aboutsummaryrefslogtreecommitdiff
path: root/src/lib/krb5/ccache/ccapi/stdcc.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/krb5/ccache/ccapi/stdcc.c')
-rw-r--r--src/lib/krb5/ccache/ccapi/stdcc.c837
1 files changed, 430 insertions, 407 deletions
diff --git a/src/lib/krb5/ccache/ccapi/stdcc.c b/src/lib/krb5/ccache/ccapi/stdcc.c
index 4414abf..34428c0 100644
--- a/src/lib/krb5/ccache/ccapi/stdcc.c
+++ b/src/lib/krb5/ccache/ccapi/stdcc.c
@@ -111,7 +111,7 @@ krb5_cc_ops krb5_cc_stdcc_ops = {
* changes made. We register a unique message type with which
* we'll communicate to all other processes.
*/
-void cache_changed()
+static void cache_changed()
{
static unsigned int message = 0;
@@ -122,7 +122,7 @@ void cache_changed()
}
#else /* _WIN32 */
-void cache_changed()
+static void cache_changed()
{
return;
}
@@ -189,65 +189,48 @@ static const struct err_xlate err_xlate_table[] =
static krb5_error_code cc_err_xlate(int err)
{
- const struct err_xlate *p;
-
+ const struct err_xlate *p;
+
#ifdef USE_CCAPI_V3
- if (err == ccNoError)
- return 0;
+ if (err == ccNoError)
+ return 0;
#else
- if (err == CC_NOERROR)
- return 0;
+ if (err == CC_NOERROR)
+ return 0;
#endif
-
- for (p = err_xlate_table; p->cc_err; p++) {
- if (err == p->cc_err)
- return p->krb5_err;
- }
- return KRB5_FCC_INTERNAL; /* XXX we need a miscellaneous return */
+
+ for (p = err_xlate_table; p->cc_err; p++) {
+ if (err == p->cc_err)
+ return p->krb5_err;
+ }
+ return KRB5_FCC_INTERNAL; /* XXX we need a miscellaneous return */
}
#ifdef USE_CCAPI_V3
-static krb5_error_code stdccv3_setup(krb5_context context,
- stdccCacheDataPtr ccapi_data)
+static krb5_error_code stdccv3_setup (krb5_context context,
+ stdccCacheDataPtr ccapi_data)
{
- cc_int32 err;
-
- /* make sure the API has been intialized */
- if (gCntrlBlock == NULL) {
- err = cc_initialize(&gCntrlBlock, ccapi_version_max, NULL, NULL);
- if (err != ccNoError)
- return cc_err_xlate(err);
- }
-
- /*
- * No ccapi_data structure, so we don't need to make sure the
- * ccache exists.
- */
- if (!ccapi_data)
- return 0;
-
- /*
- * The ccache already exists
- */
- if (ccapi_data->NamedCache)
- return 0;
-
- err = cc_context_open_ccache(gCntrlBlock, ccapi_data->cache_name,
- &ccapi_data->NamedCache);
- if (err == ccNoError)
- return 0;
-
- ccapi_data->NamedCache = NULL;
- return cc_err_xlate(err);
+ krb5_error_code err = 0;
+
+ if (!err && !gCntrlBlock) {
+ err = cc_initialize (&gCntrlBlock, ccapi_version_max, NULL, NULL);
+ }
+
+ if (!err && ccapi_data && !ccapi_data->NamedCache) {
+ /* ccache has not been opened yet. open it. */
+ err = cc_context_open_ccache (gCntrlBlock, ccapi_data->cache_name,
+ &ccapi_data->NamedCache);
+ }
+
+ return cc_err_xlate(err);
}
/* krb5_stdcc_shutdown is exported; use the old name */
void krb5_stdcc_shutdown()
{
- if (gCntrlBlock)
- cc_context_release(gCntrlBlock);
- gCntrlBlock = NULL;
+ if (gCntrlBlock) { cc_context_release(gCntrlBlock); }
+ gCntrlBlock = NULL;
}
/*
@@ -256,58 +239,68 @@ void krb5_stdcc_shutdown()
* create a new cache with a unique name, corresponds to creating a
* named cache initialize the API here if we have to.
*/
-krb5_error_code KRB5_CALLCONV krb5_stdccv3_generate_new
- (krb5_context context, krb5_ccache *id )
+krb5_error_code KRB5_CALLCONV
+krb5_stdccv3_generate_new (krb5_context context, krb5_ccache *id )
{
- krb5_ccache newCache = NULL;
- krb5_error_code retval;
- stdccCacheDataPtr ccapi_data = NULL;
- char *name = NULL;
- cc_time time;
- int err;
-
- if ((retval = stdccv3_setup(context, NULL)))
- return retval;
-
- retval = KRB5_CC_NOMEM;
- if (!(newCache = (krb5_ccache) malloc(sizeof(struct _krb5_ccache))))
- goto errout;
- if (!(ccapi_data = (stdccCacheDataPtr)malloc(sizeof(stdccCacheData))))
- goto errout;
- if (!(name = malloc(256)))
- goto errout;
-
- /* create a unique name */
- if (retval = cc_context_get_change_time(gCntrlBlock, &time))
- goto errout;
- sprintf(name, "gen_new_cache%d", time);
-
- /* create the new cache */
- err = cc_context_create_ccache(gCntrlBlock, name, cc_credentials_v5, 0L,
- &ccapi_data->NamedCache);
- if (err != ccNoError) {
- retval = cc_err_xlate(err);
- goto errout;
- }
-
- /* setup some fields */
- newCache->ops = &krb5_cc_stdcc_ops;
- newCache->data = ccapi_data;
- ccapi_data->cache_name = name;
-
- /* return a pointer to the new cache */
- *id = newCache;
-
- return 0;
-
-errout:
- if (newCache)
- free(newCache);
- if (ccapi_data)
- free(ccapi_data);
- if (name)
- free(name);
- return retval;
+ krb5_error_code err = 0;
+ krb5_ccache newCache = NULL;
+ stdccCacheDataPtr ccapi_data = NULL;
+ cc_ccache_t ccache = NULL;
+ cc_string_t ccstring = NULL;
+ char *name = NULL;
+
+ if (!err) {
+ err = stdccv3_setup(context, NULL);
+ }
+
+ if (!err) {
+ newCache = (krb5_ccache) malloc (sizeof (*newCache));
+ if (!newCache) { err = KRB5_CC_NOMEM; }
+ }
+
+ if (!err) {
+ ccapi_data = (stdccCacheDataPtr) malloc (sizeof (*ccapi_data));
+ if (!ccapi_data) { err = KRB5_CC_NOMEM; }
+ }
+
+ if (!err) {
+ err = cc_context_create_new_ccache(gCntrlBlock, cc_credentials_v5, 0L,
+ &ccapi_data->NamedCache);
+ }
+
+ if (!err) {
+ err = cc_ccache_get_name (ccapi_data->NamedCache, &ccstring);
+ }
+
+ if (!err) {
+ name = (char *) malloc (sizeof (*name) * (strlen (ccstring->data) + 1));
+ if (!name) { err = KRB5_CC_NOMEM; }
+ }
+
+ if (!err) {
+ strcpy (name, ccstring->data);
+ ccapi_data->cache_name = name;
+ name = NULL; /* take ownership */
+
+ ccapi_data->NamedCache = ccache;
+ ccache = NULL; /* take ownership */
+
+ newCache->ops = &krb5_cc_stdcc_ops;
+ newCache->data = ccapi_data;
+ ccapi_data = NULL; /* take ownership */
+
+ /* return a pointer to the new cache */
+ *id = newCache;
+ newCache = NULL;
+ }
+
+ if (ccstring) { cc_string_release (ccstring); }
+ if (name) { free (name); }
+ if (ccache) { cc_ccache_release (ccache); }
+ if (ccapi_data) { free (ccapi_data); }
+ if (newCache) { free (newCache); }
+
+ return cc_err_xlate (err);
}
/*
@@ -315,54 +308,58 @@ errout:
*
* create a new cache with the name stored in residual
*/
-krb5_error_code KRB5_CALLCONV krb5_stdccv3_resolve
- (krb5_context context, krb5_ccache *id , const char *residual )
+krb5_error_code KRB5_CALLCONV
+krb5_stdccv3_resolve (krb5_context context, krb5_ccache *id , const char *residual )
{
- krb5_ccache newCache = NULL;
- stdccCacheDataPtr ccapi_data = NULL;
- int err;
- krb5_error_code retval;
- char *cName = NULL;
-
- if ((retval = stdccv3_setup(context, NULL)))
- return retval;
-
- retval = KRB5_CC_NOMEM;
- if (!(newCache = (krb5_ccache) malloc(sizeof(struct _krb5_ccache))))
- goto errout;
-
- if (!(ccapi_data = (stdccCacheDataPtr)malloc(sizeof(stdccCacheData))))
- goto errout;
-
- if (!(cName = malloc(strlen(residual)+1)))
- goto errout;
-
- newCache->ops = &krb5_cc_stdcc_ops;
- newCache->data = ccapi_data;
- ccapi_data->cache_name = cName;
-
- strcpy(cName, residual);
-
- err = cc_context_open_ccache(gCntrlBlock, cName,
- &ccapi_data->NamedCache);
- if (err != ccNoError) {
- ccapi_data->NamedCache = NULL;
- goto errout;
- }
-
- /* return new cache structure */
- *id = newCache;
-
- return 0;
-
-errout:
- if (newCache)
- free(newCache);
- if (ccapi_data)
- free(ccapi_data);
- if (cName)
- free(cName);
- return retval;
+ krb5_error_code err = 0;
+ stdccCacheDataPtr ccapi_data = NULL;
+ krb5_ccache ccache = NULL;
+ char *name = NULL;
+
+ if (id == NULL) { err = KRB5_CC_NOMEM; }
+
+ if (!err) {
+ err = stdccv3_setup (context, NULL);
+ }
+
+ if (!err) {
+ ccapi_data = (stdccCacheDataPtr) malloc (sizeof (*ccapi_data));
+ if (!ccapi_data) { err = KRB5_CC_NOMEM; }
+ }
+
+ if (!err) {
+ ccache = (krb5_ccache ) malloc (sizeof (*ccache));
+ if (!ccache) { err = KRB5_CC_NOMEM; }
+ }
+
+ if (!err) {
+ name = malloc (strlen(residual) + 1);
+ if (!name) { err = KRB5_CC_NOMEM; }
+ }
+
+ if (!err) {
+ err = cc_context_open_ccache (gCntrlBlock, residual,
+ &ccapi_data->NamedCache);
+ }
+
+ if (!err) {
+ strcpy(name, residual);
+ ccapi_data->cache_name = name;
+ name = NULL; /* take ownership */
+
+ ccache->ops = &krb5_cc_stdcc_ops;
+ ccache->data = ccapi_data;
+ ccapi_data = NULL; /* take ownership */
+
+ *id = ccache;
+ ccache = NULL; /* take ownership */
+ }
+
+ if (ccache) { free (ccache); }
+ if (ccapi_data) { free (ccapi_data); }
+ if (name) { free (name); }
+
+ return cc_err_xlate (err);
}
/*
@@ -372,43 +369,43 @@ errout:
* principal if not set our principal to this principal. This
* searching enables ticket sharing
*/
-krb5_error_code KRB5_CALLCONV krb5_stdccv3_initialize
- (krb5_context context, krb5_ccache id, krb5_principal princ)
+krb5_error_code KRB5_CALLCONV
+krb5_stdccv3_initialize (krb5_context context,
+ krb5_ccache id,
+ krb5_principal princ)
{
- stdccCacheDataPtr ccapi_data = NULL;
- int err;
- char *cName = NULL;
- krb5_error_code retval;
-
- if ((retval = stdccv3_setup(context, NULL)))
- return retval;
-
- /* test id for null */
- if (id == NULL) return KRB5_CC_NOMEM;
-
- if ((retval = krb5_unparse_name(context, princ, &cName)))
- return retval;
-
- ccapi_data = id->data;
-
-
- if (ccapi_data->NamedCache) {
- err = cc_ccache_release(ccapi_data->NamedCache);
- ccapi_data->NamedCache = NULL;
- }
-
- err = cc_context_create_ccache(gCntrlBlock, ccapi_data->cache_name,
- cc_credentials_v5, cName,
- &ccapi_data->NamedCache);
- if (err != ccNoError) {
- krb5_free_unparsed_name(context, cName);
- return cc_err_xlate(err);
- }
-
- krb5_free_unparsed_name(context, cName);
- cache_changed();
-
- return cc_err_xlate(err);
+ krb5_error_code err = 0;
+ stdccCacheDataPtr ccapi_data = id->data;
+ char *name = NULL;
+
+ if (id == NULL) { err = KRB5_CC_NOMEM; }
+
+ if (!err) {
+ err = stdccv3_setup (context, NULL);
+ }
+
+ if (!err) {
+ err = krb5_unparse_name(context, princ, &name);
+ }
+
+ if (!err && ccapi_data->NamedCache) {
+ err = cc_ccache_release(ccapi_data->NamedCache);
+ ccapi_data->NamedCache = NULL;
+ }
+
+ if (!err) {
+ err = cc_context_create_ccache (gCntrlBlock, ccapi_data->cache_name,
+ cc_credentials_v5, name,
+ &ccapi_data->NamedCache);
+ }
+
+ if (!err) {
+ cache_changed();
+ }
+
+ if (name) { krb5_free_unparsed_name(context, name); }
+
+ return cc_err_xlate(err);
}
/*
@@ -416,32 +413,34 @@ krb5_error_code KRB5_CALLCONV krb5_stdccv3_initialize
*
* store some credentials in our cache
*/
-krb5_error_code KRB5_CALLCONV krb5_stdccv3_store
- (krb5_context context, krb5_ccache id, krb5_creds *creds )
+krb5_error_code KRB5_CALLCONV
+krb5_stdccv3_store (krb5_context context, krb5_ccache id, krb5_creds *creds )
{
- krb5_error_code retval;
- stdccCacheDataPtr ccapi_data = id->data;
- cc_credentials_t c = NULL;
- int err;
-
- if ((retval = stdccv3_setup(context, ccapi_data)))
- return retval;
-
- /* copy the fields from the almost identical structures */
- dupK5toCC3(context, creds, &c);
-
- /*
- * finally store the credential
- * store will copy (that is duplicate) everything
- */
- err = cc_ccache_store_credentials(((stdccCacheDataPtr)(id->data))->NamedCache, c->data);
- if (err != ccNoError)
- return cc_err_xlate(err);
-
- err = cc_credentials_release(c);
-
- cache_changed();
- return err;
+ krb5_error_code err = 0;
+ stdccCacheDataPtr ccapi_data = id->data;
+ cc_credentials_t credentials = NULL;
+
+ if (!err) {
+ err = stdccv3_setup (context, ccapi_data);
+ }
+
+ if (!err) {
+ /* copy the fields from the almost identical structures */
+ err = copy_krb5_creds_to_cc_credentials (context, creds, &credentials);
+ }
+
+ if (!err) {
+ err = cc_ccache_store_credentials (ccapi_data->NamedCache,
+ credentials->data);
+ }
+
+ if (!err) {
+ cache_changed();
+ }
+
+ if (credentials) { cc_credentials_release (credentials); }
+
+ return cc_err_xlate (err);
}
/*
@@ -449,23 +448,29 @@ krb5_error_code KRB5_CALLCONV krb5_stdccv3_store
*
* begin an iterator call to get all of the credentials in the cache
*/
-krb5_error_code KRB5_CALLCONV krb5_stdccv3_start_seq_get
-(krb5_context context, krb5_ccache id , krb5_cc_cursor *cursor )
+krb5_error_code KRB5_CALLCONV
+krb5_stdccv3_start_seq_get (krb5_context context,
+ krb5_ccache id,
+ krb5_cc_cursor *cursor )
{
- stdccCacheDataPtr ccapi_data = id->data;
- krb5_error_code retval;
- int err;
- cc_credentials_iterator_t iterator;
-
- if ((retval = stdccv3_setup(context, ccapi_data)))
- return retval;
-
- err = cc_ccache_new_credentials_iterator(ccapi_data->NamedCache,
- &iterator);
- if (err != ccNoError)
- return cc_err_xlate(err);
- *cursor = iterator;
- return 0;
+ krb5_error_code err = 0;
+ stdccCacheDataPtr ccapi_data = id->data;
+ cc_credentials_iterator_t iterator = NULL;
+
+ if (!err) {
+ err = stdccv3_setup (context, ccapi_data);
+ }
+
+ if (!err) {
+ err = cc_ccache_new_credentials_iterator(ccapi_data->NamedCache,
+ &iterator);
+ }
+
+ if (!err) {
+ *cursor = iterator;
+ }
+
+ return cc_err_xlate (err);
}
/*
@@ -474,37 +479,40 @@ krb5_error_code KRB5_CALLCONV krb5_stdccv3_start_seq_get
* - get the next credential in the cache as part of an iterator call
* - this maps to call to cc_seq_fetch_creds
*/
-krb5_error_code KRB5_CALLCONV krb5_stdccv3_next_cred
- (krb5_context context, krb5_ccache id, krb5_cc_cursor *cursor,
- krb5_creds *creds)
+krb5_error_code KRB5_CALLCONV
+krb5_stdccv3_next_cred (krb5_context context,
+ krb5_ccache id,
+ krb5_cc_cursor *cursor,
+ krb5_creds *creds)
{
- krb5_error_code retval;
- stdccCacheDataPtr ccapi_data = id->data;
- int err;
- cc_credentials_t cu;
- cc_credentials_iterator_t iterator;
-
- if ((retval = stdccv3_setup(context, ccapi_data)))
- return retval;
-
- iterator = *cursor;
- if (iterator == 0)
- return KRB5_CC_END;
- err = cc_credentials_iterator_next(iterator, &cu);
-
- if (err == ccIteratorEnd) {
- cc_credentials_iterator_release(iterator);
- *cursor = 0;
- }
- if (err != ccNoError)
- return cc_err_xlate(err);
-
- /* copy data (with translation) */
- dupCC3toK5(context, cu, creds);
-
- cc_credentials_release(cu);
-
- return 0;
+ krb5_error_code err = 0;
+ stdccCacheDataPtr ccapi_data = id->data;
+ cc_credentials_t credentials = NULL;
+ cc_credentials_iterator_t iterator = *cursor;
+
+ if (!iterator) { err = KRB5_CC_END; }
+
+ if (!err) {
+ err = stdccv3_setup (context, ccapi_data);
+ }
+
+ /* Note: CCAPI v3 ccaches can contain both v4 and v5 creds */
+ while (!err) {
+ err = cc_credentials_iterator_next (iterator, &credentials);
+
+ if (!err && (credentials->data->version == cc_credentials_v5)) {
+ copy_cc_credentials_to_krb5_creds(context, credentials, creds);
+ break;
+ }
+ }
+
+ if (credentials) { cc_credentials_release (credentials); }
+ if (err == ccIteratorEnd) {
+ cc_credentials_iterator_release (iterator);
+ *cursor = 0;
+ }
+
+ return cc_err_xlate (err);
}
@@ -514,12 +522,11 @@ krb5_error_code KRB5_CALLCONV krb5_stdccv3_next_cred
* - try to find a matching credential in the cache
*/
krb5_error_code KRB5_CALLCONV
-krb5_stdccv3_retrieve(context, id, whichfields, mcreds, creds)
- krb5_context context;
- krb5_ccache id;
- krb5_flags whichfields;
- krb5_creds *mcreds;
- krb5_creds *creds;
+krb5_stdccv3_retrieve (krb5_context context,
+ krb5_ccache id,
+ krb5_flags whichfields,
+ krb5_creds *mcreds,
+ krb5_creds *creds)
{
return krb5_cc_retrieve_cred_default (context, id, whichfields,
mcreds, creds);
@@ -530,28 +537,26 @@ krb5_stdccv3_retrieve(context, id, whichfields, mcreds, creds)
*
* just free up the storage assoicated with the cursor (if we can)
*/
-krb5_error_code KRB5_CALLCONV krb5_stdccv3_end_seq_get
- (krb5_context context, krb5_ccache id, krb5_cc_cursor *cursor)
+krb5_error_code KRB5_CALLCONV
+krb5_stdccv3_end_seq_get (krb5_context context,
+ krb5_ccache id,
+ krb5_cc_cursor *cursor)
{
- krb5_error_code retval;
- stdccCacheDataPtr ccapi_data = NULL;
- int err;
- cc_credentials_iterator_t iterator;
-
- ccapi_data = id->data;
-
- if ((retval = stdccv3_setup(context, ccapi_data)))
- return retval;
-
- if (*cursor == NULL)
- return 0;
-
- iterator = *cursor;
-
- err = cc_credentials_iterator_release(iterator);
- if (err != ccNoError)
- return cc_err_xlate(err);
- return(0);
+ krb5_error_code err = 0;
+ stdccCacheDataPtr ccapi_data = id->data;
+ cc_credentials_iterator_t iterator = *cursor;
+
+ if (!iterator) { return 0; }
+
+ if (!err) {
+ err = stdccv3_setup (context, ccapi_data);
+ }
+
+ if (!err) {
+ err = cc_credentials_iterator_release(iterator);
+ }
+
+ return cc_err_xlate(err);
}
/*
@@ -560,26 +565,31 @@ krb5_error_code KRB5_CALLCONV krb5_stdccv3_end_seq_get
* - free our pointers to the NC
*/
krb5_error_code KRB5_CALLCONV
-krb5_stdccv3_close(krb5_context context, krb5_ccache id)
+krb5_stdccv3_close(krb5_context context,
+ krb5_ccache id)
{
- krb5_error_code retval;
- stdccCacheDataPtr ccapi_data = id->data;
-
- if ((retval = stdccv3_setup(context, NULL)))
- return retval;
-
- /* free it */
+ krb5_error_code err = 0;
+ stdccCacheDataPtr ccapi_data = id->data;
+
+ if (!err) {
+ err = stdccv3_setup (context, NULL);
+ }
+
+ if (!err) {
if (ccapi_data) {
- if (ccapi_data->cache_name)
- free(ccapi_data->cache_name);
- if (ccapi_data->NamedCache)
- cc_ccache_release(ccapi_data->NamedCache);
- free(ccapi_data);
- id->data = NULL;
+ if (ccapi_data->cache_name) {
+ free (ccapi_data->cache_name);
+ }
+ if (ccapi_data->NamedCache) {
+ err = cc_ccache_release (ccapi_data->NamedCache);
+ }
+ free (ccapi_data);
+ id->data = NULL;
}
- free(id);
-
- return 0;
+ free (id);
+ }
+
+ return cc_err_xlate(err);
}
/*
@@ -588,37 +598,36 @@ krb5_stdccv3_close(krb5_context context, krb5_ccache id)
* - free our storage and the cache
*/
krb5_error_code KRB5_CALLCONV
-krb5_stdccv3_destroy (krb5_context context, krb5_ccache id)
+krb5_stdccv3_destroy (krb5_context context,
+ krb5_ccache id)
{
- int err;
- krb5_error_code retval;
- stdccCacheDataPtr ccapi_data = id->data;
-
- if ((retval = stdccv3_setup(context, ccapi_data))) {
- return retval;
- }
-
- /* free memory associated with the krb5_ccache */
+ krb5_error_code err = 0;
+ stdccCacheDataPtr ccapi_data = id->data;
+
+ if (!err) {
+ err = stdccv3_setup(context, ccapi_data);
+ }
+
+ if (!err) {
if (ccapi_data) {
- if (ccapi_data->cache_name)
- free(ccapi_data->cache_name);
- if (ccapi_data->NamedCache) {
- /* destroy the named cache */
- err = cc_ccache_destroy(ccapi_data->NamedCache);
- retval = cc_err_xlate(err);
- cache_changed();
- }
- free(ccapi_data);
- id->data = NULL;
+ if (ccapi_data->cache_name) {
+ free(ccapi_data->cache_name);
+ }
+ if (ccapi_data->NamedCache) {
+ /* destroy the named cache */
+ err = cc_ccache_destroy(ccapi_data->NamedCache);
+ if (err == ccErrCCacheNotFound) {
+ err = 0; /* ccache maybe already destroyed */
+ }
+ cache_changed();
+ }
+ free(ccapi_data);
+ id->data = NULL;
}
- free(id);
-
- /* If the cache does not exist when we tried to destroy it,
- that's fine. That means someone else destroyed it since
- we resolved it. */
- if (retval == ccErrCCacheNotFound)
- return 0;
- return retval;
+ free(id);
+ }
+
+ return cc_err_xlate(err);
}
/*
@@ -626,15 +635,17 @@ krb5_stdccv3_destroy (krb5_context context, krb5_ccache id)
*
* - return the name of the named cache
*/
-const char * KRB5_CALLCONV krb5_stdccv3_get_name
- (krb5_context context, krb5_ccache id )
+const char * KRB5_CALLCONV
+krb5_stdccv3_get_name (krb5_context context,
+ krb5_ccache id )
{
- stdccCacheDataPtr ccapi_data = id->data;
-
- if (!ccapi_data)
- return 0;
-
- return (ccapi_data->cache_name);
+ stdccCacheDataPtr ccapi_data = id->data;
+
+ if (!ccapi_data) {
+ return NULL;
+ } else {
+ return (ccapi_data->cache_name);
+ }
}
@@ -642,29 +653,30 @@ const char * KRB5_CALLCONV krb5_stdccv3_get_name
*
* - return the principal associated with the named cache
*/
-krb5_error_code KRB5_CALLCONV krb5_stdccv3_get_principal
- (krb5_context context, krb5_ccache id , krb5_principal *princ)
+krb5_error_code KRB5_CALLCONV
+krb5_stdccv3_get_principal (krb5_context context,
+ krb5_ccache id ,
+ krb5_principal *princ)
{
- int err;
- cc_string_t name = NULL;
- stdccCacheDataPtr ccapi_data = id->data;
- krb5_error_code retval;
-
- if ((retval = stdccv3_setup(context, ccapi_data)))
- return retval;
-
- /* another wrapper */
- err = cc_ccache_get_principal(ccapi_data->NamedCache, cc_credentials_v5, &name);
-
- if (err != ccNoError)
- return cc_err_xlate(err);
-
- /* turn it into a krb principal */
- err = krb5_parse_name(context, name->data, princ);
-
- cc_string_release(name);
-
- return err;
+ krb5_error_code err = 0;
+ stdccCacheDataPtr ccapi_data = id->data;
+ cc_string_t name = NULL;
+
+ if (!err) {
+ err = stdccv3_setup(context, ccapi_data);
+ }
+
+ if (!err) {
+ err = cc_ccache_get_principal (ccapi_data->NamedCache, cc_credentials_v5, &name);
+ }
+
+ if (!err) {
+ err = krb5_parse_name (context, name->data, princ);
+ }
+
+ if (name) { cc_string_release (name); }
+
+ return cc_err_xlate (err);
}
/*
@@ -672,16 +684,17 @@ krb5_error_code KRB5_CALLCONV krb5_stdccv3_get_principal
*
* - currently a NOP since we don't store any flags in the NC
*/
-krb5_error_code KRB5_CALLCONV krb5_stdccv3_set_flags
- (krb5_context context, krb5_ccache id , krb5_flags flags)
+krb5_error_code KRB5_CALLCONV
+krb5_stdccv3_set_flags (krb5_context context,
+ krb5_ccache id,
+ krb5_flags flags)
{
- stdccCacheDataPtr ccapi_data = id->data;
- krb5_error_code retval;
-
- if ((retval = stdccv3_setup(context, ccapi_data)))
- return retval;
-
- return 0;
+ krb5_error_code err = 0;
+ stdccCacheDataPtr ccapi_data = id->data;
+
+ err = stdccv3_setup (context, ccapi_data);
+
+ return cc_err_xlate (err);
}
/*
@@ -689,16 +702,17 @@ krb5_error_code KRB5_CALLCONV krb5_stdccv3_set_flags
*
* - currently a NOP since we don't store any flags in the NC
*/
-krb5_error_code KRB5_CALLCONV krb5_stdccv3_get_flags
- (krb5_context context, krb5_ccache id , krb5_flags *flags)
+krb5_error_code KRB5_CALLCONV
+krb5_stdccv3_get_flags (krb5_context context,
+ krb5_ccache id,
+ krb5_flags *flags)
{
- stdccCacheDataPtr ccapi_data = id->data;
- krb5_error_code retval;
-
- if ((retval = stdccv3_setup(context, ccapi_data)))
- return retval;
-
- return 0;
+ krb5_error_code err = 0;
+ stdccCacheDataPtr ccapi_data = id->data;
+
+ err = stdccv3_setup (context, ccapi_data);
+
+ return cc_err_xlate (err);
}
/*
@@ -706,37 +720,41 @@ krb5_error_code KRB5_CALLCONV krb5_stdccv3_get_flags
*
* - remove the specified credentials from the NC
*/
-krb5_error_code KRB5_CALLCONV krb5_stdccv3_remove
- (krb5_context context, krb5_ccache id,
- krb5_flags flags, krb5_creds *creds)
+krb5_error_code KRB5_CALLCONV
+krb5_stdccv3_remove (krb5_context context,
+ krb5_ccache id,
+ krb5_flags flags,
+ krb5_creds *creds)
{
- cc_credentials_t c = NULL;
- int err;
- stdccCacheDataPtr ccapi_data = id->data;
- krb5_error_code retval;
-
- if ((retval = stdccv3_setup(context, ccapi_data))) {
- if (retval == KRB5_FCC_NOFILE)
- return 0;
- return retval;
- }
-
- /* convert to a cred union */
- dupK5toCC3(context, creds, &c);
-
- /* remove it */
- err = cc_ccache_remove_credentials(ccapi_data->NamedCache, c);
- if (err != ccNoError)
- return cc_err_xlate(err);
-
- err = cc_credentials_release(c);
- cache_changed();
- if (err != ccNoError)
- return cc_err_xlate(err);
-
- return 0;
+ krb5_error_code err = 0;
+ stdccCacheDataPtr ccapi_data = id->data;
+ cc_credentials_t credentials = NULL;
+
+ if (!err) {
+ err = stdccv3_setup(context, ccapi_data);
+ }
+
+ if (!err) {
+ err = copy_krb5_creds_to_cc_credentials (context, creds, &credentials);
+ }
+
+ if (!err) {
+ err = cc_ccache_remove_credentials (ccapi_data->NamedCache, credentials);
+ }
+
+ if (!err) {
+ cache_changed ();
+ } else if (err == KRB5_FCC_NOFILE) {
+ err = 0;
+ }
+
+ if (credentials) { cc_credentials_release (credentials); }
+
+ return cc_err_xlate (err);
}
+
#else /* !USE_CCAPI_V3 */
+
static krb5_error_code stdcc_setup(krb5_context context,
stdccCacheDataPtr ccapi_data)
{
@@ -797,7 +815,7 @@ krb5_error_code KRB5_CALLCONV krb5_stdcc_generate_new
krb5_error_code retval;
stdccCacheDataPtr ccapi_data = NULL;
char *name = NULL;
- cc_time_t time;
+ cc_time_t change_time;
int err;
if ((retval = stdcc_setup(context, NULL)))
@@ -812,8 +830,8 @@ krb5_error_code KRB5_CALLCONV krb5_stdcc_generate_new
goto errout;
/* create a unique name */
- cc_get_change_time(gCntrlBlock, &time);
- sprintf(name, "gen_new_cache%d", time);
+ cc_get_change_time(gCntrlBlock, &change_time);
+ sprintf(name, "gen_new_cache%d", change_time);
/* create the new cache */
err = cc_create(gCntrlBlock, name, name, CC_CRED_V5, 0L,
@@ -878,9 +896,14 @@ krb5_error_code KRB5_CALLCONV krb5_stdcc_resolve
err = cc_open(gCntrlBlock, cName, CC_CRED_V5, 0L,
&ccapi_data->NamedCache);
- if (err != CC_NOERROR)
+ if (err != CC_NOERROR) {
ccapi_data->NamedCache = NULL;
-
+ if (err != CC_NO_EXIST) {
+ retval = cc_err_xlate(err);
+ goto errout;
+ }
+ }
+
/* return new cache structure */
*id = newCache;
@@ -1358,4 +1381,4 @@ krb5_error_code KRB5_CALLCONV krb5_stdcc_remove
return 0;
}
-#endif /* !USE_CCAPI_V3 */ \ No newline at end of file
+#endif /* !USE_CCAPI_V3 */
generated by cgit v1.1 at 2024-08-15 05:34:10 +0000