + * \note In order to make sure that the caller doesn't miss any changes, * cc_context_wait_for_change() always returns immediately after the first time it * is called on a new context object. Callers must use the same context object - * for successive calls to cc_context_wait_for_change() rather than creating a new + * for successive calls to cc_context_wait_for_change() rather than creating a new * context for every call. - * + * * \sa get_change_time */ cc_int32 (*wait_for_change) (cc_context_t in_cc_context); }; /*! - * Function pointer table for cc_ccache_t. For more information see + * Function pointer table for cc_ccache_t. For more information see * \ref cc_ccache_reference. */ struct cc_ccache_f { @@ -988,54 +988,54 @@ struct cc_ccache_f { * \note Does not modify the ccache. If you wish to remove the ccache see cc_ccache_destroy(). */ cc_int32 (*release) (cc_ccache_t io_ccache); - + /*! * \param io_ccache the ccache object to destroy and release. * \return On success, #ccNoError. On failure, an error code representing the failure. * \brief \b cc_ccache_destroy(): Destroy a ccache. - * + * * Destroy the ccache referred to by \a io_ccache and releases memory associated with - * the \a io_ccache object. After this call \a io_ccache becomes invalid. If + * the \a io_ccache object. After this call \a io_ccache becomes invalid. If * \a io_ccache was the default ccache, the next ccache in the cache collection (if any) * becomes the new default. */ cc_int32 (*destroy) (cc_ccache_t io_ccache); - + /*! * \param io_ccache a ccache object to make the new default ccache. * \return On success, #ccNoError. On failure, an error code representing the failure. * \brief \b cc_ccache_set_default(): Make a ccache the default ccache. */ cc_int32 (*set_default) (cc_ccache_t io_ccache); - + /*! * \param in_ccache a ccache object. * \param out_credentials_version on exit, the credentials version of \a in_ccache. * \return On success, #ccNoError. On failure, an error code representing the failure. * \brief \b cc_ccache_get_credentials_version(): Get the credentials version of a ccache. * - * cc_ccache_get_credentials_version() returns one value of the enumerated type - * cc_credentials_vers. The possible return values are #cc_credentials_v4 - * (if ccache's v4 principal has been set), #cc_credentials_v5 - * (if ccache's v5 principal has been set), or #cc_credentials_v4_v5 - * (if both ccache's v4 and v5 principals have been set). A ccache's - * principal is set with one of cc_context_create_ccache(), - * cc_context_create_new_ccache(), cc_context_create_default_ccache(), or + * cc_ccache_get_credentials_version() returns one value of the enumerated type + * cc_credentials_vers. The possible return values are #cc_credentials_v4 + * (if ccache's v4 principal has been set), #cc_credentials_v5 + * (if ccache's v5 principal has been set), or #cc_credentials_v4_v5 + * (if both ccache's v4 and v5 principals have been set). A ccache's + * principal is set with one of cc_context_create_ccache(), + * cc_context_create_new_ccache(), cc_context_create_default_ccache(), or * cc_ccache_set_principal(). */ cc_int32 (*get_credentials_version) (cc_ccache_t in_ccache, cc_uint32 *out_credentials_version); - + /*! * \param in_ccache a ccache object. - * \param out_name on exit, a cc_string_t representing the name of \a in_ccache. + * \param out_name on exit, a cc_string_t representing the name of \a in_ccache. * \a out_name must be released with cc_string_release(). * \return On success, #ccNoError. On failure, an error code representing the failure. * \brief \b cc_ccache_get_name(): Get the name of a ccache. */ cc_int32 (*get_name) (cc_ccache_t in_ccache, cc_string_t *out_name); - + /*! * \param in_ccache a ccache object. * \param in_credentials_version the credentials version to get the principal for. @@ -1043,118 +1043,118 @@ struct cc_ccache_f { * \a out_principal must be released with cc_string_release(). * \return On success, #ccNoError. On failure, an error code representing the failure. * \brief \b cc_ccache_get_principal(): Get the principal of a ccache. - * - * Return the principal for the ccache that was set via cc_context_create_ccache(), - * cc_context_create_default_ccache(), cc_context_create_new_ccache(), or - * cc_ccache_set_principal(). Principals for v4 and v5 are separate, but - * should be kept synchronized for each ccache; they can be retrieved by - * passing cc_credentials_v4 or cc_credentials_v5 in cred_vers. Passing + * + * Return the principal for the ccache that was set via cc_context_create_ccache(), + * cc_context_create_default_ccache(), cc_context_create_new_ccache(), or + * cc_ccache_set_principal(). Principals for v4 and v5 are separate, but + * should be kept synchronized for each ccache; they can be retrieved by + * passing cc_credentials_v4 or cc_credentials_v5 in cred_vers. Passing * cc_credentials_v4_v5 will result in the error ccErrBadCredentialsVersion. */ cc_int32 (*get_principal) (cc_ccache_t in_ccache, cc_uint32 in_credentials_version, cc_string_t *out_principal); - - + + /*! * \param in_ccache a ccache object. * \param in_credentials_version the credentials version to set the principal for. * \param in_principal a C string representing the new principal of \a in_ccache. * \return On success, #ccNoError. On failure, an error code representing the failure. * \brief \b cc_ccache_set_principal(): Set the principal of a ccache. - * - * Set the a principal for ccache. The v4 and v5 principals can be set - * independently, but they should always be kept equal, up to differences in - * string representation between v4 and v5. Passing cc_credentials_v4_v5 in + * + * Set the a principal for ccache. The v4 and v5 principals can be set + * independently, but they should always be kept equal, up to differences in + * string representation between v4 and v5. Passing cc_credentials_v4_v5 in * cred_vers will result in the error ccErrBadCredentialsVersion. */ cc_int32 (*set_principal) (cc_ccache_t io_ccache, cc_uint32 in_credentials_version, const char *in_principal); - + /*! * \param io_ccache a ccache object. * \param in_credentials_union the credentials to store in \a io_ccache. * \return On success, #ccNoError. On failure, an error code representing the failure. * \brief \b cc_ccache_store_credentials(): Store credentials in a ccache. - * + * * Store a copy of credentials in the ccache. - * - * See the description of the credentials types for the meaning of + * + * See the description of the credentials types for the meaning of * cc_credentials_union fields. - * - * Before credentials of a specific credential type can be stored in a ccache, - * the corresponding principal version has to be set. For example, before you can - * store Kerberos v4 credentials in a ccache, the Kerberos v4 principal has to be set - * either by cc_context_create_ccache(), cc_context_create_default_ccache(), - * cc_context_create_new_ccache(), or cc_ccache_set_principal(); likewise for + * + * Before credentials of a specific credential type can be stored in a ccache, + * the corresponding principal version has to be set. For example, before you can + * store Kerberos v4 credentials in a ccache, the Kerberos v4 principal has to be set + * either by cc_context_create_ccache(), cc_context_create_default_ccache(), + * cc_context_create_new_ccache(), or cc_ccache_set_principal(); likewise for * Kerberos v5. Otherwise, ccErrBadCredentialsVersion is returned. */ cc_int32 (*store_credentials) (cc_ccache_t io_ccache, const cc_credentials_union *in_credentials_union); - + /*! * \param io_ccache a ccache object. * \param in_credentials the credentials to remove from \a io_ccache. * \return On success, #ccNoError. On failure, an error code representing the failure. * \brief \b cc_ccache_remove_credentials(): Remove credentials from a ccache. - * - * Removes credentials from a ccache. Note that credentials must be previously - * acquired from the CCache API; only exactly matching credentials will be - * removed. (This places the burden of determining exactly which credentials - * to remove on the caller, but ensures there is no ambigity about which - * credentials will be removed.) cc_credentials_t objects can be obtained by + * + * Removes credentials from a ccache. Note that credentials must be previously + * acquired from the CCache API; only exactly matching credentials will be + * removed. (This places the burden of determining exactly which credentials + * to remove on the caller, but ensures there is no ambigity about which + * credentials will be removed.) cc_credentials_t objects can be obtained by * iterating over the ccache's credentials with cc_ccache_new_credentials_iterator(). - * - * If found, the credentials are removed from the ccache. The credentials - * parameter is not modified and should be freed by the caller. It is - * legitimate to call this function while an iterator is traversing the - * ccache, and the deletion of a credential already returned by - * cc_credentials_iterator_next() will not disturb sequence of credentials + * + * If found, the credentials are removed from the ccache. The credentials + * parameter is not modified and should be freed by the caller. It is + * legitimate to call this function while an iterator is traversing the + * ccache, and the deletion of a credential already returned by + * cc_credentials_iterator_next() will not disturb sequence of credentials * returned by cc_credentials_iterator_next(). */ cc_int32 (*remove_credentials) (cc_ccache_t io_ccache, cc_credentials_t in_credentials); - + /*! * \param in_ccache a ccache object. * \param out_credentials_iterator a credentials iterator for \a io_ccache. * \return On success, #ccNoError. On failure, an error code representing the failure. * \brief \b cc_ccache_new_credentials_iterator(): Iterate over credentials in a ccache. - * - * Allocates memory for iterator and initializes it. Successive calls to + * + * Allocates memory for iterator and initializes it. Successive calls to * cc_credentials_iterator_next() will return credentials from the ccache. - * - * If changes are made to the ccache while an iterator is being used on it, - * the iterator must return at least the intersection, and at most the union, - * of the set of credentials that were in the ccache when the iteration began + * + * If changes are made to the ccache while an iterator is being used on it, + * the iterator must return at least the intersection, and at most the union, + * of the set of credentials that were in the ccache when the iteration began * and the set of credentials that are in the ccache when it ends. */ cc_int32 (*new_credentials_iterator) (cc_ccache_t in_ccache, cc_credentials_iterator_t *out_credentials_iterator); - + /*! * \param io_source_ccache a ccache object to move. * \param io_destination_ccache a ccache object replace with the contents of \a io_source_ccache. * \return On success, #ccNoError. On failure, an error code representing the failure. * \brief \b cc_ccache_move(): Move the contents of one ccache into another, destroying the source. - * - * cc_ccache_move() atomically copies the credentials, credential versions and principals - * from one ccache to another. On successful completion \a io_source_ccache will be + * + * cc_ccache_move() atomically copies the credentials, credential versions and principals + * from one ccache to another. On successful completion \a io_source_ccache will be * released and the ccache it points to will be destroyed. Any credentials previously * in \a io_destination_ccache will be replaced with credentials from \a io_source_ccache. * The only part of \a io_destination_ccache which remains constant is the name. Any other * callers referring to \a io_destination_ccache will suddenly see new data in it. * - * Typically cc_ccache_move() is used when the caller wishes to safely overwrite the - * contents of a ccache with new data which requires several steps to generate. - * cc_ccache_move() allows the caller to create a temporary ccache + * Typically cc_ccache_move() is used when the caller wishes to safely overwrite the + * contents of a ccache with new data which requires several steps to generate. + * cc_ccache_move() allows the caller to create a temporary ccache * (which can be destroyed if any intermediate step fails) and the atomically copy * the temporary cache into the destination. */ cc_int32 (*move) (cc_ccache_t io_source_ccache, cc_ccache_t io_destination_ccache); - + /*! * \param io_ccache the ccache object for the ccache you wish to lock. * \param in_lock_type the type of lock to obtain. @@ -1163,84 +1163,84 @@ struct cc_ccache_f { * \brief \b cc_ccache_lock(): Lock a ccache. * * Attempts to acquire an advisory lock for a ccache. Allowed values for lock_type are: - * + * * \li cc_lock_read: a read lock. * \li cc_lock_write: a write lock * \li cc_lock_upgrade: upgrade an already-obtained read lock to a write lock * \li cc_lock_downgrade: downgrade an already-obtained write lock to a read lock - * - * If block is cc_lock_block, lock() will not return until the lock is acquired. - * If block is cc_lock_noblock, lock() will return immediately, either acquiring - * the lock and returning ccNoError, or failing to acquire the lock and returning + * + * If block is cc_lock_block, lock() will not return until the lock is acquired. + * If block is cc_lock_noblock, lock() will return immediately, either acquiring + * the lock and returning ccNoError, or failing to acquire the lock and returning * an error explaining why. * - * To avoid having to deal with differences between thread semantics on different - * platforms, locks are granted per ccache, rather than per thread or per process. - * That means that different threads of execution have to acquire separate contexts + * To avoid having to deal with differences between thread semantics on different + * platforms, locks are granted per ccache, rather than per thread or per process. + * That means that different threads of execution have to acquire separate contexts * in order to be able to synchronize with each other. * * The lock should be unlocked by using cc_ccache_unlock(). - * - * \note All locks are advisory. For example, callers which do not call - * cc_ccache_lock() and cc_ccache_unlock() will not be prevented from writing + * + * \note All locks are advisory. For example, callers which do not call + * cc_ccache_lock() and cc_ccache_unlock() will not be prevented from writing * to the ccache when you have a read lock. This is because the CCAPI - * locking was added after the first release and thus adding mandatory locks would + * locking was added after the first release and thus adding mandatory locks would * have changed the user experience and performance of existing applications. */ cc_int32 (*lock) (cc_ccache_t io_ccache, cc_uint32 in_lock_type, cc_uint32 in_block); - + /*! * \param io_ccache a ccache object. * \return On success, #ccNoError. On failure, an error code representing the failure. * \brief \b cc_ccache_unlock(): Unlock a ccache. */ cc_int32 (*unlock) (cc_ccache_t io_ccache); - + /*! * \param in_ccache a cache object. * \param out_last_default_time on exit, the last time the ccache was default. * \return On success, #ccNoError. On failure, an error code representing the failure. * \brief \b cc_ccache_get_change_time(): Get the last time a ccache was the default ccache. - * - * This function returns the last time when the ccache was made the default ccache. - * This allows clients to sort the ccaches by how recently they were default, which - * is useful for user listing of ccaches. If the ccache was never default, + * + * This function returns the last time when the ccache was made the default ccache. + * This allows clients to sort the ccaches by how recently they were default, which + * is useful for user listing of ccaches. If the ccache was never default, * ccErrNeverDefault is returned. */ cc_int32 (*get_last_default_time) (cc_ccache_t in_ccache, cc_time_t *out_last_default_time); - + /*! * \param in_ccache a cache object. * \param out_change_time on exit, the last time the ccache changed. * \return On success, #ccNoError. If the ccache was never the default ccache, * #ccErrNeverDefault. Otherwise, an error code representing the failure. * \brief \b cc_ccache_get_change_time(): Get the last time a ccache changed. - * - * This function returns the time of the most recent change made to a ccache. - * By maintaining a local copy the caller can deduce whether or not the ccache has + * + * This function returns the time of the most recent change made to a ccache. + * By maintaining a local copy the caller can deduce whether or not the ccache has * been modified since the previous call to cc_ccache_get_change_time(). - * + * * The time returned by cc_ccache_get_change_time() increases whenever: - * + * * \li a credential is stored * \li a credential is removed * \li a ccache principal is changed * \li the ccache becomes the default ccache * \li the ccache is no longer the default ccache * - * \note In order to be able to compare two values returned by cc_ccache_get_change_time(), - * the caller must use the same ccache object to acquire them. Callers should maintain a - * single ccache object in memory for cc_ccache_get_change_time() calls rather than + * \note In order to be able to compare two values returned by cc_ccache_get_change_time(), + * the caller must use the same ccache object to acquire them. Callers should maintain a + * single ccache object in memory for cc_ccache_get_change_time() calls rather than * creating a new ccache object for every call. - * + * * \sa wait_for_change */ cc_int32 (*get_change_time) (cc_ccache_t in_ccache, cc_time_t *out_change_time); - + /*! * \param in_ccache a ccache object. * \param in_compare_to_ccache a ccache object to compare with \a in_ccache. @@ -1251,26 +1251,26 @@ struct cc_ccache_f { cc_int32 (*compare) (cc_ccache_t in_ccache, cc_ccache_t in_compare_to_ccache, cc_uint32 *out_equal); - + /*! * \param in_ccache a ccache object. * \param in_credentials_version the credentials version to get the time offset for. * \param out_time_offset on exit, the KDC time offset for \a in_ccache for credentials version * \a in_credentials_version. - * \return On success, #ccNoError if a time offset was obtained or #ccErrTimeOffsetNotSet + * \return On success, #ccNoError if a time offset was obtained or #ccErrTimeOffsetNotSet * if a time offset has not been set. On failure, an error code representing the failure. * \brief \b cc_ccache_get_kdc_time_offset(): Get the KDC time offset for credentials in a ccache. * \sa set_kdc_time_offset, clear_kdc_time_offset - * + * * Sometimes the KDC and client's clocks get out of sync. cc_ccache_get_kdc_time_offset() - * returns the difference between the KDC and client's clocks at the time credentials were - * acquired. This offset allows callers to figure out how much time is left on a given + * returns the difference between the KDC and client's clocks at the time credentials were + * acquired. This offset allows callers to figure out how much time is left on a given * credential even though the end_time is based on the KDC's clock not the client's clock. */ cc_int32 (*get_kdc_time_offset) (cc_ccache_t in_ccache, cc_uint32 in_credentials_version, cc_time_t *out_time_offset); - + /*! * \param in_ccache a ccache object. * \param in_credentials_version the credentials version to get the time offset for. @@ -1279,63 +1279,63 @@ struct cc_ccache_f { * \return On success, #ccNoError. On failure, an error code representing the failure. * \brief \b cc_ccache_set_kdc_time_offset(): Set the KDC time offset for credentials in a ccache. * \sa get_kdc_time_offset, clear_kdc_time_offset - * + * * Sometimes the KDC and client's clocks get out of sync. cc_ccache_set_kdc_time_offset() - * sets the difference between the KDC and client's clocks at the time credentials were - * acquired. This offset allows callers to figure out how much time is left on a given + * sets the difference between the KDC and client's clocks at the time credentials were + * acquired. This offset allows callers to figure out how much time is left on a given * credential even though the end_time is based on the KDC's clock not the client's clock. */ cc_int32 (*set_kdc_time_offset) (cc_ccache_t io_ccache, cc_uint32 in_credentials_version, cc_time_t in_time_offset); - + /*! * \param in_ccache a ccache object. * \param in_credentials_version the credentials version to get the time offset for. * \return On success, #ccNoError. On failure, an error code representing the failure. * \brief \b cc_ccache_clear_kdc_time_offset(): Clear the KDC time offset for credentials in a ccache. * \sa get_kdc_time_offset, set_kdc_time_offset - * + * * Sometimes the KDC and client's clocks get out of sync. cc_ccache_clear_kdc_time_offset() - * clears the difference between the KDC and client's clocks at the time credentials were - * acquired. This offset allows callers to figure out how much time is left on a given + * clears the difference between the KDC and client's clocks at the time credentials were + * acquired. This offset allows callers to figure out how much time is left on a given * credential even though the end_time is based on the KDC's clock not the client's clock. */ cc_int32 (*clear_kdc_time_offset) (cc_ccache_t io_ccache, cc_uint32 in_credentials_version); - + /*! * \param in_ccache a ccache object. * \return On success, #ccNoError. On failure, an error code representing the failure. * \brief \b cc_ccache_wait_for_change(): Wait for the next change to a ccache. * - * This function blocks until the next change is made to the ccache referenced by - * \a in_ccache. By repeatedly calling cc_ccache_wait_for_change() from - * a worker thread the caller can effectively receive callbacks whenever the + * This function blocks until the next change is made to the ccache referenced by + * \a in_ccache. By repeatedly calling cc_ccache_wait_for_change() from + * a worker thread the caller can effectively receive callbacks whenever the * ccache changes. This is considerably more efficient than polling * with cc_ccache_get_change_time(). - * + * * cc_ccache_wait_for_change() will return whenever: - * + * * \li a credential is stored * \li a credential is removed * \li the ccache principal is changed * \li the ccache becomes the default ccache * \li the ccache is no longer the default ccache * - * \note In order to make sure that the caller doesn't miss any changes, + * \note In order to make sure that the caller doesn't miss any changes, * cc_ccache_wait_for_change() always returns immediately after the first time it * is called on a new ccache object. Callers must use the same ccache object - * for successive calls to cc_ccache_wait_for_change() rather than creating a new + * for successive calls to cc_ccache_wait_for_change() rather than creating a new * ccache object for every call. - * + * * \sa get_change_time */ cc_int32 (*wait_for_change) (cc_ccache_t in_ccache); }; /*! - * Function pointer table for cc_string_t. For more information see + * Function pointer table for cc_string_t. For more information see * \ref cc_string_reference. */ struct cc_string_f { @@ -1348,7 +1348,7 @@ struct cc_string_f { }; /*! - * Function pointer table for cc_credentials_t. For more information see + * Function pointer table for cc_credentials_t. For more information see * \ref cc_credentials_reference. */ struct cc_credentials_f { @@ -1358,11 +1358,11 @@ struct cc_credentials_f { * \brief \b cc_credentials_release(): Release memory associated with a cc_credentials_t object. */ cc_int32 (*release) (cc_credentials_t io_credentials); - + /*! * \param in_credentials a credentials object. * \param in_compare_to_credentials a credentials object to compare with \a in_credentials. - * \param out_equal on exit, whether or not the two credentials objects refer to the + * \param out_equal on exit, whether or not the two credentials objects refer to the * same credentials in the cache collection. * \return On success, #ccNoError. On failure, an error code representing the failure. * \brief \b cc_credentials_compare(): Compare two credentials objects. @@ -1373,7 +1373,7 @@ struct cc_credentials_f { }; /*! - * Function pointer table for cc_ccache_iterator_t. For more information see + * Function pointer table for cc_ccache_iterator_t. For more information see * \ref cc_ccache_iterator_reference. */ struct cc_ccache_iterator_f { @@ -1383,18 +1383,18 @@ struct cc_ccache_iterator_f { * \brief \b cc_ccache_iterator_release(): Release memory associated with a cc_ccache_iterator_t object. */ cc_int32 (*release) (cc_ccache_iterator_t io_ccache_iterator); - + /*! * \param in_ccache_iterator a ccache iterator object. * \param out_ccache on exit, the next ccache in the cache collection. - * \return On success, #ccNoError if the next ccache in the cache collection was - * obtained or #ccIteratorEnd if there are no more ccaches. + * \return On success, #ccNoError if the next ccache in the cache collection was + * obtained or #ccIteratorEnd if there are no more ccaches. * On failure, an error code representing the failure. * \brief \b cc_ccache_iterator_next(): Get the next ccache in the cache collection. */ cc_int32 (*next) (cc_ccache_iterator_t in_ccache_iterator, cc_ccache_t *out_ccache); - + /*! * \param in_ccache_iterator a ccache iterator object. * \param out_ccache_iterator on exit, a copy of \a in_ccache_iterator. @@ -1406,7 +1406,7 @@ struct cc_ccache_iterator_f { }; /*! - * Function pointer table for cc_credentials_iterator_t. For more information see + * Function pointer table for cc_credentials_iterator_t. For more information see * \ref cc_credentials_iterator_reference. */ struct cc_credentials_iterator_f { @@ -1416,18 +1416,18 @@ struct cc_credentials_iterator_f { * \brief \b cc_credentials_iterator_release(): Release memory associated with a cc_credentials_iterator_t object. */ cc_int32 (*release) (cc_credentials_iterator_t io_credentials_iterator); - + /*! * \param in_credentials_iterator a credentials iterator object. * \param out_credentials on exit, the next credentials in the ccache. * \return On success, #ccNoError if the next credential in the ccache was obtained - * or #ccIteratorEnd if there are no more credentials. + * or #ccIteratorEnd if there are no more credentials. * On failure, an error code representing the failure. * \brief \b cc_credentials_iterator_next(): Get the next credentials in the ccache. */ cc_int32 (*next) (cc_credentials_iterator_t in_credentials_iterator, cc_credentials_t *out_credentials); - + /*! * \ingroup cc_credentials_iterator_reference * \param in_credentials_iterator a credentials iterator object. @@ -1442,11 +1442,11 @@ struct cc_credentials_iterator_f { /*! * \ingroup cc_context_reference * \param out_context on exit, a new context object. Must be free with cc_context_release(). - * \param in_version the requested API version. This should be the maximum version the + * \param in_version the requested API version. This should be the maximum version the * application supports. * \param out_supported_version if non-NULL, on exit contains the maximum API version * supported by the implementation. - * \param out_vendor if non-NULL, on exit contains a pointer to a read-only C string which + * \param out_vendor if non-NULL, on exit contains a pointer to a read-only C string which * contains a string describing the vendor which implemented the credentials cache API. * \return On success, #ccNoError. On failure, an error code representing the failure. * May return CCAPI v2 error CC_BAD_API_VERSION if #ccapi_version_2 is passed in. @@ -1456,7 +1456,7 @@ CCACHE_API cc_int32 cc_initialize (cc_context_t *out_context, cc_int32 in_version, cc_int32 *out_supported_version, char const **out_vendor); - + /*! \defgroup helper_macros CCAPI Function Helper Macros * @{ */ @@ -1582,7 +1582,7 @@ CCACHE_API cc_int32 cc_initialize (cc_context_t *out_context, /*! Helper macro for cc_ccache_iterator_f clone() */ #define cc_ccache_iterator_clone(iterator, new_iterator) \ ((iterator) -> functions -> clone (iterator, new_iterator)) - + /*! Helper macro for cc_credentials_iterator_f release() */ #define cc_credentials_iterator_release(iterator) \ ((iterator) -> functions -> release (iterator)) |