Finished KLL to KIM shim.

Switched krb5 code to using it. ticket: 6134 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20796 dc483132-0cff-0310-8789-dd5450dbe970
author: Alexandra Ellwood <lxs@mit.edu> 2008-10-01 19:34:06 +0000
committer: Alexandra Ellwood <lxs@mit.edu> 2008-10-01 19:34:06 +0000
commit: 00729527c88c65b8179b762a111bef16926d6a97 (patch)
tree: b0707eb5c9f704fdee953147cc2e5d2c6146753c /src/lib/krb5
parent: fbe47fb2d24d9d5971b1fd2d2af9b924d1805a0f (diff)
download: krb5-00729527c88c65b8179b762a111bef16926d6a97.zip
krb5-00729527c88c65b8179b762a111bef16926d6a97.tar.gz
krb5-00729527c88c65b8179b762a111bef16926d6a97.tar.bz2
3 files changed, 42 insertions, 24 deletions
diff --git a/src/lib/krb5/ccache/ccdefault.c b/src/lib/krb5/ccache/ccdefault.c
index d6a2597..e5006de 100644
--- a/src/lib/krb5/ccache/ccdefault.c
+++ b/src/lib/krb5/ccache/ccdefault.c
@@ -29,8 +29,8 @@
 
 #include "k5-int.h"
 
-#if defined(USE_LOGIN_LIBRARY)
-#include "KerberosLoginPrivate.h"
+#if defined(USE_KIM)
+#include <kim/kim.h>
 #elif defined(USE_LEASH)
 static void (*pLeash_AcquireInitialTicketsIfNeeded)(krb5_context,krb5_principal,char*,int) = NULL;
 static HANDLE hLeashDLL = INVALID_HANDLE_VALUE;
@@ -77,25 +77,43 @@ krb5int_cc_default(krb5_context context, krb5_ccache *ccache)
         return KV5M_CONTEXT;
     }
 
-#ifdef USE_LOGIN_LIBRARY
+#ifdef USE_KIM
     {
-        /* make sure the default cache has tix before you open it */
-        KLStatus err = klNoErr;
-        char *outCacheName = NULL;
+        kim_error err = KIM_NO_ERROR;
+        kim_ccache kimccache = NULL;
+        kim_identity identity = KIM_IDENTITY_ANY;
+        kim_credential_state state;
+        kim_string name = NULL;
         
-        /* Try to make sure a krb5 tgt is in the cache */
-        err = __KLInternalAcquireInitialTicketsForCache (krb5_cc_default_name (context), kerberosVersion_V5, 
-                                                         NULL, NULL, &outCacheName);
-        if (err == klNoErr) {
-            /* This function tries to get tickets and put them in the specified 
-            cache, however, if the cache does not exist, it may choose to put 
-            them elsewhere (ie: the system default) so we set that here */
-            const char * ccdefname = krb5_cc_default_name (context);
-            if (!ccdefname || strcmp (ccdefname, outCacheName) != 0) {
-                krb5_cc_set_default_name (context, outCacheName);
-            }
-            KLDisposeString (outCacheName);
+        err = kim_ccache_create_from_display_name (&kimccache, 
+                                                   krb5_cc_default_name (context));
+        
+        if (!err) {
+            err = kim_ccache_get_client_identity (kimccache, &identity);
+        }
+        
+        if (!err) {
+            err = kim_ccache_get_state (kimccache, &state);
+        }
+                        
+        if (err || state != kim_credentials_state_valid) {
+            /* Either the ccache is does not exist or is invalid.  Get new
+             * tickets.  Use the identity in the ccache if there was one. */
+            kim_ccache_free (&kimccache);
+            err = kim_ccache_create_new (&kimccache, 
+                                         identity, KIM_OPTIONS_DEFAULT);
         }
+        
+        if (!err) {
+            err = kim_ccache_get_display_name (kimccache, &name);
+        }
+        
+        if (!err) {
+             krb5_cc_set_default_name (context, name);
+        }
+        
+        kim_string_free (&name);
+        kim_ccache_free (&kimccache);
     }
 #else
 #ifdef USE_LEASH
diff --git a/src/lib/krb5/krb/gic_pwd.c b/src/lib/krb5/krb/gic_pwd.c
index 094eb79..bd5cbd1 100644
--- a/src/lib/krb5/krb/gic_pwd.c
+++ b/src/lib/krb5/krb/gic_pwd.c
@@ -186,7 +186,7 @@ krb5_get_init_creds_password(krb5_context context,
 	   use_master = 0;
    }
 
-#ifdef USE_LOGIN_LIBRARY
+#ifdef USE_KIM
 	if (ret == KRB5KDC_ERR_KEY_EXP)
 		goto cleanup;	/* Login library will deal appropriately with this error */
 #endif
diff --git a/src/lib/krb5/os/init_os_ctx.c b/src/lib/krb5/os/init_os_ctx.c
index 06a5b6b..5011d54 100644
--- a/src/lib/krb5/os/init_os_ctx.c
+++ b/src/lib/krb5/os/init_os_ctx.c
@@ -32,8 +32,8 @@
 #include "os-proto.h"
 #include "prof_int.h"		/* XXX for profile_copy, not public yet */
 
-#ifdef USE_LOGIN_LIBRARY
-#include "KerberosLoginPrivate.h"
+#ifdef USE_KIM
+#include "kim/kim_library.h"
 #endif
 
 #if defined(_WIN32)
@@ -240,10 +240,10 @@ os_get_default_config_files(profile_filespec_t **pfiles, krb5_boolean secure)
     unsigned int ent_len;
     const char *s, *t;
 
-#ifdef USE_LOGIN_LIBRARY
-    /* If __KLAllowHomeDirectoryAccess() == FALSE, we are probably
+#ifdef USE_KIM
+    /* If kim_library_allow_home_directory_access() == FALSE, we are probably
         trying to authenticate to a fileserver for the user's homedir. */
-    if (!__KLAllowHomeDirectoryAccess ())
+    if (!kim_library_allow_home_directory_access ())
 	secure = 1;
 #endif
     if (secure) {
author	Alexandra Ellwood <lxs@mit.edu>	2008-10-01 19:34:06 +0000
committer	Alexandra Ellwood <lxs@mit.edu>	2008-10-01 19:34:06 +0000
commit	00729527c88c65b8179b762a111bef16926d6a97 (patch)
tree	b0707eb5c9f704fdee953147cc2e5d2c6146753c /src/lib/krb5
parent	fbe47fb2d24d9d5971b1fd2d2af9b924d1805a0f (diff)
download	krb5-00729527c88c65b8179b762a111bef16926d6a97.zip krb5-00729527c88c65b8179b762a111bef16926d6a97.tar.gz krb5-00729527c88c65b8179b762a111bef16926d6a97.tar.bz2