Fixed bugs in command line change password support.
authorAlexandra Ellwood <lxs@mit.edu>
Wed, 24 Sep 2008 22:11:20 +0000 (22:11 +0000)
committerAlexandra Ellwood <lxs@mit.edu>
Wed, 24 Sep 2008 22:11:20 +0000 (22:11 +0000)
Removed low level change password functions from export list
because they require a UI context.
Added kim_ccache functions needed by klist to export list.

ticket: 6055

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20749 dc483132-0cff-0310-8789-dd5450dbe970

16 files changed:
src/include/kim/kim_ccache.h
src/include/kim/kim_credential.h
src/kim/lib/kim-lite.exports
src/kim/lib/kim.exports
src/kim/lib/kim_ccache_private.h
src/kim/lib/kim_credential.c
src/kim/lib/kim_credential_private.h [new file with mode: 0644]
src/kim/lib/kim_identity.c
src/kim/lib/kim_private.h
src/kim/lib/kim_ui.c
src/kim/lib/kim_ui_cli.c
src/kim/lib/kim_ui_cli_private.h
src/kim/lib/kim_ui_gui_private.h
src/kim/lib/kim_ui_plugin.c
src/kim/lib/kim_ui_plugin_private.h
src/kim/lib/mac/kim_os_ui_gui.c

index 5e41e9bc84ac63e542cac85abf12df7bf13aa9c0..73789eabb181dba773e94418a06cdb4a6017fadf 100644 (file)
@@ -352,6 +352,17 @@ kim_error kim_ccache_create_from_keytab (kim_ccache    *out_ccache,
  */
 kim_error kim_ccache_create_from_default (kim_ccache *out_ccache);
 
+/*!
+ * \param out_ccache      on exit, a ccache object for the ccache identified by 
+ *                        \a in_display_name.  Must be freed with kim_ccache_free().
+ * \param in_display_name a ccache display name string (ie: "TYPE:NAME").
+ * \return On success, #KIM_NO_ERROR.  On failure, an error code representing the failure.
+ * \note This API is used to obtain a kim_ccache for a ccache name entered by the user.
+ * \brief Get a ccache for a ccache display name.
+ */
+kim_error kim_ccache_create_from_display_name (kim_ccache  *out_ccache,
+                                               kim_string   in_display_name);
+
 /*!
  * \param out_ccache  on exit, a ccache object for the ccache identified by 
  *                    \a in_type and \a in_name.  Must be freed with kim_ccache_free().
@@ -388,6 +399,19 @@ kim_error kim_ccache_create_from_krb5_ccache (kim_ccache  *out_ccache,
 kim_error kim_ccache_copy (kim_ccache  *out_ccache,
                              kim_ccache   in_ccache);
 
+/*!
+ * \param in_ccache             a ccache object.
+ * \param in_compare_to_ccache  a ccache object.
+ * \param out_comparison        on exit, a comparison of \a in_ccache and 
+ *                              \a in_compare_to_ccache which determines whether
+ *                              or not the two ccache objects refer to the same ccache.
+ * \return On success, #KIM_NO_ERROR.  On failure, an error code representing the failure.
+ * \brief Compare ccache objects.
+ */
+kim_error kim_ccache_compare (kim_ccache   in_ccache,
+                              kim_ccache   in_compare_to_ccache,
+                              kim_boolean *out_equal);
+    
 /*!
  * \param in_ccache        a ccache object. 
  * \param in_krb5_context  a krb5 context which will be used to create out_krb5_ccache. 
@@ -397,8 +421,8 @@ kim_error kim_ccache_copy (kim_ccache  *out_ccache,
  * \brief Get a krb5 ccache for a ccache.
  */
 kim_error kim_ccache_get_krb5_ccache (kim_ccache  in_ccache,
-                                        krb5_context  in_krb5_context,
-                                        krb5_ccache  *out_krb5_ccache);
+                                      krb5_context  in_krb5_context,
+                                      krb5_ccache  *out_krb5_ccache);
 
 /*!
  * \param in_ccache  a ccache object. 
index c25b02e9061cb107db19821c7e35c879f1372cb6..678c2a3144d40e99cc33368d759e8cfb5991af36 100644 (file)
@@ -256,7 +256,7 @@ typedef int kim_credential_state;
  *     Valid credentials may be renewed up until their renewal expiration time.  
  *     Renewing credentials acquires a fresh set of credentials with a full lifetime 
  *     without resending secrets to the KDC (such as a password).  If credentials are 
- *     not renewable, this function will return an error.
+ *     not renewable, this function will return a renewal expiration time of 0.
  *
  *
  * See \ref kim_credential_reference and \ref kim_credential_iterator_reference for 
@@ -350,21 +350,6 @@ kim_error kim_credential_create_from_krb5_creds (kim_credential *out_credential,
                                                  krb5_context      in_krb5_context,
                                                  krb5_creds       *in_krb5_creds);
 
-/*!
- * \param out_credential  on exit, a new credential object containing a change
- *                        password credential for \a in_identity.
- *                        Must be freed with kim_credential_free().
- * \param in_identity     a client identity to obtain a change password credential for. 
- * \param in_old_password the current password for \a in_identity.  May be 
- *                        an expired password.
- * \return On success, #KIM_NO_ERROR.  On failure, an error code representing the failure.
- * \brief Obtain a credential for changing an identity's password.
- * \sa kim_credential_change_password
- */    
-kim_error kim_credential_create_for_change_password (kim_credential *out_credential,
-                                                     kim_identity    in_identity,
-                                                     kim_string      in_old_password);
-
 /*!
  * \param out_credential  on exit, a new credential object which is a copy of \a in_credential.  
  *                        Must be freed with kim_credential_free().
@@ -460,17 +445,6 @@ kim_error kim_credential_get_expiration_time (kim_credential  in_credential,
 kim_error kim_credential_get_renewal_expiration_time (kim_credential  in_credential,
                                                       kim_time       *out_renewal_expiration_time);
 
-/*!
- * \param in_credential       a credential object. 
- * \param out_ticket_flags    on exit, the krb5 ticket flags for \a in_credential.
- *                            See krb5 API documentation for the meaning of these flags.
- * \return On success, #KIM_NO_ERROR.  On failure, an error code representing the failure.
- * \brief Get the krb5 ticket_flags for a credential.
- */
-kim_error kim_credential_get_krb5_ticket_flags (kim_credential  in_credential,
-                                                krb5_flags     *out_ticket_flags);
-
-    
 /*!
  * \param in_credential       a credential object. 
  * \param in_client_identity  a client identity.
@@ -529,39 +503,6 @@ kim_error kim_credential_renew (kim_credential *io_credential,
 kim_error kim_credential_validate (kim_credential *io_credential,
                                    kim_options     in_options);
 
-/*!
- * \param in_credential            a credential object containing a change
- *                                 password credential.  Use 
- *                                 #kim_credential_create_for_change_password to obtain
- *                                 a change password credential.
- * \param in_identity              an identity to change the password for.  May
- *                                 be different than the identity the credential
- *                                 is for.  
- * \param in_new_password          the password to change the identity to.
- * \param out_rejected_err         on exit, 0 if the password change was
- *                                 successful or an error describing why the
- *                                 new password was rejected.
- * \param out_rejected_message     on exit, if \a out_rejected_err is non-zero
- *                                 this argument will contain an error message
- *                                 for \a out_rejected_err.  Pass NULL if you
- *                                 do not want this error string.  Must be
- *                                 freed with #kim_string_free();
- * \param out_rejected_description on exit, if \a out_rejected_err is non-zero
- *                                 this argument will contain an string describing
- *                                 why \a in_new_password was rejected. Pass NULL 
- *                                 if you do not want this error string.  Must be
- *                                 freed with #kim_string_free();
- * \return On success, #KIM_NO_ERROR.  On failure, an error code representing the failure.
- * \brief Change an identity's password.
- * \sa kim_credential_create_for_change_password
- */    
-kim_error kim_credential_change_password (kim_credential  in_credential,
-                                          kim_identity    in_identity,
-                                          kim_string      in_new_password,
-                                          kim_error      *out_rejected_err,
-                                          kim_string     *out_rejected_message,
-                                          kim_string     *out_rejected_description);
-
 /*!
  * \param io_credential the credential object to be freed.  Set to NULL on exit.
  * \brief Free memory associated with a credential object.
index 708d2753c42a8a8168809a9375a25486c10e9b95..96699c8086cf4e552fe1a9a344874e98d6819825 100644 (file)
@@ -80,7 +80,6 @@ kim_credential_iterator_free
 
 kim_credential_create_new
 kim_credential_create_from_krb5_creds
-kim_credential_create_for_change_password
 kim_credential_copy
 kim_credential_get_krb5_creds
 kim_credential_get_client_identity
@@ -90,11 +89,9 @@ kim_credential_get_state
 kim_credential_get_start_time
 kim_credential_get_expiration_time
 kim_credential_get_renewal_expiration_time
-kim_credential_get_krb5_ticket_flags
 kim_credential_store
 kim_credential_renew
 kim_credential_validate
-kim_credential_change_password
 kim_credential_free
 
 kim_ccache_iterator_create
@@ -106,8 +103,10 @@ kim_ccache_create_new_if_needed
 kim_ccache_create_from_client_identity
 kim_ccache_create_from_default
 kim_ccache_create_from_type_and_name
+kim_ccache_create_from_display_name
 kim_ccache_create_from_krb5_ccache
 kim_ccache_copy
+kim_ccache_compare
 kim_ccache_get_krb5_ccache
 kim_ccache_get_name
 kim_ccache_get_type
index bdacd6299da69a93f27027c428da8c471fe2c13c..96359632e96fa805d57279209598d55ba37208ac 100644 (file)
@@ -81,7 +81,6 @@ kim_credential_iterator_free
 kim_credential_create_new
 kim_credential_create_from_keytab
 kim_credential_create_from_krb5_creds
-kim_credential_create_for_change_password
 kim_credential_copy
 kim_credential_get_krb5_creds
 kim_credential_get_client_identity
@@ -91,12 +90,10 @@ kim_credential_get_state
 kim_credential_get_start_time
 kim_credential_get_expiration_time
 kim_credential_get_renewal_expiration_time
-kim_credential_get_krb5_ticket_flags
 kim_credential_store
 kim_credential_verify
 kim_credential_renew
 kim_credential_validate
-kim_credential_change_password
 kim_credential_free
 
 kim_ccache_iterator_create
@@ -109,8 +106,10 @@ kim_ccache_create_from_client_identity
 kim_ccache_create_from_keytab
 kim_ccache_create_from_default
 kim_ccache_create_from_type_and_name
+kim_ccache_create_from_display_name
 kim_ccache_create_from_krb5_ccache
 kim_ccache_copy
+kim_ccache_compare
 kim_ccache_get_krb5_ccache
 kim_ccache_get_name
 kim_ccache_get_type
index 1abd00464ef8cc17d3a399e3f4ae8211d81290e2..7856935c490e5fec462bffc941c9fec757bef98f 100644 (file)
 
 #include <kim/kim.h>
 
-kim_error kim_ccache_create_from_display_name (kim_ccache  *out_ccache,
-                                               kim_string   in_display_name);
-
-kim_error kim_ccache_compare (kim_ccache   in_ccache,
-                              kim_ccache   in_compare_to_ccache,
-                              kim_boolean *out_equal);
 
 #endif /* KIM_CCACHE_PRIVATE_H */
index 36c6ca1b6e26e10d05f3e8d8bd8c9e1a243afcbb..f77be0993d12698bc613f068575625e061982acb 100644 (file)
@@ -1,7 +1,7 @@
 /*
  * $Header$
  *
- * Copyright 2006 Massachusetts Institute of Technology.
+ * Copyright 2006-2008 Massachusetts Institute of Technology.
  * All Rights Reserved.
  *
  * Export of this software from the United States of America may
@@ -31,6 +31,7 @@ struct kim_credential_iterator_opaque {
     krb5_context context;
     krb5_ccache ccache;
     krb5_cc_cursor cursor;
+    krb5_flags old_flags;
 };
 
 struct kim_credential_iterator_opaque kim_credential_iterator_initializer = { NULL, NULL, NULL };
@@ -65,6 +66,24 @@ kim_error kim_credential_iterator_create (kim_credential_iterator *out_credentia
                                           &credential_iterator->ccache);
     }
     
+    if (!err) {
+        /* Turn off OPENCLOSE mode */
+        err = krb5_error (credential_iterator->context,
+                          krb5_cc_get_flags (credential_iterator->context,
+                                             credential_iterator->ccache,
+                                             &credential_iterator->old_flags));
+        
+        if (!err && credential_iterator->old_flags & KRB5_TC_OPENCLOSE) {
+            krb5_flags new_flags = credential_iterator->old_flags & ~KRB5_TC_OPENCLOSE;
+            
+            err = krb5_error (credential_iterator->context,
+                              krb5_cc_set_flags (credential_iterator->context, 
+                                                 credential_iterator->ccache, 
+                                                 new_flags));
+            if (err == KRB5_FCC_NOFILE) { err = KIM_NO_ERROR; }
+        }
+    }
+
     if (!err) {
         err = krb5_error (credential_iterator->context,
                           krb5_cc_start_seq_get (credential_iterator->context, 
@@ -129,6 +148,10 @@ void kim_credential_iterator_free (kim_credential_iterator *io_credential_iterat
                     krb5_cc_end_seq_get ((*io_credential_iterator)->context, 
                                          (*io_credential_iterator)->ccache,
                                          &(*io_credential_iterator)->cursor);
+
+                    krb5_cc_set_flags ((*io_credential_iterator)->context, 
+                                       (*io_credential_iterator)->ccache, 
+                                       (*io_credential_iterator)->old_flags);
                 }
                 krb5_cc_close ((*io_credential_iterator)->context, 
                                (*io_credential_iterator)->ccache);
@@ -467,22 +490,19 @@ kim_error kim_credential_create_from_krb5_creds (kim_credential *out_credential,
     
     return check_error (err);
 }
-
 /* ------------------------------------------------------------------------ */
 
-kim_error kim_credential_create_for_change_password (kim_credential *out_credential,
-                                                     kim_identity    in_identity,
-                                                     kim_string      in_old_password)
+kim_error kim_credential_create_for_change_password (kim_credential  *out_credential,
+                                                     kim_identity     in_identity,
+                                                     kim_string       in_old_password,
+                                                     kim_ui_context  *in_ui_context)
 {
     kim_error err = KIM_NO_ERROR;
     kim_credential credential = NULL;
     kim_string realm = NULL;
     kim_string service = NULL;
-    kim_ui_context context;
     krb5_principal principal = NULL;
     kim_string service_format = "kadmin/changepw@%s";
-    kim_boolean ui_inited = 0;
-    kim_boolean done = 0;
     
     if (!err && !out_credential ) { err = check_error (KIM_NULL_PARAMETER_ERR); }
     if (!err && !in_identity    ) { err = check_error (KIM_NULL_PARAMETER_ERR); }
@@ -511,14 +531,6 @@ kim_error kim_credential_create_for_change_password (kim_credential *out_credent
     }
     
     if (!err) {
-        err = kim_ui_init (&context);
-        if (!err) {
-            context.identity = in_identity; /* used by kim_ui_prompter */
-            ui_inited = 1; 
-        }
-    }
-    
-    while (!err && !done) {
         krb5_creds creds;
         kim_boolean free_creds = 0;
         krb5_get_init_creds_opt        opts;
@@ -535,7 +547,8 @@ kim_error kim_credential_create_for_change_password (kim_credential *out_credent
                                                         principal,
                                                         (char *) in_old_password, 
                                                         kim_ui_prompter, 
-                                                        &context, 0, (char *) service, 
+                                                        in_ui_context, 0, 
+                                                        (char *) service, 
                                                         &opts));        
         if (!err) { free_creds = 1; }
         
@@ -545,33 +558,17 @@ kim_error kim_credential_create_for_change_password (kim_credential *out_credent
                                                &creds, 
                                                &credential->creds));
         }
-        
-        if (!err || err == KIM_USER_CANCELED_ERR) {
-            /* new creds obtained or the user gave up */
-            done = 1;
-            
-        } else { 
-            /*  new creds failed, report error to user */
-            err = kim_ui_handle_kim_error (&context, in_identity, 
-                                           kim_ui_error_type_change_password,
-                                           err);
-        }
-        
+                
         if (free_creds) { krb5_free_cred_contents (credential->context, &creds); }
     }
     
-    if (ui_inited) {
-        kim_error fini_err = kim_ui_fini (&context);
-        if (!err) { err = check_error (fini_err); }
-    }
-    
+    if (principal) { krb5_free_principal (credential->context, principal); }
+
     if (!err) {
         *out_credential = credential;
         credential = NULL;
     }
     
-    if (principal ) { krb5_free_principal (credential->context, principal); }
-    
     kim_string_free (&realm);
     kim_string_free (&service);
     kim_credential_free (&credential);
@@ -833,23 +830,6 @@ kim_error kim_credential_get_renewal_expiration_time (kim_credential  in_credent
 
 /* ------------------------------------------------------------------------ */
 
-kim_error kim_credential_get_krb5_ticket_flags (kim_credential  in_credential,
-                                                krb5_flags     *out_ticket_flags)
-{
-    kim_error err = KIM_NO_ERROR;
-    
-    if (!err && !in_credential   ) { err = check_error (KIM_NULL_PARAMETER_ERR); }
-    if (!err && !out_ticket_flags) { err = check_error (KIM_NULL_PARAMETER_ERR); }
-    
-    if (!err) {
-        *out_ticket_flags = in_credential->creds->ticket_flags;
-    }
-    
-    return check_error (err);
-}
-
-/* ------------------------------------------------------------------------ */
-
 kim_error kim_credential_store (kim_credential  in_credential,
                                 kim_identity    in_client_identity,
                                 kim_ccache     *out_ccache)
@@ -1188,130 +1168,6 @@ kim_error kim_credential_validate (kim_credential *io_credential,
 
 /* ------------------------------------------------------------------------ */
 
-kim_error kim_credential_change_password (kim_credential  in_credential,
-                                          kim_identity    in_identity,
-                                          kim_string      in_new_password,
-                                          kim_error      *out_rejected_err,
-                                          kim_string     *out_rejected_message,
-                                          kim_string     *out_rejected_description)
-{
-    kim_error err = KIM_NO_ERROR;
-    krb5_principal principal = NULL;
-    int rejected_code = 0;
-    krb5_data message_data;
-    krb5_data description_data;
-    
-    if (!err && !in_credential   ) { err = check_error (KIM_NULL_PARAMETER_ERR); }
-    if (!err && !in_new_password ) { err = check_error (KIM_NULL_PARAMETER_ERR); }
-    if (!err && !out_rejected_err) { err = check_error (KIM_NULL_PARAMETER_ERR); }
-    /* out_rejected_message and out_rejected_description may be NULL */
-    
-    if (!err) {
-        err = kim_identity_get_krb5_principal (in_identity, 
-                                               in_credential->context, 
-                                               &principal);
-    }
-
-    if (!err) {
-        err = krb5_error (in_credential->context,
-                          krb5_principal_compare (in_credential->context,
-                                                  in_credential->creds->client, 
-                                                  principal));
-    }
-    
-    if (!err) {
-        if (krb5_principal_compare (in_credential->context, 
-                                    in_credential->creds->client, 
-                                    principal)) {
-            /* Same principal, change the password normally */
-            err = krb5_error (in_credential->context,
-                              krb5_change_password (in_credential->context, 
-                                                    in_credential->creds, 
-                                                    (char *) in_new_password, 
-                                                    &rejected_code, 
-                                                    &message_data, 
-                                                    &description_data));
-        } else {
-            /* Different principal, use set change password protocol */
-            err = krb5_error (in_credential->context,
-                              krb5_set_password (in_credential->context, 
-                                                 in_credential->creds, 
-                                                 (char *) in_new_password, 
-                                                 principal,
-                                                 &rejected_code, 
-                                                 &message_data, 
-                                                 &description_data));
-        }
-        
-    }
-    
-    if (!err && rejected_code) {
-        kim_string rejected_message = NULL;
-        kim_string rejected_description = NULL;
-        
-        if (!err) {
-            if (message_data.data && message_data.length > 0) {
-                err = kim_string_create_from_buffer (&rejected_message, 
-                                                     message_data.data, 
-                                                     message_data.length);
-            } else {
-                err = kim_os_string_create_localized (&rejected_message,
-                                                      "KLStringChangePasswordFailed");
-            }
-        }
-        
-        if (!err) {
-            if (description_data.data && description_data.length > 0) {
-                err = kim_string_create_from_buffer (&rejected_description,
-                                                     description_data.data, 
-                                                     description_data.length);
-            } else {
-                err = kim_os_string_create_localized (&rejected_description,
-                                                      "KLStringPasswordRejected");
-            }
-        }
-        
-        if (!err) {
-            char *c;
-            
-            // replace all \n and \r characters with spaces
-            for (c = (char *) rejected_message; *c != '\0'; c++) {
-                if ((*c == '\n') || (*c == '\r')) { *c = ' '; }
-            }
-            
-            for (c = (char *) rejected_description; *c != '\0'; c++) {
-                if ((*c == '\n') || (*c == '\r')) { *c = ' '; }
-            }
-        }
-        
-        if (!err) {
-            if (out_rejected_message) {
-                *out_rejected_message = rejected_message;
-                rejected_message = NULL;
-            }
-            
-            if (out_rejected_description) {
-                *out_rejected_description = rejected_description;
-                rejected_description = NULL;
-            }
-        }
-        
-        kim_string_free (&rejected_message);
-        kim_string_free (&rejected_description);
-        
-        krb5_free_data_contents (in_credential->context, &message_data);
-        krb5_free_data_contents (in_credential->context, &description_data);
-    }
-    
-    if (!err) {
-        *out_rejected_err = rejected_code;
-    }
-    
-    return check_error (err);
-}
-
-/* ------------------------------------------------------------------------ */
-
 void kim_credential_free (kim_credential *io_credential)
 {
     if (io_credential && *io_credential) {
diff --git a/src/kim/lib/kim_credential_private.h b/src/kim/lib/kim_credential_private.h
new file mode 100644 (file)
index 0000000..f5045ad
--- /dev/null
@@ -0,0 +1,38 @@
+/*
+ * $Header$
+ *
+ * Copyright 2006 Massachusetts Institute of Technology.
+ * All Rights Reserved.
+ *
+ * Export of this software from the United States of America may
+ * require a specific license from the United States Government.
+ * It is the responsibility of any person or organization contemplating
+ * export to obtain such a license before exporting.
+ *
+ * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
+ * distribute this software and its documentation for any purpose and
+ * without fee is hereby granted, provided that the above copyright
+ * notice appear in all copies and that both that copyright notice and
+ * this permission notice appear in supporting documentation, and that
+ * the name of M.I.T. not be used in advertising or publicity pertaining
+ * to distribution of the software without specific, written prior
+ * permission.  Furthermore if you modify this software you must label
+ * your software as modified software and not distribute it in such a
+ * fashion that it might be confused with the original M.I.T. software.
+ * M.I.T. makes no representations about the suitability of
+ * this software for any purpose.  It is provided "as is" without express
+ * or implied warranty.
+ */
+
+#ifndef KIM_CREDENTIAL_PRIVATE_H
+#define KIM_CREDENTIAL_PRIVATE_H
+
+#include <kim/kim.h>
+#include "kim_ui_private.h"
+
+kim_error kim_credential_create_for_change_password (kim_credential  *out_credential,
+                                                     kim_identity     in_identity,
+                                                     kim_string       in_old_password,
+                                                     kim_ui_context  *in_ui_context);
+
+#endif /* KIM_CREDENTIAL_PRIVATE_H */
index 7a5b68a9f01af74689ac470836774cabc1a87998..1ef30c2572b932c2c4a0cc2a2465bd199de83a7e 100644 (file)
@@ -534,6 +534,123 @@ kim_error kim_identity_is_tgt_service (kim_identity  in_identity,
     return check_error (err);
 }
 
+
+/* ------------------------------------------------------------------------ */
+
+static kim_error kim_identity_change_password_with_credential (kim_identity    in_identity,
+                                                               kim_credential  in_credential,
+                                                               kim_string      in_new_password,
+                                                               kim_ui_context *in_ui_context,
+                                                               kim_error      *out_rejected_err,
+                                                               kim_string     *out_rejected_message,
+                                                               kim_string     *out_rejected_description)
+{
+    kim_error err = KIM_NO_ERROR;
+    krb5_creds *creds = NULL;
+    int rejected_err = 0;
+    krb5_data message_data;
+    krb5_data description_data;
+    
+    if (!err && !in_credential   ) { err = check_error (KIM_NULL_PARAMETER_ERR); }
+    if (!err && !in_new_password ) { err = check_error (KIM_NULL_PARAMETER_ERR); }
+    if (!err && !in_ui_context   ) { err = check_error (KIM_NULL_PARAMETER_ERR); }
+    if (!err && !out_rejected_err) { err = check_error (KIM_NULL_PARAMETER_ERR); }
+    
+    if (!err) {
+        err = kim_credential_get_krb5_creds (in_credential,
+                                             in_identity->context,
+                                             &creds);
+    }
+
+    if (!err) {
+        if (krb5_principal_compare (in_identity->context, 
+                                    in_identity->principal,
+                                    creds->client)) {
+            /* Same principal, change the password normally */
+            err = krb5_error (in_identity->context,
+                              krb5_change_password (in_identity->context, 
+                                                    creds, 
+                                                    (char *) in_new_password, 
+                                                    &rejected_err, 
+                                                    &message_data, 
+                                                    &description_data));
+        } else {
+            /* Different principal, use set change password protocol */
+            err = krb5_error (in_identity->context,
+                              krb5_set_password (in_identity->context, 
+                                                 creds, 
+                                                 (char *) in_new_password, 
+                                                 in_identity->principal,
+                                                 &rejected_err, 
+                                                 &message_data, 
+                                                 &description_data));
+        }
+        
+    }
+    
+    if (!err && rejected_err) {
+        kim_string rejected_message = NULL;
+        kim_string rejected_description = NULL;
+        
+        if (message_data.data && message_data.length > 0) {
+            err = kim_string_create_from_buffer (&rejected_message, 
+                                                 message_data.data, 
+                                                 message_data.length);
+        } else {
+            err = kim_os_string_create_localized (&rejected_message,
+                                                  "KLStringChangePasswordFailed");
+        }
+        
+        if (!err) {
+            if (description_data.data && description_data.length > 0) {
+                err = kim_string_create_from_buffer (&rejected_description,
+                                                     description_data.data, 
+                                                     description_data.length);
+            } else {
+                err = kim_os_string_create_localized (&rejected_description,
+                                                      "KLStringPasswordRejected");
+            }
+        }
+        
+        if (!err && in_ui_context->type != kim_ui_type_cli) {
+            char *c;
+            
+            // replace all \n and \r characters with spaces
+            for (c = (char *) rejected_message; *c != '\0'; c++) {
+                if ((*c == '\n') || (*c == '\r')) { *c = ' '; }
+            }
+            
+            for (c = (char *) rejected_description; *c != '\0'; c++) {
+                if ((*c == '\n') || (*c == '\r')) { *c = ' '; }
+            }
+        }
+        
+        if (!err) {
+            if (out_rejected_message) {
+                *out_rejected_message = rejected_message;
+                rejected_message = NULL;
+            }
+            if (out_rejected_description) {
+                *out_rejected_description = rejected_description;
+                rejected_description = NULL;
+            }
+        }
+        
+        kim_string_free (&rejected_message);
+        kim_string_free (&rejected_description);
+        
+        krb5_free_data_contents (in_identity->context, &message_data);
+        krb5_free_data_contents (in_identity->context, &description_data);
+    }
+    
+    if (!err) {
+        /* do this after reporting errors so we don't double report rejection */
+        *out_rejected_err = rejected_err;
+    }
+    
+    return check_error (err);
+}
+
 /* ------------------------------------------------------------------------ */
 
 kim_error kim_identity_change_password (kim_identity in_identity)
@@ -583,38 +700,39 @@ kim_error kim_identity_change_password (kim_identity in_identity)
             } else {
                 err = kim_credential_create_for_change_password (&credential,
                                                                  in_identity,
-                                                                 old_password);
+                                                                 old_password,
+                                                                 &context);
             }
             
             if (!err) {
-                err = kim_credential_change_password (credential, 
-                                                      in_identity,
-                                                      new_password,
-                                                      &rejected_err,
-                                                      &rejected_message,
-                                                      &rejected_description);
-                
+                err = kim_identity_change_password_with_credential (in_identity,
+                                                                    credential, 
+                                                                    new_password,
+                                                                    &context,
+                                                                    &rejected_err,
+                                                                    &rejected_message,
+                                                                    &rejected_description);
             }  
             
             kim_credential_free (&credential);
         }
         
-        if (!err || err == KIM_USER_CANCELED_ERR) {
-            /* password change succeeded or the user gave up */
-            done = 1;
-            
-        } else if (!err && rejected_err) {
+        if (!err && rejected_err) {
             /* Password rejected, report it to the user */
             err = kim_ui_handle_error (&context, in_identity,
                                        rejected_err,
                                        rejected_message, 
                                        rejected_description);
-            
-        } else {
-            /* Password change failed, report error to user */
+
+        } else if (err && err != KIM_USER_CANCELED_ERR) {
+            /* new creds failed, report error to user */
             err = kim_ui_handle_kim_error (&context, in_identity, 
                                            kim_ui_error_type_change_password,
-                                           err);                                        
+                                           err);
+            
+        } else {
+            /* password change succeeded or the user gave up */
+            done = 1;
         }
         
         kim_string_free (&rejected_message);
index 0a8cdbdfa67acf3990238991fae85cbf9ba43732..7a86d7e0a92bbb40ad9791c6655b98baee5c6827 100644 (file)
@@ -40,6 +40,7 @@
 #include "kim_error_private.h"
 #include "kim_identity_private.h"
 #include "kim_ccache_private.h"
+#include "kim_credential_private.h"
 #include "kim_options_private.h"
 #include "kim_preferences_private.h"
 #include "kim_selection_hints_private.h"
index a87e150ba0dd043367fb433fe93cb8efbd5706af..4c1ad8b6288a6306799d440899dfed2322a19768 100644 (file)
@@ -59,18 +59,18 @@ kim_error kim_ui_init (kim_ui_context *io_context)
 #endif /* LEAN_CLIENT */
             io_context->type = kim_ui_type_gui_plugin;
             
-            err = kim_ui_plugin_init ((kim_ui_plugin_context *) &io_context->tcontext);
+            err = kim_ui_plugin_init (io_context);
 #ifndef LEAN_CLIENT        
             if (err) { 
                 io_context->type = kim_ui_type_gui_builtin;
                 
-                err = kim_os_ui_gui_init ((kim_ui_gui_context *) &io_context->tcontext);
+                err = kim_os_ui_gui_init (io_context);
             }
             
         } else if (environment == KIM_UI_ENVIRONMENT_CLI) {
             io_context->type = kim_ui_type_cli;
             
-            err = kim_ui_cli_init ((kim_ui_cli_context *) &io_context->tcontext);  
+            err = kim_ui_cli_init (io_context);  
             
         } else {
             io_context->type = kim_ui_type_none;
@@ -99,16 +99,16 @@ kim_error kim_ui_enter_identity (kim_ui_context      *in_context,
     
     if (!err) {
         if (in_context->type == kim_ui_type_gui_plugin) {
-            err = kim_ui_plugin_enter_identity ((kim_ui_plugin_context) in_context->tcontext,
+            err = kim_ui_plugin_enter_identity (in_context, 
                                                 out_identity);
             
 #ifndef LEAN_CLIENT
         } else if (in_context->type == kim_ui_type_gui_builtin) {
-            err = kim_os_ui_gui_enter_identity ((kim_ui_gui_context) in_context->tcontext, 
+            err = kim_os_ui_gui_enter_identity (in_context, 
                                                 out_identity);
             
         } else if (in_context->type == kim_ui_type_cli) {
-            err = kim_ui_cli_enter_identity ((kim_ui_cli_context) in_context->tcontext, 
+            err = kim_ui_cli_enter_identity (in_context, 
                                              out_identity);
             
 #endif /* LEAN_CLIENT */
@@ -135,18 +135,18 @@ kim_error kim_ui_select_identity (kim_ui_context      *in_context,
     
     if (!err) {
         if (in_context->type == kim_ui_type_gui_plugin) {
-            err = kim_ui_plugin_select_identity ((kim_ui_plugin_context) in_context->tcontext, 
+            err = kim_ui_plugin_select_identity (in_context, 
                                                  in_hints,
                                                  out_identity);
             
 #ifndef LEAN_CLIENT
         } else if (in_context->type == kim_ui_type_gui_builtin) {
-            err = kim_os_ui_gui_select_identity ((kim_ui_gui_context) in_context->tcontext, 
+            err = kim_os_ui_gui_select_identity (in_context, 
                                                  in_hints,
                                                  out_identity);
             
         } else if (in_context->type == kim_ui_type_cli) {
-            err = kim_ui_cli_select_identity ((kim_ui_cli_context) in_context->tcontext, 
+            err = kim_ui_cli_select_identity (in_context, 
                                               in_hints,
                                               out_identity);
             
@@ -200,7 +200,7 @@ krb5_error_code kim_ui_prompter (krb5_context  in_krb5_context,
         
         if (!got_saved_password) {
             if (context->type == kim_ui_type_gui_plugin) {
-                err = kim_ui_plugin_auth_prompt ((kim_ui_plugin_context) context->tcontext, 
+                err = kim_ui_plugin_auth_prompt (context, 
                                                  context->identity, 
                                                  type,
                                                  in_prompts[i].hidden,
@@ -211,7 +211,7 @@ krb5_error_code kim_ui_prompter (krb5_context  in_krb5_context,
                 
 #ifndef LEAN_CLIENT
             } else if (context->type == kim_ui_type_gui_builtin) {
-                err = kim_os_ui_gui_auth_prompt ((kim_ui_gui_context) context->tcontext, 
+                err = kim_os_ui_gui_auth_prompt (context, 
                                                  context->identity, 
                                                  type,
                                                  in_prompts[i].hidden,
@@ -221,7 +221,7 @@ krb5_error_code kim_ui_prompter (krb5_context  in_krb5_context,
                                                  &reply);
                 
             } else if (context->type == kim_ui_type_cli) {
-                err = kim_ui_cli_auth_prompt ((kim_ui_cli_context) context->tcontext, 
+                err = kim_ui_cli_auth_prompt (context, 
                                               context->identity, 
                                               type,
                                               in_prompts[i].hidden,
@@ -283,7 +283,7 @@ kim_error kim_ui_change_password (kim_ui_context  *in_context,
     
     if (!err) {
         if (in_context->type == kim_ui_type_gui_plugin) {
-            err = kim_ui_plugin_change_password ((kim_ui_plugin_context) in_context->tcontext, 
+            err = kim_ui_plugin_change_password (in_context, 
                                                  in_identity, 
                                                  in_old_password_expired,
                                                  out_old_password,
@@ -292,7 +292,7 @@ kim_error kim_ui_change_password (kim_ui_context  *in_context,
             
 #ifndef LEAN_CLIENT
         } else if (in_context->type == kim_ui_type_gui_builtin) {
-            err = kim_os_ui_gui_change_password ((kim_ui_gui_context) in_context->tcontext, 
+            err = kim_os_ui_gui_change_password (in_context, 
                                                  in_identity, 
                                                  in_old_password_expired,
                                                  out_old_password,
@@ -300,7 +300,7 @@ kim_error kim_ui_change_password (kim_ui_context  *in_context,
                                                  out_verify_password);
             
         } else if (in_context->type == kim_ui_type_cli) {
-            err = kim_ui_cli_change_password ((kim_ui_cli_context) in_context->tcontext, 
+            err = kim_ui_cli_change_password (in_context,
                                               in_identity, 
                                               in_old_password_expired,
                                               out_old_password,
@@ -384,7 +384,7 @@ kim_error kim_ui_handle_error (kim_ui_context *in_context,
     
     if (!err) {
         if (in_context->type == kim_ui_type_gui_plugin) {
-            err = kim_ui_plugin_handle_error ((kim_ui_plugin_context) in_context->tcontext, 
+            err = kim_ui_plugin_handle_error (in_context, 
                                               in_identity, 
                                               in_error,
                                               in_error_message,
@@ -392,14 +392,14 @@ kim_error kim_ui_handle_error (kim_ui_context *in_context,
             
 #ifndef LEAN_CLIENT
         } else if (in_context->type == kim_ui_type_gui_builtin) {
-            err = kim_os_ui_gui_handle_error ((kim_ui_gui_context) in_context->tcontext, 
+            err = kim_os_ui_gui_handle_error (in_context, 
                                               in_identity, 
                                               in_error,
                                               in_error_message,
                                               in_error_description);
             
         } else if (in_context->type == kim_ui_type_cli) {
-            err = kim_ui_cli_handle_error ((kim_ui_cli_context) in_context->tcontext, 
+            err = kim_ui_cli_handle_error (in_context, 
                                            in_identity, 
                                            in_error,
                                            in_error_message,
@@ -421,16 +421,16 @@ void kim_ui_free_string (kim_ui_context  *in_context,
 {
     if (in_context && io_string && *io_string) {
         if (in_context->type == kim_ui_type_gui_plugin) {
-            kim_ui_plugin_free_string ((kim_ui_plugin_context) in_context->tcontext, 
+            kim_ui_plugin_free_string (in_context, 
                                        io_string);
             
 #ifndef LEAN_CLIENT
         } else if (in_context->type == kim_ui_type_gui_builtin) {
-            kim_os_ui_gui_free_string ((kim_ui_gui_context) in_context->tcontext, 
+            kim_os_ui_gui_free_string (in_context, 
                                        io_string);
             
         } else if (in_context->type == kim_ui_type_cli) {
-            kim_ui_cli_free_string ((kim_ui_cli_context) in_context->tcontext, 
+            kim_ui_cli_free_string (in_context, 
                                     io_string);
 #endif /* LEAN_CLIENT */    
             
@@ -448,14 +448,14 @@ kim_error kim_ui_fini (kim_ui_context *io_context)
     
     if (!err) {
         if (io_context->type == kim_ui_type_gui_plugin) {
-            err = kim_ui_plugin_fini ((kim_ui_plugin_context *) &io_context->tcontext);
+            err = kim_ui_plugin_fini (io_context);
             
 #ifndef LEAN_CLIENT
         } else if (io_context->type == kim_ui_type_gui_builtin) {
-            err = kim_os_ui_gui_fini ((kim_ui_gui_context *) &io_context->tcontext);
+            err = kim_os_ui_gui_fini (io_context);
             
         } else if (io_context->type == kim_ui_type_cli) {
-            err = kim_ui_cli_fini ((kim_ui_cli_context *) &io_context->tcontext);
+            err = kim_ui_cli_fini (io_context);
 #endif /* LEAN_CLIENT */
             
         } else {
index 898b580867d30b2d9a75b3ce1b7b70d7efe0523f..79f28e0ff0798448f1565ee9c222d8c7460f1a97 100644 (file)
@@ -89,23 +89,24 @@ static kim_error kim_ui_cli_read_string (kim_string   *out_string,
 
 /* ------------------------------------------------------------------------ */
 
-kim_error kim_ui_cli_init (kim_ui_cli_context *out_context)
+kim_error kim_ui_cli_init (kim_ui_context *io_context)
 {
-    *out_context = NULL;
+    if (io_context) {
+        io_context->tcontext = NULL;
+    }
     
     return KIM_NO_ERROR;
 }
 
 /* ------------------------------------------------------------------------ */
 
-kim_error kim_ui_cli_enter_identity (kim_ui_cli_context   in_context,
-                                     kim_identity        *out_identity)
+kim_error kim_ui_cli_enter_identity (kim_ui_context *in_context,
+                                     kim_identity   *out_identity)
 {
     kim_error err = KIM_NO_ERROR;
     kim_string enter_identity_string = NULL;
     kim_string identity_string = NULL;
     
-    if (!err && !in_context  ) { err = check_error (KIM_NULL_PARAMETER_ERR); }
     if (!err && !out_identity) { err = check_error (KIM_NULL_PARAMETER_ERR); }
     
     if (!err) {
@@ -130,13 +131,12 @@ kim_error kim_ui_cli_enter_identity (kim_ui_cli_context   in_context,
 
 /* ------------------------------------------------------------------------ */
 
-kim_error kim_ui_cli_select_identity (kim_ui_cli_context   in_context,
+kim_error kim_ui_cli_select_identity (kim_ui_context      *in_context,
                                       kim_selection_hints  in_hints,
                                       kim_identity        *out_identity)
 {
     kim_error err = KIM_NO_ERROR;
     
-    if (!err && !in_context  ) { err = check_error (KIM_NULL_PARAMETER_ERR); }
     if (!err && !in_hints    ) { err = check_error (KIM_NULL_PARAMETER_ERR); }
     if (!err && !out_identity) { err = check_error (KIM_NULL_PARAMETER_ERR); }
     
@@ -149,7 +149,7 @@ kim_error kim_ui_cli_select_identity (kim_ui_cli_context   in_context,
 
 /* ------------------------------------------------------------------------ */
 
-kim_error kim_ui_cli_auth_prompt (kim_ui_cli_context   in_context,
+kim_error kim_ui_cli_auth_prompt (kim_ui_context      *in_context,
                                   kim_identity         in_identity,
                                   kim_prompt_type      in_type,
                                   kim_boolean          in_hide_reply, 
@@ -160,7 +160,6 @@ kim_error kim_ui_cli_auth_prompt (kim_ui_cli_context   in_context,
 {
     kim_error err = KIM_NO_ERROR;
     
-    if (!err && !in_context ) { err = check_error (KIM_NULL_PARAMETER_ERR); }
     if (!err && !in_identity) { err = check_error (KIM_NULL_PARAMETER_ERR); }
     if (!err && !out_reply  ) { err = check_error (KIM_NULL_PARAMETER_ERR); }
     /* in_title, in_message or in_description may be NULL */
@@ -304,12 +303,12 @@ static kim_error kim_ui_cli_ask_change_password (kim_string in_identity_string)
 
 /* ------------------------------------------------------------------------ */
 
-kim_error kim_ui_cli_change_password (kim_ui_cli_context   in_context,
-                                      kim_identity         in_identity,
-                                      kim_boolean          in_old_password_expired,
-                                      char               **out_old_password,
-                                      char               **out_new_password,
-                                      char               **out_verify_password)
+kim_error kim_ui_cli_change_password (kim_ui_context  *in_context,
+                                      kim_identity     in_identity,
+                                      kim_boolean      in_old_password_expired,
+                                      char           **out_old_password,
+                                      char           **out_new_password,
+                                      char           **out_verify_password)
 {
     kim_error err = KIM_NO_ERROR;
     kim_string enter_old_password_format = NULL;
@@ -319,8 +318,8 @@ kim_error kim_ui_cli_change_password (kim_ui_cli_context   in_context,
     kim_string old_password = NULL;
     kim_string new_password = NULL;
     kim_string verify_password = NULL;
+    kim_boolean done = 0;
     
-    if (!err && !in_context         ) { err = check_error (KIM_NULL_PARAMETER_ERR); }
     if (!err && !in_identity        ) { err = check_error (KIM_NULL_PARAMETER_ERR); }
     if (!err && !out_old_password   ) { err = check_error (KIM_NULL_PARAMETER_ERR); }
     if (!err && !out_new_password   ) { err = check_error (KIM_NULL_PARAMETER_ERR); }
@@ -349,16 +348,28 @@ kim_error kim_ui_cli_change_password (kim_ui_cli_context   in_context,
                                               "KLStringEnterVerifyPassword");
     }
     
-    if (!err) {
+    while (!err && !done) {
+        kim_string_free (&old_password);
+
         err = kim_ui_cli_read_string (&old_password, 
                                       1, enter_old_password_format, 
                                       identity_string);
-    } 
-    
-    if (!err) {
-        err = kim_credential_create_for_change_password (&in_context,
-                                                         in_identity,
-                                                         old_password);
+        
+        if (!err) {
+            err = kim_credential_create_for_change_password ((kim_credential *) &in_context->tcontext,
+                                                             in_identity,
+                                                             old_password,
+                                                             in_context);
+        }
+        
+        if (err && err != KIM_USER_CANCELED_ERR) {
+            /* new creds failed, report error to user */
+            err = kim_ui_handle_kim_error (in_context, in_identity, 
+                                           kim_ui_error_type_change_password,
+                                           err);
+        } else {
+            done = 1;
+       }
     }
     
     if (!err) {
@@ -395,20 +406,19 @@ kim_error kim_ui_cli_change_password (kim_ui_cli_context   in_context,
 
 /* ------------------------------------------------------------------------ */
 
-kim_error kim_ui_cli_handle_error (kim_ui_cli_context in_context,
-                                   kim_identity       in_identity,
-                                   kim_error          in_error,
-                                   kim_string         in_error_message,
-                                   kim_string         in_error_description)
+kim_error kim_ui_cli_handle_error (kim_ui_context *in_context,
+                                   kim_identity    in_identity,
+                                   kim_error       in_error,
+                                   kim_string      in_error_message,
+                                   kim_string      in_error_description)
 {
     kim_error err = KIM_NO_ERROR;
     
-    if (!err && !in_context          ) { err = check_error (KIM_NULL_PARAMETER_ERR); }
     if (!err && !in_error_message    ) { err = check_error (KIM_NULL_PARAMETER_ERR); }
     if (!err && !in_error_description) { err = check_error (KIM_NULL_PARAMETER_ERR); }
     
     if (!err) {
-        fprintf (stdout, "%s: %s\n", in_error_message, in_error_description);
+        fprintf (stdout, "%s\n%s\n\n", in_error_message, in_error_description);
     }
     
     return check_error (err);
@@ -416,18 +426,18 @@ kim_error kim_ui_cli_handle_error (kim_ui_cli_context in_context,
 
 /* ------------------------------------------------------------------------ */
 
-void kim_ui_cli_free_string (kim_ui_cli_context   in_context,
-                             char               **io_string)
+void kim_ui_cli_free_string (kim_ui_context  *in_context,
+                             char           **io_string)
 {
     kim_string_free ((kim_string *) io_string);
 }
 
 /* ------------------------------------------------------------------------ */
 
-kim_error kim_ui_cli_fini (kim_ui_cli_context *io_context)
+kim_error kim_ui_cli_fini (kim_ui_context *io_context)
 {
-    if (io_context && *io_context) {
-        kim_credential_free (io_context);
+    if (io_context) {
+        kim_credential_free ((kim_credential *) &io_context->tcontext);
     }
     
     return KIM_NO_ERROR;
index 89011aa3aa00396038452a69a76d32dc204b91a8..872fb4b226ef9b9cf121a3fce76890f3d0304ac9 100644 (file)
 typedef kim_credential kim_ui_cli_context;
 
 
-kim_error kim_ui_cli_init (kim_ui_cli_context *out_context);
+kim_error kim_ui_cli_init (kim_ui_context *io_context);
 
-kim_error kim_ui_cli_enter_identity (kim_ui_cli_context  in_context,
-                                     kim_identity       *out_identity);
+kim_error kim_ui_cli_enter_identity (kim_ui_context *in_context,
+                                     kim_identity   *out_identity);
 
-kim_error kim_ui_cli_select_identity (kim_ui_cli_context   in_context,
+kim_error kim_ui_cli_select_identity (kim_ui_context      *in_context,
                                       kim_selection_hints  in_hints,
                                       kim_identity        *out_identity);
 
-kim_error kim_ui_cli_auth_prompt (kim_ui_cli_context   in_context,
+kim_error kim_ui_cli_auth_prompt (kim_ui_context      *in_context,
                                   kim_identity         in_identity,
                                   kim_prompt_type      in_type,
                                   kim_boolean          in_hide_reply, 
@@ -52,23 +52,23 @@ kim_error kim_ui_cli_auth_prompt (kim_ui_cli_context   in_context,
                                   kim_string           in_description,
                                   char               **out_reply);
 
-kim_error kim_ui_cli_change_password (kim_ui_cli_context    in_context,
-                                      kim_identity          in_identity,
-                                      kim_boolean           in_old_password_expired,
-                                      char                **out_old_password,
-                                      char                **out_new_password,
-                                      char                **out_verify_password);
+kim_error kim_ui_cli_change_password (kim_ui_context  *in_context,
+                                      kim_identity     in_identity,
+                                      kim_boolean      in_old_password_expired,
+                                      char           **out_old_password,
+                                      char           **out_new_password,
+                                      char           **out_verify_password);
 
-kim_error kim_ui_cli_handle_error (kim_ui_cli_context   in_context,
-                                   kim_identity         in_identity,
-                                   kim_error            in_error,
-                                   kim_string           in_error_message,
-                                   kim_string           in_error_description);
+kim_error kim_ui_cli_handle_error (kim_ui_context *in_context,
+                                   kim_identity    in_identity,
+                                   kim_error       in_error,
+                                   kim_string      in_error_message,
+                                   kim_string      in_error_description);
 
-void kim_ui_cli_free_string (kim_ui_cli_context   in_context,
-                             char               **io_string);
+void kim_ui_cli_free_string (kim_ui_context  *in_context,
+                             char           **io_string);
 
-kim_error kim_ui_cli_fini (kim_ui_cli_context *io_context);
+kim_error kim_ui_cli_fini (kim_ui_context *in_context);
 
 #endif /* LEAN_CLIENT */
 
index 9792f53d545b6b68cd761b265be199f576c72a6e..b89cf348fad681aae5c089d754a38de53c7c67c5 100644 (file)
 struct kim_ui_gui_context;
 typedef struct kim_ui_gui_context *kim_ui_gui_context;
 
+kim_error kim_os_ui_gui_init (kim_ui_context *io_context);
 
-kim_error kim_os_ui_gui_init (kim_ui_gui_context *out_context);
+kim_error kim_os_ui_gui_enter_identity (kim_ui_context *in_context,
+                                        kim_identity   *out_identity);
 
-kim_error kim_os_ui_gui_enter_identity (kim_ui_gui_context  in_context,
-                                        kim_identity       *out_identity);
-
-kim_error kim_os_ui_gui_select_identity (kim_ui_gui_context   in_context,
+kim_error kim_os_ui_gui_select_identity (kim_ui_context      *in_context,
                                          kim_selection_hints  in_hints,
                                          kim_identity        *out_identity);
 
-kim_error kim_os_ui_gui_auth_prompt (kim_ui_gui_context   in_context,
+kim_error kim_os_ui_gui_auth_prompt (kim_ui_context      *in_context,
                                      kim_identity         in_identity,
                                      kim_prompt_type      in_type,
                                      kim_boolean          in_hide_reply, 
@@ -53,23 +52,23 @@ kim_error kim_os_ui_gui_auth_prompt (kim_ui_gui_context   in_context,
                                      kim_string           in_description,
                                      char               **out_reply);
 
-kim_error kim_os_ui_gui_change_password (kim_ui_gui_context    in_context,
-                                         kim_identity          in_identity,
-                                         kim_boolean           in_old_password_expired,
-                                         char                **out_old_password,
-                                         char                **out_new_password,
-                                         char                **out_verify_password);
+kim_error kim_os_ui_gui_change_password (kim_ui_context  *in_context,
+                                         kim_identity     in_identity,
+                                         kim_boolean      in_old_password_expired,
+                                         char           **out_old_password,
+                                         char           **out_new_password,
+                                         char           **out_verify_password);
 
-kim_error kim_os_ui_gui_handle_error (kim_ui_gui_context   in_context,
-                                      kim_identity         in_identity,
-                                      kim_error            in_error,
-                                      kim_string           in_error_message,
-                                      kim_string           in_error_description);
+kim_error kim_os_ui_gui_handle_error (kim_ui_context *in_context,
+                                      kim_identity    in_identity,
+                                      kim_error       in_error,
+                                      kim_string      in_error_message,
+                                      kim_string      in_error_description);
 
-void kim_os_ui_gui_free_string (kim_ui_gui_context   in_context,
-                                char               **io_string);
+void kim_os_ui_gui_free_string (kim_ui_context  *in_context,
+                                char           **io_string);
 
-kim_error kim_os_ui_gui_fini (kim_ui_gui_context *io_context);
+kim_error kim_os_ui_gui_fini (kim_ui_context *in_context);
 
 #endif /* LEAN_CLIENT */
 
index f1b5db923f18803c3cbd56f633c01b384daeec33..49cceaeb4edb63e2e038452d11187cafedc3870a 100644 (file)
@@ -95,13 +95,13 @@ static kim_error kim_ui_plugin_context_allocate (kim_ui_plugin_context *out_cont
 
 /* ------------------------------------------------------------------------ */
 
-kim_error kim_ui_plugin_init (kim_ui_plugin_context *out_context)
+kim_error kim_ui_plugin_init (kim_ui_context *io_context)
 {
     kim_error err = KIM_NO_ERROR;
     kim_ui_plugin_context context = NULL;
     struct errinfo einfo;
     
-    if (!err && !out_context) { err = check_error (KIM_NULL_PARAMETER_ERR); }
+    if (!err && !io_context) { err = check_error (KIM_NULL_PARAMETER_ERR); }
     
     if (!err) {
         err = kim_ui_plugin_context_allocate (&context);
@@ -145,7 +145,7 @@ kim_error kim_ui_plugin_init (kim_ui_plugin_context *out_context)
     }
         
     if (!err) {
-        *out_context = context;
+        io_context->tcontext = context;
         context = NULL;
     }
     
@@ -156,8 +156,8 @@ kim_error kim_ui_plugin_init (kim_ui_plugin_context *out_context)
 
 /* ------------------------------------------------------------------------ */
 
-kim_error kim_ui_plugin_enter_identity (kim_ui_plugin_context  in_context,
-                                        kim_identity          *out_identity)
+kim_error kim_ui_plugin_enter_identity (kim_ui_context *in_context,
+                                        kim_identity   *out_identity)
 {
     kim_error err = KIM_NO_ERROR;
     
@@ -165,8 +165,10 @@ kim_error kim_ui_plugin_enter_identity (kim_ui_plugin_context  in_context,
     if (!err && !out_identity) { err = check_error (KIM_NULL_PARAMETER_ERR); }
     
     if (!err) {
-        err = in_context->ftable->enter_identity (in_context->plugin_context,
-                                                  out_identity);
+        kim_ui_plugin_context context = (kim_ui_plugin_context) in_context->tcontext;
+
+        err = context->ftable->enter_identity (context->plugin_context,
+                                               out_identity);
     }
     
     return check_error (err);
@@ -174,9 +176,9 @@ kim_error kim_ui_plugin_enter_identity (kim_ui_plugin_context  in_context,
 
 /* ------------------------------------------------------------------------ */
 
-kim_error kim_ui_plugin_select_identity (kim_ui_plugin_context  in_context,
-                                         kim_selection_hints    in_hints,
-                                         kim_identity          *out_identity)
+kim_error kim_ui_plugin_select_identity (kim_ui_context      *in_context,
+                                         kim_selection_hints  in_hints,
+                                         kim_identity        *out_identity)
 {
     kim_error err = KIM_NO_ERROR;
     
@@ -185,9 +187,11 @@ kim_error kim_ui_plugin_select_identity (kim_ui_plugin_context  in_context,
     if (!err && !out_identity) { err = check_error (KIM_NULL_PARAMETER_ERR); }
     
     if (!err) {
-        err = in_context->ftable->select_identity (in_context->plugin_context,
-                                                   in_hints, 
-                                                   out_identity);
+        kim_ui_plugin_context context = (kim_ui_plugin_context) in_context->tcontext;
+        
+        err = context->ftable->select_identity (context->plugin_context,
+                                                in_hints, 
+                                                out_identity);
     }
     
     return check_error (err);
@@ -195,14 +199,14 @@ kim_error kim_ui_plugin_select_identity (kim_ui_plugin_context  in_context,
 
 /* ------------------------------------------------------------------------ */
 
-kim_error kim_ui_plugin_auth_prompt (kim_ui_plugin_context  in_context,
-                                     kim_identity           in_identity,
-                                     kim_prompt_type        in_type,
-                                     kim_boolean            in_hide_reply, 
-                                     kim_string             in_title,
-                                     kim_string             in_message,
-                                     kim_string             in_description,
-                                     char                 **out_reply)
+kim_error kim_ui_plugin_auth_prompt (kim_ui_context      *in_context,
+                                     kim_identity         in_identity,
+                                     kim_prompt_type      in_type,
+                                     kim_boolean          in_hide_reply, 
+                                     kim_string           in_title,
+                                     kim_string           in_message,
+                                     kim_string           in_description,
+                                     char               **out_reply)
 {
     kim_error err = KIM_NO_ERROR;
     
@@ -212,14 +216,16 @@ kim_error kim_ui_plugin_auth_prompt (kim_ui_plugin_context  in_context,
     /* in_title, in_message or in_description may be NULL */
     
     if (!err) {
-        err = in_context->ftable->auth_prompt (in_context->plugin_context,
-                                               in_identity, 
-                                               in_type,
-                                               in_hide_reply,
-                                               in_title,
-                                               in_message,
-                                               in_description,
-                                               out_reply);
+        kim_ui_plugin_context context = (kim_ui_plugin_context) in_context->tcontext;
+        
+        err = context->ftable->auth_prompt (context->plugin_context,
+                                            in_identity, 
+                                            in_type,
+                                            in_hide_reply,
+                                            in_title,
+                                            in_message,
+                                            in_description,
+                                            out_reply);
     }
     
     return check_error (err);
@@ -227,12 +233,12 @@ kim_error kim_ui_plugin_auth_prompt (kim_ui_plugin_context  in_context,
 
 /* ------------------------------------------------------------------------ */
 
-kim_error kim_ui_plugin_change_password (kim_ui_plugin_context  in_context,
-                                         kim_identity           in_identity,
-                                         kim_boolean            in_old_password_expired,
-                                         char                 **out_old_password,
-                                         char                 **out_new_password,
-                                         char                 **out_verify_password)
+kim_error kim_ui_plugin_change_password (kim_ui_context  *in_context,
+                                         kim_identity     in_identity,
+                                         kim_boolean      in_old_password_expired,
+                                         char           **out_old_password,
+                                         char           **out_new_password,
+                                         char           **out_verify_password)
 {
     kim_error err = KIM_NO_ERROR;
     
@@ -243,12 +249,14 @@ kim_error kim_ui_plugin_change_password (kim_ui_plugin_context  in_context,
     if (!err && !out_verify_password) { err = check_error (KIM_NULL_PARAMETER_ERR); }
     
     if (!err) {
-        err = in_context->ftable->change_password (in_context->plugin_context,
-                                                   in_identity, 
-                                                   in_old_password_expired,
-                                                   out_old_password,
-                                                   out_new_password,
-                                                   out_verify_password);
+        kim_ui_plugin_context context = (kim_ui_plugin_context) in_context->tcontext;
+        
+        err = context->ftable->change_password (context->plugin_context,
+                                                in_identity, 
+                                                in_old_password_expired,
+                                                out_old_password,
+                                                out_new_password,
+                                                out_verify_password);
     }
     
     return check_error (err);
@@ -256,11 +264,11 @@ kim_error kim_ui_plugin_change_password (kim_ui_plugin_context  in_context,
 
 /* ------------------------------------------------------------------------ */
 
-kim_error kim_ui_plugin_handle_error (kim_ui_plugin_context in_context,
-                                      kim_identity          in_identity,
-                                      kim_error             in_error,
-                                      kim_string            in_error_message,
-                                      kim_string            in_error_description)
+kim_error kim_ui_plugin_handle_error (kim_ui_context *in_context,
+                                      kim_identity    in_identity,
+                                      kim_error       in_error,
+                                      kim_string      in_error_message,
+                                      kim_string      in_error_description)
 {
     kim_error err = KIM_NO_ERROR;
     
@@ -269,11 +277,13 @@ kim_error kim_ui_plugin_handle_error (kim_ui_plugin_context in_context,
     if (!err && !in_error_description) { err = check_error (KIM_NULL_PARAMETER_ERR); }
     
     if (!err) {
-        err = in_context->ftable->handle_error (in_context->plugin_context,
-                                                in_identity, 
-                                                in_error,
-                                                in_error_message,
-                                                in_error_description);
+        kim_ui_plugin_context context = (kim_ui_plugin_context) in_context->tcontext;
+        
+        err = context->ftable->handle_error (context->plugin_context,
+                                             in_identity, 
+                                             in_error,
+                                             in_error_message,
+                                             in_error_description);
     }
     
     return check_error (err);
@@ -281,8 +291,8 @@ kim_error kim_ui_plugin_handle_error (kim_ui_plugin_context in_context,
 
 /* ------------------------------------------------------------------------ */
 
-void kim_ui_plugin_free_string (kim_ui_plugin_context   in_context,
-                                char                  **io_string)
+void kim_ui_plugin_free_string (kim_ui_context  *in_context,
+                                char           **io_string)
 {
     kim_error err = KIM_NO_ERROR;
     
@@ -290,27 +300,33 @@ void kim_ui_plugin_free_string (kim_ui_plugin_context   in_context,
     if (!err && !io_string ) { err = check_error (KIM_NULL_PARAMETER_ERR); }
     
     if (!err) {
-        in_context->ftable->free_string (in_context->plugin_context, 
-                                         io_string);
+        kim_ui_plugin_context context = (kim_ui_plugin_context) in_context->tcontext;
+        
+        context->ftable->free_string (context->plugin_context, 
+                                      io_string);
     }
  }
 
 /* ------------------------------------------------------------------------ */
 
-kim_error kim_ui_plugin_fini (kim_ui_plugin_context *io_context)
+kim_error kim_ui_plugin_fini (kim_ui_context *io_context)
 {
     kim_error err = KIM_NO_ERROR;
     
     if (!err && !io_context) { err = check_error (KIM_NULL_PARAMETER_ERR); }
     
-    if (!err && *io_context) {
-        err = (*io_context)->ftable->fini (&(*io_context)->plugin_context);
-    }
-    
     if (!err) {
-        kim_ui_plugin_context_free (io_context);
+        kim_ui_plugin_context context = (kim_ui_plugin_context) io_context->tcontext;
+        
+        if (context) {
+            err = context->ftable->fini (&context->plugin_context);
+        }
+
+        if (!err) {
+            kim_ui_plugin_context_free (&context);
+            io_context->tcontext = NULL;
+        }
     }
     
-    
     return check_error (err);
 }
index c39447df02e9d0ed58b7a6b1293bde7ebf7254d4..e4d3547642a8da45be630291c71ec449556bddd7 100644 (file)
@@ -33,40 +33,40 @@ struct kim_ui_plugin_context;
 typedef struct kim_ui_plugin_context *kim_ui_plugin_context;
 
 
-kim_error kim_ui_plugin_init (kim_ui_plugin_context *out_context);
+kim_error kim_ui_plugin_init (kim_ui_context *io_context);
 
-kim_error kim_ui_plugin_enter_identity (kim_ui_plugin_context  in_context,
-                                        kim_identity          *out_identity);
+kim_error kim_ui_plugin_enter_identity (kim_ui_context *in_context,
+                                        kim_identity   *out_identity);
 
-kim_error kim_ui_plugin_select_identity (kim_ui_plugin_context  in_context,
-                                         kim_selection_hints    in_hints,
-                                         kim_identity          *out_identity);
+kim_error kim_ui_plugin_select_identity (kim_ui_context      *in_context,
+                                         kim_selection_hints  in_hints,
+                                         kim_identity        *out_identity);
 
-kim_error kim_ui_plugin_auth_prompt (kim_ui_plugin_context   in_context,
-                                     kim_identity            in_identity,
-                                     kim_prompt_type         in_type,
-                                     kim_boolean             in_hide_reply, 
-                                     kim_string              in_title,
-                                     kim_string              in_message,
-                                     kim_string              in_description,
-                                     char                  **out_reply);
+kim_error kim_ui_plugin_auth_prompt (kim_ui_context      *in_context,
+                                     kim_identity         in_identity,
+                                     kim_prompt_type      in_type,
+                                     kim_boolean          in_hide_reply, 
+                                     kim_string           in_title,
+                                     kim_string           in_message,
+                                     kim_string           in_description,
+                                     char               **out_reply);
 
-kim_error kim_ui_plugin_change_password (kim_ui_plugin_context    in_context,
-                                         kim_identity             in_identity,
-                                         kim_boolean              in_old_password_expired,
-                                         char                   **out_old_password,
-                                         char                   **out_new_password,
-                                         char                   **out_verify_password);
+kim_error kim_ui_plugin_change_password (kim_ui_context  *in_context,
+                                         kim_identity     in_identity,
+                                         kim_boolean      in_old_password_expired,
+                                         char           **out_old_password,
+                                         char           **out_new_password,
+                                         char           **out_verify_password);
 
-kim_error kim_ui_plugin_handle_error (kim_ui_plugin_context   in_context,
-                                      kim_identity            in_identity,
-                                      kim_error               in_error,
-                                      kim_string              in_error_message,
-                                      kim_string              in_error_description);
+kim_error kim_ui_plugin_handle_error (kim_ui_context *in_context,
+                                      kim_identity    in_identity,
+                                      kim_error       in_error,
+                                      kim_string      in_error_message,
+                                      kim_string      in_error_description);
 
-void kim_ui_plugin_free_string (kim_ui_plugin_context   in_context,
-                                char                  **io_string);
+void kim_ui_plugin_free_string (kim_ui_context  *in_context,
+                                char           **io_string);
 
-kim_error kim_ui_plugin_fini (kim_ui_plugin_context *io_context);
+kim_error kim_ui_plugin_fini (kim_ui_context *in_context);
 
 #endif /* KIM_UI_PLUGIN_PRIVATE_H */
index c755a7894b32b663cc4abcfe3a36b590f3af8ebf..afebb05046eba987657467767fc77abb88cdd1a7 100644 (file)
@@ -71,12 +71,12 @@ static kim_error kim_os_ui_gui_context_allocate (kim_ui_gui_context *out_context
 
 /* ------------------------------------------------------------------------ */
 
-kim_error kim_os_ui_gui_init (kim_ui_gui_context *out_context)
+kim_error kim_os_ui_gui_init (kim_ui_context *io_context)
 {
     kim_error err = KIM_NO_ERROR;
     kim_ui_gui_context context = NULL;
     
-    if (!err && !out_context) { err = check_error (KIM_NULL_PARAMETER_ERR); }
+    if (!err && !io_context) { err = check_error (KIM_NULL_PARAMETER_ERR); }
     
     if (!err) {
         err = kim_os_ui_gui_context_allocate (&context);
@@ -86,7 +86,7 @@ kim_error kim_os_ui_gui_init (kim_ui_gui_context *out_context)
     }
     
     if (!err) {
-        *out_context = context;
+        io_context->tcontext = context;
         context = NULL;
     }
     
@@ -97,8 +97,8 @@ kim_error kim_os_ui_gui_init (kim_ui_gui_context *out_context)
 
 /* ------------------------------------------------------------------------ */
 
-kim_error kim_os_ui_gui_enter_identity (kim_ui_gui_context   in_context,
-                                        kim_identity        *out_identity)
+kim_error kim_os_ui_gui_enter_identity (kim_ui_context *in_context,
+                                        kim_identity   *out_identity)
 {
     kim_error err = KIM_NO_ERROR;
     
@@ -106,6 +106,8 @@ kim_error kim_os_ui_gui_enter_identity (kim_ui_gui_context   in_context,
     if (!err && !out_identity) { err = check_error (KIM_NULL_PARAMETER_ERR); }
     
     if (!err) {
+        kim_ui_gui_context context = (kim_ui_gui_context) in_context->tcontext;
+        
     }
     
     return check_error (err);
@@ -113,7 +115,7 @@ kim_error kim_os_ui_gui_enter_identity (kim_ui_gui_context   in_context,
 
 /* ------------------------------------------------------------------------ */
 
-kim_error kim_os_ui_gui_select_identity (kim_ui_gui_context   in_context,
+kim_error kim_os_ui_gui_select_identity (kim_ui_context      *in_context,
                                          kim_selection_hints  in_hints,
                                          kim_identity        *out_identity)
 {
@@ -124,6 +126,8 @@ kim_error kim_os_ui_gui_select_identity (kim_ui_gui_context   in_context,
     if (!err && !out_identity) { err = check_error (KIM_NULL_PARAMETER_ERR); }
     
     if (!err) {
+        kim_ui_gui_context context = (kim_ui_gui_context) in_context->tcontext;
+        
     }
     
     return check_error (err);
@@ -131,14 +135,14 @@ kim_error kim_os_ui_gui_select_identity (kim_ui_gui_context   in_context,
 
 /* ------------------------------------------------------------------------ */
 
-kim_error kim_os_ui_gui_auth_prompt (kim_ui_gui_context   in_context,
-                                     kim_identity         in_identity,
-                                     kim_prompt_type      in_type,
-                                     kim_boolean          in_hide_reply, 
-                                     kim_string           in_title,
-                                     kim_string           in_message,
-                                     kim_string           in_description,
-                                     char               **out_reply)
+kim_error kim_os_ui_gui_auth_prompt (kim_ui_context     *in_context,
+                                    kim_identity         in_identity,
+                                     kim_prompt_type     in_type,
+                                     kim_boolean         in_hide_reply, 
+                                     kim_string          in_title,
+                                     kim_string          in_message,
+                                     kim_string          in_description,
+                                     char              **out_reply)
 {
     kim_error err = KIM_NO_ERROR;
     
@@ -148,6 +152,8 @@ kim_error kim_os_ui_gui_auth_prompt (kim_ui_gui_context   in_context,
     /* in_title, in_message or in_description may be NULL */
     
     if (!err) {
+        kim_ui_gui_context context = (kim_ui_gui_context) in_context->tcontext;
+        
     }
     
     return check_error (err);
@@ -155,7 +161,7 @@ kim_error kim_os_ui_gui_auth_prompt (kim_ui_gui_context   in_context,
 
 /* ------------------------------------------------------------------------ */
 
-kim_error kim_os_ui_gui_change_password (kim_ui_gui_context   in_context,
+kim_error kim_os_ui_gui_change_password (kim_ui_context      *in_context,
                                          kim_identity         in_identity,
                                          kim_boolean          in_old_password_expired,
                                          char               **out_old_password,
@@ -171,6 +177,8 @@ kim_error kim_os_ui_gui_change_password (kim_ui_gui_context   in_context,
     if (!err && !out_verify_password) { err = check_error (KIM_NULL_PARAMETER_ERR); }
     
     if (!err) {
+        kim_ui_gui_context context = (kim_ui_gui_context) in_context->tcontext;
+        
     }
     
     return check_error (err);
@@ -178,7 +186,7 @@ kim_error kim_os_ui_gui_change_password (kim_ui_gui_context   in_context,
 
 /* ------------------------------------------------------------------------ */
 
-kim_error kim_os_ui_gui_handle_error (kim_ui_gui_context in_context,
+kim_error kim_os_ui_gui_handle_error (kim_ui_context    *in_context,
                                       kim_identity       in_identity,
                                       kim_error          in_error,
                                       kim_string         in_error_message,
@@ -191,6 +199,8 @@ kim_error kim_os_ui_gui_handle_error (kim_ui_gui_context in_context,
     if (!err && !in_error_description) { err = check_error (KIM_NULL_PARAMETER_ERR); }
     
     if (!err) {
+        kim_ui_gui_context context = (kim_ui_gui_context) in_context->tcontext;
+        
     }
     
     return check_error (err);
@@ -198,7 +208,7 @@ kim_error kim_os_ui_gui_handle_error (kim_ui_gui_context in_context,
 
 /* ------------------------------------------------------------------------ */
 
-void kim_os_ui_gui_free_string (kim_ui_gui_context   in_context,
+void kim_os_ui_gui_free_string (kim_ui_context      *in_context,
                                 char               **io_string)
 {
     kim_string_free ((kim_string *) io_string);
@@ -206,19 +216,20 @@ void kim_os_ui_gui_free_string (kim_ui_gui_context   in_context,
 
 /* ------------------------------------------------------------------------ */
 
-kim_error kim_os_ui_gui_fini (kim_ui_gui_context *io_context)
+kim_error kim_os_ui_gui_fini (kim_ui_context *io_context)
 {
     kim_error err = KIM_NO_ERROR;
     
     if (!err && !io_context) { err = check_error (KIM_NULL_PARAMETER_ERR); }
     
-    if (!err && *io_context) {
-    }
-    
     if (!err) {
-        kim_os_ui_gui_context_free (io_context);
-    }
-    
+        kim_ui_gui_context context = (kim_ui_gui_context) io_context->tcontext;
+        
+        if (!err) {
+            kim_os_ui_gui_context_free (&context);
+            io_context->tcontext = NULL;
+        }
+    }    
     
     return check_error (err);
 }